Information Technology Reference
In-Depth Information
OWL-
because it is state-of-the-art as far as DL
go, it is part of W3C standard, and is readily available with several possible implemen-
tations to choose from. Our use of description logics is as follows: we formalize the
modeling language concepts using OWL-
DL
Among DLs, we chose OWL-
DL
(creating the TBox), and we use this as a
basis for representing formally the context of the patterns. We perform matching at the
instance level (ABox), that is why we represent patterns as queries. However, the ex-
pressiveness of OWL-
DL
alone is weak to represent some constraints, such as the ones
related to individuals. We solved the problem by adopting the SWRL rule language [7].
This allows us to enrich the formal pattern description with inferred knowledge, thereby
ensuring better pattern matching for the problem-at-hand.
DL
3
Case Study
Several works have been proposed in the literature on S&D patterns (e.g., fault-tolerant
patterns [8], security patterns [9], SERENITY patterns [6]). In this work, we use
SERENITY patterns, developed within the EU SERENITY project, it is state-of-the-
art for its intended application domain and we had expertise on both the patterns and
their uses.
SERENITY Patterns.
[6] are represented using Alexander's pattern language as
triples:
The
Context
defines the state-
of-affairs the problem/situation where the pattern could be applied, which is depicted
in terms of the minimum set of actors and relationships, where the S&D Requirements
are not fulfilled.
S&D Requirements
specify the required S&D Properties that must be
satisfied in the model (representing the problem).
S&D Solution
describes the modifica-
tions that need to be performed to the context in order to meet S&D Requirements. The
description of SERENITY patterns is enriched with additional description about when,
how, and for what the patterns are intended for.
In [6], patterns are identified in scenarios extracted from business cases (e.g., Air
Traffic Management, e-Business, Online-Tax, Smart-home) and then described in nat-
ural language. Patterns, then, are represented formally;
Context
and
S&D Solution
are
represented in terms of SI* models, whereas the
S&D Requirements
in ASP (answer
set programming - an extension of DATALOG). The pattern library is composed of 29
SERENITY patterns (4 legal, 3 privacy, 11 security and 11 dependability patterns) [6].
Table 1 presents some of the SERENITY patterns described in natural language. For
an illustrative example, we use pattern DP2.1 on
Collaboration in Small Groups for
Risky Activities
. In addition, the SERENITY pattern library was used for evaluating the
performance of our implementation (Section 5).
Context
,
S&D Requirements
,
S&D Solution
Tropos SI*.
[10,11] is a modeling language for security requirements. The language
offers primitive concepts such as actor, goal, task, as well as various kinds of relation-
ships among actors. This modeling language is used for representing
Context
and
S&D
Solution
of SERENITY patterns.
Fig. 1 depicts one of the SERENITY scenarios (e.g., Air Traffic Management -
ATM). SI* considers
intentional Actor
as basic concept (e.g.,
Executive Controller,
