Advanced search
Publication Cover
International Journal of Computer Mathematics: Computer Systems Theory Volume 5, 2020 - Issue 4
Submit an article Journal homepage
76
Views
0
CrossRef citations to date
0
Altmetric
Review

A study of existing use case extensions and experience: a systematic review

Oluwasefunmi‘Tale Arogundadea Department of Computer Science, Federal University of Agriculture, Abeokuta, NigeriaCorrespondence[email protected]
ORCID Iconhttps://orcid.org/0000-0001-9338-491X
ORCID Icon,
Samuel Ibukun Olotub Department of Information Technology, Federal University of Technology, Akure, Nigeria
,
Olusola Abayomi-Allic Department of Software Engineering, Kaunas University of Technology, Kaunas, Lithuania
,
Sanjay Misrad Department of Computer Engineering, Atilim University, Ankara, Turkey;e Covenant University, Ogun, NigeriaORCID Iconhttps://orcid.org/0000-0002-3556-9331
ORCID Icon &
Abiodun Motunrayo Ikotunf Department of Computer Technology, Yaba College of Technology, Lagos, Nigeria
Pages 263-281 | Received 09 Apr 2020, Accepted 21 Aug 2020, Published online: 17 Sep 2020

References

  • I. Alexander, Initial industrial experience of misuse cases in trade-off analysis, in Requirements Engineering, 2002. Proceedings. IEEE Joint International Conference on Requirements Engineering (RE’02), 2002a, pp. 61–68.
  • I. Alexander, Modeling the interplay of conflicting goals with use and misuse cases, in Goal-Oriented Business-Process Modeling (GBMP), London, UK, CEUR Workshop Proceedings, 2002b, p. 109.
  • I. Alexander, Misuse cases help to elicit non-functional requirements. Comput. Control Eng. J. 14(1) (2003), pp. 40–45.
  • A.I. Antón, and J.B. Earp, Strategies for developing policies and requirements for secure electronic commerce systems. E-commerce Security Privacy 2 (2000), pp. 29–46.
  • O.T. Arogundade, A.T. Akinwale, Z. Jin, and X.G. Yang, Enhancing use cases for deployed information system security threats identification, in Proceedings of the 10th International Conference on Perspectives in Business Informatics Research (BIR), Laila N., Renate S., Benkt W., eds., Riga Technical University, Latvia, 2011a. pp. 147–154.
  • O.T. Arogundade, Z. Jin, and X.G. Yang, Enhancing use cases with subjective risk assessment, Secure Software Integration & Reliability Improvement Companion (SSIRI-C), 2011 5th International Conference IEEE, 2011b. pp. 144–151
  • O.T. Arogundade, A.T. Akinwale, Z. Jin, and X.G. Yang, A unified use-misuse case model for capturing and analyzing safety and security requirements. Int. J. Inf. Sec. Privacy 5(4) (2011c), pp. 8–30.
  • O.T. Arogundade, A. Akinwale, Z. Jin, and Y.G. Xiaoguang, Vulnerability analysis approach to capturing Information system safety threats and requirements, in International Journal of Software Engineering and its Applications (IJSEIA), Science & Engineering Research Support society (SERSC), Australia, 2011d, 5(4); 85–98.
  • A.T. Bahill, Diogenes, a process for identifying unintended consequences. Syst. Eng. 15(3) (2012), pp. 287–306.
  • J. Biolchini, P.G. Mian, A.C. Natali, and G.H. Travassos, Systematic review in software engineering. Syst. Eng. Comp. Sci. Depart. COPPE/UFRJ, Technical Report ES 679(05) (2005), p. 45.
  • G. Booch, I. Jacobson, and J. Rumbaugh, The Unified Modeling Language User Guide, Addison-Wesley, CA, USA, 1999, pp. 219–241.
  • P. Brereton, B. Kitchenham, D. Budgen, M. Turner, and M. Khalil, Lessons from applying the systematic literature review process within the software engineering domain. J. Syst. Softw. 80(4) (2007), pp. 571–583.
  • T.R. Browning, The many views of a process: Toward a process architecture framework for product development processes. Syst. Eng. 12(1) (2009), pp. 69–90.
  • A. Cockburn, Writing Effective Use Cases, 1st ed., Addison-Wesley Professional, 2000.
  • L.L. Constantine, Essential modeling: use cases for user interfaces. Interactions 2(2) (195), pp. 34–46.
  • M. Damodaran, Secure software development using use cases and misuse cases. Iss. Inf. Sys. 7(1) (2006), pp. 150–154.
  • J. Daniels, and T. Bahill, The hybrid process that combines traditional requirements and use cases. Syst. Eng. 7(4) (2004), pp. 303–319.
  • K. Dhammaraksa, and S. Intakosum, Measuring size of business process from use case description, Paper Presented at the 2nd IEEE International Conference on Computer Science and Information Technology ICCSIT, 2009. 600–604
  • A. Ebnenasir, B.H. Cheng, and S. Konrad, Use case-based modeling and analysis of failsafe fault-tolerance, Requirements Engineering, 14th IEEE International Conference IEEE, 2006, 343–344.
  • R.J. Ellison, R.C. Linger, T. Longstaff, and N.R. Mead, Survivable network system analysis: a case study. IEEE Softw. 16(4) (1999), pp. 70–77.
  • M. El-Attar, Towards developing consistent misuse case models. J. Syst. Softw. 85(2) (2011), pp. 323–339.
  • M. El-Attar, A framework for improving quality in misuse case models. Bus. Process Manag. J. 8(2) (2012), pp. 168–196.
  • E.O. Ferreira, B.L. Romano, E. Braga, G. Silva, H.O. Ferreira, H.F. de Campos, A.M. da Cunha, and L.A.V. Dias, A process for gathering prospective use cases from business modeling, 7th International Conference on Information Technology: New Generations (ITNG), 2010. 962–967
  • D.G. Firesmith, Security use cases. J. Obj. Technol. 2(3) (2003), pp. 53–64.
  • GICTF Use Cases and Functional Requirements for Inter-Cloud Computing. Global Inter-Cloud Technology Forum White Paper (2010).
  • H. Gomaa and E. M. Olimpiew, The role of use cases in requirements and analysis modeling, in Workshop on Use Cases in Model-Driven Software Engineering. Montego Bay, Jamaica.2005.
  • P. Haumer, Use case-based software development. Scenarios, stories, use cases: through the systems development life-cycle, 2004, pp. 237–264.
  • M. Hartong, R. Goel, and D. Wijesekera, Meta-models for misuse cases, Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies ACM, 2009, 33.
  • J.H. Hausmann, R. Heckel, and G. Taentzer, Detection of conflicting functional requirements in a use case-driven approach: a static analysis technique based on graph transformation, Proceedings of the 24th International Conference on Software Engineering ACM, 2002, pp. 105–115.
  • P. Hruby, Mapping business processes to software design artifacts, in Proceedings of the Object-Oriented Technology, ECOOP’98 Workshop Reader, Brussels, Belgium, 20–24 July 1998, Demeyer S., Bosch J., eds., Springer, Berlin, 1998. pp. 234–236. LNCS, Vol. 1543.
  • I. Jacobson, Object-Oriented Software Engineering: A Use Case Driven Approach, 1st ed., Addison-Wesley Publishers Ltd., CA, USA, 1992 June.
  • R. Jain, A. Chandrasekaran, and O. Erol, A systems integration framework for process analysis and improvement. Syst. Eng. 13 (2010), pp. 274–289.
  • I. Jacobson, Use cases and aspects-working seamlessly together. J. Object Technol. 2(4) (2003), pp. 7–28.
  • I. Jacobson and P. Ng, Aspect-Oriented Software Development with Use Cases, Addison Wesley Professional, CA, USA, 2004.
  • P. Karpati, G. Sindre, and R. Matulevicius, Comparing misuse case and mal-activity diagrams for modeling social engineering attacks. Int. J. Secure Softw. Eng. (IJSSE) 3(2) (2012), pp. 54–73.
  • B. Kitchenham, Procedures for Performing Systematic Review, Joint Technical Report, Software Engineering Group, Department of Computer Science Keele University, United Kingdom and Empirical Software Engineering, National ICT Australia Ltd., Australia, 2004.
  • B. Kitchenham, and C. Stuart, Guideline for Performing Systematic Literature Reviews in Software Engineering (Version 2.3.), University of Keele, Staffordshire, UK, 2007.
  • E. Knauss, and D. Lubke, Using the friction between business processes and use cases in SOA requirements, 32nd Annual IEEE International Conference on Computer Software and Applications, 2008. COMPSAC ‘08, 2008, 601–606.
  • J. Koehler, R. Hauser, S. Sendall, and M. Wahler, Declarative techniques for model-driven business process integration. IBM Syst. J. 44(1) (2005), pp. 47–65.
  • D. Kulak, and E. Guiney, Use Cases: Requirements in Context, ACM Press, New York, 2000.
  • J.H. Lambert, R.K. Jennings, and N.N. Joshi, Integration of risk identification with business process models. Syst. Eng. 9(3) (2006), pp. 187–198. doi:10.1002/sys.20054.
  • A. Lamsweerde, and E. Letier, Handling obstacles in goal-oriented requirements engineering. IEEE T. Software Eng. 26(10) (2000), pp. 978–1005.
  • D. Lübke, Transformation of use cases to EPC models, in EPK, Workshop of the Gesellschaft für Informatik e.V. (GI) and meeting of its working group “Business Process Management with Event-Driven Process Chains (WI-EPK)”, Vienna, November 30th–December 1st, 2006. Austria. Markus Nuttgens, Frank J. Rump and Jan Mendling, eds, 2006, pp. 137–156.
  • R. Malan, and D. Bredemeyer, Functional requirements and use cases. Bredemeyer Consulting (2001).
  • R. Matulevicius, N. Mayer, and P. Heymans, Alignment of misuse cases with security risk management, in Availability, reliability and security, 2008, ARES 08. Third International Conference IEEE, 2008, 1397–1404.
  • J. McDermott, and C. Fox, Using abuse case models for security requirements analysis, Computer Security Applications Conference, 1999. (ACSAC'99) Proceedings. 15th Annual IEEE, 1999, 55–64.
  • J. McDermott, Abuse-case-based assurance arguments. Computer security Applications Conference, 2001, ACSAC 2001. Proceedings 17th Annual IEEE, 2001, 366–374.
  • G. McGraw, Software security: Building security. Vol. 1, Addison-Wesley Professional, New Orleans, LA, 2006.
  • E. McSheffrey, Integrating Business Process Models with UML System Models. Popkin Software, New York, 2001.
  • P. Metz, J. O'Brien, and W. Weber, Specifying use case interaction: types of alternative courses. J. Object Technol. 2(2) (2003), pp. 111–131.
  • P. Metz, J. O'Brien, and W. Weber, Specifying use case interaction: clarifying extension points and rejoin points. J. Object Technol. 3(5) (2004), pp. 87–102.
  • J. Mylopoulos, L. Chung, and B. Nixon, Representing and using non-functional requirements: A process-oriented approach. IEEE Trans. Software Eng. 18(6) (1992), pp. 483–497. doi:10.1109/32.142871.
  • B. Nuseibeh, and S. Easterbrook, Requirements engineering: a roadmap, Proceedings of the Conference on the Future of Software Engineering ACM, 2000, 35–46.
  • T. Okubo, K. Taguch, H. Kaiya, and N. Yoshioka, Masg: advanced misuse case analysis model with assets and security goals. J. Inf. Process. 22(3) (2014), pp. 536–546.
  • OMG Enterprise Collaboration Architecture (ECA) Specification, Object Management Group (2004).
  • J.J. Pauli, and D. Xu, Misuse case-based design and analysis of secure software architecture. Int. Conf. Inform. Technol. Coding Computing, IEEE 2 (2005), pp. 398–403.
  • C.P. Pfleeger, and S.L. Pfleeger, Security in Computing, Prentice Hall, Upper Saddle River, NJ, 1997.
  • K. Phalp, A. Adlem, S. Jeary, J. Vincent, and J. Kanyaru, The role of comprehension in requirements and implications for use case descriptions. Softw. Qual. J. 1(2) (2011), pp. 461–486.
  • C. Piaszczyk, Model-based systems engineering with department of defense architectural framework. Syst. Eng. 14(3) (2011), pp. 305–326. doi:10.1002/sys.20180.
  • C. Potts, Scenario noir (panel statement, p 2), in Proceedings of the symposium on requirements engineering for information security (SREIS’01), Indianapolis (2001).
  • G. Regev, I.F. Alexander, and A. Wegmann, Modeling the regulative role of business processes with use and misuse cases. Bus. Process Manag. J. 11(6) (2005), pp. 695–708.
  • L. Røstad, An extended misuse case notation: Including vulnerabilities and the insider threat, in Proceedings of the 12th International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ), Luxembourg, Grand-Duchy of Luxembourg, 2006, 33–43.
  • J.E. Rumbaugh, Getting started: using use cases to capture requirements. J. Object-Oriented Program. 7(5) (1994), pp. 8–23.
  • M.Q. Saleem, J.B. Jaafar, and M.F. Hassan, Model-based security engineering of SOA systems using Modified “UML-SOA-Sec”. Adv. Inform. Sci. Service Sci. 4(9) (2012), pp. 79–88.
  • G. Sindre, and A.L. Opdahl, Eliciting security requirements by misuse cases, Proc. 37th Int’l Conf. Technology of Object-Oriented Languages and Systems (TOOLS-37’00), IEEE Press 2000, 120–131
  • G. Sindre, and A.L. Opdahl, Templates for misuse case description, in Proceedings of the 7th International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ’01), Camiue Ben Achour-Salinesi, Andreas L. Opdahl, Klaus Pohl and Matti Rossi, eds., Interlaken, Switzerland, 2001a, pp. 125–137.
  • G. Sindre, and A.L. Opdahl, Capturing security requirements through misuse cases, in NorskInformatikkonferanse (NIK), Weihai Yu, ed., Tromsø, Norway, 2001b, pp 1–12.
  • G. Sindre, A.L. Opdahl, and G.F. Brevik, Generalization/specialization as a structuring mechanism for misuse cases, in 2nd Symposium on Requirements Engineering for Information Security (SREIS’02), Computer Science Purdue University, Raleigh, NC, 2002, pp. 1–16.
  • G. Sindre, D. G. Firesmith, and A. L. Opdahl A reuse-based approach to determining security requirements, in 9th International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ’03), Klagenfurt/Velden, Austria, 2003.
  • G. Sindre, and A.L. Opdahl, Eliciting security requirements with misuse cases. J. Require. Eng. 10 (2005), pp. 34–44.
  • A. Sinha, and A. Paradkar, Use cases to process specifications in business process modeling notation, IEEE International Conference on Web Services (ICWS), 2010, 473–480.
  • I. Sommerville, Software Engineering, Addison-Wesley, USA, 6th edition 2001.
  • S. Supakkul, and L. Chung, Integrating FRs and NFRs: A use case and goal driven approach, Proceedings of the 2nd International Conference on Software Engineering Research, Management and Applications (SERA), Los Angeles, CA, 2004, 30–37.
  • S. Tiwari, and A. Gupta, A systematic literature review of use case specifications research. Inf. Softw. Technol. 67 (2015), pp. 128–158.
  • C. Tyler, What's Going on in My Organization? Strateg. Financ. 89(9) (2008), pp. 49–54.
  • S. Ullah, M. Iqbal, and A.M. Khan, A Survey on issues in Non-functional requirements elicitation, Proceedings of International Conference on Computer Networks and Information Technology, 2011, 333–340.
  • L.W. Wagenhals, S. Haider, and A.H. Levis, Synthesizing executable models of object-oriented architectures. Syst. Eng. 6(4) (2003), pp. 266–300. doi:10.1002/sys.10049.
  • A. Wegmann, and G. Genilloud, The role of “roles” in use case diagrams, International Conference on the Unified Modeling Language Springer, Berlin, Heidelberg, 2000. 210–224.
  • J. Whittle, and D. Wijesekera, Software engineering,. ICSE'08, ACM/IEEE 30th International Conference on Software IEEE, 2008, 121–130.
  • L. Xin, R. Zhang, N. Xinxin, and L. Jianyi, Analysis of the security for information hiding based on behavior. AISS Adv. Inform. Sci. Service Sci. 4(5) (2012), pp. 329–336.
  • M. Yusufu, and G. Yusufu, Comparison of software specification methods using a case study. Computer Science and Software Engineering, 2008 International Conference on Software IEEE 2 (2008), pp. 784–787.
  • M. Yusufu, and G. Yusufu, Comparative study of formal specifications through a case study, Proceedings of 2nd International Conference on Information Science and Technology, 2012, 318–321
  • M. Yusufu, W. Pan, and G. Yusufu, Addressing security threat analysis by misuse cases. Int. J. Digital Content Technol. Appl. 7(7) (2013), pp. 1040–1046.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.