Ragnhild Kobro Runde scite author profile

The paper presents STAIRS [1], an approach to the compositional development of UML interactions supporting the specification of mandatory as well as potential behavior. STAIRS has been designed to facilitate the use of interactions for requirement capture as well as test specification. STAIRS assigns a precise interpretation to the various steps in incremental system development based on an approach to refinement known from the field of formal methods and provides thereby a foundation for compositional analysis. An interaction may characterize three main kinds of traces. A trace may be (1) positive in the sense that it is valid, legal or desirable, (2) negative meaning that it is invalid, illegal or undesirable, or (3) inconclusive meaning that it is considered irrelevant for the interaction in question. The basic increments in system development proposed by STAIRS, are structured into three main kinds referred to as supplementing, narrowing and detailing. Supplementing categorizes inconclusive traces as either positive or negative. Narrowing reduces the set of positive traces to capture new design decisions or to match the problem more adequately. Detailing involves introducing a more detailed description without significantly altering the externally observable behavior.

show abstract

Why Timed Sequence Diagrams Require Three-Event Semantics

Haugen¹,

Husa²,

Runde³

et al. 2005

View full text Add to dashboard Cite

Abstract. STAIRS is an approach to the compositional development of sequence diagrams supporting the specification of mandatory as well as potential behavior. In order to express the necessary distinction between black-box and glass-box refinement, an extension of the semantic framework with three event messages is introduced. A concrete syntax is also proposed. The proposed extension is especially useful when describing time constraints. The resulting approach, referred to as Timed STAIRS, is formally underpinned by denotational trace semantics. A trace is a sequence of three kinds of events: events for transmission, reception and consumption. We argue that such traces give the necessary expressiveness to capture the standard UML interpretation of sequence diagrams as well as the black-box interpretation found in classical formal methods.

show abstract

Approaches for the combined use of risk analysis and testing: a systematic literature review

Erdogan

Runde

et al. 2014

Int J Softw Tools Technol Transfer

View full text Add to dashboard Cite

The continuous increase of sophisticated cyber security risks exposed to the public, industry, and government through the web, mobile devices, social media, as well as targeted attacks via state-sponsored cyberespionage, clearly show the need for software security. Security testing is one of the most important practices to assure an acceptable level of security. However, security testers face the problem of determining the tests that are most likely to reveal severe security vulnerabilities. This is important in order to focus security testing on the most risky aspects of a system.In response to this challenge, the security testing community has proposed an approach to support security testing with security risk assessment (risk-driven security testing). In general, the purpose of risk-driven security testing is to focus the testing on the most severe security risks that the system under test is exposed to. However, current approaches carry out risk assessment at a high-level of abstraction (for example, business level) and then perform the testing accordingly. This is a disadvantage from a testing perspective because it leaves a gap between the risks and the test cases which are defined at a low-level of abstraction (for example, implementation level). This gap makes it difficult to identify exactly where in the system risks occur, and exactly how the risks should be tested. This also indicates that current approaches focus on risk-driven test planning at a high-level of abstraction for test management purposes, and do not necessarily focus on guiding the tester in designing test cases that have the ability to reveal vulnerabilities causing the most severe risks.This thesis proposes a model-based approach to risk-driven security testing, named CORAL, which is specifically developed to help security testers select and design test cases based on the available risk picture. The CORAL approach consists of seven steps supported by a risk analysis language. The risk analysis language is a modeling language based on UML interactions, and is formalized by an abstract syntax and a schematically defined natural-language semantics.As part of the development and evaluation process of the CORAL approach we carried out three industrial case studies. In the first two case studies, we investigated how risk assessment may be used to identify security test cases, as well as how security testing may be used to improve security risk analysis results. The experiences we obtained from these two industrial case studies helped us to, among other things, shape the CORAL approach. In the third case study we carried out the CORAL approach in an industrial setting in order to evaluate its applicability. The results indicate that CORAL supports security testers in producing risk models that are valid and directly testable. By directly testable risk models we mean risk models that can be reused and specified as test cases based on the interactions in the risk models. This, in turn, helps testers to select and design test cases according to t...

show abstract

The Pragmatics of STAIRS

Runde

Haugen

Stølen

2006

View full text Add to dashboard Cite

Underspecification, Inherent Nondeterminism and Probability in Sequence Diagrams

Refsdal

Runde

Stølen

2006

View full text Add to dashboard Cite

Abstract. Nondeterminism in specifications may be used for at least two different purposes. One is to express underspecification, which means that the specifier for the same environment behavior allows several alternative behaviors of the specified component and leaves the choice between these to those responsible for implementing the specification. In this case a valid implementation will need to implement at least one, but not necessarily all, alternatives. The other purpose is to express inherent nondeterminism, which means that a valid implementation needs to reflect all alternatives. STAIRS is an approach to the compositional and incremental development of sequence diagrams supporting underspecification as well as inherent nondeterminism. Probabilistic STAIRS builds on STAIRS and allows probabilities to be included in the specifications. Underspecification with respect to probabilities is also allowed. This paper investigates the use of underspecification, inherent nondeterminism and probability in sequence diagrams, the relationships between these concepts, and how these are expressed in STAIRS and probabilistic STAIRS.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.