Model-based Framework for Integrated Evolution of Business
and IT Changes
Integrated Evolution of Business and IT Changes
Anna Medve
1,2
1
Department of Electrical Engineering and Information Systems, University of Pannonia,
Egyetem u. 10., Veszpr
´
em, Hungary
2
PhD School of Computer Science, E
¨
otv
¨
os Lor
´
and University, Budapest, Hungary
Keywords:
MDE, Reengineering, Business Goals Evolution, Functional Model Improvement, Quality Requirements
Integration, ISO/IEC 27001/27002, URN Framework.
Abstract:
This paper introduces a goal-oriented framework which consists of generic and specific model repositories,
and of methodology for integrated change management of business and IT evolutions. Is based on model com-
positions and traceability assessments of goal-oriented and scenario models. It contains a versioning-based
cooperative work environment for business analysts to generate strategy decisions and simulations, themselves.
The techniques and tools used are from the User Requirements Notation standard for requirements engineer-
ing and its supporting tools. Sets of models for visual documentation of BABOK 2.0 standard for business
analysis, and of ISO/IEC 27001 and 27002 standards for information security, form the model repository to
support developers and decision makers. These rise the generic aspect of the framework. An instantiation of
framework for B2B change management with empirical validation within an SME, has been done. In a long
way, this framework will be a base on a more complex system configuration control framework.
1 INTRODUCTION
This paper introduces the BUSITEV framework for
model-based integration of BUSiness and IT EVolu-
tions. This work is an evolution of our previous pro-
posals for re-engineering of business systems.
The business information system’s evolutions
need to be integrated in technological and business
plans with accentuate impact analysis and security
policy (ENISA, 2011).
The goal of BUSITEV framework is to support
developers and decision makers in evolutionary mod-
elling of changes. The BUSITEV framework acts as
multi-model approach, which combines components
of models, technologies, and standards to create a cus-
tomized solution to a business problem or goal.
The rest of the paper is organized as follows: Sec-
tion 2 and Section 3 introduces the backgrounds and
the BUSITEV framework of multi-model approach
for integrated view of business goals, problems, and
generic solutions. Section 4 presents examples from
an instantiation of the framework for B2B evolutions.
Related work are discussed in Section 5 followed by
Conclusions.
2 BACKGROUND
User Requirements Notations is a first standardization
effort for user requirements engineering language that
combines in one unified language goal models and
scenarios from Goal-oriented Requirement Language
(GRL) and Use Case Maps (UCM). URN is viewed
as complementary to notations of UML2. 0 OMG
methodologies (ITU-T Z.151., 2008), (ITU-T Z. 150.,
2003), (GRL -OME, 2011), (GRL- KPI - jUCMNav,
2011) (UCM -jUCMNav, 2011). The URN support-
ing tool is the Eclipse-based jUCMNav tool, which
contains simulation engine for implementing trace-
ability relationships between functional and quality
requirements. (jUCMNav 4.5, 2011) .
The unique combination of goals and scenarios
found in URN enables not only to describe and ana-
lyze what, when, who, how and where aspects of busi-
ness processes, but also why aspects as relations to
business objectives. The URN allows reasoning about
alternatives from intentional ambiguity and abstrac-
tion levels for scenario interactions, performance, and
architecture (Pourshahid et al., 2009) .
GRL Goal Model. An example of a GRL goal model
255
Medve A..
Model-based Framework for Integrated Evolution of Business and IT Changes - Integrated Evolution of Business and IT Changes.
DOI: 10.5220/0004085402550260
In Proceedings of the 7th International Conference on Software Paradigm Trends (ICSOFT-2012), pages 255-260
ISBN: 978-989-8565-19-8
Copyright
c
2012 SCITEPRESS (Science and Technology Publications, Lda.)
and its abstraction capability is shown in Figure 2.
The elements of the goal tree can be connected to
each other via contribution, correlation and decompo-
sition types of relationships. URN standard supports
three sample GRL evaluation mechanisms: quantita-
tive, qualitative, as well as a mixed analysis. For more
semantics see at (GRL- KPI - jUCMNav, 2011).
URN has concepts for the specification of stake-
holders, goals, non-functional requirements, ratio-
nales, behavior, structure, and scenarios in use case
maps. Use case maps form the functional model
which scenarios can be exported in UML interaction
diagrams. UCM Functional Model. An Use Case
Maps (UCM) model is shown at Figure 4 that shows
UCM model components, the processing paths with
responsibilities as events in a scenario with start point
and end points. The colors of the structural elements
can be selected and fixed for the internal standard of
an organization, as visual information of a business
context.
UCM allows to visualize structural and opera-
tional aspects in one functional model. Colored com-
ponents are actors and organizational elements, lines
are path of the flow which contains the actions of re-
sponsibilities within a process in consecutive relative
times units. UCM has notations for expression of time
and of organizational hierarchy.
Start point and end points and path ramifications
shows a workflow style of UCM notations, as well as
And/Or, Fork, Join points are to compose-decompose
path of process variations. For more semantics see at
(UCM -jUCMNav, 2011).
jUCMNav Tool. The jUCMNav (jUCMNav 4.5,
2011) is an open-source Eclipse plug-in that can han-
dle URNs concepts for integrating functionals with
quality requirements. jUCMNav provides integrated
supports for model transformations. It can generate
reports and can export diagrams in various formats.
For more details of URN, GRL, UCM, jUCMNav
see (jUCMNav 4.5, 2011) and the (300+) publica-
tions and reports available at the URN Virtual Library
(URN VLIB, 2011).
3 THE BUSITEV FRAMEWORK
We built a generic goal-based framework with User
Requirements Notation (URN) standards (ITU-T
Z.151., 2008), (ITU-T Z. 150., 2003) and on URN
supporting jUCMNav tool (jUCMNav 4.5, 2011).
Technically, URN is which offers the integration pos-
sibility. Methodologically, the framework realization
consists on instantiation of a set of customizable prob-
lems and solutions in the form of generic and specific
models of domains managed within jUCMNav tool
and a revision control system for model releases.
3.1 The Generic Model of the
Framework
Our research context fixes the solution space as
generic models from an initial development for a
problem space. We obtain generic models by apply-
ing goal-orientation and classifying requirements on
functional, nonfunctional, and extra-functional with
traceability links between them. Generic goal mod-
els serve to identify the strategies for a problem space
from selecting a set of possible solutions. The iden-
tified strategies and the built goal graph help to ar-
chitect functional requirements into business process
model (Pourshahid, 2011). Thereby, we captured
the behavioural and structural details of a strategy
between problem space and solution space. Goal-
orientation helps to capture goal graphs thus identify
common problems and potential solution choices, as
well as the forces that have to be considered. Docu-
menting common solutions to the identified problem
should be made with adequate tools forming reusable
assets.
Figure 1: Generic model of BUSITEV framework.
See Figure 1 to follow how the framework cre-
ation and usage is made. The generic models form an
input (1) to an iteration for goal-based engineering of
intentions. The generic models give also the elements
of a business process/scenarios intended to be built
or actualized (5.a), (5.b). Given the generic models,
goals and assessments are identified from intentions
and analysis of problem space (3.a). These results in
captured strategies, which forms realizations as busi-
ness processes or scenarios (3.b). Linking goals to
realizations i. e. forming URN links from goal mod-
els to process models (4.), decision makers give nodes
between problem space and solution space.
A repeated analysis is done during change man-
agement. URN links give traceability links for multi-
ICSOFT2012-7thInternationalConferenceonSoftwareParadigmTrends
256
model approach and for validation and simulation au-
tomation. Business goals and processes redefined can
be added (3.b), (5.a), (5.b) as specific models into
models repository of the framework.
The framework supports model-transformations
by jUCMNav tool capabilities. These help to formal-
ize business mechanisms as goals and scenarios, and
to simulate and validate them with variations by in-
volving business decision makers. This give an ad-
vanced conceptional design process with inclusion of
business decision makers.
This framework conception supports business an-
alysts in multi-model usage process and decision
making. Business analysts can use the framework
themselves: selecting generic/specific models, as-
sessing and defining strategies, and refinements for
changed models, or defining of specific models.
3.2 Supporting Business Analysis
BUSITEV framework contains generic models of rec-
ommendations of Business Analysis (BA) standard to
guide business analysis. (BABOK, 2011).
A Guide to the Business Analysis Body of Knowl-
edge (BABOK Guide) (BABOK, 2011) is a recog-
nized standard for the practice of business analysis.
The BABOK Guide defines a Requirements Classifi-
cation Scheme stated as classes of Business Require-
ments, Stakeholder Requirements, Solution Require-
ments and Transition Requirements, which support
the dynamics of system’s evolution.
This visual documentation of business analysis
standard supports aligning business analysis with re-
quirements engineering.
3.3 Supports for Security Management
BUSITEV framework contains a collection of generic
requirements of information security in reusable tem-
plates. These consist of goals and security require-
ments per section and subsections of the ISO/IEC
27001 and 27002 standards. They provide generic se-
curity goal models and a business view of the struc-
tural aspects of security assets, regarding its adoption
this should be a strategic decision for the change man-
agement.
Figure 2 shows a part of the generic goal model of
security assets clauses and references from Business
Continuity section of ISO/IEC 27002 standard. See
for GRL details in the Section Background.
Generic security goal models form a basis for
strategy creation and for creating the set of specific se-
curity models. The framework instantiation, which is
introduced in Section 4, has specialized templates for
e-trading assessments and for typology assessments
of security levels as human, software, hardware and
objects resources.
3.4 Repository-based Support for
Collaborative Work
BUSITEV framework has implemented the SVN
(SVN, 2011) subversion manager to manage the con-
current access rights and team communications for
developers scattered by geography to function as a
single team. In a teamwork context to avoid confu-
sion, the word version is almost never used. Versions
in the first sense we call revisions , and in the second
sense releases.
This opportunity allows business analysts and
stakeholders separated in space and/or time to collab-
orate, synchronize and negotiate conflicting changes.
Revision Control Systems (RCS) manages multiple
revisions of files (RCS-CVS, 2011). RCS auto-
mates the storing, retrieval, logging, identification,
and merging of revisions.
4 FRAMEWORK INSTANTIATED
FOR B2B EVOLUTIONS
Instantiation of BUSITEV framework for a domain it
consists to follow the methodology for evolutionary
modelling (see at 3.1 ) to create the generic goal and
functional models for the domain, i.e. trading sys-
tems, followed by specific models obtained by creat-
ing business strategies and by refining generic mod-
els. We named BUSITEV-SMIWEP framework the
instantiated BUSITEV framework for B2B type of
evolutions.
4.1 Examples for Strategy Creation and
Integration into Functional Model
Figure 2 shows a part of a GRL model. In this model
are used notations for intentional elements and rela-
tionships. Here, the intentional elements are goals,
softgoals and their realizations by tasks and resources,
which realize security assessments. Relationships
used are contributions, decompositions, and/or logi-
cal operators. The content of this graph is captured
from the ISO/IEC 27002 standard recommendations.
4.1.1 Strategy Creation from Generic/Specific
Models
Figure 3 in Appendix shows the results of a simula-
tion in the case of reusing the same assessed template
Model-basedFrameworkforIntegratedEvolutionofBusinessandITChanges-IntegratedEvolutionofBusinessandIT
Changes
257
Figure 2: Generic model of security recommendations for
Business Continuity information security of the ISO/IEC
27002.
(from library of specific models updated by created
strategies) for creating the strategy for medium level
of security goal fixed at 100. With the initial choices
this alternative results in 26 units for Business Con-
tinuity security in rapport with the desired 80 unit of
medium level of security, because as you can observe
initial values for majority of resources are fixed at 0
to achieve low level of costs. It is the responsibility of
system and business analysts to chose, simulate and
validate solution assessments.
4.1.2 Integration of Strategies into Functional
Model
A part of the resulted functional model after the inte-
gration of strategies into business processes is shown
in Figure 4. It shows new components, use case
paths and responsibilities marked with yellow trian-
gle which are added with URN-links for integrat-
ing requirements realizations from goal-strategy mod-
els. Yellow triangles serve as traceability points be-
tween elements of a strategy model and its realiza-
tions. They highlights how many components and
process elements can appear in functional model for
satisfying security requirements. The strategy goal
model used for refining the functional model in this
example is from previous strategy models captured by
simulation.
5 RELATED WORK AND
DISCUSSION
Pourshahid et al. (Pourshahid, 2011) research re-
sults in metamodelling with URN profile and struc-
turing pattern-based framework it support goal-based
elicitation and validation of functional models. Our
framework complements their work with integrating
changes management strategies into functional mod-
els based on generic model repository with possibil-
ity of involving decision makers. These strategies,
resulting from quality and extra-functional require-
ments simulations, drive change realizations for busi-
ness processes and IT features included in business
units. Other work as (Medve and Kovesi, 2009) inte-
grate goal analysis for information security and cus-
tomers loyalty correlations during e-business design.
Authors of (Stark-Werner, 2011) it established
model-based fault detection for strategy creation and
integration into functional model starting from pro-
cess mining. Our framework provides a methodology
to provide recommendations and relations from stan-
dards in visual form enabling reasoning about assess-
ments.
Based on (jUCMNav 4.5, 2011) our framework
enables variability from intentional ambiguity and
abstraction levels involving stakeholders in decision
making. We constructed the jUCMnav-based valida-
tion steps to derive specific templates from generic
models. For these steps we inspired from the re-
finement method of van Lamsweerde’s (Lamsweerde,
2004), and Akoka’s et al. (Akoka et al., 2008) mecha-
nisms for guidance by quality supported risk analysis
and cost evaluation models. Well-suited technics are
elaborated at (Amyot and Mussbacher, 2009) for goal
and scenario modeling, analysis, and transformation
with jUCMNav.
Our framework contributes with generic models as
bases for instantiation of a framework for supporting
teamwork releases of business analysis, and integra-
tion of strategy realizations into functional models.
6 CONCLUSIONS
This paper introduces the BUSITEV framework for
integrated engineering of business and IT evolutions.
The framework has based on User Requirements No-
tation standard (URN) and URN-supporting tools
urn1-itu. URN gives methods for traceability and
variability management. The framework contains
generic models as reusable visual documents of in-
formation security standards and of business analysis
standard. It has already been validated empirically for
e-commerce security conforming to the corporate so-
cial responsibility at Sonepar Ltd. SME.
Strong points are from linking business goals and
requirements to functional models; it reuses informa-
tion security standards for reasoning about security
levels, assets, costs and risks; the framework sup-
ICSOFT2012-7thInternationalConferenceonSoftwareParadigmTrends
258
ports releases between internal stakeholders for coop-
erating and further reasoning; portability by Eclipse
and some transformation engines of jUCMNav tool.
The weak points are the manual assessment of risk
and cost estimation in the case of a greater goal-tree.
For improving the framework we intend to introduce
some generic methods in form of template collections
to support communications between stakeholders and
services on demand in the case of outsourcing secu-
rity management.
We plan future work for applying metamodelling
methods from (Amyot and Behnam, 2011) in order to
establish families of framework’ instantiations.
ACKNOWLEDGEMENTS
The author is grateful to Atilla Steszli CIO, for indus-
trial experimentation at Sonepar Ltd. SME .
This research work was supported by T
´
AMOP-
4.2.1/B-09/1/KMR-2010-0003.
REFERENCES
Akoka, J., Comyn-Wattiau, I., and Cherfi, S. S.-S. (2008).
Quality of Conceptual Schemas An Experimental
Comparison. In RCIS’08 IEEE Int. Conf. on Research
Challenges in Information Science, pages 197–208,
IEEE Press, New York.
Amyot, D. and Behnam, S. A. (2011). Evolution of Goal-
Driven Pattern Families for Business Process Model-
ing. In Springer, editor, Proceed. E-Technologies:
Transformations in a Connected World (5th MCeTech
Conf.), January 2011, p. 46-61, pages 46–61, Les Di-
ablerets, Switzerland, January 25-28 2011.
Amyot, D. and Mussbacher, G. (2009). Goal and Sce-
nario Modeling, Analysis, and Transformation with
jUCMNav technologies. In In: ACM 31st Inter-
national Conference on Software Engineering (ICSE-
Companion 2009), pages 3–15, Vancuver, Canada,
16-24 May 2009.
BABOK (2011). BABOK Guide 2.0, A Guide to the Busi-
ness Analysis Body of Knowledge . International In-
stitute of Business Analysis.
ENISA (2011). European Network and Information Secu-
rity Agency - Risk Management - Emerging and Fu-
ture Risks. ENISA.
GRL- KPI - jUCMNav (2011). GRL KPI Analysis. Univ.
Ottawa CSERG.
GRL -OME (2011). GRL - Goal-oriented Requirements
Language. Univ. Toronto OME.
ITU-T Z. 150. (Feb 2003). Z. 150. User Requirements No-
tation (URN) - Language Requirements and Frame-
work, ITU-T Standard. ITU-T.
ITU-T Z.151. (Nov 2008). Z. 151. User Requirements No-
tation - Language definition, ITU-T Standard. ITU-T.
jUCMNav 4.5 (2011). jUCMNav tools. Univ. Ottawa
CSERG.
Lamsweerde, A. V. (2004). Goal-Oriented Requirements
Enginering: A Roundtrip from Research to Practice.
In 12th IEEE International Requirements Engineer-
ing Conference (RE’04), pages 4–7, IEEE Press, New
York, 6-10 Sept. 2004.
Medve, A. and Kovesi, K. (2009). Modelling and Anal-
ysis of Information Security Starting from ISO/IEC
27001 Standard and Customer Loyalty Relationships.
In In: IFIP TC8 CONFENIS’2009, pages 128–137,
Gyor, Hungary, 28-30 Oct. 2009. Novadat Kft.
Pourshahid, A. (2011). Toward an integrated User Require-
ments Notation framework and tool for Business Pro-
cess Management. In 3rd Int. MCeTech Conference on
eTechnologies, pages 3–15, Les Diablerets, Switzer-
land, 23–26 January 2011.
Pourshahid, A., Chen, P., and Amyot, D. e. a. (2009).
Business Process Management with the User Require-
ments Notation. Journal of Electronic Commerce Re-
search, 9(4):269–316.
RCS-CVS (2011). Revision Control System, Concurrent
Versioning System .
Stark-Werner, A. (2011). Model-Based Fault Detection
and Isolation using Process Mining. Engineering and
Technology, 7(73):851–856.
SVN (2011). VisualSVN Server Enterprise Edition.
UCM -jUCMNav (2011). UCM - Use Case Maps. Univ.
Ottawa CSERG.
URN VLIB (2011). User Requirements Notation Virtual
Library. Univ. Ottawa CSERG.
Model-basedFrameworkforIntegratedEvolutionofBusinessandITChanges-IntegratedEvolutionofBusinessandIT
Changes
259
APPENDIX
Figure 3: Specific model of security recommendations from ISO/IEC 27002 evaluated for medium level of Business Continuity
information security.
Figure 4: An illustration part of the resulted functional model after the integration of strategies. Yellow triangles are the
traceability points between strategy elements and its realizations into the functional model.
ICSOFT2012-7thInternationalConferenceonSoftwareParadigmTrends
260
