REQUIREMENTS ENGINEERING INHOUSE SEMINARagse.cs.uni-kl.de/teaching/re/ws2016/material/SBS... ·...
Transcript of REQUIREMENTS ENGINEERING INHOUSE SEMINARagse.cs.uni-kl.de/teaching/re/ws2016/material/SBS... ·...
© Fraunhofer IESE
REQUIREMENTS ENGINEERINGLECTURE 2016/2017
Dr. Jörg Dörr
RE for Embedded Systems- Exercise on SBS
Requirements Engineering
Embedded System Software Specification
Specification model• What does the specification contain?• What should be documented?
Logical system model• What is the system?• Where is the system boundary?• What should be considered ?
Specification processes• What steps to perform and how?• Cleanroom software engineering
• Sequence-based Specification
Specification methods• How to document?
• Tables• What language to use?
• SCR
We looked at these in the last class
Requirements Engineering
Embedded System Software Specification
Specification model• What does the specification contain?• What should be documented?
Logical system model• What is the system?• Where is the system boundary?• What should be considered ?
Specification processes• What steps to perform and how?• Cleanroom software engineering
• Sequence-based Specification
Specification methods• How to document?
• Tables• What language to use?
• SCR
Today’s exercise
Requirements Engineering
SBSPart 1: Sequence Based Specification
Requirements Engineering
Specifying black box behavior
• Sequence based specification- Tag requirements- Define system boundary
Identify stimuli Identify responsesChoice of appropriate abstraction
- Systematic enumeration of Stimulus history (sequences) and responses (SH R)Sequence equivalence
Requirements Engineering
Example
• “Cleanroom Software Engineering Technology and Process” by S. Prowell, C. Trammell, R. Linger, J. Poore
SET
1 32
4 65
7 98
CLEAR
Trip Wire
Requirements Engineering
Security alarm requirements
Tag Requirement
1 The security alarm has a detector that sends a trip signal when motion is detected
2 The security alarm is activated by pressing the SET button3 The SET button is illuminated when the security alarm is set
4 If a trip signal occurs when the security alarm is set, a tone (alarm) is emitted
5 A three digit code must be entered to silence the alarm tone
6 Correct entry of the code deactivates the security alarm7 If a mistake is made when entering the code, the user must press the CLEAR
button before the code can be re-entered
Requirements Engineering
Security Alarm: Stimuli
Stimulus Description Symbol Trace
Set Device activator S 2Trip Signal from detector T 1BadDigit Incorrect entry of a digit in the
codeB 7
Clear Clear entry C 7GoodDigit A digit that is part of the correct
entry of the 3-digit code that deactivates the alarm and the device
G 5, 6
Requirements Engineering
Security Alarm: Responses
Response Description Trace
Light On Set button illuminated 3Light off Set button not illuminated 6Alarm On Alarm tone activated 4Alarm Off Alarm tone deactivated 5
Requirements Engineering
Sequence Response Equivalence Trace
λ (Empty) Null D1S Light On 2, 3T Illegal D1B Illegal D1C Illegal D1G Illegal D1D1 The security alarm is initially deactivated
Security alarm: Enumeration, Sequences of length 0 and 1
• Rule: Do not extend the sequence IF - the response is “illegal” OR IF- the sequence is declared equivalent to a previous sequence - ELSE extend
Requirements Engineering
Security alarm: Enumeration, Sequences of length 2
Requirements Engineering
Security alarm: Enumeration, Sequences of length 3
Requirements Engineering
Security alarm: Enumeration, Sequences of length 4
Requirements Engineering
Security alarm: Enumeration, Sequences of length 5
Rule: The enumeration is complete if there are no more sequences to extend.
Requirements Engineering
Observations
• Given requirements are usually incomplete and/ or unclear- Derived requirements
Enumeration to identify missing requirements Enumeration to identify ambiguous requirementsDeriving responses for requirements clarification
- Definition of system boundary, stimuli and responsesDepends on abstraction, can change
Requirements are documented, complete, consistent and traceably correct BY CONSTRUCTION
Requirements Engineering
Tag RequirementD1 The security alarm is initially deactivated
D2 After the device has been set, the SET button has no further effect until the device has been deactivated
D3 The device produces no external response to an erroneous entry
D4 The device produces no external response to a CLEAR entry
D5 The device produces no external response the correct entry if a GoodDigit until all three digits of the code have been entered
D6 After the trip signal has set of the alarm, the trip signal has no further effect until the device has been deactivated
D7 Incomplete entry of the code prior to a trip signal will be regarded as an erroneous entry that requires a CLEAR and a re-entry of the correct code to deactivate the alarm
Security Alarm: Derived requirements
Requirements Engineering
Canonical SequenceAnalysis
• Canonical sequences: Irreducible, legalsequences
• Identify from sequenceenumeration
Requirements Engineering
Summary
• Enumeration precisely defines a state machine• State machines generate or recognize sequences• Abstraction to control state space explosion• Ad-hoc state machine construction
- Difficult to invent complete machine- Erroneous
Black-box + State-box definition Complete, Consistent, Traceable, Verifiably Correct specification
Ready for development.