References of "Sabetzadeh, Mehrdad 50002966"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailModel-Based Simulation of Legal Policies: Framework, Tool Support, and Validation
Soltana, Ghanem UL; Sannier, Nicolas UL; Sabetzadeh, Mehrdad UL et al

in Software & Systems Modeling (in press)

Simulation of legal policies is an important decision-support tool in domains such as taxation. The primary goal of legal policy simulation is predicting how changes in the law affect measures of interest ... [more ▼]

Simulation of legal policies is an important decision-support tool in domains such as taxation. The primary goal of legal policy simulation is predicting how changes in the law affect measures of interest, e.g., revenue. Legal policy simulation is currently implemented using a combination of spreadsheets and software code. Such a direct implementation poses a validation challenge. In particular, legal experts often lack the necessary software background to review complex spreadsheets and code. Consequently, these experts currently have no reliable means to check the correctness of simulations against the requirements envisaged by the law. A further challenge is that representative data for simulation may be unavailable, thus necessitating a data generator. A hard-coded generator is difficult to build and validate. We develop a framework for legal policy simulation that is aimed at addressing the challenges above. The framework uses models for specifying both legal policies and the probabilistic characteristics of the underlying population. We devise an automated algorithm for simulation data generation. We evaluate our framework through a case study on Luxembourg’s Tax Law. [less ▲]

Detailed reference viewed: 257 (44 UL)
Full Text
Peer Reviewed
See detailTest Case Prioritization for Acceptance Testing of Cyber Physical Systems: A Multi-Objective Search-Based Approach
Shin, Seung Yeob UL; Nejati, Shiva UL; Sabetzadeh, Mehrdad UL et al

in Proceedings of the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'18) (2018, July)

Acceptance testing validates that a system meets its requirements and determines whether it can be sufficiently trusted and put into operation. For cyber physical systems (CPS), acceptance testing is a ... [more ▼]

Acceptance testing validates that a system meets its requirements and determines whether it can be sufficiently trusted and put into operation. For cyber physical systems (CPS), acceptance testing is a hardware-in-the-loop process conducted in a (near-)operational environment. Acceptance testing of a CPS often necessitates that the test cases be prioritized, as there are usually too many scenarios to consider given time constraints. CPS acceptance testing is further complicated by the uncertainty in the environment and the impact of testing on hardware. We propose an automated test case prioritization approach for CPS acceptance testing, accounting for time budget constraints, uncertainty, and hardware damage risks. Our approach is based on multi-objective search, combined with a test case minimization algorithm that eliminates redundant operations from an ordered sequence of test cases. We evaluate our approach on a representative case study from the satellite domain. The results indicate that, compared to test cases that are prioritized manually by satellite engineers, our automated approach more than doubles the number of test cases that fit into a given time frame, while reducing to less than one third the number of operations that entail the risk of damage to key hardware components. [less ▲]

Detailed reference viewed: 51 (4 UL)
Full Text
Peer Reviewed
See detailAutomated Extraction and Clustering of Requirements Glossary Terms
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in IEEE Transactions on Software Engineering (2017), 43(10), 918-945

A glossary is an important part of any software requirements document. By making explicit the technical terms in a domain and providing definitions for them, a glossary helps mitigate imprecision and ... [more ▼]

A glossary is an important part of any software requirements document. By making explicit the technical terms in a domain and providing definitions for them, a glossary helps mitigate imprecision and ambiguity. A key step in building a glossary is to decide upon the terms to include in the glossary and to find any related terms. Doing so manually is laborious, particularly for large requirements documents. In this article, we develop an automated approach for extracting candidate glossary terms and their related terms from natural language requirements documents. Our approach differs from existing work on term extraction mainly in that it clusters the extracted terms by relevance, instead of providing a flat list of terms. We provide an automated, mathematically-based procedure for selecting the number of clusters. This procedure makes the underlying clustering algorithm transparent to users, thus alleviating the need for any user-specified parameters. To evaluate our approach, we report on three industrial case studies, as part of which we also examine the perceptions of the involved subject matter experts about the usefulness of our approach. Our evaluation notably suggests that: (1) Over requirements documents, our approach is more accurate than major generic term extraction tools. Specifically, in our case studies, our approach leads to gains of 20% or more in terms of recall when compared to existing tools, while at the same time either improving precision or leaving it virtually unchanged. And, (2) the experts involved in our case studies find the clusters generated by our approach useful as an aid for glossary construction. [less ▲]

Detailed reference viewed: 233 (51 UL)
Full Text
Peer Reviewed
See detailFrom RELAW Research to Practice: Reflections on an Ongoing Technology Transfer Project
Sannier, Nicolas UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL

in the IEEE 25th International Requirements Engineering Conference, Lisbon, Portugal, 4-8 September 2017 (2017, September)

Detailed reference viewed: 24 (6 UL)
Full Text
Peer Reviewed
See detailThe Case for Context-Driven Software Engineering Research
Briand, Lionel UL; Bianculli, Domenico UL; Nejati, Shiva UL et al

in IEEE Software (2017), 34(5), 72-75

Detailed reference viewed: 244 (24 UL)
Full Text
Peer Reviewed
See detailLegal Markup Generation in the Large: An Experience Report
Sannier, Nicolas UL; Adedjouma, Morayo UL; Sabetzadeh, Mehrdad UL et al

in the 25th International Requirements Engineering Conference (RE'17), Lisbon, 4-8 September 2017 (2017, September)

Detailed reference viewed: 59 (4 UL)
Full Text
Peer Reviewed
See detailAn Automated Framework for Detection and Resolution of Cross References in Legal Texts
Sannier, Nicolas UL; Adedjouma, Morayo; Sabetzadeh, Mehrdad UL et al

in Requirements Engineering (2017), 22(2), 215-237

When identifying and elaborating compliance requirements, analysts need to follow the cross references in legal texts and consider the additional information in the cited provisions. Enabling easier ... [more ▼]

When identifying and elaborating compliance requirements, analysts need to follow the cross references in legal texts and consider the additional information in the cited provisions. Enabling easier navigation and handling of cross references requires automated support for the detection of the natural language expressions used in cross references, the interpretation of cross references in their context, and the linkage of cross references to the targeted provisions. In this article, we propose an approach and tool sup- port for automated detection and resolution of cross references. The approach leverages the structure of legal texts, formalized into a schema, and a set of natural language patterns for legal cross reference expressions. These patterns were developed based on an investigation of Luxembourg’s legislation, written in French. To build confidence about their applicability beyond the context where they were observed, these patterns were validated against the Personal Health Information Protection Act (PHIPA) by the Government of Ontario, Canada, written in both French and English. We report on an empirical evaluation where we assess the accuracy and scalability of our framework over several Luxembourgish legislative texts as well as PHIPA. [less ▲]

Detailed reference viewed: 220 (39 UL)
Full Text
Peer Reviewed
See detailSynthetic Data Generation for Statistical Testing
Soltana, Ghanem UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL

in 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE'17) (2017)

Usage-based statistical testing employs knowledge about the actual or anticipated usage profile of the system under test for estimating system reliability. For many systems, usage-based statistical ... [more ▼]

Usage-based statistical testing employs knowledge about the actual or anticipated usage profile of the system under test for estimating system reliability. For many systems, usage-based statistical testing involves generating synthetic test data. Such data must possess the same statistical characteristics as the actual data that the system will process during operation. Synthetic test data must further satisfy any logical validity constraints that the actual data is subject to. Targeting data-intensive systems, we propose an approach for generating synthetic test data that is both statistically representative and logically valid. The approach works by first generating a data sample that meets the desired statistical characteristics, without taking into account the logical constraints. Subsequently, the approach tweaks the generated sample to fix any logical constraint violations. The tweaking process is iterative and continuously guided toward achieving the desired statistical characteristics. We report on a realistic evaluation of the approach, where we generate a synthetic population of citizens' records for testing a public administration IT system. Results suggest that our approach is scalable and capable o [less ▲]

Detailed reference viewed: 176 (15 UL)
Full Text
Peer Reviewed
See detailExtracting Domain Models from Natural-Language Requirements: Approach and Industrial Evaluation
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in 19th International Conference on Model Driven Engineering Languages and Systems, Saint-Malo 2-7 October 2016 (2016, October)

Domain modeling is an important step in the transition from natural-language requirements to precise specifications. For large systems, building a domain model manually is laborious. Several approaches ... [more ▼]

Domain modeling is an important step in the transition from natural-language requirements to precise specifications. For large systems, building a domain model manually is laborious. Several approaches exist to assist engineers with this task, where Natural Language Processing is employed for automated extraction of domain model elements. Despite the existing approaches, important facets remain under-explored. Notably, there is limited empirical evidence about the usefulness of existing extraction rules in industry. Furthermore, important opportunities for enhancing the extraction rules are yet to be exploited. We develop a domain model extractor by bringing together existing extraction rules and proposing important enhancements. We apply our model extractor to four industrial requirements documents, reporting on the frequency of different extraction rules being applied. We conduct an expert study over one of these documents, investigating the accuracy and overall effectiveness of our domain model extractor. [less ▲]

Detailed reference viewed: 268 (24 UL)
Full Text
Peer Reviewed
See detailTesting the Untestable: Model Testing of Complex Software-Intensive Systems
Briand, Lionel UL; Nejati, Shiva UL; Sabetzadeh, Mehrdad UL et al

in Proceedings of the 38th International Conference on Software Engineering (ICSE 2016) Companion (2016, May)

Detailed reference viewed: 437 (45 UL)
Full Text
Peer Reviewed
See detailAutomated Classification of Legal Cross References Based on Semantic Intent
Sannier, Nicolas UL; Adedjouma, Morayo; Sabetzadeh, Mehrdad UL et al

in 22nd International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ'16) (2016, March)

Detailed reference viewed: 215 (37 UL)
Full Text
Peer Reviewed
See detailModel-Based Simulation of Legal Requirements: Experience from Tax Policy Simulation
Soltana, Ghanem UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL

in 24th IEEE International Conference on Requirements Engineering (RE'16) (2016)

Using models for expressing legal requirements is now commonplace in Requirements Engineering. Models of legal requirements, on the one hand, facilitate communication between software engineers and legal ... [more ▼]

Using models for expressing legal requirements is now commonplace in Requirements Engineering. Models of legal requirements, on the one hand, facilitate communication between software engineers and legal experts, and on the other hand, provide a basis for systematic and automated analysis. The most prevalent application of legal requirements models is for checking the compliance of software systems with laws and regulations. In this experience paper, we explore a complementary application of legal requirements models, namely simulation. We observe that, in domains such as taxation, the same models that underlie legal compliance analysis bring important added value by enabling simulation. Concretely, this paper reports on the model-based simulation of selected legal requirements (policies) derived from Luxembourg’s Income Tax Law. The simulation scenario considered in the paper is aimed at analyzing the impact of a current tax law reform proposal in Luxembourg. We describe our approach for simulation along with empirical results demonstrating the feasibility and accuracy of the approach. We further present lessons learned from the experience. [less ▲]

Detailed reference viewed: 124 (19 UL)
Full Text
Peer Reviewed
See detailAutomated Change Impact Analysis between SysML Models of Requirements and Design
Nejati, Shiva UL; Sabetzadeh, Mehrdad UL; Arora, Chetan UL et al

in 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering, Seattle 13-18 November 2016 (2016)

An important activity in systems engineering is analyzing how a change in requirements will impact the design of a system. Performing this analysis manually is expensive, particularly for complex systems ... [more ▼]

An important activity in systems engineering is analyzing how a change in requirements will impact the design of a system. Performing this analysis manually is expensive, particularly for complex systems. In this paper, we propose an approach to automatically identify the impact of requirements changes on system design, when the requirements and design elements are expressed using models. We ground our approach on the Systems Modeling Language (SysML) due to SysML’s increasing use in industrial applications. Our approach has two steps: For a given change, we first apply a static slicing algorithm to extract an estimated set of impacted model elements. Next, we rank the elements of the resulting set according to a quantitative measure designed to predict how likely it is for each element to be impacted. The measure is computed using Natural Language Processing (NLP) applied to the textual content of the elements. Engineers can then inspect the ranked list of elements and identify those that are actually impacted. We evaluate our approach on an industrial case study with 16 real-world requirements changes. Our results suggest that, using our approach, engineers need to inspect on average only 4.8% of the entire design in order to identify the actually-impacted elements. We further show that our results consistently improve when our analysis takes into account both structural and behavioral diagrams rather than only structural ones, and the natural-language content of the diagrams in addition to only their structural and behavioral content. [less ▲]

Detailed reference viewed: 206 (27 UL)
Full Text
Peer Reviewed
See detailNARCIA: An Automated Tool for Change Impact Analysis in Natural Language Requirements
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Göknil, Arda UL et al

in 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, Bergamo 30 August - 4 September 2015 (2015, September)

We present NARCIA, a tool for analyzing the impact of change in natural language requirements. For a given change in a requirements document, NARCIA calculates quantitative scores suggesting how likely ... [more ▼]

We present NARCIA, a tool for analyzing the impact of change in natural language requirements. For a given change in a requirements document, NARCIA calculates quantitative scores suggesting how likely each requirements statement in the document is to be impacted. These scores, computed using Natural Language Processing (NLP), are used for sorting the requirements statements, enabling the user to focus on statements that are most likely to be impacted. To increase the accuracy of change impact analysis, NARCIA provides a mechanism for making explicit the rationale behind changes. NARCIA has been empirically evaluated on two industrial case studies. The results of this evaluation are briefly highlighted. [less ▲]

Detailed reference viewed: 196 (27 UL)
Full Text
Peer Reviewed
See detailChange Impact Analysis for Natural Language Requirements: An NLP Approach
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Göknil, Arda UL et al

in 23rd IEEE International Requirements Engineering Conference, Ottawa 24-28 August 2015 (2015, August)

Requirements are subject to frequent changes as a way to ensure that they reflect the current best understanding of a system, and to respond to factors such as new and evolving needs. Changing one ... [more ▼]

Requirements are subject to frequent changes as a way to ensure that they reflect the current best understanding of a system, and to respond to factors such as new and evolving needs. Changing one requirement in a requirements specification may warrant further changes to the specification, so that the overall correctness and consistency of the specification can be maintained. A manual analysis of how a change to one requirement impacts other requirements is time-consuming and presents a challenge for large requirements specifications. We propose an automated approach based on Natural Language Processing (NLP) for analyzing the impact of change in Natural Language (NL) requirements. Our focus on NL requirements is motivated by the prevalent use of these requirements, particularly in industry. Our approach automatically detects and takes into account the phrasal structure of requirements statements. We argue about the importance of capturing the conditions under which change should propagate to enable more accurate change impact analysis. We propose a quantitative measure for calculating how likely a requirements statement is to be impacted by a change under given conditions. We conduct an evaluation of our approach by applying it to 14 change scenarios from two industrial case studies. [less ▲]

Detailed reference viewed: 220 (50 UL)
Full Text
Peer Reviewed
See detailAutomated Checking of Conformance to Requirements Templates using Natural Language Processing
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in IEEE Transactions on Software Engineering (2015), 41(10), 944-968

Templates are effective tools for increasing the precision of natural language requirements and for avoiding ambiguities that may arise from the use of unrestricted natural language. When templates are ... [more ▼]

Templates are effective tools for increasing the precision of natural language requirements and for avoiding ambiguities that may arise from the use of unrestricted natural language. When templates are applied, it is important to verify that the requirements are indeed written according to the templates. If done manually, checking conformance to templates is laborious, presenting a particular challenge when the task has to be repeated multiple times in response to changes in the requirements. In this article, using techniques from Natural Language Processing (NLP), we develop an automated approach for checking conformance to templates. Specifically, we present a generalizable method for casting templates into NLP pattern matchers and reflect on our practical experience implementing automated checkers for two well-known templates in the Requirements Engineering community. We report on the application of our approach to four case studies. Our results indicate that: (1) our approach provides a robust and accurate basis for checking conformance to templates; and (2) the effectiveness of our approach is not compromised even when the requirements glossary terms are unknown. This makes our work particularly relevant to practice, as many industrial requirements documents have incomplete glossaries. [less ▲]

Detailed reference viewed: 258 (41 UL)
Full Text
Peer Reviewed
See detailEvidence management for compliance of critical systems with safety standards: A survey on the state of practice
Nair, Sunil; de la Vara, Jose Luis; Sabetzadeh, Mehrdad UL et al

in Information & Software Technology (2015), 60

Context Demonstrating compliance of critical systems with safety standards involves providing convincing evidence that the requirements of a standard are adequately met. For large systems, practitioners ... [more ▼]

Context Demonstrating compliance of critical systems with safety standards involves providing convincing evidence that the requirements of a standard are adequately met. For large systems, practitioners need to be able to effectively collect, structure, and assess substantial quantities of evidence. Objective This paper aims to provide insights into how practitioners deal with safety evidence management for critical computer-based systems. The information currently available about how this activity is performed in the industry is very limited. Method We conducted a survey to determine practitioners’ perspectives and practices on safety evidence management. A total of 52 practitioners from 15 countries and 11 application domains responded to the survey. The respondents indicated the types of information used as safety evidence, how evidence is structured and assessed, how evidence evolution is addressed, and what challenges are faced in relation to provision of safety evidence. Results Our results indicate that (1) V&V artefacts, requirements specifications, and design specifications are the most frequently used safety evidence types, (2) evidence completeness checking and impact analysis are mostly performed manually at the moment, (3) text-based techniques are used more frequently than graphical notations for evidence structuring, (4) checklists and expert judgement are frequently used for evidence assessment, and (5) significant research effort has been spent on techniques that have seen little adoption in the industry. The main contributions of the survey are to provide an overall and up-to-date understanding of how the industry addresses safety evidence management, and to identify gaps in the state of the art. Conclusion We conclude that (1) V&V plays a major role in safety assurance, (2) the industry will clearly benefit from more tool support for collecting and manipulating safety evidence, and (3) future research on safety evidence management needs to place more emphasis on industrial applications. [less ▲]

Detailed reference viewed: 68 (3 UL)
Full Text
Peer Reviewed
See detailAssessing IT Security Standards Against the Upcoming GDPR for Cloud Systems
Bartolini, Cesare UL; Gheorghe, Gabriela UL; Giurgiu, Andra UL et al

Poster (2015, March 11)

This work in progress aims at identifying a mapping between the current security standards (in particular, but not limited to, ISO 27001-2013) and the upcoming regulations in data protection. The aim is ... [more ▼]

This work in progress aims at identifying a mapping between the current security standards (in particular, but not limited to, ISO 27001-2013) and the upcoming regulations in data protection. The aim is to find an overlap between the requirements for data protection and the existing security standards, to measure the gap that a business has to cross (and consequently an estimate of the expenses that it must sustain) to achieve compliance with the GDPR. [less ▲]

Detailed reference viewed: 1003 (39 UL)
Full Text
Peer Reviewed
See detailA Model-Based Framework for Probabilistic Simulation of Legal Policies
Soltana, Ghanem UL; Sannier, Nicolas UL; Sabetzadeh, Mehrdad UL et al

in 18th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS'15) (2015)

Legal policy simulation is an important decision-support tool in domains such as taxation. The primary goal of legal policy simulation is predicting how changes in the law affect measures of interest, e.g ... [more ▼]

Legal policy simulation is an important decision-support tool in domains such as taxation. The primary goal of legal policy simulation is predicting how changes in the law affect measures of interest, e.g., revenue. Currently, legal policies are simulated via a combination of spreadsheets and software code. This poses a validation challenge both due to complexity reasons and due to legal experts lacking the expertise to understand software code. A further challenge is that representative data for simulation may be unavailable, thus necessitating a data generator. We develop a framework for legal policy simulation that is aimed at addressing these challenges. The framework uses models for specifying both legal policies and the probabilistic characteristics of the underlying population. We devise an automated algorithm for simulation data generation. We evaluate our framework through a case study on Luxembourg's Tax Law. [less ▲]

Detailed reference viewed: 146 (39 UL)
Full Text
Peer Reviewed
See detailImproving Requirements Glossary Construction via Clustering: Approach and Industrial Case Studies
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in 8th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM 2014) (2014, September)

Context. A glossary is an important part of any software requirements document. By making explicit the technical terms in a domain and providing definitions for them, a glossary serves as a helpful tool ... [more ▼]

Context. A glossary is an important part of any software requirements document. By making explicit the technical terms in a domain and providing definitions for them, a glossary serves as a helpful tool for mitigating ambiguities. Objective. A necessary step for building a glossary is to decide upon the glossary terms and to identify their related terms. Doing so manually is a laborious task. Our objective is to provide automated support for identifying candidate glossary terms and their related terms. Our work differs from existing work on term extraction mainly in that, instead of providing a flat list of candidate terms, our approach \emph{clusters} the terms by relevance. Method. We use case study research as the basis for our empirical investigation. Results. We present an automated approach for identifying and clustering candidate glossary terms. We evaluate the approach through two industrial case studies; one study concerns a satellite software component, and the other -- an evidence management tool for safety certification. Conclusion. Our results indicate that over requirements documents: (1) our approach is more accurate than other existing methods for identifying candidate glossary terms; this makes it less likely that our approach will miss important glossary terms. (2) Clustering provides an effective basis for grouping related terms; this makes clustering a useful support tool for selection of glossary terms and associating these terms with their related terms. [less ▲]

Detailed reference viewed: 198 (26 UL)