D.3.3 ALGORITHMS FOR INCREMENTAL ... - SecureChange
D.3.3 ALGORITHMS FOR INCREMENTAL ... - SecureChange
D.3.3 ALGORITHMS FOR INCREMENTAL ... - SecureChange
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
2 F. Massacci and L.M.S. Tran<br />
enterprise modeling, software engineering, observable and control-<br />
Key words<br />
lable rules<br />
1 Introduction<br />
“...There are known unknowns: that is to say, there are things<br />
that we now know we don’t know...”<br />
— Donald Rumsfeld, United States Secretary of Defense<br />
The term software evolution has been introduced by Lehman in his work on laws<br />
of software evolution [17, 18], and was widely adopted since 90s. Recent studies<br />
in software evolutions attempt to understand causes, processes, and effects of the<br />
phenomenon [2, 14, 16]; or focus on the methods, tools that manage the effects of<br />
evolution [19, 29, 36].<br />
In the domain of software systems [12, 15, 27, 33, 42], evolution refers to a<br />
process of continually updating software systems in accordance to changes in their<br />
working environments such as business requirements, regulations and standards.<br />
While some evolutions are unpredictable, many others can be predicted albeit with<br />
some uncertainty (e.g. a new standard does not appear overnight, but is the result<br />
of a long process).<br />
It is now widely accepted that in order to fully understand an enterprise system<br />
we can no longer consider simply its IT structure. We face a socio-technical system<br />
[31] “that involve complex interactions between software components, devices and<br />
social components (people or groups of people), not as users of the software but<br />
as players engaged in common tasks” [11].<br />
This is particularly true for large systems of systems such as the Air Traffic<br />
Management “system” (ATM for short). Modelling the key objectives on an Air<br />
Traffic Control Organization requires to include both human and system actors<br />
and, before digging into detailed software features, requires the ability to reason<br />
about high-level strategic assignments of goals to those human and system actors.<br />
In the ATM setting changes are often organizational changes that involves<br />
complex subsystems as a whole. For example, the SESAR Open Sky initiative<br />
foresee the introduction of an Arrival Manager (a system) in order to replace<br />
some of the activities by the Sequence Manager (a human). Still this system relies<br />
on decisions by other humans. Evolution is therefore not represented in terms<br />
of software features but rather in assigning high-level mission critical goals such<br />
as “maintain aircraft separation” to different actors.<br />
The potential evolutions of such large and complex system is not completely<br />
unpredictable, as it often involves significant multi-party (or even multi-state) negotiations.<br />
Stakeholders with experience and high-level positions have a good visibility<br />
of the likely alternatives, the possible but unlikely solutions, and the politically<br />
impossible paths. For example, the Federal Aviation Authority (FAA) document<br />
of the System Wide Information Management (SWIM) for Air Traffic Management<br />
(ATM) lists a number of potential technical alternatives that depends from<br />
high-level decisions (e.g., the existence of an organizational agreement for nationwide<br />
identity management of SWIM users).