Publications
-
Rørnes, Kristin Marie; Runde, Ragnhild Kobro & Jensen, Siri Moe (2019). Students’ mental models of references in Python. NIKT: Norsk IKT-konferanse for forskning og utdanning.
ISSN 1892-0713.
-
Refsdal, Atle; Runde, Ragnhild Kobro & Stølen, Ketil (2016). Mandatory and Potential Choice: Comparing Event-B and STAIRS, In Luigia Petre & Emil Sekerinski (ed.),
From Action Systems to Distributed Systems: The Refinement Approach.
CRC Press.
ISBN 978-1-4987-0158-7.
Kapittel 2.
s 15
- 27
Full text in Research Archive.
Show summary
In order to decide whether a software system fulfills a specification, or whether a detailed specification preserves the properties of a more abstract specification, we need an understanding of what it means for one specification to fulfill another specification. This is particularly important when the specification contains one or more operators for expressing choice. Operators for choice have been studied for more than three decades within the field of formal methods in general, and within methods for action-refinement in particular. In this paper we focus on Event-B, a more recent method for action refinement. The STAIRS method belongs to another tradition. It originates from the UML community and is designed to provide an understanding of refinement and fulfillment for UML. STAIRS distinguishes between potential and mandatory choice, where only the latter is required to by preserved by refinement. This paper investigates the relationship between the operators for choice in Event-B and STAIRS.
-
Andresen, Kjetil; Møller-Pedersen, Birger & Runde, Ragnhild Kobro (2015). Combined Modelling and Programming Support for Composite States and Extensible State Machines, In Slimane Hammoudi; Luis Ferreira Pires; Philippe Desfray & Joaquim Filipe (ed.),
MODELSWARD 2015 - Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development, ESEO, Angers, Loire Valley, France, 9-11 February, 2015.
SciTePress.
ISBN 978-989-758-083-3.
kapittel.
s 231
- 238
-
Refsdal, Atle; Runde, Ragnhild Kobro & Stølen, Ketil (2015). Stepwise refinement of sequence diagrams with soft real-time constraints. Journal of computer and system sciences.
ISSN 0022-0000.
81(7), s 1221- 1251 . doi:
10.1016/j.jcss.2015.03.003
Full text in Research Archive.
Show summary
UML sequence diagrams and similar notations are much used to specify and analyze computer systems and their requirements. Probabilities are often essential, in particular for capturing soft real-time constraints. It is also important to be able to specify systems at different levels of abstraction. Refinement is a means to relate abstract specifications to more concrete specifications in such a way that constraints and analysis results are preserved through the transition. In order to allow soft real-time constraints to be included as an integral part of sequence diagram specifications, this paper presents an approach to extend UML 2.x sequence diagrams to capture probabilistic choice in general and soft real-time constraints in particular. The approach is supported by formal semantics and pragmatic refinement relations with mathematical properties that allow stepwise and modular development of specifications. An example focusing on communication is provided to demonstrate the language and refinement relations.
-
Erdogan, Gencer; Li, Yan; Runde, Ragnhild Kobro; Seehusen, Fredrik & Stølen, Ketil (2014). Approaches for the combined use of risk analysis and testing: A systematic literature review. International Journal on Software Tools for Technology Transfer (STTT).
ISSN 1433-2779.
16(5), s 627- 642 . doi:
10.1007/s10009-014-0330-5
Show summary
Risk analysis and testing are conducted for different purposes. Risk analysis and testing nevertheless involve processes that may be combined to the benefit of both. We may use testing to support risk analysis and risk analysis to support testing. This paper surveys literature on the combined use of risk analysis and testing. First, the existing approaches are identified through a systematic literature review. The identified approaches are then classified and discussed with respect to main goal, context of use and maturity level. The survey highlights the need for more structure and rigor in the definition and presentation of approaches. Evaluations are missing in most cases. The paper may serve as a basis for examining approaches for the combined use of risk analysis and testing, or as a resource for identifying the adequate approach to use.
-
Grønmo, Roy; Runde, Ragnhild Kobro & Møller-Pedersen, Birger (2013). Confluence of aspects for sequence diagrams. Software and Systems Modeling (SoSyM).
ISSN 1619-1366.
12(4), s 789- 824 . doi:
10.1007/s10270-011-0212-1
Show summary
The last decade has seen several aspect language proposals for UML 2 sequence diagrams. Aspects allow the modeler to define crosscutting concerns of sequence diagrams and to have these woven with the sequence diagrams of a so-called base model, in order to create a woven model. In a real-world scenario, there may be multiple aspects applicable to the same base model. This raises the need to analyse the set of aspects to identify possible aspect interactions (dependencies and conflicts) between applications of aspects. We call a set of aspects terminating if they may not be applied infinitely many times for any given base model. Furthermore, we call a set of terminating aspects confluent, if they, for any given base model, always yield the same final result regardless of the order in which they are applied. Since confluence must hold for any base model, this is a much stronger result than many of the current approaches that have addressed detection of aspect interactions limited to a specific base model. Our aspects are specified using standard sequence diagrams with some extensions. In this paper, we present a confluence theory specialized for our highly expressive aspect language. For the most expressive aspects, we prove that confluence is undecidable. For another class of aspects with considerable expressiveness, we prescribe an algorithm to check confluence. This algorithm is based on what we call an extended critical pair analysis. These results are useful both for modelers and researchers working with sequence diagram aspects and for researchers wanting to establish a confluence theory for other aspect-oriented modelling or model transformation approaches.
-
Li, Yan; Runde, Ragnhild Kobro & Stølen, Ketil (2013). Towards a pattern language for security risk analysis of web applications, In Christian Köppe (ed.),
PLoP 2013 Conference Proceedings, 20th Conference on pattern languages and programs.
Hillside.
ISBN 978-1-941652-00-8.
Kapittel.
Show summary
This article introduces a pattern language for security risk analysis of web applications in an example driven manner. The example patterns presented include a composite pattern and three basic patterns, namely a security requirements pattern, a web application design pattern and a risk analysis modelling pattern. The pattern language is intended to be used as a guideline to capture the security risk picture of a web application, especially in the early phase of the software development life cycle. The overall aim is to support light weighted security risk analysis for web applications.
-
Runde, Ragnhild Kobro; Refsdal, Atle & Stølen, Ketil (2013). Relating computer systems to sequence diagrams: the impact of underspecification and inherent nondeterminism. Formal Aspects of Computing.
ISSN 0934-5043.
25(2), s 159- 187 . doi:
10.1007/s00165-011-0192-5
Full text in Research Archive.
Show summary
Having a sequence diagram specification and a computer system, we need to answer the question: Is the system compliant with the sequence diagram specification in the desired way? We present a procedure for answering this question for sequence diagrams with underspecification and inherent nondeterminism. The procedure is independent of any concrete technology, and relies only on the execution traces that may be produced by the system. If all traces are known, the procedure results in either “compliant” or “not compliant”. If only a subset of the traces is known, the conclusion may also be “likely compliant” or “likely not compliant”.
-
Rossebø, Judith Ellen Yarranton & Runde, Ragnhild Kobro (2011). How to Model Dynamic Service Composition Using UML 2.x and Composition Policies, In Syed A. Ahson & Mohammad Ilyas (ed.),
Service Delivery Platforms: Developing and Deploying Converged Multimedia Services.
CRC Press.
ISBN 978-1-4398-0089-8.
Chapter 5.
s 87
- 122
-
Haugen, Øystein & Runde, Ragnhild Kobro (2009). Enhancing UML to Formalize the FIPA Agent Interaction Protocol. Lecture Notes in Business Information Processing.
ISSN 1865-1348.
25, s 154- 173
-
Rossebø, Judith Ellen Yarranton & Runde, Ragnhild Kobro (2009). Methodology for Model-Based Dynamic Composition of Services, In Trond Aalberg (ed.),
Norsk informatikkonferanse NIK 2009.
Tapir Akademisk Forlag.
ISBN 978-82-519-2491-7.
Artikkel.
s 1
- 12
-
Rossebø, Judith Ellen Yarranton & Runde, Ragnhild Kobro (2008). Specifying Service Composition Using UML 2.x and Composition Policies. Lecture Notes in Computer Science (LNCS).
ISSN 0302-9743.
5301, s 520- 536
-
Halvorsen, Oddleif; Runde, Ragnhild Kobro & Haugen, Øystein (2007). Time Exceptions in Sequence Diagrams. Lecture Notes in Computer Science (LNCS).
ISSN 0302-9743.
4364, s 131- 142
-
Halvorsen, Oddleif; Runde, Ragnhild Kobro & Haugen, Øystein (2006). Time Exceptions in Sequence Diagrams, In Sebastien Gerard; S Graf; Øystein Haugen; I Ober & Bran Selic (ed.),
MARTES 2006 at MoDELS 2006 - International workshop on Modeling and Analysis of Real-Time and Embedded Systems.
Department of Informatics.
ISBN 82-7368-299-4.
New Language Ideas.
s 81
- 100
-
Runde, Ragnhild Kobro; Haugen, Øystein & Stølen, Ketil (2006). The pragmatics of STAIRS. Lecture Notes in Computer Science (LNCS).
ISSN 0302-9743.
4111, s 88- 114
-
Refsdal, Atle; Runde, Ragnhild Kobro & Stølen, Ketil (2006). Underspecification, inherent nondeterminism and probability in sequence diagrams. Lecture Notes in Computer Science (LNCS).
ISSN 0302-9743.
4037, s 138- 155
-
Haugen, Øystein; Husa, Knut Eilif; Runde, Ragnhild Kobro & Stølen, Ketil (2005). STAIRS towards formal design with sequence diagrams. Software and Systems Modeling (SoSyM).
ISSN 1619-1366.
4(4), s 355- 367
-
Haugen, Øystein; Husa, Knut Eilif; Runde, Ragnhild Kobro & Stølen, Ketil (2005). Why timed sequence diagrams require three-event semantics. Lecture Notes in Computer Science (LNCS).
ISSN 0302-9743.
3466, s 1- 25
-
Runde, Ragnhild Kobro; Haugen, Øystein & Stølen, Ketil (2005). How to transform UML neg into a useful construct, In Eivind Coward (ed.),
Norsk informatikkonferanse NIK'2005.
Tapir Akademisk Forlag.
ISBN 82-519-2081-7.
Artikkel.
s 55
- 66
-
Runde, Ragnhild Kobro; Haugen, Øystein & Stølen, Ketil (2005). Refining UML interactions with underspecification and nondeterminism. Nordic Journal of Computing.
ISSN 1236-6064.
12(2), s 157- 188
View all works in Cristin
-
Bjørndalen, John Markus; Bongo, Lars Ailo; Haugland, Dag; Hjelmås, Erik; Løkketangen, Arne; Møller-Pedersen, Birger; Prinz, Andreas; Runde, Ragnhild Kobro; Sandnes, Frode Eika & Aalberg, Trond (2011). Norsk Informatikkonferanse NIK 2011.
Tapir Akademisk Forlag.
ISBN 978-82-519-2843-4.
262 s.
View all works in Cristin
-
Mørken, Knut Martin; Runde, Ragnhild Kobro & Skramstad, Tone (2017). Det nasjonale kvalifikasjonsrammeverket og utdanningsutvikling.
-
Møller-Pedersen, Birger & Runde, Ragnhild Kobro (2016). State Pattern supporting both composite States and extension/specialization of State Machines.
-
Erdogan, Gencer; Li, Yan; Runde, Ragnhild Kobro; Seehusen, Fredrik & Stølen, Ketil (2012). Conceptual Framework for the DIAMONDS Project. SINTEF Rapport. A22798. Full text in Research Archive.
Show summary
DIAMONDS is a research project addressing the combination of security testing and risk analysis. The main objective is to develop guidelines and a supporting framework to help businesses find a balanced approach within the three-dimensional space of invested effort, security testing, and risk analysis. This report documents the conceptual framework for DIAMONDS by clarifying the notions of security testing, risk analysis, and related notions, as well as defining the relations among them. Oppdragsgiver: The DIAMONDS project supported by the Research Council of Norway
-
Refsdal, Atle; Runde, Ragnhild Kobro & Stølen, Ketil (2011). Stepwise refinement of sequence diagrams with soft real-time requirements. SINTEF Rapport. A19749. Full text in Research Archive.
Show summary
UML sequence diagrams and similar notations are much used to specify computer systems, serving for example as specifications for programmers, or as a means for validating requirements. When specifying and analyzing computer systems, probabilities are often essential, in particular for capturing soft real-time requirements. It is also important to be able to specify systems at different levels of abstraction, depending on how far the development has progressed and the purpose of the specification. Refinement is a means to relate abstract specifications to more concrete specifications in such a way that requirements and analysis results are preserved through the transition from the abstract to the more concrete level. This paper presents an approach to extend UML 2.x sequence diagrams to capture probabilistic choice in general and soft real-time requirements in particular. The approach is supported by formal semantics and pragmatic refinement relations. The refinement relations have mathematical properties that allow specifications to be developed in a stepwise and modular manner. An example focusing on communication is provided to demonstrate the use and usefulness of the language and the refinement relations Oppdragsgiver: Research Council of Norway
-
Rossebø, Judith Ellen Yarranton & Runde, Ragnhild Kobro (2009). A Model-Based Approach to Dynamic Service Composition, Exemplified on Voice over IP. Telektronikk.
ISSN 0085-7130.
105(1), s 98- 106
-
Runde, Ragnhild Kobro & Aagedal, Jan Øyvind (2009). Guidelines for Developing Sequence Diagram Specifications, Exemplified for IPTV. Telektronikk.
ISSN 0085-7130.
105(1), s 59- 68
-
Stølen, Ketil & Runde, Ragnhild Kobro (2009). Guest Editorial: Model-Driven Security - Integrating Availability in System Development. Telektronikk.
ISSN 0085-7130.
105(1), s 1- 2
-
Refsdal, Atle; Runde, Ragnhild Kobro & Stølen, Ketil (2007). Relating computer systems to sequence diagrams with underspecification, inherent nondeterminism and probabilistic choice. Part 2: probabilistic choice. Research Report 347.
Show summary
Having a sequence diagram specification and a computer system, we need to answer the question: Is the system compliant with the sequence diagram specification in the desired way? We present a procedure for answering this question for three variations of sequence diagrams. The procedure does not require access to information about the internals of the system such as program code. The semantics of sequence diagrams is denotational and based on traces. In order to answer the initial question, the procedure starts by obtaining a basic representation of the system by e.g. testing. This representation is then transformed into the same semantic model as that used for the sequence diagram. Finally, a formal definition of compliance is applied to determine whether the system complies with the specification. Compliance is closely related to refinement, and the definitions of compliance are based on refinement definitions. Therefore refinement as well as compliance is addressed. Compliance is not identical to refinement due to the partial nature of sequence diagram specifications. The work is split in two parts. Part 1 [RRS07] introduces the necessary definitions for using the compliance checking procedure on sequence diagrams with underspecification and sequence diagrams with inherent nondeterminism. This paper presents Part 2, in which we introduce the necessary definitions for using the compliance checking procedure on sequence diagrams with probabilistic choice. Part 1 is a necessary prerequisite for Part 2.Having a sequence diagram specification and a computer system, we need to answer the question: Is the system compliant with the sequence diagram specification in the desired way? We present a procedure for answering this question for three variations of sequence diagrams. The procedure does not require access to information about the internals of the system such as program code. The semantics of sequence diagrams is denotational and based on traces. In order to answer the initial question, the procedure starts by obtaining a basic representation of the system by e.g. testing. This representation is then transformed into the same semantic model as that used for the sequence diagram. Finally, a formal definition of compliance is applied to determine whether the system complies with the specification. Compliance is closely related to refinement, and the definitions of compliance are based on refinement definitions. Therefore refinement as well as compliance is addressed. Compliance is not identical to refinement due to the partial nature of sequence diagram specifications. The work is split in two parts. Part 1 [RRS07] introduces the necessary definitions for using the compliance checking procedure on sequence diagrams with underspecification and sequence diagrams with inherent nondeterminism. This paper presents Part 2, in which we introduce the necessary definitions for using the compliance checking procedure on sequence diagrams with probabilistic choice. Part 1 is a necessary prerequisite for Part 2.
-
Runde, Ragnhild Kobro (2007). STAIRS - Understanding and Developing Specifications Expressed as UML Interaction Diagrams. Series of dissertations submitted to the Faculty of Mathematics and Natural Sciences, University of Oslo.. 604.
-
Runde, Ragnhild Kobro (2005). UML neg - nyttig eller ubrukelig?.
-
Runde, Ragnhild Kobro (2005). UpSTAIRS with Sequence Diagrams.
-
Haugen, Øystein; Husa, Knut Eilif; Runde, Ragnhild Kobro & Stølen, Ketil (2004). Why timed sequence diagrams require three-event semantics. Conference proceedings (Universitetet i Oslo. Institutt for informatikk). 309.
-
Runde, Ragnhild Kobro (2004). Refining UML interactions.
-
Runde, Ragnhild Kobro & Stølen, Ketil (2003). What is Model Driven Architecture?. Conference proceedings (Universitetet i Oslo. Institutt for informatikk). 304.
-
Johnsen, Einar Broch; Owe, Olaf & Runde, Ragnhild Kobro (2001). The Oslo School on Formalization of Distributed Systems.
-
Runde, Ragnhild Kobro (2000). Towards intuitive specifications with ready relations.
-
Runde, Ragnhild Kobro (2000). Utprøving og forbedring av en formalisme for parallelle prosesser.
-
Runde, Ragnhild Kobro & Owe, Olaf (2000). Forenklet, men presis beskrivelse av objekter.
View all works in Cristin
Published Nov. 4, 2010 2:15 PM
- Last modified Mar. 30, 2016 9:28 AM