Software Quality by Misuse Analysis

Case study in section 6 was removed because it is confidential 2 Case study in section 6 was removed because it is confidential Case study in section 6 was removed because it is confidential 4 Case study in section 6 was removed because it is confidential Abstract: The research project SIKOSA is funded by the Ministery for Science, Research and Art of Baden-Württemberg, Germany (Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg). We also want to thank Damian Plaza who spent many hours on the case study. Within the research project SIKOSA and its work package " Requirements " a method for requirements elicitation and documentation has been developed which derives all types of non-functional requirements by using misuse cases, not only security requirements. This " Misuse-oriented Quality Requirements Engineering " method (short: MOQARE) has been integrated with the elicitation and documentation of functional requirements. There are several methods for the derivation and analysis of detailed non-functional requirements. These methods often are designed for a restricted field of application, e.g. misuse cases for top-down derivation of requirements detailing the quality attribute " security " , or ATAM for evaluating given architectural alternatives. In this work, we apply misuse cases to any other quality attribute (e.g. usability, maintainability) to develop a method for deriving detailed non-functional and functional requirements from any quality attribute. Doing so, we find that generalizations have to be made to the definitions of the misuse case concepts, and new concepts must be included. We applied our method successfully in a case study. It was a good tool for systematic and concrete requirements elicitation easily understood by the stakeholders and leading to realizable requirements. By the " Misuse-oriented Quality Requirements Engineering " method (short: MOQARE), NFR were operationalized as to be realizable, and at the end, further FRs for the system were found and constraints to FRs. Therefore, it makes sense to present the results of the NFR method with the FRs in an integrated presentation. Such a presentation will be a good basis for the design, implementation and test of the system, much better than a separate presentation of FR and NFR. This working paper is the first out of a series which will be produced in the SIKOSA research project. While here the integration of NFR and FR during the requirements elicitation is treated, later papers will investigate the interface between requirements and architectural design, requirements and …