Comparing representations with relational and EER models
Communications of the ACM
Graphs and tables: a four-factor experiment
Communications of the ACM
Diagrams and design tools in context
ACM SIGDOC Asterisk Journal of Computer Documentation
Safeware: system safety and computers
Safeware: system safety and computers
Experimentation in software engineering: an introduction
Experimentation in software engineering: an introduction
Software engineering for safety: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Writing Effective Use Cases
Replicating the CREWS Use Case Authoring Guidelines Experiment
Empirical Software Engineering
Quality and Understandability of Use Case Models
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Guiding Use Case Authoring: Results of an Empirical Study
RE '99 Proceedings of the 4th IEEE International Symposium on Requirements Engineering
Initial Industrial Experience of Misuse Cases in Trade-Off Analysis
RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
Using Abuse Case Models for Security Requirements Analysis
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
IEEE Transactions on Software Engineering
A Controlled Experiment for Evaluating a Metric-Based Reading Technique for Requirements Inspection
METRICS '04 Proceedings of the Software Metrics, 10th International Symposium
Eliciting security requirements with misuse cases
Requirements Engineering
Investigating the Role of Use Cases in the Construction of Class Diagrams
Empirical Software Engineering
Semiology of graphics
Misuse Cases: Use Cases with Hostile Intent
IEEE Software
A comparison of two approaches to safety analysis based on use cases
ER'07 Proceedings of the 26th international conference on Conceptual modeling
Comparing safety analysis based on sequence diagrams and textual use cases
CAiSE'10 Proceedings of the 22nd international conference on Advanced information systems engineering
Using SMCD to reduce inconsistencies in misuse case models: A subject-based empirical evaluation
Journal of Systems and Software
Comparing attack trees and misuse cases in an industrial setting
Information and Software Technology
Hi-index | 0.00 |
In general, diagrams and text are both considered to have their advantages and disadvantages for the representation of use case models, but this is rarely investigated experimentally. This paper describes a controlled experiment where we compare safety hazard identification by means of misuse cases based on use case diagrams and textual use cases. The experiment participants found use case diagrams and textual use cases equally easy to use. In most cases those who used textual use cases were able to identify more failure modes or threats. The main reason for this seems to be that use cases encourage analysts to specifically focus on threats related to the functions mentioned in the use case, and textual use cases include more functional details than diagrams. The focus is decided by information in each use case which will thus decide the number of threats identified.