# Maritta Heisel

Prof. Dr. Maritta Heisel
Raum BB 919
Tel. : +49 203 379 3465
Fax : +49 379 4490
E-Mail : maritta.heisel[at]uni-duisburg-essen.de

Research
• Compliance [VerÃ¶ffentlichungen]
• Formal Methods [VerÃ¶ffentlichungen]
• Methodology [VerÃ¶ffentlichungen]
• Patterns
VerÃ¶ffentlichungen:

QuickSearch:   Number of matching entries: 0.

YearTitleAuthorJournal/ProceedingsPublisher
2017 Aspect Frames â€“ Describing Cross-Cutting Concerns in Aspect-Oriented Requirements Engineering Meis, R. & Heisel, M. Proceedings of the 22nd European Conference on Pattern Languages of Programs   ACM
Abstract: Cross-cutting concerns often arise when non-functional requirements are operationalized, because non-functional requirements
are themselves cross-cutting. In the field of aspect-oriented requirements engineering (AORE), functional requirements that
cross-cut multiple other functional requirements are called aspects. An aspect describes in most cases a solution for a non-
functional requirement and how this solution can be integrated into the realization of the functional requirements it cross-cuts.
Examples for cross-cutting concerns are logging, encryption, and access control. We observed that aspects often share a basic
structure, behavior, and the way of how they have to be integrated into the realization of the functional requirements they
cross-cut. We propose in this paper aspect frames. An aspect frame is a kind of pattern for aspects that share a common
concern, behavior, and way how they are integrated into the realization of the functional requirements
BibTeX:
@inproceedings{EuroPLoP17,
year = {2017},
title = {Aspect Frames â€“ Describing Cross-Cutting Concerns in Aspect-Oriented Requirements Engineering},
booktitle = {Proceedings of the 22nd European Conference on Pattern Languages of Programs},
author = {Meis, Rene and Heisel, Maritta},
publisher = {ACM},
number = {25},
series = {EuroPLoP '17},
pages = {28},
url = {https://doi.org/10.1145/3147704.3147732},
doi = {3147704.3147732}
}

2017 Pattern-based Representation of Privacy Enhancing Technologies as Early Aspects Meis, R. & Heisel, M. Trust, Privacy, and Security in Digital Business   Springer International Publishing
Abstract: Several regulations and standards emphasize that privacy
shall already be considered from the very beginning in software development.
A crucial point during the development of a privacy-friendly
software is the selection and integration of measures that implement speci
c privacy requirements or mitigate threats to these. These measures
are called privacy enhancing technologies (PETs). PETs have a crosscutting
nature. That is, a PET needs often to be integrated into several
base functionalities of the software-to-be. For example, anonymization
techniques need to be integrated into functionalities that shall reveal
originally identi able information in an anonymized form to others. One
possibility to handle cross-cutting concerns already on the requirements
level is aspect-oriented requirements engineering. In this paper, we show
how PETs can be represented as early aspects and how these can be
integrated into a given requirements model in problem frames notation.
Furthermore, we show how PETs can be represented as patterns to help
requirements engineers to identify and select appropriate PETs that address
the privacy requirements they have to satisfy. We use the PET
Privacy-ABCs (Attribute-Based Credentials) to illustrate our approach.
BibTeX:
@inproceedings{TrustBus17,
year = {2017},
title = {Pattern-based Representation of Privacy Enhancing Technologies as Early Aspects},
booktitle = {Trust, Privacy, and Security in Digital Business},
author = {Meis, Rene and Heisel, Maritta},
publisher = {Springer International Publishing},
volume = {10442},
series = {LNCS},
pages = {49--65},
url = {https://doi.org/10.1007/978-3-319-64483-7_4},
doi = {10.1007/978-3-319-64483-7_4}
}

2015 Relating Performance and Security Tactics to Architectural Patterns Alebrahim, A., Faßbender, S., Filipczyk, M., Goedicke, M. & Heisel, M. Proceedings of the 20th European Conference on Pattern Languages of Program   ACM
BibTeX:
@inproceedings{AlebrahimFassbenderFGH2015ACM-europlopb,
year = {2015},
title = {Relating Performance and Security Tactics to Architectural Patterns},
booktitle = {Proceedings of the 20th European Conference on Pattern Languages of Program},
author = {Alebrahim, Azadeh and Fa{\ss}bender, Stephan and Filipczyk, Martin and Goedicke, Michael and Heisel, Maritta},
publisher = {ACM},
series = {EuroPLoP '15},
note = {To be Published},
url = {https://dl.acm.org/}
}

2015 Applying Performance Patterns for Requirements Analysis Alebrahim, A. & Heisel, M. Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)   ACM
Abstract: Performance as one of the critical quality requirements for the success of a software system must be integrated into software development
from the beginning to prevent performance problems. Analyzing and modeling performance demands knowledge of performance experts and
analysts. In order to integrate performance analysis into software analysis and design methods, performance-specific properties known as
domain knowledge have to be identified, analyzed, and documented properly. In this paper, we propose the performance analysis method
PoPeRA to guide the requirements engineer in dealing with performance problems as early as possible in requirements analysis. Our structured
method provides support for identifying potential performance problems using performance-specific domain knowledge attached to
the requirement models. To deal with identified performance problems, we make use of performance analysis patterns to be applied to the
requirement models in the requirements engineering phase. To show the application of our approach, we illustrate it with the case study
CoCoME, a trading system to be deployed in supermarkets for handling sales.
BibTeX:
@inproceedings{Europlop2015-1,
year = {2015},
title = {Applying Performance Patterns for Requirements Analysis},
booktitle = {Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)},
author = {Alebrahim, Azadeh and Heisel, Maritta},
publisher = {ACM},
url = {https://dl.acm.org/citation.cfm?id=2855357}
}

2015 Towards Systematic Selection of Architectural Patterns with Respect to Quality Requirements Alebrahim, A., Faßbender, S., Filipczyk, M., Goedicke, M. & Heisel, M. Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)   ACM
BibTeX:
@inproceedings{Europlop2015-2,
year = {2015},
title = {Towards Systematic Selection of Architectural Patterns with Respect to Quality Requirements},
booktitle = {Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)},
author = {Alebrahim, Azadeh and Fa{\ss}bender, Stephan and Filipczyk, Martin and Goedicke, Michael and Heisel, Maritta},
publisher = {ACM},
url = {https://dl.acm.org/citation.cfm?id=2855362}
}

2015 Towards a Reliable Mapping between Performance and Security Tactics, and Architectural Patterns Alebrahim, A., Faßbender, S., Filipczyk, M., Goedicke, M. & Heisel, M. Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)   ACM
BibTeX:
@inproceedings{,
year = {2015},
title = {Towards a Reliable Mapping between Performance and Security Tactics, and Architectural Patterns},
booktitle = {Proceedings of the 20th European Conference on Pattern Languages of Programs (EuroPLoP)},
author = {Alebrahim, Azadeh and Fa{\ss}bender, Stephan and Filipczyk, Martin and Goedicke, Michael and Heisel, Maritta},
publisher = {ACM},
url = {https://dl.acm.org/citation.cfm?id=2855361}
}

2014 Towards Developing Secure Software using Problem-oriented Security Patterns Alebrahim, A. & Heisel, M. Proceedings of the 6th International Cross-Domain Conference on Availability, Reliability, and Security in Information Systems and HCI (CD-ARES)   Springer
Abstract: Security as one essential quality requirement has to be addressed during
the software development process. Quality requirements such as security
drive the architecture of a software, while design decisions such as security patterns
on the architecture level in turn might constrain the achievement of quality
requirements significantly. Thus, to obtain sound architectures and correct requirements,
knowledge which is gained in the solution space, for example from
security patterns, should be reflected in the requirements engineering. In this paper,
we propose an iterative method that takes into account the concurrent development
of requirements and architecture descriptions systematically. It reuses
security patterns for refining and restructuring the requirement models by applying
problem-oriented security patterns. Problem-oriented security patterns adapt
existing security patterns in a way that they can be used in the problem-oriented
requirements engineering. The proposed method bridges the gap between security
problems and security architectural solutions.
BibTeX:
@inproceedings{Alebrahim-cdares2014,
year = {2014},
title = {Towards Developing Secure Software using Problem-oriented Security Patterns},
booktitle = {Proceedings of the 6th International Cross-Domain Conference on Availability, Reliability, and Security in Information Systems and HCI (CD-ARES)},
author = {Alebrahim, Azadeh and Heisel, Maritta},
publisher = {Springer},
series = {LNCS 8708},
pages = {45-62},
}

2014 Problem-oriented Security Patterns for Requirements Engineering Alebrahim, A. & Heisel, M. Proceedings of the 19th European Conference on Pattern Languages of Programs (EuroPLoP)   ACM
BibTeX:
@inproceedings{Alebrahim-europlop2014,
year = {2014},
title = {Problem-oriented Security Patterns for Requirements Engineering},
booktitle = {Proceedings of the 19th European Conference on Pattern Languages of Programs (EuroPLoP)},
author = {Alebrahim, Azadeh and Heisel, Maritta},
publisher = {ACM},
note = {Accepted},
url = {https://dl.acm.org/citation.cfm?id=2721963}
}

2014 A Structured Method for Security Requirements Elicitation concerning the Cloud Computing Domain Beckers, K., Côté, I., Goeke, L., Güler, S. & Heisel, M. International Journal of Secure Software Engineering (IJSSE) - Special Issue on 7th International Workshop on Secure Software Engineering (SecSE 2013)   IGI Global
Abstract: Cloud computing systems offer an attractive alternative to traditional IT-systems, because of economic benefits that arise from the cloud's scalable and flexible IT-resources. The benefits are of particular interest for SME's. The reason is that using Cloud Resources allows an SME to focus on its core business rather than on IT-resources. However, numerous concerns about the security of cloud computing services exist. Potential cloud customers have to be confident that the cloud services they acquire are secure for them to use. Therefore, they have to have a clear set of security requirements covering their security needs. Eliciting these requirements is a difficult task, because of the amount of stakeholders and technical components to consider in a cloud environment. Therefore, the authors propose a structured, pattern-based method supporting eliciting security requirements and selecting security measures. The method guides potential cloud customers to model the application of their business case in a cloud computing context using a pattern-based approach. Thus, a potential cloud customer can instantiate our so-called Cloud System Analysis Pattern. Then, the information of the instantiated pattern can be used to fill-out our textual security requirements patterns and individual defined security requirement patterns, as well. The presented method is tool-supported. Our tool supports the instantiation of the cloud system analysis pattern and automatically transfers the information from the instance to the security requirements patterns. In addition, they have validation conditions that check e.g., if a security requirement refers to at least one element in the cloud. The authors illustrate their method using an online-banking system as running example.
BibTeX:
@article{Beckers2014-IJIS,
year = {2014},
title = {A Structured Method for Security Requirements Elicitation concerning the Cloud Computing Domain},
author = {Beckers, Kristian and C{\^{o}}t{\'{e}}, Isabelle and Goeke, Ludger and G{\"{u}}ler, Selim and Heisel, Maritta},
journal = {International Journal of Secure Software Engineering (IJSSE) - Special Issue on 7th International Workshop on Secure Software Engineering (SecSE 2013)},
publisher = {IGI Global},
volume = {5},
number = {2},
pages = {19 -- 41},
url = {http://www.igi-global.com}
}

2014 Deriving a Pattern Language Syntax for Context-Patterns Beckers, K., Faßbender, S. & Heisel, M. Proceedings of the 19th European Conference on Pattern Languages of Programs (Europlop)   ACM
Abstract: In a previous publication we introduced a catalog of context-patterns. Each context pattern describes common structures and stakeholders
for a specific domain. The common elements of the context were obtained from observations about the domain in terms of standards, domain
specific-publications, and implementations. Whenever the domain of a system-to-be is already described by a context-pattern, one can
use this context-pattern to elicit domain knowledge by instantiating the corresponding context-pattern. Moreover, we analyzed the common
concepts in our context-patterns and created a meta-model to describe the relations between these concepts. This meta-model was the initial
step towards a pattern language for context-patterns. In this work, we show the consequent next step for the definition of a pattern language
syntax for context-patterns. Thus, we describe how to derive the connections between the existing context-pattern in a structured way and
present the results.
BibTeX:
@inproceedings{BeckersFassbender2014-europlop-B,
year = {2014},
title = {Deriving a Pattern Language Syntax for Context-Patterns},
booktitle = {Proceedings of the 19th European Conference on Pattern Languages of Programs (Europlop)},
author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta},
publisher = {ACM},
series = {EuroPLoP '14},
pages = {2:1--2:25},
url = {http://doi.acm.org/10.1145/2721956.2721967},
doi = {10.1145/2721956.2721967}
}

2014 A Threat Analysis Methodology for Smart Home Scenarios Beckers, K., Faßbender, S., Heisel, M. & Suppan, S. Smart Grid Security, Proceddings of the Second International Workshop (SmartGridSec)   Springer
Abstract: A smart grid is envisioned to enable a more economic, environmen-
tal friendly, sustainable and reliable supply of energy. But significant security
concerns have to be addressed for the smart grid, dangers range from threatened
availability of energy, to threats of customer privacy. This paper presents a struc-
tured method for identifying security threats in the smart home scenario and in
particular for analyzing their severity and relevance. The method is able to unveil
also new threats, not discussed in the literature before. The smart home scenario
is represented by a context-pattern, which is a specific kind of pattern for the elic-
itation of domain knowledge [5]. Hence, by exchanging the smart home pattern
by a context-pattern for another domain, e.g., clouds, our method can be used
for these other domains, as well. The proposal is based on Microsoftâ€™s Security
Development Lifecycle (SDL) [4], which uses Data Flow diagrams, but proposes
new alternatives for scenario definition and asset identification based on context-
patterns. These alleviate the lack of scalability of the SDL. In addition, we present
Attack Path DFDs, that show how an attacker can compromise the system.
BibTeX:
@inproceedings{BFassbenderHS2014,
year = {2014},
title = {A Threat Analysis Methodology for Smart Home Scenarios},
booktitle = {Smart Grid Security, Proceddings of the Second International Workshop (SmartGridSec)},
author = {Beckers, Kristian and Fa{\ss}bender, Stephan and Heisel, Maritta and Suppan, Santiago},
publisher = {Springer},
volume = {8448},
series = {Lecture Notes in Computer Science},
pages = {94-124},
doi = {10.1007/978-3-319-10329-7_7}
}

2014 Intertwining Relationship between Requirements, Architecture, and Domain Knowledge Alebrahim, A. & Heisel, M. Proceedings of the 9th International Conference on Software Engineering Advances (ICSEA)
Abstract: In requirements engineering, properties of the environment
and assumptions about it, called domain knowledge, need to
be captured in addition to exploring the requirements. Despite the
recognition of the significance of capturing the required domain
knowledge, domain knowledge might be missing, left implicit,
or be captured inadequately during the software development
process, causing incorrect specifications and software failure.
Domain knowledge affects the elicitation and evolution of requirements,
the evolution of software architectures, and related design
decisions. Conversely, requirements and design decisions affect
the elicitation and modification of domain knowledge. In this
paper, we propose the iterative capturing and co-developing of
domain knowledge with requirements and software architectures.
We explicitly discuss the effects of requirements and design
decisions on domain knowledge and illustrate this relationship
with examples drawn from our research, where we had to go
back and forth between requirements, domain knowledge, and
design decisions.
BibTeX:
@inproceedings{ICSEA2014,
year = {2014},
title = {Intertwining Relationship between Requirements, Architecture, and Domain Knowledge},
booktitle = {Proceedings of the 9th International Conference on Software Engineering Advances (ICSEA)},
author = {Alebrahim, Azadeh and Heisel, Maritta},
volume = {421},
series = {IFIP Advances in Information and Communication Technology},
pages = {150--162}
}

2014 A Structured Approach for Eliciting, Modeling, and Using Quality-Related Domain Knowledge Alebrahim, A., Heisel, M. & Meis, R. Proceedings of the 14th International Conference on Computational Science and Its Applications (ICCSA)   Springer
Abstract: In requirements engineering, properties of the environment and assumptions about
it, called domain knowledge, need to be captured in addition to
exploring the requirements.
Despite the recognition of the significance of capturing and using the
required domain knowledge, it might be missing, left implicit, or be
captured inadequately during the software development. This results in an
incorrect specification. Moreover, the software might fail to achieve its
quality objectives because of ignored required constraints and assumptions.
In order to analyze software quality properly, we
propose a structured approach for eliciting, modeling, and using domain
knowledge. We investigate what kind of quality-related domain knowledge is
required for the early phases of quality-driven software development and how
such domain knowledge can be systematically elicited and explicitly modeled to
be used for the analysis of quality requirements. Our method aims at improving
the quality of the requirements engineering process by facilitating the
capturing and using of implicit domain knowledge.
BibTeX:
@incollection{SQ2014,
year = {2014},
title = {A Structured Approach for Eliciting, Modeling, and Using Quality-Related Domain Knowledge},
booktitle = {Proceedings of the 14th International Conference on Computational Science and Its Applications (ICCSA)},
author = {Alebrahim, Azadeh and Heisel, Maritta and Meis, Rene},
publisher = {Springer},
series = {LNCS 8583},
pages = {370--386},
url = {http://dx.doi.org/10.1007/978-3-319-09156-3_27},
doi = {10.1007/978-3-319-09156-3_27}
}

2012 Designing Architectures from Problem Descriptions by Interactive Model Transformation Alebrahim, A., Côté, I., Heisel, M., Choppy, C. & Hatebur, D. Proceedings 27th Symposium on Applied Computing   ACM
Abstract: We present a structured approach to systematically derive a software
architecture from a given problem description based on problem
frames and a description of the environment. Our aim is to
re-use the elements of the problem descriptions in creating the architecture.
The derivation is performed by transforming the problem
description into an initial architecture, where each subproblem
corresponds to a component. The transformation is supported by
model transformation rules, formally specified as operations with
pre- and postconditions. This specification serves as a blueprint for
a tool supporting the architectural design. We illustrate our method
by the example of a patient care system.
BibTeX:
@inproceedings{SAC2012,
year = {2012},
title = {Designing Architectures from Problem Descriptions by Interactive Model Transformation},
booktitle = {Proceedings 27th Symposium on Applied Computing},
author = {Alebrahim, Azadeh and C{\^{o}}t{\'{e}}, Isabelle and Heisel, Maritta and Choppy, Christine and Hatebur, Denis},
publisher = {ACM},
pages = {1256--1258},
url = {http://dl.acm.org/}
}

2012 Deriving Quality-based Architecture Alternatives with Patterns Konersmann, M., Alebrahim, A., Heisel, M., Goedicke, M. & Kersten, B. Software Engineering   GI
Abstract: We propose in this paper an iterative method composed of three steps to
derive architecture alternatives from quality requirements using a catalogue of patterns
and styles. The solution candidates are chosen by answering a set of questions which
reflects the requirements. We instantiate then the solution candidates using a UMLbased
enhancement of the problem frame approach. To ensure that the instantiated
architectures fulfill the quality requirements, we evaluate them in the next step. A
desired refinement of the software architectures is then achieved by iterating over the
described steps.
BibTeX:
@inproceedings{SE2012,
year = {2012},
title = {Deriving Quality-based Architecture Alternatives with Patterns},
booktitle = {Software Engineering},
author = {Konersmann, Marco and Alebrahim, Azadeh and Heisel, Maritta and Goedicke, Michael and Kersten, Benjamin},
publisher = {GI},
series = {LNI 198},
pages = {71--82},
url = {www.gi.de}
}

2011 A Method to Derive Software Architectures from Quality Requirements Alebrahim, A., Hatebur, D. & Heisel, M. Proceedings of the 18th Asia-Pacific Software Engineering Conference (APSEC)   IEEE Computer Society
Abstract: We present a model- and pattern-based method that allows software engineers to take quality requirements into account right from the beginning of the software development process. The method comprises requirements analysis as well as the derivation of a software architecture from requirements documents, in which quality requirements are reflected explicitly. For requirements analysis, we use an enhancement of the problem frame approach, where software development problems are represented by problem diagrams. The derivation of a software architecture starts from a set of problem diagrams, annotated with functional as well as quality requirements. First, we set up an initial software architecture, taking into account the decomposition of the overall software development problem into subproblems. Then, we incorporate quality requirements into that architecture by using security or performance patterns or mechanisms. The method is toolsupported, which allows developers to check semantic integrity conditions in the different models
BibTeX:
@inproceedings{AHH2011b,
year = {2011},
title = {A Method to Derive Software Architectures from Quality Requirements},
booktitle = {Proceedings of the 18th Asia-Pacific Software Engineering Conference ({APSEC})},
author = {Alebrahim, Azadeh and Hatebur, Denis and Heisel, Maritta},
publisher = {IEEE Computer Society},
pages = {322--330},
url = {https://www.ieee.org/}
}

2011 Systematic Architectural Design based on Problem Patterns Choppy, C., Hatebur, D. & Heisel, M. Relating Software Requirements and Architectures   Springer
Abstract: We present a method to derive systematically software architectures
from problem descriptions. The problem descriptions are based on the artifacts
that are set up when following Jackson's problem frame approach. They include a
context diagram describing the overall problem situation and a set of problem
diagrams that describe subproblems of the overall software development problem.
The different subproblems should be instances of problem frames, which are
patterns for simple software development problems.
Starting from these pattern-based problem descriptions, we derive a software
architecture in three steps. An initial architecture contains one component for each
subproblem. In the second step, we apply different architectural and design
patterns and introduce coordinator and facade components. In the final step, the
components of the intermediate architecture are re-arranged to form a layered
architecture, and interface and driver components are added.
All artefacts are expressed as UML diagrams, using specific UML profiles. The
method is tool-supported. Our tool supports developers in setting up the diagrams,
and it checks different validation conditions concerning the semantic integrity and
the coherence of the different diagrams.
We illustrate the method by deriving an architecture for an automated teller
machine.
BibTeX:
@incollection{CHH2011a,
year = {2011},
title = {Systematic Architectural Design based on Problem Patterns},
booktitle = {Relating Software Requirements and Architectures},
author = {Choppy, Christine and Hatebur, Denis and Heisel, Maritta},
publisher = {Springer},
pages = {133--159},
}

2011 A Pattern- and Component-Based Method to Develop Secure Software Schmidt, H., Hatebur, D. & Heisel, M. Software Engineering for Secure Systems: Academic and Industrial Perspectives   IGI Global
Abstract: We present a security engineering process based on security problem frames and concretized
security problem frames. Both kinds of frames constitute patterns for analyzing security problems
and associated solution approaches. They are arranged in a pattern system that makes
dependencies between them explicit. We describe step-by-step how the pattern system can be
used to analyze a given security problem and how solution approaches can be found.
Afterwards, the security problems and the solution approaches are formally modeled in detail.
The formal models serve to prove that the solution approaches are correct solutions to the security
problems. Furthermore, the formal models of the solution approaches constitute a formal
specification of the software to be developed.
Then, the specification is implemented by generic security components and generic security
architectures, which constitute architectural patterns. Finally, the generic security components
and the generic security architecture that composes them are refined and the result is a secure
software product built from existing and/or tailor-made security components.
KEYWORDS
security
BibTeX:
@incollection{SHH2011,
year = {2011},
title = {A Pattern- and Component-Based Method to Develop Secure Software},
booktitle = {Software Engineering for Secure Systems: Academic and Industrial Perspectives},
author = {Schmidt, Holger and Hatebur, Denis and Heisel, Maritta},
publisher = {IGI Global},
pages = {32--74},
url = {http://www.igi-global.com/}
}

2010 Making Pattern- and Model-Based Software Development More Rigorous Hatebur, D. & Heisel, M. Proceedings of International Conference on Formal Engineering Methods (ICFEM)   Springer
Abstract: Pattern-based and model-based software development approaches have
a high potential to improve the quality of software. Patterns allow engineers to
re-use established and proven development knowledge. Developing software by
constructing a sequence of models provides engineers with various possibilities
for validation, because the different development models are not independent of
each other and hence can be checked for coherence.
We present a UML profile equipped with numerous OCL constraints that supports
a pattern- and model-based software development process. The basis of the
UML profile is a representation of problem frames, which are patterns supporting
requirements analysis. OCL constraints provide a formal underpinning of the
development process and allow one to perform semantic checks every time a new
model is set up. Our approach is supported by a tool, called UML4PF. The tool
is based on the Eclipse development environment, extended by an EMF-based
UML tool, in our case, Papyrus. In this paper, we specifically focus on ensuring
that problem frames are instantiated correctly. We illustrate our approach by the
case study of an automatic teller machine.
BibTeX:
@inproceedings{HateburHeisel2010a,
year = {2010},
title = {Making Pattern- and Model-Based Software Development More Rigorous},
booktitle = {Proceedings of International Conference on Formal Engineering Methods ({ICFEM})},
author = {Hatebur, Denis and Heisel, Maritta},
publisher = {Springer},
series = {LNCS 6447},
pages = {253--269},
}

2010 A UML Profile for Requirements Analysis of Dependable Software Hatebur, D. & Heisel, M. Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer
Abstract: At Safecomp 2009, we presented a foundation for requirements analysis
of dependable software. We defined a set of patterns for expressing and analyzing
dependability requirements, such as confidentiality, integrity, availability,
and reliability. The patterns take into account random faults as well as certain
attacks and therefore support a combined safety and security engineering.
In this paper, we demonstrate how the application of our patterns can be tool supported.
We present a UML profile allowing us to express the different dependability
requirements using UML diagrams. Integrity conditions are expressed using
OCL. We provide tool support based on the Eclipse development environment,
extended with an EMF-based UML tool, e.g., Papyrus UML. We illustrate how
to use the profile to model dependability requirements of a cooperative adaptive
cruise control system.
BibTeX:
@inproceedings{HateburHeisel2010b,
year = {2010},
title = {A {UML} Profile for Requirements Analysis of Dependable Software},
booktitle = {Proceedings of the International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
author = {Hatebur, Denis and Heisel, Maritta},
publisher = {Springer},
series = {LNCS 6351},
pages = {317--331},
}

2010 Automated Checking of Integrity Constraints for a Model- and Pattern-Based Requirements Engineering Method (Technical Report) Côté, I., Hatebur, D. & Heisel, M.
Abstract: We present a new UML profile serving to support a pattern- and model-based requirements engineering method based on Jacksonâ€™s problem frames. The UML profile allows us to express the different models being defined during requirements analysis using UML diagrams. In order to automatically perform semantic validations associated with the method, we provide integrity conditions, expressed as OCL constraints.
These constraints concern single models as well as the coherence of different models. To provide tool support for the requirements engineering method, we have developed a tool called UML4PF. It is based on the
Eclipse development environment, extended by an EMF-based UML tool, in our case, Papyrus. To demonstrate the applicability of our approach, we use the case study of a vacation rentals reservation system.
BibTeX:
@misc{,
year = {2010},
title = {Automated Checking of Integrity Constraints for a Model- and Pattern-Based Requirements Engineering Method (Technical Report)},
author = {C{\^{o}}t{\'{e}}, Isabelle and Hatebur, Denis and Heisel, Maritta}
}

2009 Problem-Oriented Documentation of Design Patterns Fülleborn, A., Meffert, K. & Heisel, M. Proceedings 12thInternational Conference on Fundamental Approaches to Software Engineering (FASE)   Springer
Abstract: In order to retrieve, select and apply design patterns in a
tool-supported way, we suggest to construct and document a problemcontext
pattern that re
ects the essence of the problems that the design
pattern is meant to solve. In our approach, software engineers can choose
examples of source code or UML models from the special domains that
they are experts in. We present a method that enables software engineers
to describe the transformation from a problem-bearing source model to
an appropriate solution model. Afterwards, the inverse of that transformation
is applied to the UML solution model of the existing design
pattern, resulting in an abstract problem-context pattern. This pattern
can then be stored together with the solution pattern in a pattern library.
The method is illustrated by deriving a problem-context pattern
for the Observer design pattern.
BibTeX:
@inproceedings{FASE09,
year = {2009},
title = {Problem-Oriented Documentation of Design Patterns},
booktitle = {Proceedings 12thInternational Conference on Fundamental Approaches to Software Engineering (FASE)},
author = {F{\"{u}}lleborn, Alexander and Meffert, Klaus and Heisel, Maritta},
publisher = {Springer},
series = {LNCS 5503},
pages = {294--308},
}

2009 Deriving Software Architectures from Problem Descriptions Hatebur, D. & Heisel, M. Software Engineering 2009 - Workshopband   GI
Abstract: We show how software architectures (including interface descriptions) can
be derived from artifacts set up in the analysis phase of the software lifecycle. The
analysis phase consists of six steps, where various models are constructed. Especially,
the software development problem is decomposed into simple subproblems. The models
set up in the analysis phase form the basis for (i) defining software architectures
related to single subproblems, (ii) merging the subproblem architectures to obtain the
overall software architecture, and (iii) to define the interfaces between the components
of the overall architecture. The approach is based on problem patterns (problem
frames) and the architectural style of layered software architectures.
BibTeX:
@inproceedings{HH09a,
year = {2009},
title = {Deriving Software Architectures from Problem Descriptions},
booktitle = {Software Engineering 2009 - Workshopband},
author = {Hatebur, Denis and Heisel, Maritta},
publisher = {GI},
pages = {383--302},
url = {https://gi.de/}
}

2008 A Systematic Account of Problem Frames Côté, I., Hatebur, D., Heisel, M., Schmidt, H. & Wentzlaff, I. Proceedings of the European Conference on Pattern Languages of Programs (EuroPLoP)   Universitätsverlag Konstanz
Abstract: We give an enumeration of possible problem frames, based on domain characteristics, and
comment on the usefulness of the obtained frames. In particular, we investigate problem domains
and their characteristics in detail. This leads to fine-grained criteria for describing problem
domains. As a result, we identify a new type of problem domain and come up with integrity
conditions for developing useful problem frames. Taking a complete enumeration of possible
problem frames (with at most three problem domains, of which only one is constrained) as a
basis, we find 8 new problem frames, 7 of which we consider as useful in practical software
development.
BibTeX:
@inproceedings{europlop08,
year = {2008},
title = {A Systematic Account of Problem Frames},
booktitle = {Proceedings of the European Conference on Pattern Languages of Programs ({EuroPLoP})},
author = {C{\^{o}}t{\'{e}}, Isabelle and Hatebur, Denis and Heisel, Maritta and Schmidt, Holger and Wentzlaff, Ina},
publisher = {Universit{\"{a}}tsverlag Konstanz},
pages = {749--767},
url = {http://www.uvk.de/}
}

2008 A Formal Metamodel for Problem Frames Hatebur, D., Heisel, M. & Schmidt, H. Proceedings of the International Conference on Model Driven Engineering Languages and Systems (MODELS)
Abstract: Problem frames are patterns for analyzing, structuring, and characterizing
software development problems. This paper presents a formal metamodel
for problem frames expressed in UML class diagrams and using the formal specification
notation OCL. That metamodel clarifies the nature of the different syntactical
elements of problem frames, as well as the relations between them. It
provides a framework for syntactical analysis and semantic validation of newly
defined problem frames, and it prepares the ground for tool support for the problem
frame approach.
BibTeX:
@techreport{HHS2008,
year = {2008},
title = {A Formal Metamodel for Problem Frames},
booktitle = {Proceedings of the International Conference on Model Driven Engineering Languages and Systems (MODELS)},
author = {Hatebur, Denis and Heisel, Maritta and Schmidt, Holger},
series = {LNCS 5301},
pages = {68--82},
}

2008 Using UML Environment Models for Test Case Generation Heisel, M., Hatebur, D., Santen, T. & Seifert, D. Software Engineering 2008 - Workshopband   GI
Abstract: We propose a new method for system validation by means of testing,
which is based on environment models expressed as UML state machines. A sun
blind control case study serves to illustrate the method.
BibTeX:
@inproceedings{HHSS08a,
year = {2008},
title = {{U}sing {UML} {E}nvironment {M}odels for {T}est {C}ase {G}eneration},
booktitle = {Software Engineering 2008 - Workshopband},
author = {Heisel, Maritta and Hatebur, Denis and Santen, Thomas and Seifert, Dirk},
publisher = {GI},
pages = {399--406},
url = {https://gi.de/}
}

2008 Testing Against Requirements using UML Environment Models Heisel, M., Hatebur, D., Santen, T. & Seifert, D. Proc. Fachgruppentreffen Requirements Engineering und Test, Analyse & Verifikation   GI
Abstract: We propose a new method for system validation by
means of testing, which is based on environment models
expressed as UML state machines. A sun blind
control case study serves to illustrate the method.
BibTeX:
@inproceedings{HHSS08b,
year = {2008},
title = {Testing Against Requirements using {UML} Environment Models},
booktitle = {Proc. {Fachgruppentreffen} {Requirements} {Engineering} und {Test}, {Analyse} \& {Verifikation}},
author = {Heisel, Maritta and Hatebur, Denis and Santen, Thomas and Seifert, Dirk},
publisher = {GI},
pages = {28--31},
url = {https://gi.de/}
}

2007 Pattern-based Exploration of Design Alternatives for the Evolution of Software Architectures Côté, I., Heisel, M. & Wentzlaff, I. International Journal of Cooperative Information Systems (IJCIS)   World Scientific
Abstract: We propose a pattern-based software development method comprising analysis (using
problem frames) and design (using architectural and design patterns), from which especially
evolving systems benefit. Evolution operators guide a pattern-based transformation
meet new system demands. Through application of these operators, relations between
analysis and design documents are explored systematically for accomplishing desired software
modifications. This allows for reusing development documents to a large extent,
even when the application environment and the requirements change.
BibTeX:
@article{CHW2007,
year = {2007},
title = {{Pattern-based Exploration of Design Alternatives for the Evolution of Software Architectures}},
author = {C{\^{o}}t{\'{e}}, Isabelle and Heisel, Maritta and Wentzlaff, Ina},
journal = {International Journal of Cooperative Information Systems (IJCIS)},
publisher = {World Scientific},
volume = {Volume: 16},
number = {Issue: 3/4},
pages = {341 -- 365},
url = {http://www.worldscinet.com/ijcis/ijcis.shtml}
}

2007 Pattern-based Evolution of Software Architectures Côté, I., Heisel, M. & Wentzlaff, I. Proceedings of the 1st European Conference on Software Architecture (ECSA 2007)   Springer
Abstract: We propose a pattern-based software development method comprising analysis (using problem frames) and design (using architectural and design patterns), of which especially evolving systems benefit. Evolution operators guide a pattern-based transformation procedure, including re-engineering tasks for adjusting a given software architecture to meet new system demands. Through application of these operators, relations between analysis and design documents are explored systematically for accomplishing desired software modifications. This allows for reusing development documents to a large extent, even when the application environment and the requirements change.
BibTeX:
@inproceedings{CHW2007a,
year = {2007},
title = {Pattern-based Evolution of Software Architectures},
booktitle = {Proceedings of the 1st European Conference on Software Architecture (ECSA 2007)},
author = {C{\^{o}}t{\'{e}}, Isabelle and Heisel, Maritta and Wentzlaff, Ina},
publisher = {Springer},
series = {LNCS 4758},
pages = {29 -- 43},
}

2007 Methods to Create and Use Cross-Domain Analysis Patterns Fülleborn, A. & Heisel, M. EuroPLoP '06, Proceedings of the 11th European Conference on Pattern Languages of Programs   Universitätsverlag Konstanz
Abstract: We present a set of methods to enable a cross-domain reuse of problem solutions via analysis patterns. First, problem-context descriptions and problemcontext models as well as solution models are used to express the domainspecific problems and their assigned solutions. After that, the two-step abstraction method is used to create cross-domain analysis patterns for the problemcontext models as well as for the solution models. The problem-context patterns are used to search across domains for a solution pattern. If a solution pattern is available, it can be instantiated in the solution-seeking domain.
BibTeX:
@inproceedings{Europlop06,
year = {2007},
title = {Methods to Create and Use Cross-Domain Analysis Patterns},
booktitle = {EuroPLoP '06, Proceedings of the 11th European Conference on Pattern Languages of Programs},
author = {F{\"{u}}lleborn, Alexander and Heisel, Maritta},
publisher = {Universit{\"{a}}tsverlag Konstanz},
pages = {427--442},
url = {http://www.uvk.de/}
}

2007 A Pattern System for Security Requirements Engineering Hatebur, D., Heisel, M. & Schmidt, H. Proceedings of the International Conference on Availability, Reliability and Security (AReS)   IEEE Computer Society
Abstract: We present a pattern system for security requirements engineering,
consisting of security problem frames and concretized
security problem frames. These are special kinds
of problem frames that serve to structure, characterize, analyze,
and finally solve software development problems in the
area of software and system security. We equip each frame
with formal preconditions and postconditions. The analysis
of these conditions results in a pattern system that explicitly
shows the dependencies between the different frames.
Moreover, we indicate related frames, which are commonly
used together with the considered frame. Hence, our approach
helps security engineers to avoid omissions and to
cover all security requirements that are relevant for a given
problem.
BibTeX:
@inproceedings{HHS2007,
year = {2007},
title = {A Pattern System for Security Requirements Engineering},
booktitle = {Proceedings of the International Conference on Availability, Reliability and Security (AReS)},
author = {Hatebur, Denis and Heisel, Maritta and Schmidt, Holger},
publisher = {IEEE Computer Society},
series = {IEEE Transactions},
pages = {356--365},
url = {https://www.ieee.org}
}

2007 A Security Engineering Process based on Patterns Hatebur, D., Heisel, M. & Schmidt, H. Proceedings of the International Workshop on Secure Systems Methodologies using Patterns (SPatterns)   IEEE Computer Society
Abstract: We present a security engineering process based on security
problem frames and concretized security problem
frames. Both kinds of frames constitute patterns for analyzing
security problems and associated solution approaches.
They are arranged in a pattern system that makes dependencies
between them explicit. We describe step-by-step how
the pattern system can be used to analyze a given security
problem and how solution approaches can be found. Further,
we introduce a new frame that focuses on the privacy
requirement anonymity.
BibTeX:
@inproceedings{HHS2007a,
year = {2007},
title = {A Security Engineering Process based on Patterns},
booktitle = {Proceedings of the International Workshop on Secure Systems Methodologies using Patterns (SPatterns)},
author = {Hatebur, Denis and Heisel, Maritta and Schmidt, Holger},
publisher = {IEEE Computer Society},
url = {https://www.ieee.org}
}

2006 Component composition through architectural patterns for problem frames Choppy, C., Hatebur, D. & Heisel, M. Proc. XIII Asia Pacific Software Engineering Conference   IEEE Computer Society
Abstract: In this paper, we present a pattern-based software development
process using problem frames and corresponding
architectural patterns. In decomposing a complex problem
into simple subproblems, the relationships between the subproblems
are recorded explicitly. Based on this information,
we give guidelines on how to derive the software architecture
for the overall problem from the software architectures
of the simple subproblems.
BibTeX:
@inproceedings{CHH2006,
year = {2006},
title = {Component composition through architectural patterns for problem frames},
booktitle = {Proc. XIII Asia Pacific Software Engineering Conference},
author = {Choppy, Christine and Hatebur, Denis and Heisel, Maritta},
publisher = {IEEE Computer Society},
pages = {27--34},
url = {https://www.ieee.org}
}

2006 Security Engineering using Problem Frames Hatebur, D., Heisel, M. & Schmidt, H. Proceedings of the International Conference on Emerging Trends in Information and Communication Security (ETRICS)   Springer
Abstract: We present a method for security engineering, which is based on two
special kinds of problem frames that serve to structure, characterize, analyze, and
finally solve software development problems in the area of software and system
security. Both kinds of problem frames constitute patterns for representing security
problems, variants of which occur frequently in practice.We present security
problem frames, which are instantiated in the initial step of our method. They explicitly
distinguish security problems from their solutions. To prepare the solution
of the security problems in the next step, we employ concretized security problem
frames capturing known approaches to achieve security. Finally, the last step of
our method results in a specification of the system to be implemented given by
concrete security mechanisms and instantiated generic sequence diagrams. We
illustrate our approach by the example of a secure remote display system.
BibTeX:
@inproceedings{HHS2006a,
year = {2006},
title = {Security Engineering using Problem Frames},
booktitle = {Proceedings of the International Conference on Emerging Trends in Information and Communication Security (ETRICS)},
author = {Hatebur, Denis and Heisel, Maritta and Schmidt, Holger},
publisher = {Springer},
volume = {3995/2006},
pages = {238--253},
}

2006 Entwicklung aus dem Baukasten. Modellierung und Verifikation technischer Systeme Heisel, M., König, B., Kochs, H.-D. & Petersen, Jö. Forum Forschung
Abstract: Technische Systeme sind heute allgegenwärtig: Ob im Haushalt, im Auto oder im Flugzeug.
Systemtechnik dominiert auch Heizungs- und Solartechnikanlagen, ganze Kraftwerke,
Raffinerien oder Stahlwerke. Vernetzte und verteilte Systeme wie Mobilkommunikationssysteme,
das Internet oder satellitengestützte Positions- und Mautsysteme umspannen die
ganze Welt. Informatische Techniken sind dabei oft nicht nur Bestandteil dieser Systeme,
sondern werden auch bei deren Konzeption, Produktion und Qualitätsüberwachung eingesetzt.
Das Informatikjahr soll das Bewusstsein schärfen, dass unsere Gesellschaft ohne
Technik und diese wiederum ohne Informatik überhaupt nicht mehr funktionieren
würden.
BibTeX:
@article{HKK+2006,
year = {2006},
title = {Entwicklung aus dem Baukasten. Modellierung und Verifikation technischer Systeme},
author = {Heisel, Maritta and K{\"{o}}nig, Barbara and Kochs, Hans-Dieter and Petersen, J{\"{o}}rg},
journal = {Forum Forschung},
pages = {32--41},
note = {Universit{\"{a}}t Duisburg-Essen}
}

2005 Architectural Patterns for Problem Frames Choppy, C., Hatebur, D. & Heisel, M. IEEE Proceedings -- Software, Special Issue on Relating Software Requirements and Architecture
Abstract: Problem frames provide a characterisation and classification of software development problems.
Fitting a problem into an appropriate problem frame should not only help to understand
it, but also to solve the problem (the idea being that, once the adequate problem frame is
identified, then the associated development method should be available). We propose software
architectural patterns corresponding to the different problem frames that may serve as
a starting point for the construction of the software solving the given problem. These architectural
patterns exactly reflect the properties of the problems fitting into a given frame, and
they can be combined in a modular way to solve multi-frame problems.
BibTeX:
@article{CHH2005a,
year = {2005},
title = {Architectural Patterns for Problem Frames},
author = {Choppy, Christine and Hatebur, Denis and Heisel, Maritta},
journal = {IEEE Proceedings -- Software, Special Issue on Relating Software Requirements and Architecture},
url = {https://www.ieee.org}
}

2005 Composing architectures based on architectural patterns for problem frames Choppy, C., Hatebur, D. & Heisel, M.
Abstract: to be inserted
BibTeX:
@techreport{ChoppyHateburHeisel05,
year = {2005},
title = {Composing architectures based on architectural patterns for problem frames},
author = {Choppy, Christine and Hatebur, Denis and Heisel, Maritta},
note = {\tt http://swe.uni-duisburg-essen.de/intern/comparch05.pdf}
}

2005 Problem Frames and Architectures for Security Problems Hatebur, D. & Heisel, M. Proceedings of the 24th International Conference on Computer Safety, Reliability and Security (SAFECOMP)   Springer
Abstract: Abstract: We present two (?) problem frames that serve to structure, characterize and analyze software
development problems in the area of software and system security. These problem frames constitute
patterns for representing security problems, variants of which occur frequently in practice. Solving such
problems starts with the development of an appropriate software architecture. To support that process,
we furthermore present architectural patterns associated with the problem frames.
BibTeX:
@inproceedings{HH2005,
year = {2005},
title = {Problem Frames and Architectures for Security Problems},
booktitle = {Proceedings of the 24th International Conference on Computer Safety, Reliability and Security (SAFECOMP)},
author = {Hatebur, Denis and Heisel, Maritta},
publisher = {Springer},
series = {LNCS 3688},
pages = {390--404},
}

2005 A Model-Based Development Process for Embedded Systems Heisel, M. & Hatebur, D. Proc. Workshop on Model-Based Development of Embedded Systems
Abstract: We present a development process for embedded systems which emerged from industrial
practice. This process covers hardware and software components for systems engineering, but the main
focus is on embedded software components and the modeling of problems, specications, tests and
architectures. Each step of the process has validation conditions associated with it that help to detect
errors as early as possible.
BibTeX:
@inproceedings{HH2005a,
year = {2005},
title = {A Model-Based Development Process for Embedded Systems},
booktitle = {Proc. Workshop on Model-Based Development of Embedded Systems},
author = {Heisel, Maritta and Hatebur, Denis},
publisher = {Technical University of Braunschweig},
number = {TUBS-SSE-2005-01},
note = {Available at {\tt http://www.sse.cs.tu-bs.de/publications/MBEES-Tagungsband.pdf}}
}

2004 Une approache à base de patrons'' pour la spécification et le développement de systèmes d'information Choppy, C. & Heisel, M. Proceedings Approches Formelles dans l'Assistance au Développement de Logiciels - AFADL'2004
Abstract: Les "patrons" (ou "patterns") tels que les "problem frames" (schémas de problèmes) et les styles d'architecture sont utilisés ici comme support pour la spécication formelle et le développement de systèmes d'information. De nouveaux schémas de problèmes spéciques pour les systèmes d'information sont proposés pour décrire les sous-problèmes identiés et pour aider la spécication formelle. La recomposition est effectuée en utilisant une approche basée sur les composants et un style d'architecture qui permet de réunir les différents composants. Une méthode originale est proposée pour accompagner ce processus, avec la mise à prot de certains apports d'UML pour le premier niveau de décomposition, puis l'utilisation des "patterns". Ces idées sont illustrées sur une étude de cas.
BibTeX:
@inproceedings{CH2004,
year = {2004},
title = {Une approache {\{a}} base de patrons'' pour la sp{\'{e}}cification et le d{\'{e}}veloppement de syst{\{e}}mes d'information},
booktitle = {Proceedings Approches Formelles dans l'Assistance au D{\'{e}}veloppement de Logiciels - AFADL'2004},
author = {Choppy, Christine and Heisel, Maritta},
pages = {61--76}
}

2003 Use of Patterns in Formal Development: Systematic Transition From Problems to Architectural Designs Choppy, C. & Heisel, M. Recent Trends in Algebraic Development Techniques, 16th WADT, Selected Papers   Springer
Abstract: We present a pattern-based software lifecycle and a method that supports the systematic execution of that lifecycle. First, problem frames are used to develop a formal specification of the problem to be solved. In a second phase, architectural styles are used to construct an architectural specification of the software system to be developed. That specification forms the basis for fine-grained design and implementation.
BibTeX:
@inproceedings{CH2003,
year = {2003},
title = {Use of Patterns in Formal Development: Systematic Transition From Problems to Architectural Designs},
booktitle = {Recent Trends in Algebraic Development Techniques, 16th WADT, Selected Papers},
author = {Choppy, Christine and Heisel, Maritta},
publisher = {Springer},
series = {LNCS 2755},
pages = {205--220},
}

2000 A heuristic algorithm to detect feature interactions in requirements Heisel, M. & Souquières, J. Language Constructs for Describing Features   Springer-Verlag
Abstract: We present a method to systematically detect feature interactions in requirements,
which are expressed as constraints on system event traces. We show its application on the lift
system, incorporating new features to a simple lift, concerning the lift overfull and the executive
floor with priority. This method is part of a broader approach to requirements elicitation
and formal specification.
BibTeX:
@incollection{HS2000,
year = {2000},
title = {A heuristic algorithm to detect feature interactions in requirements},
booktitle = {Language Constructs for Describing Features},
author = {Heisel, Maritta and Souqui{\{e}}res, Jeanine},
publisher = {Springer-Verlag},
pages = {143--162},
`