The Triptych Project Clusters
Applications, Methodology, Technology
Domains, Requirements, Software
Industry, Schools, University

Dines Bjørner
Department of Information Technology
Software Systems Section, Bldg. 344
Technical University of Denmark
DK-2800 Lyngby, Denmark

Abstract:

We outline a set of carefully co-ordinated (concordant) research and advanced, exploratory and experimental (prototype demo) development projects. Some projects focus on the R&D of specific, informatics applications -- from the point of view of significant innovation, others on the R&D of underlying methods for the sound and economic, scalable development of trustworthy and on-time software for such applications, and yet others on the R&D of software technology for the support of such developments. The applications all represent major infrastructure components and include one or more of administrative systems, airport and air traffic monitoring and control systems, citizen's & visitors' information and routing, decision support systems, electronic trading systems, enterprise monitoring and control, financial service: banking, securities, insurance, clearing, etc., fisheries industry infrastructure support, health care monitoring and support, metropolitan transport systems, railway systems and self-service in the public administration. The methodology R&D includes techniques for the development of domain, requirements and software design descriptions: stake-holder perspectives, abstraction and concretisation facets, problem solution facets and software views. The technology R&D includes tools for the support of the creation, review & evaluation (including validation and verification) and ``demo'ing'' of large scale domain, requirements, software architecture and program organisation (i.e. structuring) description documents. In later versions of this document we give brief overviews of necessary staffing and funding, and of propagation of specific application demos to the teaching of informatics in primary and secondary schools, of technology transfer to industry and of programming methodologies to university education.

Prelude

General

The Triptych cluster of projects is not yet a formal, externally funded project. In external versions of the present document we omit reference to the current informal and future more formalised partners. Most of the ``projects'' already ``take place'': through individual research, student term and in M.Sc. and Ph.D. projects. The present document thus outline the way in which its author currently structures his own research, arranges student, including M.Sc. and Ph.D. thesis projects, and is soliciting external projects.

The document is issued in order to inform colleagues, students, external, currently existing and possible future partners as well as external funding agencies.

Didactics of ``Information Technology''

The Triptych cluster of projects emphasises the innovation factor present in all its application projects. Each of these attempt to experiment with and explore significant innovations: Novel product ideas. Young people looking for an academic study find well-defined studies in the form of law and medicine: Each lead to certified and regulated professions. The study of the subject of information technology is more opaque. Some prospective students are turned off and away by the oft, by the media, propagated image of nerds. Few are attracted to the study because of ``football-playing'' robots, and other such innovative factors simply because that is not the way in which we, the people responsible for their studies ``sell'' our field. The Triptych cluster of projects, and in particular its applications projects have, as a main objective that of drawing attention to the field, its cross-disciplinarity and its fascinations. Together the three main parts of the overall Triptych project: applications, methodology and technology, shall study their interrelationships.

One aim of pursuing the many applications projects is to bring to Danish industry and institutions the possibilities of radical innovations as well as state-of-the-art methods and technology.

Another aim is to bring to IT/DTU externally visible demonstrations of novel, ``real-life'' applications that might help us attract new and many more students.

Yet another aim is to bring to IT/DTU's methodology research the possibility of validating or invalidating, as the case may be, principles, techniques and tools of software development and product innovation.

Project Components -- an Overview

Informatics

We see informatics as the ``sum'' of mathematics, datalogy (computing science), information technology and applications.

This view is reflected in all Triptych sub-projects.

Infrastructures

The projects listed in the abstract all represent major infrastructure components.

The term infrastructure is a relatively modern term. It is more frequently used in socio-economic than in scientific, let alone computing science, contexts.

According to the World Bank, `infrastructure' is an umbrella term for many activities referred to as `social overhead capital' by some development economists, and encompasses activities that share technical and economic features (such as economies of scale and spill-overs from users to non-users).

We take a more technical view, and see infrastructures as concerned with supporting other systems or activities.

Software for infrastructures is likely to be distributed and concerned in particular with supporting communication of data, people and/or materials. Hence issues of openness, timeliness, security, lack of corruption and resilience are often important.

Typically IT-support for infrastructure components rely on multi-media and Internet. This is reflected in all Triptych applications projects.

Applications

The application project component is necessary for a number of reasons: (1) to interact with methodology R&D for purposes of validating researched and proposed software development techniques, (2) to help create demos that can be used in (i) increasing public institutional and private industry awareness of the greater possibilities of infrastructure software, (ii) primary and secondary school teaching of informatics, and (iii) also university teaching, and (3) to help project partners (public institutions and private enterprises) in their innovation of new technologies and products.

List of Projects

AiDA: ^,
Aabenhed i Dansk Administration (Self-service and openness in Danish public administration):
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for a self-service interface between citizens and public office officials, notably case officers.
The innovative element is the sum total of considering public administration as a net of documents, actor negotiations and the automation of much of this. The documents span from law texts via state and local government circulars and rules & regulations to office procedures. The negotiations follow certain protocols of interacting agents. And the automation builds on visualising and animating documents and negotiations.
Methodology issues: Modelling rules & regulations in terms of non-deterministic scripts, and modelling user/staff behaviour in terms of agent systems.
We refer to WEB document Aida .
AMaCS'2000: Airport and Air traffic Monitoring and Control Systems:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for ``what is an airport, what is air traffic'', their monitoring and semi-automatic control.
The innovative element is that of providing ``near-total'' integration of civil aviation codes: rules & regulations governing todays communication -- between air traffic controllers and pilots -- with the monitoring and control of spatial topologies and aircraft. An element of the `Air traffic Monitoring and Control' part is the possibility of replacing ground control centres and approach towers with pilot to pilot control.
The AMaCS'2000 project of course is not proposed to tackle the full impact of the above, but only to develop demo visualiser and animator technologies.
Methodology issues: Modelling support technology, real-time and safety critical issues in terms of for example Duration Calculi, and air traffic controller vs. pilot interaction in terms of agent systems.
We refer to WEB document Air Traffic .
CaVIaR:
Citizen's & Visitors' Information and Routing:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for information gathering and summarisation, route planning and facilities reservation (travel, hotel, restaurant, etc.) for citizens and visitors (incl. tourists) for well-defined areas such as for example the Øresund Region, Singapore, Hong Kong, or similar!
The innovative element can best be characterised by appealing to one of many ways of ``implementing'' CaVIaR -- namely as a hand-held, PC-connectable ``gadget'' with a keyboard and a small (some would say tiny) screen. Using that device citizens and visitors can plan their excursion around their own region and visit to such a region, like Hong Kong, Singapore, the Øresund Region, or other. Can view, via their Internet connected PC, what is on offer and can load into the CaVIaR gadget this information which can then be replayed and edited while actually performing the excursion: using GPS the user can turn the right street corners while walking, or down the right countryside lanes while driving, can enter the right shops waiting for that user to examine specific goods for sale, can find the restaurant where a booked table is waiting, etc.
Methodology issues: Script and agent systems.
DSSfSD: [13,54]
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for decision support systems for sustainable development.
The innovative element is that a comprehensive understanding of ``what is sustainable development and to what extent can decision support be offered'' can be achieved and made a crucial element of commercial such systems, for example for environmentally sound land usage and planning. Further the innovative element is reflected in the global, Internet-based integration of geographical information systems (GIS). As it is now each GIS provider seems to bind their clients strongly to own developed data (information). The DSSfSD project aims at opening up the interfaces between existing GIS systems (ESRI, Intergraph, etc.).
Methodology issues: Ontologies for under-specified and non-deterministic systems.
ElecTra:
Electronic Trading:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for consumers, suppliers, producers and traders in for example manufacturing.
The innovative element is in the logic of trading: extensions of current passive, syntactic catalogue systems with agent protocols based on logic constraint, fuzzy logic and other interpretations of what is being offered over the net, what is being requested, of negotiations between suppliers and consumers, etc.
Methodology issues: Agent systems.
EMaCS:
[14]
Enterprise Monitoring and Control Systems:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for management decision support in connection with strategic, tactical and operational resource management (upgrade/down-size, spatial allocation & scheduling, resp. task allocation & scheduling).
The innovative element is in the ``smooth'' integration over the entire spectrum from strategic via tactical to operational resource management of data mining facilities for the first (strategy), decision support systems for the second (tactics) and (albeit known) algorithms for the last (operations).
Methodology issues: Interface between computer science and operations research, and ontologies for insufficient knowledge and approximate reasoning systems.
BanCS: [16,26]
Banking Computing Systems:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for financial service industry in the form of a unified banking, insurance, securities trading, portfolio management and check + credit card slip clearing.
The innovative element lies first in as near comprehensive an understanding of each of the above-mentioned elements of the financial service industry, then in an as near comprehensive integration of this understanding, and finally in a novel implementation of the interface between agents of the financial service industry with its clients. This implementation is here seen as a ``smart card'' interface, where the ``smart card'' in many ways replaces many computing, data storage and communication functions hitherto handled by the oftentimes very large scale main-frame-based IT centres of this industry. One may say, in slogan form: From main frames to ``smart cards'' -- away with the old, in with the new!
Methodology issues: Script systems for rules & regulations, modelling of client/staff behaviours.
FISH: Fisheries Industries: Hardware Software:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for fisheries industry covering harbour management, fishing boat management, auction management, fish and seafood processing plant, fish transportation, fisheries inspection, food quality tracing, etc.
The innovative element is in demonstrating the possibilities of an information relay (as in Danish: stafet) system whose scope is an entire fisheries industry (i.e. the Danish) and whose span is that of the recording, analysis, filtering, forwarding and use of meteorological, fisheries inspection (incl. quota), food quality standards, catch (i.e. product), supply, auction, wholesale price, transport, retail price and demand information. The project will investigate practical (Internet, Windows NT, XML, Java and other software and hardware) technologies for implementing on-board systems.
Methodology issues: Modelling of flow systems: resource/material flow, [partial] product flow, information flow, control flow.
HeCMaS:
Health Care Monitoring and Support:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for health care system spanning the full spectrum from rural clinics, private physicians, home nurses, city (poly)clinics, hospitals, insurance companies, pharmacies, etc.
The innovative element lies in the total integration of the fully electronic Patient Medical Record (PMR) with all aspects of the health care system.
Methodology issues: Modelling of flow systems: resource flow, patient and staff flow, information [patient medical record (PMR)] flow, control flow.
MiTraS: [85]
Metropolitan Transport Systems:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for comprehensive and integrated transport system comprising railways, air traffic, river, sea and canal traffic, busses and taxis.
The innovative element can for example be exemplified by mentioning such IT-based offerings as: total monitoring and greatly assisted control of public transport (perhaps away from absolute time-table based schedules to guaranteed, but variable maximum distance between transport stop times), automatic, yet on-demand forwarding of taxis to end-of-bus-route stops, electronic means of information about the current state of a metropolitan transport system (delays, offerings, etc.), etc.
Methodology issues: Transport systems, operations research.
RaCoSy: [18,19]
Railway Computing Systems:
Domain model, set of alternative requirements, including that of a demo, and related software architectures and program organisations for comprehensive and integrated railway system comprising the rail (incl. signalling) authorities, rail passenger and freight operators -- and spanning from rail line & services development (design, planning, construction, maintenance), time-tabling, traffic scheduling & rescheduling, passenger ticketing, freight handling, train dispatch, monitoring & control, marshaling and shunting, rolling stock control, etc.
The innovative element lies in the near total, user-oriented transparent and smooth integration of strategic, tactical and operational management as well as greatly improved IT-support of operations.
Methodology issues: Transport systems, operations research, real-time, safety critical issues.
We refer to WEB document Railway Systems and .../racosy/scheduling.psTrain Scheduling.

``Too Ambitious ?''

The above list may, to the casual, uninformed reader seem rather ambitious -- as may indeed the scope and span across -- as well as the depth to -- which several of the individual projects appear to go.

But we have had some experience in doing this in the past [24]. And: the projects rely on abstraction and modelling, stepwise development and other development principles to help conquer complexity. So: with the right, open mind, it can be done -- as we have amply shown in the past.

Methodology

The methodology R&D includes techniques for the development of domain, requirements and software design descriptions: stake-holder perspectives, abstraction and concretisation facets, problem solution facets and software views.

The Triptych methodology is based on a judicious blending of informal, pragmatic, ``best practices'' software engineering techniques with those of formal, semantic ``front-of-the-wave'' computing science techniques.

It is the latter, based on more than 25 years of research, but significantly featuring rather fundamentally new contributions -- which are in need of much further research -- that offers ``dramatic'' new ways of looking at software and of making software development increasingly enjoyable, trustworthy and economic.

We refer to a number of published papers, reports and lecture notes listed in the Bibliography section. They introduce, discuss and explore the concepts outlined below.

We refer to WEB documents:

Five Years of R&D at UNU/IIST [24] Domains as a Prerequisite for Requirements and Software: Overview and discussion of Domain Perspectives and Facets; Requirements Aspects and Software Views [25]. Lecture notes: Domain engineering, requirements engineering, software architecture and program organisation. Software Architectures and Program Organisation: M.Sc. Thesis, Crilles Jansen [68]. [] Old references are: Lecture notes: Abstraction and Modelling, VDM, vol.1. Basic Principles. Lecture notes: Abstraction and Modelling, VDM, vol.2. Applications to Compilers, Database Management Systems, etc.

Domain Engineering

We need clarify principles of analysis and construction techniques for describing -- without any reference to computing -- the phenomena (individuals, etc.) of the application domain: terms used by professionals of the domain and terms characterising abstract concepts of that domain.
Todays software development is characterised by no domain engineering!

Stake-holder Perspectives:
Usually only a few stake-holder perspectives are embodied in requirements -- and none in the not existing domain descriptions. We intend to explore and experiment with domain as well as requirements stake-holder perspectives covering, individually, a broadest spectrum from application domain owners, managers, workers, clients (customers), ``the public at large'' (incl. politicians, environmentalists, etc.), IT providers, etc.
Abstraction & Concretisation Facets:
For each stake-holder perspective there can be a hierarchy of facets -- including various compositions of the intrinsics of the sub-domain, its supporting technologies, its users' rules & regulations, human user behaviours, etc.

Requirements Engineering

Requirements ``reside in the domain'' it is being said by some, but some requirements do not: They are molded across a template common to most domains -- these we call the non-functional requirements.

Functional Requirements Aspects:
Functional requirements are such which are formulated without any reference to computing, solely with reference to the domain.
- Projection:
  Functional requirements usually address only a part, i.e. a projection, of the domain.
- Instantiation:
  And functional requirements usually address specificities: concrete instantiations.
- Extension:
  Finally functional requirements usually augment the domain with functionalities (concepts and facilities) that were infeasible in the domain without computing.
Non-functional Requirements:
Relationships between formal techniques and the disposal of non-functional requirements is an area sadly neglected.
Among non-functional requirements issues to be so studied are:

Dependability -- defined as some ``sum'' of:

Availability: Available to all authorised users on a fair basis.
Accessibility: Accessible to all authorised users on speedy, non-exclusive, not strictly serialised basis.
Security: Available only to authorised users.
Safety: Fault-tolerant and defensive.

Performance
Maintainable:

Perfective: Can be tuned for optimal performance
Adaptive: Can be adapted to changing environment
Corrective: Can be readily ``debugged''

User Friendliness: CHI -- System reflects, in some ``isomorphic'' manner, the concepts, and only the concepts of the domain.

Systems, incl. Software Design

Co-design, the decomposition of requirements into hardware and software, and even into changes in the environment in which the computing system is placed, is at issue here.

Systems, incl. Software Architecture:
By architecture we understand the structure of external interfaces and what can be thus observed -- that is: the architecture basically implemenents functional requirements such as the end-users see them, those people for which the system was intended in the first place!
Program Organisation:
By program Organisation we understand the internal interfaces and what can be observed over these: processes, data structures, distribution, concurrency, etc. The program Organisation basically implemenents non-functional requirements such as seen by the facilities management people charged with the daily, optimal etc. operation of the computing system.
Platform Technology:
The relationship between formal techniques and the use of effective platforms such as those definable by OMG (CORBA), in Java, etc. is a sadly neglected one. The Triptych cluster of projects sees this as an important issue to be addressed.

For each of the above items as well as for many more not explicitly listed here we need thoroughly study many method issues (development principles, analysis and construction techniques, development support tools) as well as many methodology issues (cutting across methods) -- the latter notably focused around Michael Jackson's Problem Frame concept.

LoLiTA: Logic & Linguistics: Theory & Applications

An aim -- additional to those mentioned earlier -- of the Triptych applications projects is here considered a possible, beneficial side-effect: In formalising the domains of several applications we are, for each of these, formalising crucial terms of their professional sub-languages. In pursuing a larger number of projects of this kind we are now in a position to discover and study -- across many distinct such domains and languages -- commonalities: i.e. whether a theory can be established and further studied, a theory of linguistic terms of infrastructures: their logic and denotations. We consider this study a research project not to be further defined. It will be pursued as and when relevant insight is obtained.

Technology

The technology R&D includes tools for the support of the creation, review & evaluation (including validation and verification) and ``demo'ing'' of large scale domain, requirements, software architecture and program organisation (i.e. structuring) description documents.

On one hand we see software development, from domains via requirements to software designs, as the creation -- i.e. writing -- (including manipulation and disposition) of indeed very large scale documents. Included is the strong provision for both informal documents such as synopses, terminologies and narratives, and for formal documents. On the other hand there is the ``reading'' of such documents.

The first set of functionalities we relegate to document handling, the second to document visualisation & animation.

Many formal techniques are already supported by appropriate tools. More will soon follow. What is lacking are more pragmatic tools that integrate informal with formal techniques, that support the informalisable development principles, validation and management's quality control procedures.

Document Handling:
- Interfaces to Formal Tools:
  Formal models significantly help us achieve todays highest possible trust in our developments. Clients do, and need not read formal documents. Their ``advocates'' -- as do all software engineers -- do however need cross-reference informal and formal documents. Most formal technique tools lack means for informal text processing.
- Document Structuring:
  A major part of the software engineers' own contribution to development is that of constructing large descriptions. These span a development spectrum from domains via requirements to software designs. Within each of these there may be steps of development and there are many kinds of documents: synopses, terminologies, narrative, formalisation with annotations, etc. A document handling system includes facilities for the automated creation, use and maintenance of directories of such documents.
  - Synopses:
    Synopses are informal documents describing ``what it is all about'' -- with it being either the domain, the requirements, the architecture, etc. Synopses define the scope and span of the stage and step problem being tackled. Synopses need be carefully correlated with all other documents. Special tools are needed for this.
  - Terminologies:
    A terminology defines all the professional terms of the stage or step to which they belong: the application domain, the requirements, the architecture, etc. Special stake-holder perspective terms need be compartmentalised. Diverse tools are needed for this.
  - Narratives:
    A narrative ``tells the story'' of the stage or step to which they belong: the application phenomena, the functional or non-functional requirements, etc. Narratives are expansions of synopses and narratives uses the terms defined in the terminology. Finally narratives form the basis for the formal models. Special tools are needed for this.
  - Annotations & Formal/Informal Cross-referencing:
    Cross-referencing between texts, whether intra or inter informal or formal texts, is a sadly neglected area. For formal techniques to scale up and become accepted in industry viable tool interfaces must established between ordinary text document handling (as implied above) and formal specification handling.
- Validations and Verifications:
  Validation: securing that one get the right product -- by continuously involving all appropriate stake-holders in regular reviews -- verification: ensuring that one gets the product right -- by sketching or completing proofs of properties, including stage and stepwise correctness are crucial development issues. In either case extensive documents are built up and must be maintained.
- Version Control & Configuration:
  Version control & configuration tools usually apply only to lowest level program code texts. For formal techniques to scale up and become accepted we need develop ``similar'' version control & configuration tool support for abstract, formal and informal text levels: from domains via requirements to all steps of software designs.
- Review -- Browsing & Relating:
  Quality assurance and the full pursuit of Capability Maturity Model management requires simple and elegant means of correlating concordant documents.
- Annotation -- Explication & Explanation:
  Across the whole spectrum of descriptions -- from domains via requirements to all software design steps, and within each of these across synopses, terminologies, narratives, formal specifications, annotations, as well as verification and validation documents -- one needs annotations, explications and explanations.
- &c.:
Demo Visualisation & Animation:
By a demo we understand a tool that enables online correlation between all levels of development documents -- from domain via requirements to all steps of software design descriptions -- and their visualisation and animation.
- Document Visualisation:
  By visualisation we understand the designation of phenomena mentioned in document texts: pictures, diagrams, photos, drawings, etc. The visualiser shall provide forward and backward links between informal and formal text parts and their visualisations.
- Document Animation:
  By animation we mean temporal visualisations: where-ever a description document mentions time there will be a need for animations: functions from time to visualisations.
- Document Validation:
  A main purpose of visualisation and animation is to help in the development process: identifying and validating the proper application domain (terms: nouns, verbs, etc.), proper functional and non-functional (for the latter especially CHI) requirements, software architectures, etc.
- &c.:
A Software Development Environment:
The above technologies are to be implemented with clear and effective interface to many other, especially formal techniques technologies Atelier B, IFAD VDM-SL ToolBox, RAISE Toolset, PVS, HOL/Isabelle, etc.

Project Staffing

It is expected that there will eventually be the following full-time externally funded staff and students over-and-above current Software Systems section staff:

Applications: At least one professional staff per project 3-12
Additionally: M.Sc. and Ph.D. Thesis Students3-12
Additionally: Seconded Partner (part-time) Staff 3-12
Methodology professional staff 1-2
Additionally: M.Sc. and Ph.D. Thesis Students2-4
Technology professional staff 1-3
Additionally: M.Sc. and Ph.D. Thesis Students3-6

All of this staff works together in all three areas: Applications, Methodology and Technology.

IT/DTU Staff

SS/IT/DTU staff includes:

Prof. Dines Bjørner
Assoc.Prof. Bo Stig Hansen
Assoc.Preof. Anne Elisabeth Haxthausen
AEH's FREJA project can be seen as a major contributing part of the Triptych cluster of projects

In addition many students, including M.Sc. and Ph.D. students of the software systems section of IT/DTU participate in one form or another of the Triptych cluster of projects.

Applications Project Partner Staff

As individual applications projects become more formalised we expect to see the secondment of partner staff to the relevant project -- typically in the form of paretially funded enterprise Ph.D. students.

Externally Funded Staff

We intend to seek external funding for research assistants to cover all three areas of R&D: applications, methodology and technology. We will formulate applications for such funding as more and more of the applications projects become formalised.

Budget

Internal (DTU) Funding

Not printed in this version of the current document.

Specific Triptych Funding

Not printed in this version of the current document.

Other External Funding

Not printed in this version of the current document.

Propagation

The demos to be developed shall be so developed as to offer up to three interfaces.

Industry

Another mode of demo operation is aimed at potential infrastructure component stake-holders: to familiarise them with informatics possibilities and consequences, including for IT providers to prepare for new main and niche products.

Schools

One mode of demo operation shall illustrate -- for primary and secondary school children -- the structures of data (types), the operations, and the behavioural flow of resources, control and information of the man-made infrastructure components supportable by informatics.
The aims and objectives of offering and using this mode are: the study of sociological systems of stake-holders -- in particular the study of transports, health care, economics, etc., and the study of their mathematical explication -- thus leading to an increased appreciation of mathematics as well as informatics.

University

And a third mode of demo operation is aimed at students of informatics, in particular software engineering students: to help teach them the domain engineering methods, the requirements engineering methods and the software design methods.

Conclusion

Triptych Unity

We have sketched a cluster of sub-projects. The Triptych project -- as the place-holder for all these sub-projects -- is intended as a focal point, as a unifier and an amplifier. The individual projects, whether within Applications, Methodology or Technology, generate beneficial side-effects (``infrastructure spill-overs'') from one of the three main clusters to the others.

Triptych Innovation

The Applications sub-projects are all characterised by a very high degree of innovation: new products. The Methodology and Technology sub-projects likewise. The former for the benefit of Danish industry, the latter for the benefit of Danish research, science, education and training.

Bibliographical Notes

We refer to the many Web page references given pages to .

Methodology
- General: [20,21,50,61,64,70,3,78,79,17] etc.
- Logics: [39,38,40,41] etc.
- Specification Languages: [49,37,52,53,87,88,4] etc.
The Triptych Development Paradigm
- Domain Engineering
  [25,27,26,22,28]
- Requirements Engineering
  [11,12,30,32,33,35,36,46,51,55,56,57,60,62,71,72,74,75,76,77,80,81,84,89,91,92,93]
- Software Architecture and Program Organisation
  [9,7,44,1,45,8,2,42,43,58,86,69,68]
Applications
- Air Systems [10]
- Decision Support Systems [13,54]
- Enterprise Management [14,83]
- Financial Services Industry [15,16,73]
- Manufacturing Systems [47,48,5,6,65,66,67]
- Public Administration [34]
- Railway and Other Transport Systems [29,18,19,82,90]

References

1

G. Abowd, R. Allen, and D. Garlan.
Using style to understand descriptions of software architecture.
SIGSOFT Software Engineering Notes, 18(5):9-20, December 1993.
.

2

G.D. Abowd, R. Allen, and D. Garlan.
Formalizing style to understand descriptions of software architecture.
ACM Transactions on Software Engineering and Methodology, 4(4):319-364, Oct 1995.
.

3

J.-R. Abrial, M.K.O. Lee, D.S. D.S. Neilson, P.N. Scharbach, and I.H. Sorensen.
The B-method (software development).
In S. Prehn and W.J.Toetenel, editors, VDM '91. Formal Software Development Methods. 4th International Symposium of VDM Europe Proceedings. Vol.2: Tutorials; Springer-Verlag, LNCS. VDM Europe, 1991.
.

4

Jean-Raymond Abrial.
The B Book.
Cambridge University Press, The Edinburgh Building, Cambridge CB2 1RU, England, 1996.

5

Cleta Milagros Acebedo.
An Informal Domain Analysis for Manufacturing Enterprises.
Research Report 62, UNU/IIST, P.O.Box 3058, Macau, March 1996.

6

Cleta Milagros Acebedo and Erwin Paguio.
Manufacturing Enterprise Simulation: A Business Game.
Research Report 64, UNU/IIST, P.O.Box 3058, Macau, March 1996.

7

R. Allen and D. Garlan.
A formal approach to software architectures.
In IFIP Transactions A (Computer Science and Technology); IFIP Wordl Congress; Madrid, Spain, volume vol.A-12, pages 134-141, Amsterdam, Netherlands, 1992. IFIP, North Holland.
.

8

R. Allen and D. Garlan.
Formalizing architectural connection.
In 16th International Conference on Software Engineering (Cat. No.94CH3409-0); Sorrento, Italy, pages 71-80, Los Alamitos, CA, USA, 1994. IEEE Comput. Soc. Press.
.

9

Gene Amdahl, Gerrit Blaauw, and Frederik Brooks.
The IBM System/360 Architecture.
IBM Systems Journal, 1964.

10

Dao Nam Anh and Richard Moore.
Formal Modelling of Large Domains -- with an Application to Airline Business.
Technical Report 74, UNU/IIST, P.O.Box 3058, Macau, June 1996.
Revised: September 1996. .

11

D. M. Berry.
The importance of ignorance in requirements engineering.
Journal of Systems and Software, 28(2):179-184, February 1995.
.

12

B. Biebow and S. Szulman.
Acquisition and validation of software requirements.
Knowledge Acquisition, 6(4):343-367, December 1994.
.

13

D. Bjørner.
Federated GIS+DIS-based Decision Support Systems for Sustainable Development -- a Conceptual Architecture.
Research Report 61, UNU/IIST, P.O.Box 3058, Macau, March 1996.
Draft.

14

D. Bjørner.
Models of Enterprise Management: Strategy, Tactics & Operations -- Case Study Applied to Airlines and Manufacturing.
Technical Report 60, UNU/IIST, P.O.Box 3058, Macau, January - April 1996.
.

15

D. Bjørner.
Models of Financial Services & Industries.
Research Report 96, UNU/IIST, P.O.Box 3058, Macau, January 1997.
ncomplete Draft Report.

16

D. Bjørner.
Towards a Domain Theory of The Financial Sevice Industry.
Research report, Dept. of Information Technology, Technical University of Denmark, Bldg.345/167-169, DK-2800 Lyngby, Denmark, July 1997.
.

17

D. Bjørner and Jorge Cuellar.
Software Engineering Education: The Rôle of Formal Specifications and Design Calculi.
Research report, Dept. of Information Technology, Technical University of Denmark, Bldg.345/167-169, DK-2800 Lyngby, Denmark, October 1997.
Invited paper for Annals of Software Engineering Education journal, 1998.

18

D. Bjørner, C.W. George, B.Stig Hansen, H. Laustrup, and S. Prehn.
A Railway System, Coordination'97, Case Study Workshop Example.
Research Report 93, UNU/IIST, P.O.Box 3058, Macau, January 1997.
.

19

D. Bjørner, C.W. George, and S. Prehn.
Scheduling and rescheduling of trains, page 24 pages.
Prentice Hall (?), 1997.

20

D. Bjørner and C.B. Jones, editors.
The Vienna Development Method: The Meta-Language, volume 61 of Lecture Notes in Computer Science.
Springer-Verlag, 1978.

21

D. Bjørner and C.B. Jones, editors.
Formal Specification and Software Development.
Prentice-Hall, 1982.

22

Dines Bjørner.
From Domain Engineering via Requirements to Software. Formal Specification and Design Calculi.
Research, Department of Information Technology, Software Systems Section, Technical University of Denmark, DK-2800 Lyngby, Denmark, November 1997.
Paper published in SOFSEM'97 Proceedings, Springer-Verlag, Lecture Notes in Computer Science.

23

Dines Bjørner.
Michael Jackson's Problem Frames: Domains, Requirements and Design.
In Li ShaoYang and Michael Hinchley, editors, ICFEM'97: International Conference on Formal Engineering Methods, Los Alamitos, November 12-14 1997. IEEE Computer Society.

24

Dines Bjørner.
UN's Software Technology R&D in Africa, Asia, Eastern Europe, and Latin America -- A Personal View.
Research Report 90, UNU/IIST, P.O.Box 3058, Macau, May 1997.

25

Dines Bjørner.
Domains as a Prerequisite for Requirements and Software -- Domain Perspectives & Facets, Requirements Aspects and Software Views.
Research, Department of Information Technology, Software Systems Section, Technical University of Denmark, DK-2800 Lyngby, Denmark, 1997-1998.
This report is being written for possible inclusion in a possible proceedings from a US Office of Army Research sponsored workshop on `Requirements Targeted Software and Systems Engineering. The workshop was held at Bernried am Starnberger See, Bavaria, Germany, 12-14 October, and was locally organised by Institute of Informatics, Technical University of Munich, Germany. Editor: Manfred Broy.

26

Dines Bjørner.
A Normative Model of Concrete banking Operations -- Banking Rules & Regulations and Staff/Client Behaviours.
Research, Department of Information Technology, Software Systems Section, Technical University of Denmark, DK-2800 Lyngby, Denmark, March 1998.

27

Dines Bjørner.
Challenges in Domain Modelling -- Algebraic or Otherwise.
Research, Department of Information Technology, Software Systems Section, Technical University of Denmark, DK-2800 Lyngby, Denmark, March 1998.
.

28

Dines Bjørner, Souleimane Koussobe, Roger Noussi, and Georgui Satchok.
Michael Jackson's Problem Frames: .
In Li ShaoQi and Michael Hinchley, editors, ICFEM'97: Intl. Conf. on Formal Engineering Mehtods, Los Alamitos, CA, USA, 12-14 November 1997. IEEE Computer Society Press.

29

Dines Bjørner, Dong Yu Lin, and Søren Prehn.
Domain Analyses: A Case Study of Station Management.
Research Report 23, UNU/IIST, P.O.Box 3058, Macau, 9 November 1994.
resented at the 1994 Kunming International CASE Symposium: KICS'94, Yunnan Province, P.R.of China, 16-20 November 1994. .

30

B. Boehm and H. In.
Identifying quality-requirement conflicts.
In Second International Conference on Requirements Engineering (Cat. No.96TB100037); Colorado Springs, CO, USA, page 218, Los Alamitos, CA, USA, 1996. IEEE Comput. Soc. Press.
.

31

B.W. Boehm.
Software Engineering Economics.
Prentice-Hall, Englewood Cliffs, NJ., USA, 1981.

32

A. Cucchiarelli, M. Panti, and S. Valenti.
Supporting user-analyst interaction in functional requirements elicitation.
In First Asia-Pacific Software Engineering Conference; Tokyo, Japan, pages 114-23, Los Alamitos, CA, USA, 1994. IEEE Comput. Soc. Press.
.

33

P. Darke and G. Shanks.
Stakeholder viewpoints in requirements definition: a framework for understanding viewpoint development approaches.
Requirements Engineering, 1(2):88-105, 1996.
.

34

Do Tien Dung, Le Linh Chi, Nguyen Le Thu, Phung Phuong Nam, Tran Mai Lien, and Chris George.
Developing a Financial Information System.
Technical Report 81, UNU/IIST, P.O.Box 3058, Macau, September 1996.

35

R. Thayer et al., editor.
Software Requirements Engineering. IEEE Computer Society Press, Los Alamitos, California, USA.

36

A. Finkelstein.
Tracing back from requirements.
In IEE Colloquium on 'Tools and Techniques for Maintaining Traceability During Design' (Digest No.180), London, UK, 1991. IEE.
.

37

John Fitzgerald and Peter Gorm Larsen.
Developing Software using VDM-SL.
Cambridge University Press, The Edinburgh Building, Cambridge CB2 1RU, England, 1997.

38

Dov M. Gabbay, C.J. Hogger, J.A. Robinson, and D. Nute, editors.
Deduction Methodologies, volume 2 of Handbook of Logic in Artificial Intelligence and Logic Programming.
Oxford Science Publications, Clarendon Press, Oxford, England, 1993.

39

Dov M. Gabbay, C.J. Hogger, J.A. Robinson, and D. Nute, editors.
Logical Foundations, volume 1 of Handbook of Logic in Artificial Intelligence and Logic Programming.
Oxford Science Publications, Clarendon Press, Oxford, England, 1993.

40

Dov M. Gabbay, C.J. Hogger, J.A. Robinson, and D. Nute, editors.
Nonmonotonic Reasoning and Uncertain Reasoning, volume 3 of Handbook of Logic in Artificial Intelligence and Logic Programming.
Oxford Science Publications, Clarendon Press, Oxford, England, 1994.

41

Dov M. Gabbay, C.J. Hogger, J.A. Robinson, and D. Nute, editors.
Epistemic and Temporal Reasoning, volume 4 of Handbook of Logic in Artificial Intelligence and Logic Programming.
Oxford Science Publications, Clarendon Press, Oxford, England, 1995.

42

D. Garlan.
Research directions in software architecture.
ACM Computing Surveys, 27(2):257-261, June 1995.
.

43

D. Garlan.
Formal approaches to software architecture.
In Studies of Software Design. ICSE `93 Workshop. Selected Papers, pages 64-76, Berlin, Germany, 1996. Springer-Verlag.
.

44

D. Garlan and M. Shaw.
Experience with a course on architectures for software systems.
In Software Engineering Education. SEI Conference 1992; San Diego, CA, USA, pages 23-43, Berlin, Germany, 199. Springer-Verlag.
.

45

D. Garlan and M. Shaw.
An introduction to software architecture, pages 1-39.
World Scientific, Singapore, 1993.
.

46

J.A. Goguen and LuQi.
Formal methods and social context in software development.
In P.D. Mosses, M. Nielsen, and M.I. Schwartzbach, editors, TAPSOFT '95: Theory and Practice of Software Development. 6th International Joint Conference CAA/FASE, pages 62-81, Aarhus, Denmark, 1995.
.

47

Jan Goossenaerts and Dines Bjørner.
An Information Technology Framework for Lean/Agile Supply-based Industries in Developing Countries.
Technical Report 30, UNU/IIST, P.O.Box 3058, Macau, 1994.
ublished in Proceedings of the International Dedicated Conference on Lean/Agile Manufacturing in the Automotive Industries, ISATA, London, UK.

48

Jan Goossenaerts and Dines Bjørner.
Interflow Systems for Manufacturing: Concepts and a Construction.
Technical Report 31, UNU/IIST, P.O.Box 3058, Macau, 1994.
ublished in Proceedings of the European Workshop on Integrated Manufacturing Systems Engineering.

49

The RAISE Language Group.
The RAISE Specification Language.
The BCS Practitioner Series. Prentice-Hall, Hemel Hampstead, England, 1995.

50

The RAISE Method Group.
The RAISE Method.
The BCS Practitioner Series. Prentice-Hall, Hemel Hampstead, England, 1992.

51

Carl Gunther.
Higher Order Logics in Requirements Engineering.
In Manfred Broay, editor, Requirements Targeting Software (Systems) Engineering, 1997.

52

J. Guttag, J.J. Horning, and J.M. Wing.
Larch in Five Easy Pieces.
Technical Report 5, DEC SRC, Dig. Equipm. Corp. Syst. Res. Ctr., Palo Alto, California, USA, 1985.

53

John V. Guttag, James J. Horning, S.J. Garland, K.D. Jones, A. Modet, , and J.M. Wing.
Larch: Languages and Tools for Formal Specification.
Texts and Monographs in Computer Science. Springer-Verlag, Springer-Verlag New York, Inc., Attn: J. Jeng, 175 Fifth Avenue, New York, NY 10010-7858, USA, 1993.

54

P.A.V. Hall, D. Bjørner, and Z. Mikolajuk.
Decision Support Systems for Sustainable Development: Experience and Potential -- a Position Paper.
Administrative Report 80, UNU/IIST, P.O.Box 3058, Macau, August 1996.

55

E. Haywood and P. Dart.
Analysis of software system requirements models.
In Australian Software Engineering Conference, pages 131-138. IEEE Comput. Soc. Press, 1996.
.

56

C.L. Heitmeyer, R.D. Jeffords, and B.G. Labaw.
Automated Consistency Checking of Requirements Specifications.
TOSEM: ACM Transactions on Software Engineering and Methodology, 5(3):231-261, July, 1996.
.

57

IEEE.
Proceedings of the Second International Conference on Requirements Engineering;C olorado Springs, CO, USA, Los Alamitos, CA, USA, 1996. IEEE Comput. Soc. Press.

58

Daniel Jackson.
Structuring Z Specifications with Views.
ACM Transactions on Software Engineering and Methodology, 4(4):365-389, October 1995.

59

M. Jackson.
System Design.
Prentice-Hall International, 1985.

60

M. Jackson.
Problems and requirements (software development).
In Second IEEE International Symposium on Requirements Engineering (Cat. No.95TH8040), pages 2-8. IEEE Comput. Soc. Press, 1995.
.

61

Michael Jackson.
Problems, methods and specialisation.
Software Engineering Journal, pages 249-255, November 1994.
.

62

Michael Jackson.
Software Requirements & Specifications: a lexicon of practice, principles and prejudices.
ACM Press. Addison-Wesley Publishing Company, Wokingham, nr. Reading, England; E-mail: ipc@awpub.add-wes.co.uk, 1995.
ISBN 0-201-87712-0; xiv + 228 pages.

63

Michael Jackson.
The meaning of requirements.
Annals of Software Engineering, 3:5-21, 1997.

64

Michael A. Jackson.
Software Development Method, chapter 13, pages 215-234.
Prentice Hall Intl., 1994.
Festschrift for C. A. R. Hoare: A Classical Mind, Ed. W. Roscoe.

65

T. Janowski and C.M. Acebedo.
Virtual Enterprise: On Refinement Towards an ODP Architecture.
Research Report 69, UNU/IIST, P.O.Box 3058, Macau, May 1996.
.

66

Tomasz Janowski.
Domain Analysis for Manufacturing: Formalization of the Market.
Research Report 63, UNU/IIST, P.O.Box 3058, Macau, March 1996.
.

67

Tomasz Janowski and Rumel V. Atienza.
A Formal Model For Competing Enterprises, Applied to Marketing Decision-Making.
Research Report 92, UNU/IIST, P.O.Box 3058, Macau, January 1997.
.

68

Crilles Jansen.
Software Architectures and Program Organisation.
M.sc. thesis report, Department of Information Technology, Software Systems Section, Technical University of Denmark, DK-2800 Lyngby, Denmark, 31. July 1998 1998.

69

Crilles Jansen and Dines Bjørner.
Software Architectures and Program Organisation -- A Case Study.
Research, Department of Information Technology, Software Systems Section, Technical University of Denmark, DK-2800 Lyngby, Denmark, March 1998.

70

C.B. Jones.
Systematic Software Development using VDM.
Prentice Hall International, second edition, 1990.

71

M. Kirikova and J.A. Bubenko Jr.
Software requirements acquisition through enterprise modelling.
In SEKE '94. The 6th International Conference on Software Engineering and Knowledge Engineering, pages 20-27, Skokie, IL, USA, 1994. Knowledge Syst. Inst.
.

72

G. Kosters, H.-W. Six, and J. Voss.
Combined analysis of user interface and domain requirements.
In Second International Conference on Requirements Engineering (Cat. No.96TB100037); Colorado Springs, CO, USA, pages 199-207. IEEE Comput. Soc. Press, 1996.
.

73

Souleymane Koussoubé.
Knowledge-Based Systems: Formalisation and Applications to Insurance.
Research Report 108, UNU/IIST, P.O.Box 3058, Macau, May 1997.

74

Nancy G. Leveson, M.P.E. Heimdahl, H H. Hildreth, and J.D. Reese.
Requirements Specification for Process-Control Systems.
IEEE Transactions on Software Engineering, 20(9):684-707, September 1994.
.

75

P. Loucopoulos and E. Kavakli.
Enterprise modelling and the teleological approach to requirements engineering.
International Journal of Intelligent & Cooperative Information Systems, 4(1):45-79, March 1995.
.

76

M et al. M. Jarke.
Requirements engineering: an integrated view of representation, process, and domain.
In I. Sommerville and M. Paul, editors, Software Engineering - ESEC '93. 4th European Software Engineering Conference Proceedings; Garmisch-Partenkirchen, Germany, pages 100-114, Berlin, Germany, 1993. Springer-Verlag.
.

77

N.A.M. Maiden and A.G. Sutcliffe.
Requirements critiquing using domain abstractions.
In First International Conference on Requirements Engineering (Cat. No.94TH0613-0); Colorado Springs, CO, USA, pages 184-193, Los Alamitos, CA, USA, 1994. IEEE Comput. Soc. Press.
.

78

Zohar Manna and Amir Pnueli.
The Temporal Logic of Reactive Systems: Specifications.
Addison Wesley, 1991.

79

Zohar Manna and Amir Pnueli.
The Temporal Logic of Reactive Systems: Safety.
Addison Wesley, 1995.

80

T.L. McCluskey, J.M. Porteous, Y. Naik, C.N. Taylor, and S. Jones.
A requirements capture method and its use in an air traffic control application.
Software - Practice and Experience, 25(1):47-71, January 1995.
.

81

M. Moulding and L.Smith.
Combining formal specification and CORE: an experimental investigation.
Software Engineering Journal, 10(2):31-42, March 1995.
.

82

Nikolaj Nikitchenko.
Towards Foundations of the General Theory of Transport Domains.
Research Report 88, UNU/IIST, P.O.Box 3058, Macau, December 1996.
.

83

Roger Noussi.
An Efficient Construction of a Domain Theory for Resources Management: A Case Study.
Research Report 107, UNU/IIST, P.O.Box 3058, Macau, May 1997.

84

B. Nuseibeh, J. Kramer, and A. Finkelstein.
Expressing the relationships between multiple views in requirements specification.
In 15th International Conference on Software Engineering (Cat. No.93CH3270-6), pages 187-96, Los Alamitos, CA, USA, 1993. EEE Comput. Soc. Press.
.

85

Gueorgui Satchok.
Metropolitan In-street On-route Passenger Transport: Monitoring and Control. Technical.
Research Report 110, UNU/IIST, P.O.Box 3058, Macau, June 1997.

86

C. Shekaran, D. Garlan, and et al.
The role of software architecture in requirements engineering.
In First International Conference on Requirements Engineering (Cat. No.94TH0613-0); Colorado Springs, CO, USA, pages 239-245, Los Alamitos, CA, USA, 1994. IEEE Comput. Soc. Press.
.

87

J. Michael Spivey.
An Introduction to Z and Formal Specifications.
Software Engineering Journal, 4(1), January 1989.

88

J. Michael Spivey.
The Z Notation: A Reference Manual.
International Series in Computer Science. Prentice Hall, Hemel Hempstead, Hertfordshire HP2 4RG, UK, 1989.

89

J.J.P. Tsai, T. Weigert, and H.C. Jang.
A hybrid knowledge representation as a basis of requirement specification and reasoning.
In 2nd International IEEE Conference on Tools for Artificial Intelligence (Cat. No.90CH2915-7), pages 70-76. IEEE Comput. Soc. Press, 1990.
.

90

Tan Xinming.
Enquiring about Bus Transport-Formal Development using RAISE.
Technical Report 83, UNU/IIST, P.O.Box 3058, Macau, September 1996.
.

91

S. Yamamoto, H. Tadaumi, and M. Ueno.
DREM: domain-based requirements engineering methodology.
NTT R & D, 45(8):711-718, 1996.
n Japanese. .

92

P. Zave and M. Jackson.
Four dark corners of requirements engineering.
ACM Transactions on Software Engineering and Methodology, 6(1):1-30, January 1997.
.

93

P. Zave and M. Jackson.
Requirements for telecommunications services: an attack on complexity.
In Proceedings of the Third IEEE International Symposium on Requirements Engineering (Cat. No.97TB100086), pages 106-117. IEEE Comput. Soc. Press, 1997.
.

Index

About this document ...

This document was generated using the LaTeX2HTML translator Version 97.1 (release) (July 13th, 1997)

The command line arguments were:
latex2html -link 0 -split 0 trip.

The translation was initiated by Dines Bjorner on 9/29/1998

Footnotes

...Denmark: Phone: +45-45.25.37.20, Fax: +45-45.88.45.30, E-Mail: db@it.dtu.dk, URL
...of: alphabetically listed -- the ``collaboration'' information, for several partners, is currently being finalised -- and should presently be considered confidential.
...systems: in past/future (?) collaboration with NNc
...systems: in planned collaboration with NNp
...routing: in proposed collaboration with NN
...systems: in proposed collaboration with NNm
...systems: in proposed collaboration with NNv
...control: in proposed collaboration with NNm
...etc.: informal collaboration with NNb
...support: in collaboration with The Danish Fisheries and Ocean Research Center
...support: in proposed collaboration with NNm
...systems: informl collaboration with NNh
...systems: in (presently informal) collaboration with The Danish Railway Agency
...domain,: Most professional terms, such as domain, requirements, architecture, program organisation, stake-holder, etc. are defined in section 8 starting page .
...term: Winston Churchill is quoted as having said, in the House of Commons, in 1946: ...the young Labourite speak that we just heard, obviously wishes to impress his constituency with the fact that he has attended Eton and Oxford when he uses such modern terms as `infrastructure' ...
...^,: URL or bibliography references shall also indicate that we have already done some serious work in the area.
...administration): in [past/future] collaboration with NNc
...Systems: in planned collaboration with NNp
...Routing: in proposed collaboration with NN
...Trading: in proposed collaboration with NNv
...Systems: in proposed collaboration with NNm
...Systems: informal collaboration with NNb
...Software: in collaboration with The Danish Fisheries and Ocean Research Center
...Support: in proposed collaboration with NNm
...Systems: informal collaboration with NNh
...Systems: in (presently informal) collaboration with The Danish Railway Agency
...staff: By `professional staff' is meant a person full-time associated with the project at SS/IT/DTU

Dines Bjorner
9/29/1998