misuse cases: use cases with hostile intent presented by: frank xu gannon university
TRANSCRIPT
![Page 1: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/1.jpg)
Misuse Cases: Use Cases with Hostile Intent
Presented by: Frank XuGannon University
![Page 2: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/2.jpg)
Objectives•Understand what misuse cases are•Understand applications of misuse cases
▫eliciting requirements▫eliciting exceptions▫developing test cases
![Page 3: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/3.jpg)
Use Cases •Individual use case describes
▫how a particular actor(agent) interacts with the system to achieve a result of value to the specific actor.
•The set of all use cases together describes ▫the complete behavior of the system. •A use-case model▫provide graphical overview of actors, use
cases, and their dependency.
![Page 4: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/4.jpg)
Drive the car
Park the car
Lock the car
![Page 5: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/5.jpg)
Misuse Cases
•The scenarios in which such 'negative' agents attempt to defeat the system under design
![Page 6: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/6.jpg)
Misuse Case
• Misuse cases are negative use cases• Actor is a hostile agent
![Page 7: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/7.jpg)
Applications of Misuse Cases•Eliciting functional requirements•Eliciting nonfunctional requirements•Eliciting exceptions•Developing test cases
![Page 8: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/8.jpg)
Eliciting Functional requirements
![Page 9: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/9.jpg)
Eliciting Functional requirements
![Page 10: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/10.jpg)
Eliciting Functional Requirements
![Page 11: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/11.jpg)
Eliciting Functional Requirements
![Page 12: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/12.jpg)
Eliciting Non-functional Requirements
“The car shall be constructed to the intrusion resistance defined in STD-123-456.”
![Page 13: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/13.jpg)
Eliciting Safety Requirements•Misuse Cases are not limited to eliciting
Security Requirements, or threats from human agents.
•A negative agent such as bad weather can be represented as a misuse case
Drivers may lose control of their cars if the road is covered in ice or wet leaves
The weather as an agent 'intending' to make the car skid.
![Page 14: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/14.jpg)
Eliciting Safety Requirements
![Page 15: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/15.jpg)
Eliciting “-ility” Requirements
Nonfunctional Requirements
Negative agents
Reliability Human error, storms, design errors, interference on telecommunication links
Maintainability and Portability Inflexible design, incompatible platform
Usability Poorly designed the user interface
![Page 16: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/16.jpg)
Eliciting Exceptions
•An exception is an undesired event that could cause a system to fail.▫“What could they do to make this go
wrong?”▫Divided by 0
•Handling such exception lead to resumption of normal operations, or lead to a safe shutdown.▫GE locomotive – satellite signal
transmitting vs. weather
![Page 17: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/17.jpg)
Eliciting Test Cases
![Page 18: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/18.jpg)
Eliciting Test Cases
•Products of use/misuse-case analysis that can contribute to effective test planning include▫ Specific failure modes (for real-time,
embedded, and safety related systems)▫ Security threats model (for distributed
commercial and government systems)▫Exception-handling scenarios (always
useful, often directly translating to test scripts)
![Page 19: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/19.jpg)
Key points
•Misuse Case models are a promising approach for ▫Eliciting functional requirements▫Eliciting various non-functional requirements,
such as for security, safety, etc ▫Identifying threats to system operation ▫Identifying ways of neutralizing those threats
![Page 20: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/20.jpg)
Reference
I. Alexander, "Misuse Cases: Use Cases with Hostile Intent," IEEE Software, vol. 20, no. 1, pp. 58-66, Jan/Feb, 2003.
![Page 21: Misuse Cases: Use Cases with Hostile Intent Presented by: Frank Xu Gannon University](https://reader035.vdocument.in/reader035/viewer/2022062518/5697bf821a28abf838c85e4f/html5/thumbnails/21.jpg)
Questions?