STS-Tool

General Information

Tool Name

STS-Tool

Version

1.3.0

Group

Software Engineering, Formal Methods, and Security research group at DISI - University of Trento

Web page (if available)

http://www.sts-tool.eu

Main Purpose of the Tool

The Socio-Technical Security modeling language (STS-ml) is an actor- and goal-oriented modeling language for the specification of security and trustworthiness requirements of systems operating in a cross-organizational environment. The language is built on top of social concepts, such as role, agent, goal, delegation, authorization, etc. STS-Tool is the modelling and analysis support tool for STS-ml, it is an Eclipse RCP application and supports multi-view modeling.

i* Variant supported

STS-ml: Socio-Technical Security modeling language

Availability of the tool

• (x) For i* modelling only
• ( ) For development only
• ( ) Both

Programming Language

Java, based on Eclipse and the Eclipse GMF project

Platform Supported

Win, Linux, Mac
both 32 and 64 bits for Linux and Mac

Current state of the tool

Available for public use. Version 1.3.0 is the latest version released (see web site).
We are planning to release version 1.3.1 in spring 2013, and version 2.0 in summer 2013.

Ongoing work

Improving usability, bug fixing, adding further analysis techniques

i* Modelling Suitability

1. Does the tool allow SD modelling?

No

2. Does the tool allow SR modelling?

No

3. Does the tool allow working with SD & SR models jointly?

No

4. Does the tool allow the construction of the models graphically?

Yes, drag-and-drop from a palette of elements and relationships

5. Does the tool allow the construction of the models textually?

No

6. Describe how the elements are modelled and their flexibility (i.e., the elements can be moved and reordered).

• The elements can be moved, deleted, copied, pasted, renamed.
• The elements can be arranged automatically (default feature in Eclipse GMF) to avoid overlaps.

7. Describe how the dependency links are modelled and their flexibility (i.e., dependencies are modelled with straight lines that can not be redirected).

8. Does the tool allow automatic organization of the elements?

Yes

9. Other modelling facilities provided by the tool:

• Inter-view consistency is maintained by hiding or showing elements in different views, keeping connection points throughout all views, and providing a customized palette in each view.

10. Does the tool check SD models?

No

11. Does the tool check SR models?

No

12. Other checks provided by the tool (i.e., cross validation between SD and SR models).

• Syntactic checks are performed on the fly to ensure validity of models.

13. Does the tool allow working with two or more models at the same time?

Yes

14. Does the tool allow to group models in projects?

Yes

15. Does the tool allow working with two or more projects at the same time?

Yes

16. What are the other functionalities that the tool provides?

• Multi-view modelling
• Inter-view consistency
• Consistency analysis: syntactic post checks that are expensive to perform on the fly
• Security analysis: manage inconsistencies in security requirements
• Risk analysis: given input on events threatening actors' assets, how do they propagate to other elements or relationships?

Usability

17. Rate the understandability of the user interface

• ( ) Internal use
• ( ) Ready for public use
• (x) Has been used publicly

If it is not ready for public use, mark one or more of the following:

• ( ) not in English
• ( ) writing not polished
• ( ) poor usability (colours, ...)
• ( ) others: please specify

Expected date for public use (if any):

18. Rate the quality of the user manual

• ( ) Inexistent
• ( ) Internal use
• (x) Ready for public use
• ( ) Has been used publicly

If user manual for internal use, mark one or more of the following:

• ( ) incomplete
• ( ) obsolete
• ( ) not in English
• ( ) writing not polished
• ( ) others: please specify

Expected date for public use (if any):

19. Does the tool provides i* learning facilities?

Yes, the manuals and tutorials describe the STS methodology to security requirements engineering.

20. Does the tool provide any examples for the users?

Yes, examples are provided on the website both for the latest version of the tool and for previous version too. The latter are kept in Archive.

21. Rate the difficulty of installing the tool

• ( ) Copy files and initializing paths
• (x) Copy files
• ( ) Executable installation file provided

Maturity of the Tool

22. Rate the maturity of the tool from the user point of view:

• ( ) Under Development
• ( ) Prototype
• ( ) Ready for public use
• (x) Has been used publicly

If not for public use, mark one or more of the following:

• ( ) incomplete
• ( ) occasional testing
• ( ) non-exhaustive testing
• ( ) non-persistent data
• ( ) poor efficiency
• ( ) not portable
• ( ) others: please specify

Expected date for public use (if any):

23. Has the tool been used for any case study?

Yes. The tool has been used to model three industrial case studies developed in the scope of the FP7 European Project Aniketos, namely case studies on eGoverment, Air Traffic Management Control, and Telecommunications.
Additionally, it has been used on a user study performed with students from the University of Trento, who had developed their case studies for the course projects on Organisational Information Systems and Requirements Engineering.

24. Has the tool been tested in large models?

Yes

25. Has the tool any drawback when working with very large models?

No

26. Which is approximately the maximum size of the model (in terms of actors and dependencies) the tool has been used for?

250 elements

Extensibility and Interoperability

27. Does the tool allow importing files?

Yes, files created with older versions of the tool, for compatibility reasons

28. Does the tool allow exporting files?

Yes, it allows exporting the drawn diagrams to pdf, gif, bmp, jpeg, jpg, png, and svg.

29. Does the tool allow importing/exporting the data through an XML format?

Yes
If so, link to the DTD for the XML format if available.
http://www.sts-tool.eu/xsd/

30. Is the architecture of the tool published?

No

31. Does the tool allow the addition of other elements outside the i* framework of the tool?

No

32. New functionalities can be added to the tool by means of:

• (x) PLUG-IN
• ( ) Open-Source code
• ( ) import & export XML
• ( ) NONE

33. Rate the maturity of the tool from for open development:

• ( ) Under Development
• (x) Prototype
• ( ) Ready for public development use
• ( ) Has been used for public development

If not for public development use, mark one or more of the following:

• ( ) incomplete code
• (x) no help provided
• ( ) non-persistent data
• ( ) non-exhaustive testing
• ( ) poor efficiency
• ( ) not portable
• ( ) no development installation facilities provided
• ( ) others: please specify

Expected date for public development use (if any):

34. Is there any internal documentation for programmers?

Yes
If so, enumerate the facilities provided

• (x) Requirements specification and design decisions available
• ( ) Interface conventions
• ( ) Code conventions
• (x) Full commented code
• ( ) Examples
• ( ) others: please specify