Abstract
The use of Requirements at Runtime (RRT) is an emerging research area. Many methods and frameworks that make use of requirements models during software execution can be found in the literature. However, there is still a lack of a formal and explicit representation of what RRT are and what are the primary goals of their use. Still, most RRT proposals have their own modeling languages and ways to represent, specify and make use of requirements at runtime, thus resulting in a domain with overloaded concepts. In this paper, we intend to clarify the main notions involved in RRT, establishing an explicit common conceptualization regarding this domain. To do so, we need first to understand what software execution is, as well as what requirements are. Thus, we present three related domain ontologies: the Software Ontology (SwO), an ontology about software nature and execution, the Reference Software Requirements Ontology (RSRO), which addresses what requirements are and types of requirements, and the Runtime Requirements Ontology (RRO), which extends SwO and RSRO to represent the nature and context of RRT. For developing these ontologies, we follow SABiO, a well-established Ontology Engineering method. Moreover, all the three ontologies are grounded in the Unified Foundational Ontology (UFO) and are integrated into the Software Engineering Ontology Network (SEON). Finally, as prescribed by SABiO, the ontologies are evaluated using ontology verification and validation techniques.
Introduction
In recent years, we have witnessed a growing interest in software systems that can monitor their environment and, if necessary, change their requirements in order to continue to fulfill their purpose (Dalpiaz et al., 2013; Souza et al., 2013a). This particular kind of software usually consists of a base system responsible for the main functionality, along with a component that monitors the base system, analyzes the data and then reacts appropriately to make sure that the system continues to execute its required functions.
There are many works in the literature that propose different solutions to this issue, such as adaptive or autonomic systems (Huebscher and McCann, 2008; Cheng et al., 2009; de Lemos et al., 2013). We are especially interested in those that deal with this monitoring–adaptation loop using requirements models at runtime. In this context, proposals use different kinds of models and terms to represent what are the system requirements, specify what is to be monitored and prescribe how to adapt. As result, the vocabulary used by these methods is very similar, but the semantics of the entities present in their models are not always the same, thus resulting in a domain with overloaded concepts. In other words, that means that the same name could be used to identify things that are ontologically completely different, and because of that, they have different natures and identities in the real world. This is the case of the term requirement. One can refer to requirement as an artifact, described in a requirements specification; someone else can understand a requirement as an intention of a stakeholder. Although it seems that we are talking about the same entity, that is not true because they are not ontologically the same.
The construct overload problem, i.e., the same construct used to represent two or more domain entities, and other fairly common problems such as construct redundancy, i.e., a single entity is represented by two or more constructs, have motivated us to develop a domain reference ontology on the use of Requirements at Runtime (RRT). By domain reference ontology we mean a domain ontology developed with the goal of making a clear and precise description of domain entities for the purposes of communication, learning and problem-solving. A reference ontology is a special kind of conceptual model, representing the consensus within a community. It is a solution-independent specification and, thus, it does not focus on maximizing certain computational properties. In other words, when developing a reference ontology, quality attributes such as precision and truthfulness to the underlying domain are never sacrificed in favor of these computational properties (Guizzardi, 2007).
The goal of this work is to provide a formal representation of the use of RRT, giving a precise description of the domain entities and establishing a common vocabulary to be used by software engineers and stakeholders within the RRT domain, including the distinctions underlying the nature of requirements during the execution of a software system.
However, before capturing the conceptualization underlying the use of RRT, we need to understand two important notions: the first one is what does it mean to run software; the second one is what requirements really are. Thus, we decided to tackle this problem with a divide-and-conquer approach and develop three ontologies. The first, called Software Ontology (SwO), covers the part of the domain about software nature and how it is executed at runtime. The second, called Reference Software Requirements Ontologies (RSRO), focuses on requirements in general, their main types, and how they are documented. The third and most specific one, is called Runtime Requirements Ontology (RRO). RRO extends RSRO and SwO, focusing on the use of requirements during software execution.
The ontologies presented here are intended to be used for conceptual clarification and terminological systematization of the existing approaches, in sub-areas like adaptive systems, requirements monitoring, context-aware systems and so on, as well as for serving as a knowledge framework for developing and re-engineering RRT approaches. Furthermore, they can be used as a conceptual model for tools developed for these purposes. Operational versions of the ontologies could be implemented in languages like OWL, for a formal annotation of the models used by these proposals, providing traceability of the requirements during their life-cycle, from design-time to runtime. Lastly, the ontologies can be used for interoperability purposes, allowing frameworks that make use of requirements at runtime to inter-operate. All three ontologies are integrated into the Software Engineering Ontology Network (SEON; Ruy et al., 2016).
SwO, RSRO and RRO were developed following the process defined by SABiO (Falbo, 2014), an ontology engineering method, and using UFO (Guizzardi, 2005) as foundational ontology. As recommended by SABiO, SwO, RSRO and RRO were evaluated by verification and validation activities. Verification was accomplished by checking if the Competency Questions initially raised were answered by the respective ontology. Validation was done by instantiating the ontologies with data extracted from real world projects using three frameworks that propose the use of requirements at runtime, namely FLAGS (Baresi et al., 2010), ReqMon (Robinson, 2006) and Zanshin (Souza, 2012). Finally. it is important to mention that the ontologies were built in this modular way (instead of one big ontology), so that they can be easily found and reused later.
This paper is an extended version of the previous work by Duarte et al. (2016). For this version, we present as main contribution three ontologies – SwO, RSRO and RRO – and integrate them into an ontology network (SEON). Moreover, we provide a formal characterization for the domain specific categories as well as constraints involving them. Lastly, we instantiated the ontologies using other two RRT frameworks, improving validation. The verification process was also improved, through the definition of test cases.
The rest of the paper is structured as follows. Section 2 summarizes the general concepts of the RRT domain. In particular, it presents the results of systematic mapping of the literature we performed in the area. Section 3 describes the methodology used to build SwO, RSRO and RRO. Section 4 introduces the ontological foundations for the proposed ontologies. Sections 5, 6 and 7 present SwO, RSRO and RRO, the main contributions of this paper. Section 8 discusses how the ontologies were evaluated. Section 9 compares related work. Finally, Section 10 concludes the paper.
Background
This section presents, in Section 2.1, the basic concepts about the use of requirements at runtime that are responsible to provide the theoretical background for the development of this work. Section 2.2 presents the results of the systematic mapping that was performed to capture the consensual knowledge about the requirement at runtime domain. It also presents three frameworks that propose the use of requirements at runtime: Zanshin, ReqMon and FLAGS. These frameworks are used to instantiate SwO, RSRO and RRO, as a form of validation in Section 8. They were chosen because: (i) they are all present in the systematic mapping of the literature on Requirements at Runtime (RRT) that was used as a knowledge base for the ontologies; (ii) they are widely accepted by the RRT community, with many publications over the years; and (iii) because they differ in the way they treat/deal with RRT.
Requirements at runtime
Requirement Engineering (RE) is the field of Software Engineering (SE) concerned with understanding, modeling, analyzing, negotiating, documenting, validating and managing requirements for software-based systems (Cheng and Atlee, 2007). In the RE literature, there is a strong overloading of the term requirement and, hence, different texts refer to requirements in different possible senses, for example, as an artifact, as an intention, as a desire or as a property of a system.
The seminal work by Zave and Jackson (1997) defines the term requirement as a desired property of an environment, which comprehends the software system and its surroundings, that intends to express the desires and intentions of the stakeholders concerning a given software development project. A requirement, however, can be seen as an intention or a desire when acting as a high-level requirement, or as an artifact, when documented as part of a specification. In turn, such documentation can have different levels of abstraction, for instance, depending on whether it is part of an early requirements analysis or a machine-readable artifact (file) that allows reasoning over requirements during the execution of the software. Features such as the latter have motivated research on the topic of Requirements at Runtime (RRT; Bencomo et al., 2011).
For instance, Feather et al. (1998) monitor violation of requirements using Linear Temporal Logic expressions that are observed by a monitoring component at runtime in order to try and reconcile system requirements and behavior. Requirements are documented using a Goal-Oriented RE (GORE) approach for design-time purposes and as the aforementioned logical expressions for runtime purposes. The Requirements Reflection approach (Bencomo et al., 2010a) proposes not only that requirements be reified as runtime entities but that they keep traceability to the architectural models and all the way back to high-level goals.
Souza et al. (2013b) define a requirement at runtime as the classes or scripts that represent the requirements being instantiated during the execution of a program, i.e., a compiled code artifact loaded in memory to represent the fact that someone (or something) is using the system in order to satisfy a requirement. Qureshi and Perini (2010) have a similar vision, as they understand that a requirement at runtime is expressed by the users requests, which are captured by the software user interface and also monitored in order to check if it is in an agreement with the original specifications. More recently, Dalpiaz et al. (2013) propose, in the context of GORE, the distinction between a Design-time Goal Model – used to design a system – and a Runtime Goal Model – used to analyze a system’s runtime behavior with respect to its requirements.
These and other works illustrate the diversity of concepts, models and features that have been proposed in the field of RRT, showing us that there is no consensual definition about what is a runtime requirement and that Requirement is a complex entity that can exist during the entire software life-cycle, since design-time until runtime. However, the use of requirements as a runtime entity is a fairly recent and there is no formal representation about this domain in the literature. This lack of a formal and consensus-based description has motivated us to develop a reference ontology about this domain. The purpose is to unify an interpretation for requirements and then to characterize how it relates to other intimately connected elements in the RRT domain.
A systematic mapping of the literature
To identify proposals that use RRT, we performed a systematic mapping of the literature as a knowledge acquisition activity (as opposed to relying solely on the opinion of a few domain experts from our research group). Kitchenham and Charters (2007) define a Systematic Mapping as an extensive study on a specific topic that intends to identify evidence available on this theme. Following their method, we applied the steps illustrated in Fig. 1.

Steps of the Systematic Mapping process on RRT.
First, we defined a search string that intended to cover all the relevant aspects of our research, and applied it in several search engines, in an attempt to find most studies existing in the literature about the research domain. In total, 1581 studies were returned by the search string. The search string was validated by checking if the control articles (6) that were chosen beforehand were retrieved from the databases. Next, papers returned from all search engines were combined and duplicate entries were removed. As result of this step, 912 studies remained. Then, we applied two filters, considering inclusion and exclusion criteria established at the beginning of the process. In this first filter, only the abstracts were read to evaluate if a paper should be selected or excluded from the mapping. Then, the selected publications (203) were once again analyzed against the selection criteria, but now considering the full text of the publication. To help reduce bias, publications were analyzed in the second filter by different specialist from the first. As result, 142 publications were found to satisfy the selection criteria, which accounts for a 91,02% reduction from the starting 1581 results. These 142 publications were read, the research questions were answered and the information gathered with the systematic mapping were used as the primary source of knowledge to build RRO.
During the mapping, we classified publications by purpose of use of RRT, separating them in two major categories: Monitor Requirements and Change Requirements. The former covers publications that propose checking if requirements defined at design time are being achieved at runtime, whereas the later covers papers in which requirements are used not only as guidelines to monitoring but also as rules on how the system should adapt to keep satisfying its requirements. Although the results of the mapping are briefly summarized here, the mapping is not in the scope of this paper.
Zanshin (Souza, 2012; Souza et al., 2013a,b) is an RE-based framework created for the development of adaptive systems. Its main idea is to make elements of the feedback loop responsible to provide adaptivity important entities in the requirements models used by the framework. To do that, Zanshin uses requirements models based on GORE (Goal-Oriented Requirements Engineering) to represent system requirements. Zanshin’s specific models are augmented with new elements, called Awareness Requirements (AwReqs) and Evolution Requirements (EvoReqs) that, when combined with classic GORE constructs (goals, softgoals, tasks, AND-OR refinements, and so on), are able to represent monitoring and adaptation strategies during the execution of a software system.
Figure 2 presents Zanshin’s basic architecture. AwReqs are requirements that refer to the state of other requirements of a software system at runtime. In other words, AwReqs are responsible for representing the parts of the system that the stakeholders want it to be able to adapt. EvoReqs are requirements that describe how other requirements are supposed to adapt/evolve in response to an AwReq failure. EvoReqs act directly over system requirements through a set of adaptation strategies. During runtime, they are responsible to ensure that the system is fulfilling what was previously specified by the stakeholders.

Zanshin’s architecture representation (Souza, 2012).

Requirements model of a Meeting Scheduler, created with the Zanshin approach (Souza, 2012).
Figure 3 represents the requirements model of a Meeting Scheduler system created as a proof-of-concept for the Zanshin framework. AwReqs appear in the Meeting Scheduler requirements model as small bold circles with arrows, pointing out to the elements of the system that need to have their states monitored. EvoReqs are not graphically represented in the requirements model, however, they are implemented as a code artifact that will be executed by Zanshin when an AwReq fails. For instance, if, for some reason, a meeting cannot be properly scheduled in the system, AR1 (NeverFail, at the top-left corner of Fig. 3) will trigger the EvoReq Retry Characterize Meeting, that will make the system perform a rollback, wait for 5 seconds, and then try to schedule the meeting again. The rest of the model and the other elements of the modeling language are better described by Souza (2012).
ReqMon (Robinson, 2006) is a framework for monitoring software systems requirements at runtime. ReqMon was developed with the main objective of improving the visibility of conformity policies inside a software system and to be used by system users that have permissions to receive information about the satisfaction of the system requirements. The ReqMon framework presents a requirements definition language based on KAOS (Van Lamsweerde et al., 1991), a systematic methodology for requirements elicitation and analysis to be used in design-time, and a software tool built to provide a requirements monitoring service during runtime.
Figure 4 presents ReqMon’s architecture and its main components. The Event Capturer is responsible to monitor and capture, during runtime, any deviation in the requirements of the main system, i.e, the system being monitored. The Analyzer updates the status of the main system monitors and the Repository acts like a database of events, persisting a history of the monitored indicators.

ReqMon framework architecture (Robinson, 2006).

ReqMon representation of
Figure 5 presents the
Like Zanshin, ReqMon characterizes requirements as goals, also understanding them as complex entities that exist both at design-time and runtime of a software system, organizing them in requirements models that aim to provide requirements traceability during the software life-cycle. However, Zanshin and ReqMon are different in the sense that the former is focused on adaptations/evolution of a software system through changes in its requirements, while the latter is focused on monitoring the system and verifying if the requirements are being fulfilled. These similarities and differences are the main reasons why they were chosen to be instantiated to validate RRO.
The Fuzzy Live Adaptive Goals for Self-Adaptive Systems (FLAGS; Baresi et al., 2010; Pasquale et al., 2011) is a GORE-based framework for designing self-adaptive systems which extends the KAOS model (Van Lamsweerde et al., 1991), adding the concept of adaptive goals. Adaptive goals are live runtime entities, consisting of requirements that are responsible for defining the countermeasures that must be performed in order to keep system goals satisfied. Countermeasures may act by updating an existing requirement (relaxing or tightening), replacing it for a new one or even preventing it from being violated. In other words, countermeasures are responsible to change the live goal model that is kept by the system.
Figure 6 presents the FLAGS runtime infrastructure that allows requirements being used as runtime entities that provide adaptation capabilities to the system. In order to support requirements evolution, FLAGS works at the process and goal levels, managing two models at runtime: the FLAGS model and the implementation model. The first has requirements and adaptation goals, while the second includes the definition of the process and the monitoring and adaptation capabilities that are necessary at the process level.

FLAGS Runtime infrastructure (Pasquale et al., 2011).
The Process Reasoner is the core component of the architecture, being responsible for controlling the adaptation at the process level. To accomplish that, it monitors the runtime data that is collected to check if the conditions for an adaptation are satisfied. It is also responsible to send to the Goal Reasoner, runtime data that is used to change elements in the goal model. At the goal level, if a designer creates a new version of the FLAGS model using the Graphical Designer, live instances of this model are sent to the Process Reasoner, which propagates the changes to the running and next process instance of the system.
To illustrate the method, Fig. 7 presents the FLAGS model for a web application called Click&Eat. White clouds are the main goals for Click&Eat, gray clouds represent the adaptation goals that define the adaptation capabilities of the system. The small circles represent the operationalizations of the adaptive goals, which define the exact actions that must be performed when an adaptation condition is triggered. In comparison to Zanshin and ReqMon, FLAGS also treats requirements as goals, and live goals models are also used at runtime as first-class citizens. However, FLAGS is closer to Zanshin, since it also deals with runtime requirements-based adaptation, even creating a runtime entity that defines how the requirements needs to change. Other examples and a better description of the FLAGS modeling language can be found in work by Baresi et al. (2010).

FLAGS model for a Click&Eat web application (Pasquale et al., 2011).
Lastly, it is important to mention that adaptation goals proposed by FLAGS, monitoring requirements used by ReqMon and AwReqs and EvoReqs proposed by Zanshin are examples of requirements being used at runtime, whose characteristics and properties are discussed in Section 7.
To develop the ontologies presented in this paper, we used SABiO, a Systematic Approach for Building Ontologies (Falbo, 2014). SABiO supports the development of domain reference ontologies, as well as the design and coding of operational ontologies. We chose SABiO because it has been successfully used to develop domain ontologies, in particular Software Engineering reference domain ontologies, including the ones already integrated in SEON, such as: Software Process Ontology (SPO; Bringuente et al., 2011), Software Measurement Ontology (SMO; Barcellos et al., 2010) and the Reference Ontology on Software Testing (RooST; de Souza et al., 2017).
SABiO’s development process comprises five main phases, namely (Falbo, 2014): (1) Purpose Identification and Requirements Elicitation; (2) Ontology Capture and Formalization; (3) Design; (4) Implementation; and (5) Test. These phases are accompanied by support processes, such as knowledge acquisition, reuse, documentation and evaluation. SABiO aims at developing both reference ontologies (phases 1 and 2) and operational ontologies (phases 3, 4 and 5). In this work, we are interested in building only domain reference ontologies, thus we performed only the first two phases. Although we did not implement the ontologies, we designed test cases for them.
In the Purpose Identification and Requirements Elicitation phase, we started defining the purpose, scope and intended uses for each ontology. Next, we identified Competency Questions (CQs) as functional requirements for the domain ontologies. CQs are questions that the ontology should be able to answer (Grüninger and Fox, 1995). Analogously with the traditional Requirements Engineering (RE), besides representing functional requirements, CQs help to refine the scope of the ontology. They are also used in the ontology verification process to check if the ontology elements (concepts, relations, properties and axioms) are able and sufficient to answer the CQs (Falbo, 2014). Moreover, it is important to highlight that CQs for SwO, RSRO and RRO were refined during each ontology development process. CQs were raised through several meetings with domain experts and through the analysis of international standards (for RSRO) and results of the systematic mapping presented in Section 2 (for SwO and RRO), in a bottom-up strategy, starting with simpler questions and proceeding to find more complex ones.
As non-functional requirements for the three ontologies, we defined that they would: be grounded on a well-known foundational ontology (NFR1); be based on consensual work from the literature (NFR2); and to be integrated to the Software Engineering Ontology Network (SEON; Ruy et al., 2016), reusing existing networked ontologies, or other relevant ontologies already published in the literature (NFR3).
For NFR1, we grounded our ontologies in the Unified Foundational Ontology (UFO; Guizzardi, 2005; Guizzardi et al., 2008). UFO provides a set of entities and relations types, that are useful for Conceptual Modeling. Also, UFO is the foundational ontology that is suggested by SABiO. In Section 4, we present the fragment of UFO used to provide the ontological foundations for SwO, RSRO and RRO.
To satisfy NFR2, we followed different approaches for each ontology. In the case of SwO, we took Wang et al.’s Ontology of Software Artifacts (Wang et al., 2014) as basis, as well as the results of the systematic mapping we performed in the RRT domain. These results were useful, since they reveal very relevant notions related to software being executed at runtime. It is important to say that, although we were inspired by Wang et al.’s work, besides encompassing what software is and its artifactual nature – aspects addressed by Wang et al. (2014) – SwO focuses also on software execution.
In the case of RSRO, we studied relevant standards, such as CMMI (SEI/CMU, 2010) and SWEBOK (Bourque et al., 2014), and selected publications, including classic Requirements Engineering papers (Kotonya and Sommerville, 1998; Wohlin et al., 2005; Robertson and Robertson, 2012). We chose these references because they are widely accepted by the RE community, including the software industry, and, in some sense, represent common aspects of the RE domain. Moreover, we explored the work by Guizzardi et al. (2014), who did an ontological interpretation of non-functional requirements based on definitions provided by UFO.
In the case of RRO, it is important to highlight that the RRT domain its fairly new (according to our research, around 16 years), in particular when compared with traditional Software Engineering. Thus, there is still a lack of standards and capability models that focus on the use of requirements at runtime. Based on that, we decided to investigate this domain by means of a systematic mapping of the literature (briefly reported in Section 2.2), and thus to gather consensual information about the RRT domain.
Regarding NFR3, to build both SwO and RSRO, we reused parts of SEON’s core ontology on software process (SPO), in particular its sub-ontology about software artifacts, as well as the ontologies developed by Wang et al. (2014) regarding software artifacts (named here OSA), and by Guizzardi et al. (2014) concerning requirements (named here NFRO). This approach required us to integrate these ontologies to SEON’s Software Artifact ontology. Finally, SwO and RSRO were reused to build RRO. In this way, all the resulting ontologies were integrated to SEON. This reuse and integration process is further discussed in Section 4.
Given the requirements and the results of the systematic mapping, we started capturing the concepts and relations of our ontologies, and building their conceptual models. This task was highly iterative and involved weekly meetings in which the primary aspects of the ontologies were discussed and defined. These meetings were attended by several specialists in the areas of Requirements Engineering and Ontology Engineering (expanding the initial group of four engineers involved in the systematic mapping), who played different roles depending on the context: in requirement elicitation meetings, they acted as Domain Experts on Requirements and RRT, whereas in verification meetings, in which the many versions of the ontologies were analyzed and polished, they also played the role of Ontology Engineers. The resulting reference models and primary products of this work are presented in Sections 5, 6 and 7.
Finally, as prescribed by SABiO, once the reference ontologies are developed, they need to be evaluated. SABiO’s Evaluation Process comprises two main perspectives: (i) Ontology Verification: aims to ensure that the ontology is being built correctly, in the sense that the output artifacts of an activity meet the specifications imposed on them in previous activities. (ii) Ontology Validation: aims to ensure that the right ontology is being built, that is, the ontology fulfills its specific intended purpose. To evaluate the three ontologies, we applied two evaluation approaches, namely: assessment by humans, and data-driven evaluation (Brank et al., 2005). For evaluating the reference ontologies as a whole (intended purposes, competency questions and conceptual models), expert judgment was performed. In particular, for addressing ontology verification, we built tables indicating which ontology elements (concepts, relations, and axioms) are able to answer each competency question, as suggested by SABiO. For evaluating if the reference ontologies are able to represent real world situations, concepts and relations of the ontologies were instantiated using data extracted from examples of methods described in Section 2, in a data-driven approach to ontology validation. Finally, we defined test cases for the ontologies, showing how the competency questions should be answered when using the instantiations as test case inputs.
Ontological foundations
As discussed above, for building SwO and RSRO, we reused Wang et al.’s Ontology of Software Artifacts (OSA; Wang et al., 2014), and the ontological interpretation of non-functional requirements-related notions (NFRO; Guizzardi et al., 2014), as well as SEON’s Artifact sub-ontology. Moreover, all three developed ontologies were grounded in UFO. In this section, we briefly discuss these ontological foundations.
UFO
The Unified Foundational Ontology (UFO; Guizzardi, 2005; Guizzardi et al., 2008) is a well-established foundational ontology that has been developed based on a number of theories from Formal Ontology, Philosophical Logics, Philosophy of Language, Linguistics and Cognitive Psychology. We chose UFO because it has been constructed with the primary goal of developing foundations for conceptual modeling. Consequently, UFO addresses many essential aspects for conceptual modeling, which have not received a sufficiently detailed attention in other foundational ontologies (Guizzardi, 2005). Examples are the notions of material relations and relational properties. For instance, this issue did not receive up to now a treatment in DOLCE (Masolo et al., 2003), which focuses solely on intrinsic properties (qualities). Moreover, UFO offers a complete set of categories to tackle the specificities of the targeted domain and it has been successfully employed in a number of semantic analyses, such as the one conducted here (see detailed discussion by Guizzardi et al. (2015)).
UFO is composed of three main parts: UFO-A, an ontology of endurants (Guizzardi, 2005); UFO-B, an ontology of perdurants/events (Guizzardi et al., 2013); and UFO-C, an ontology of social entities (both endurants and perdurants) built on top of UFO-A and UFO-B (Guizzardi et al., 2008). In Fig. 8, we present only a fragment of UFO containing the categories that are germane for the purposes of this article. Moreover, we illustrate these categories and some contextually relevant relations using UML (Unified Modeling Language) class diagrams. These diagrams are used here primarily for visualization. The reader interested in an in-depth discussion and formal characterization of UFO is referred to (Guizzardi, 2005; Guizzardi et al., 2008, 2013; Benevides et al., 2010).

Fragment of UFO showing Goals, Agents and Intentions.
Based on UFO, Guizzardi et al. (2014) present an interpretation of the difference between Functional and Non-Functional Requirements (FRs/NFRs), a frequently used categorization scheme in Requirements Engineering. As Fig. 9 shows, requirements are

Non-functional Requirements and related concepts (Guizzardi et al., 2014).
Moreover, the NFR Ontology is the only ontology we are aware of that combines the following characteristics: it is grounded on a foundational ontology (in fact, the same foundational ontology we use); provides a precise criteria for differentiating between FRs and NFRs; deals with vagueness in NFRs. These characteristics equip the ontology to support the process of requirements engineering by helping to clarify the elicitation and representation of software requirements as well as their satisfaction conditions (including the case of vague NFRs). By reusing this ontology, our proposal in this paper inherits these benefits.
In Wang et al.’s Ontology of Software Artifacts (OSA; Wang et al., 2014), software is a special kind of entity that is capable of changing while maintaining its numerical identity. These changes (i.e., a simple bug fix or an entirely new release) are necessary for the natural evolution of software and are also one of the engines that move the software industry. When we start to think in specific software such as, e.g., Microsoft Excel, this fact becomes clearer: Excel has many releases and even more versions throughout its 30 years of existence, but has always maintained its identity as Microsoft’s spreadsheet software.
To try to answer questions like “what does it mean for software to change?”, “what is the difference between a new release and a new version?” and to address the ontological reasons for software being able to change while maintaining its nature, Wang et al. (2014) propose an ontology of software inspired by the Requirements Engineering literature, depicted in Fig. 10, which shows a fragment of the original ontology. OSA makes the distinction between three artifacts:

Fragment of the Ontology of Software Artifacts (Wang et al., 2014).
A
A
It is important to mention that, although OSA is grounded in DOLCE, it is based in a part of DOLCE that is completely mappable to UFO. Thus, we could reuse it straightforwardly. Furthermore, OSA is the only ontology we are aware of that combines the following characteristics: it is grounded in a foundational ontology (whose portion used by OSA is mappable to the one we use); it explicitly accounts for the different identity conditions and dependence relations of the multiple artifacts involved in a software ecosystem; and is built over the background of an established requirements engineering framework (the model by Zave and Jackson (1997)).
The use of OSA can bring several benefits to the work proposed here. Firstly, because it can potentially allow us (in a future extension to this ontology) to differentiate among the requirements that can be related to different software-associated artifacts (e.g., licensed software products requirements versus program requirements). Secondly, as discussed by Wang et al. (2014), by properly distinguishing all these kinds of software-associated artifacts, OSA can support a next-generation of more advanced software configuration management processes and tools. By reusing the OSA ontology, the models proposed here inherit these finer-grained distinctions made by the original ontology. For instance, as a by-product of this process, this could afford improving the management of several potential configuration items that appear in the proposed ontologies (e.g., different types of requirements specification) by associating them with different software-associated artifacts.
The ontologies developed in this work were integrated to the Software Engineering Ontology Network (SEON; Ruy et al., 2016). An ontology network is a collection of ontologies related together through a variety of relationships, such as alignment, modularization and dependency. A networked ontology, in turn, is an ontology included in such a network, sharing concepts and relations with other ontologies (Suárez-Figueroa et al., 2012). SEON is designed seeking to: (i) take advantage of well-founded ontologies (all its ontologies are ultimately grounded in UFO); (ii) provide ontology reusability and productivity, supported by core ontologies organized as Ontology Pattern Languages (Falbo et al., 2016); and (iii) solve ontology integration problems by providing integration mechanisms (Ruy et al., 2016).
In its current version, SEON has a core ontology of software processes (SPO), as well as domain ontologies for the main technical Software Engineering sub-domains, namely requirements, design, coding and testing, and for some management sub-domains, namely software measurement, project management, configuration management, and quality assurance. Figure 11 presents an overview of SEON (its complete specification is available at

SEON: The Network view (Ruy et al., 2016).
Concerning requirements, ReqON is SEON’s ontology subnetwork devoted to requirements. The Reference Software Requirements Ontology (RSRO), presented in Section 6, is the main ontology in the requirements domain. It captures the most general notions regarding requirements, which are valid for many Requirements Engineering approaches. The Goal-Oriented Requirements Ontology (GORO; Negri et al., 2017) focuses on the basic notions of Goal-Oriented Requirements Engineering. The Requirements Development Process Ontology (RDPO; Ruy et al., 2016) aims at representing the activities, artifacts and stakeholders involved in the software requirements development process. Finally, the Runtime Requirements Ontology (RRO), which is presented in Section 7, addresses the use of requirements at runtime.
RSRO and SwO extend SEON’s Software Process Ontology (SPO), more precisely, SPO’s Artifacts sub-ontology. As Fig. 12 shows,

SEON’s view regarding Software and Related Artifacts.
SPO also classifies artifacts according to their natures. A
In Section 5, we present SwO, the SEON’s Software Ontology, which is strongly based on OSA. In fact, SwO incorporates parts of OSA to SEON.
The Software Ontology (SwO) aims to capture the complex artifactual nature of software. Software, is a complex entity constituted of different types of artifacts, such as software systems, programs and code. SwO is a domain reference ontology that aims to explain this complex software nature and how it is materialized inside a computer, being executed and producing results that go beyond the limits of the machine, directly affecting the real world. Since it is a fairly general ontology, closer to the core level than RSRO and RRO, SwO is widely reusable for developing more specific domain ontologies, as it is the case of RRO, but also to describe other types of software, such as Software Service and Multimedia Systems. SwO aims to answer the following CQs:
As Fig. 13 shows, SwO extends part of the Software Artifact sub-ontology of SPO, while incorporating concepts from OSA. In this figure, concepts from SwO are shown in white (those reused from OSA are prefixed by OSA), concepts from SPO are shown in green, and concepts from UFO are shown in grey.

Conceptual model fragment of SwO.
As in OSA, a
Like in OSA, a
Since a
To run a
In SwO, a
As in the work by Irmak (2013), a
A
As mentioned earlier in Section 4, SwO is strongly based on OSA. It incorporates several concepts presented in OSA, such as
The main difference is that in SEON (and thus SPO and SwO), we assume a software process view on software artifacts. This means that software artifacts are intentionally produced by activities of the software process, and that these artifacts must be made explicit. This explains why we consider
Another difference is that OSA does not handle complex artifacts being constituted of artifacts of the same type. For instance, a
The Reference Software Requirements Ontology (RSRO) aims to capture the most general notions regarding requirements, which are valid for Requirements Engineering in general. These notions basically regard the what, how and who w.r.t. requirements, i.e. what a requirement actually is and how they may be classified, who is interested in which requirement, and how requirements and their context (i.e. assumptions) are documented. Moreover, just like SwO, RSRO was developed to be reused and extended by other ontologies, representing the many facets of Requirements Engineering, such as Goal-Oriented Requirements Engineering approaches (Negri et al., 2017) or the use of requirements at runtime. To be as general as possible, the scope of RSRO is very narrow, and it aims to answer only the following competency questions:
Figure 14 shows RSRO’s conceptual model. In this figure, concepts from RSRO are shown in blue, while concepts from other ontologies follow the color convention introduced in Section 5. This ontology is strongly based on the ontological interpretation of Non-Functional Requirements made by Guizzardi et al. (2014). Concepts reused from the work by Guizzardi et al. (2014) are prefixed by

Conceptual model of RSRO.
As in the work by Guizzardi et al. (2014), a
Derived relations, i.e., relations deduced by derivation rules, are represented in UML diagrams preceded by a “/”.
When a
It is important to say that, although Axiom A5 holds, the relation interested in is not a derived relation, since there may be other stakeholders who are also interested in a requirement artifact, other than those from whom the corresponding requirement has been elicited.
Finally,
The Runtime Requirements Ontology (RRO) focuses on the notions related to the use of requirements at runtime. The purposes and intended uses of RRO include, among others, the following: to establish a common understanding of the main concepts used in several RRT frameworks, aiming at allowing them to interoperate; to provide a common conceptual model to be used for developing and reengineering RRT frameworks and systems. Taking these purposes and intended uses for RRO, the following competency questions were defined for it:
Figure 15 shows RRO’s conceptual model. In this figure, concepts introduced in RRO are shown in yellow, while concepts from the other ontologies follow the previously used color convention.

Conceptual model of RRO.
An important distinction of RRO is between
Having both
For properly linking requirements to its use at runtime, we need to relate
An
A
Like the
It is important to notice that these formulae do no exclude the case of an
To evaluate SwO, RSRO and RRO, we performed Ontology Verification & Validation (V&V) activities. Considering the guidelines proposed by SABiO (Falbo, 2014), all three ontologies were evaluated in three steps. First, in an
Verification by experts
For verifying SwO, RSRO and RRO, we started by manually checking if the concepts, relations and axioms defined in them are able to answer their competency questions (CQs). This approach enabled us to check not only if the CQs were answered, but also whether there were irrelevant elements in the ontology, i.e. elements that do not contribute to answer any of the questions. Table 1 illustrates this verification process for SwO, showing which elements of the ontology (concepts, relations, properties and axioms) answer each one of the Competency Questions (CQs) of SwO. Analogously, Table 2 and Table 3 present the verification process for RSRO and RRO, respectively. These tables can also be used as a traceability tool, supporting ontology change management.
SwO verification against its competency questions
SwO verification against its competency questions
RSRO verification against its competency questions
RRO verification against its competency questions
Concerning ontology validation, SABiO suggests that the ontology should be capable of properly representing real world situations. Based on that, we instantiated the ontologies using data extracted from three examples: the Zanshin Meeting Scheduler example (Souza, 2012), the E-Commerce Application used by Robinson (2006), and FLAGS Click&Eat Web portal example (Pasquale et al., 2011). These three examples were already presented in Section 2.
Table 4 illustrates the results of the instantiation with the Zanshin Meeting Scheduler example, Table 5 presents the instantiation for the e-commerce application, and Table 6 presents the instantiation using the FLAGS framework. As mentioned in Section 2, these frameworks were chosen because they are well-defined approaches that we found during the systematic mapping of the literature, and because they propose distinct ways to represent and use requirements at runtime. Also, it is important to mention that these tables present concepts from all three ontologies. Thus, SwO, RSRO and RRO are being validated at the same time. Since RRO extends and reuses many of SwO’s and RSRO’s concepts, we believe that a separated validation would bring no advantage.
Results of SwO, RSRO and RRO instantiation using the Meeting Scheduler example presented by Souza (2012)
Results of SwO, RSRO and RRO instantiation using the Meeting Scheduler example presented by Souza (2012)
Results of SwO, RSRO and RRO instantiation using the e-commerce example based on ReqMon and presented by Robinson (2006)
Results of SwO, RSRO and RRO instantiation using the Click&Eat example created with FLAGS and presented by Pasquale et al. (2011)
The successful instantiation of SwO, RSRO and RRO with data coming from these three well-accepted Runtime Requirements frameworks gave us indications of the appropriateness of the proposed ontology as a reference model of this domain.
Considering the instances of concepts used to validate SwO, RSRO and RRO, test cases can be designed for the competency questions, in a competency question-driven approach for ontology testing (Falbo, 2014). In such approach, a test case comprises a competency question (the specification to be tested), plus the instantiation data from a fragment of the ontology being tested (input), and the expected result based on the considered instantiation (expected output). Table 7 shows examples of test cases for CQ16 that we designed to promote a better understanding of the method.
Example test cases for RRO competency question CQ16 – Which program is the target of a program that uses runtime requirements?
Example test cases for RRO competency question CQ16 – Which program is the target of a program that uses runtime requirements?
It is important to say that, if any of the three ontologies proposed in this paper were implemented in some computational language (such as OWL), the test cases could be implemented (as SPARQL queries) and the resulting operational ontologies could be tested in a running environment (e.g., Protégé). However, test implementation and execution are out of the scope of this work. Furthermore, CQ 16 was chosen as an example to demonstrate test cases, which should be implemented for all the CQs of an ontology. This test case was designed and presented in this work in order to show that other forms of evaluation are applicable when the operational version of the ontology is being used. This particular CQ was chosen because it has multiple, although fairly simple, answers (one for each RRT framework presented).
During the systematic mapping of the literature and the early stages of the RRO development process we have taken in consideration ontologies and ontological analysis of requirements. In this section we will present some of these ontologies that were relevant to our research.
By definition, a core ontology is a mid-term ontology, that is not as specific as a domain ontology but also not so domain-independent as a foundational ontology. Jureta et al. (2009) propose a core ontology for requirements (CORE), based on the seminal work by Zave and Jackson (1997) and grounded in DOLCE (Masolo et al., 2003). The authors extend Zave and Jackson’s formulation of the requirements problem, in order to “establish new criteria for determining whether RE has been successfully completed” (Jureta et al., 2008). CORE covers all types of basic concerns that stakeholders communicate to requirements engineers, thus establishing a new framework for the Requirements Engineering process. CORE was, by far, the ontology that was used the most as basis for works included in the results of the systematic mapping (Gillain et al., 2013; Qureshi et al., 2011), including, e.g., Zanshin (Souza, 2012). However, CORE does not cover concepts that are specific to the RRT domain.
Guizzardi et al. (2014) propose an ontological interpretation of non-functional requirements (NFRs) based on of UFO. As briefly mentioned in Section 4, NFRs and functional requirements (FRs) are seen as goals, with the major difference that the former refers to qualities and the latter to functions. In UFO, qualities and functions are both sub-categories of intrinsic moments, but qualities are properties that are manifested whenever they exist, whereas functions are dispositional properties that are manifested in certain circumstances and through the execution of an event. In their work, the authors advance the work of CORE and motivate the choice for adopting UFO as opposed to DOLCE in this domain. In our work, we have imported their distinction of FRs and NFRs in order to relate runtime requirement artifacts to their counterparts in design time through this widely accepted classification, emphasizing that both functional and non-functional design time requirements can give birth to runtime requirement artifacts.
Other ontologies discovered during the systematic mapping process include OWL-based ontologies used to support dynamic reconfiguration of service-oriented applications (Kim et al., 2007; Liu and Feng, 2012); a BDI-based ontology used to implement an inference mechanism of human intentions in context-aware systems (Oyama et al., 2008); an enterprise ontology used to monitor services (de Alencar Silva and Weigand, 2011); an ontology of communicative acts for monitoring service-based systems (Robinson and Purao, 2011); among others. None of the approaches found during the mapping, however, provided a well-founded domain reference ontology to aid in establishing precise descriptions for the concepts in the RRT domain. Our work aims at filling this gap in the literature.
Conclusions
The main contribution of this paper is the definition of RSRO, SwO and RRO. The first is a domain reference ontology about the use of requirements and the artifacts that describe them. The second is an ontology about software artifacts and their execution of software, at runtime. The latter is a domain reference ontology about the use of different types of requirement artifacts at runtime. To develop them, we followed the SABiO approach for identifying the purpose, eliciting requirements, capturing, formalizing, verifying and validating the ontologies. SwO, RSRO and RRO are integrated into the Software Engineering Ontology Network (SEON) and have domain-specific categories and constraints formally characterized.
As future work, we intend to create an ontology that combines concepts of RRO with concepts from Goal-Oriented Requirements Engineering (GORE), a paradigm that is very popular in Requirements Engineering research (fact that is confirmed by the systematic mapping results). We plan to use this new ontology to derive a new set of properly grounded meta-models in order to develop a new version of the Zanshin framework for adaptive systems. In this current version of RRO, we have decided not to base our ontology in GORE or any other specific RE approach. By doing this, we maintain the generality of our approach, not excluding any potential users of our contribution.
We will also continue SABiO’s development process for SwO, RSRO and RRO, creating operational ontologies (e.g. in OWL) that could be used for the proposals that make use of requirements at runtime. This will also allow us to further evaluate the ontology, by using queries (e.g., in SPARQL) to actually run the test cases for the ontologies.
Footnotes
Acknowledgements
NEMO (
