Future Internet (FI) applications are the result of composing services and data from different parties. The development of such kind of applications often involves multiple stakeholders, whose requirements might partially conflict with others’. This raises the need of new techniques to identify all stakeholders and their high-level requirements, as well as potential conflicts. Moreover, since these parties do not necessarily fully trust each other, it is also important to identify potential threats within FI applications. In this deliverable we present a framework including the modelling and analyses which support the requirements engineers: (1) in the elicitation of stakeholders and their requirements, (2) in the iden- tification of potential conflicts among their requirements, and (3) in the identification of potential risks associated with stakeholders’ assets.
The framework employs and extends the Si* modelling language and UML profile with trust and reputa- tion constructs. These modelling languages are used as basis to produce a catalogue of patterns that provides support to the security requirements engineers in identifying possible conflicts and threats. We also present a systematic methodology to apply these patterns to elicit and analyse security re- quirements for FI applications.
We further address the system sustainability by taking into account the evolutionary aspect of the development process. We use change scenarios to express the co-evolution of requirements and architectures. We model these scenarios by using the extended version of the Si* modelling language. By prioritizing change scenario instances, software architects can be able to select a suitable solution (i.e., an implementation choice) that will enable the co-evolution happens while limiting the impact on the system.