Research interests:

My research revolves the design of socio-technical systems, that is, systems that are defined as a complex interplay of software systems, humans, organizations, and other technical systems. My aim is to promote that software engineering should go beyond the merely technological aspects of designing and implementing programs, but should rather take into account the broader socio-technical system where software operates.

I am active in multiple research threads that contribute to the design of trustworthy socio-technical systems. Trustworthinesss is achieved when a system satisfies its requirements; as such, my research lies in the field of requirements engineering. The major threads I am active in are the design of secure socio-technical systems, the use of games and gamification to foster participatory design, adaptation mechanisms to cope with failures as well as requirements evolution, and the foundations of requirements engineering for socio-technical systems.


Here are the main research projects I am and have been involved.

PACAS: Participatory Architectural Change Management in ATM Systems.

funded by the European Commission under the H2020 scheme, PACAS concerns the participatory architectural evolution of Air Traffic Management (ATM) systems. The aim is to better understand, model and analyze interventions at different layers of the ATM system to support change management, while capturing the effect of architectural and design choices on the overall system. The project will deliver a participatory change management process where stakeholders will actively participate to the architectural evolution of the ATM system. The pillars of PACAS are: (i) domain-specific modeling languages to express heterogeneous perspectives of ATM experts; (ii) impact propagation techniques to align multiple perspectives; (iii) a gamified platform to foster collaboration among stakeholders. [2016-2018]

BUUU: Bournemouth-Utrecht Network on Empowering Software Production by Gamification and Crowdsourcing.

BUUU is a network between colleagues in the Computing Departments in Bournemouth University and Utrecht University in the Netherlands. The project addresses the enhancement of software production, maintenance and evolution, via involving and motivating end-users to communicate their feedback on the quality of software while using it at runtime. The project is funded by the Fusion Investment Fund of Bournemouth University. [2014-2015]

BIN: Business Intelligence Network

The Business Intelligence Network—funded by the National Sciences and Engineering Research Council of Canada–is about creating an innovation platform for pre-competitive research in Business Intelligence in Canada. Within the BIN network, the project “Design of a Business Intelligence Model” is concerned with devising a modeling language for strategic business models. The main artifact consists of the Business Intelligence Model (BIM) language. [2012-2013]

Lucretius: Foundations for Software Evolution

Lucretius concerns developing techniques for designing software systems that evolve in response to changes in their requirements and operational environment. Today, the operational environment of a growing number of software systems is global, open, partly unknown and always unpredictable. In this context, software systems have to evolve in order to cope (“survive” is the technical term for other species). Some of this evolution is at the code level, and some at the architectural level. The most important evolution, however, is taking place at the requirements level and the environment, and is intended to ensure that a system continues to meet the needs of its stakeholders and the constraints – physical, economic, legal and otherwise – of its operational environment. [2011-2012]

Aniketos: Ensuring Trustworthiness and Security in Service Composition

Aniketos, funded by the EU Commission in the FP7 framework, is concerned with the design and implementation of secure and trustworthy service compositions. The project lies within the scope of the Future Internet, which will provide an environment wherein a diverse range of services are offered by a diverse range of suppliers, and users are likely to unknowingly invoke underlying services in a dynamic and ad hoc manner. Such services have to be composed and recomposed, transparently to the end user, to guarantee security and trustworthiness. [2010-2012]

TasLab: Trentino as a Lab

The vision of the TasLab living lab is to support the never ending evolutionary process which the local communities, users and enterprises (especially SMEs) are facing every day due to changing market conditions. With our eco-systemic approach and continuous investments in ICT innovation we will enhance the local specificities and vocations, while increasing the collaboration and the sharing of knowledge among the different stakeholders of local innovation. The ecosystemic approach is also empowered by a relational and conceptual model, the “Innovation Tripole”, that puts the users at the center of the innovation processes together with the enterprises and the research players that are active on the local territory. Our Vision is Innovation as the way of being thinking and Evolving. [2009-2010]

MEnSA: Methodologies for the Engineering of complex software Systems: Agent-based approach

MEnSA is a research project financed by the Italian Ministery for Education, University, and Research (Ministero dell'Università e della Ricerca). The main objective is the creation of agent-oriented software engineering methodologies that support the development of complex software systems. The methodologies will assist the whole development processs, from the requirements analysis to the actual implementation of the systems, using a metamodel-based approach. The expected result is a contribute in filling the existing gap between agent-oriented methodologies and multi-agent systems. [2007-2009]

MOSTRO: MOdeling Security and Trust Relationships within organizations

Although security concerns are central to organizations, they rarely affect the software design and development. This simple observation explains why nowadays software problems are mainly due to security design flaws. These kinds of flaw are hard to detect, and are often the major cause for system reorganization and adjustments which are notoriously expensive processes. The MOSTRO project aims at detecting and isolating security flaws in the very early stages of software design and development, taking into account the reasons for the existence of ineffective practices in software design. [2006-2007]

SERENITY: System Engineeing for Security and Dependability

Currently, the provision of appropriate security and dependability mechanisms for Ambient Intelligence (AmI) ecosystems remains an unsolved issue. SERENITY will create the first practical secure and dependable solution for these heterogeneous and dynamic architectures. [2006-2009]

Prototype tools:

The AQUSA tool uses natural language processing techniques to help write better agile requirements using user stories. It supports the detection and correction of quality defects of three types:

  • Syntactic: concerning the textual structure of a user story without considering its meaning
  • Semantic: concerning the relations and meaning of the user story text
  • Pragmatic: about choosing the most effective alternatives for communicating requirements

AQUSA can be downloaded from

The tool is part of the Ph.D. work of Garm Lucassen.

Forging High-Quality User Stories: Towards a Discipline for Agile Requirements (Garm Lucassen, Fabiano Dalpiaz, Jan Martijn van der Werf, Sjaak Brinkkemper), In Proceedings of the 23rd IEEE International Requirements Engineering Conference (RE 2015), IEEE, 2015. (Acceptance rate: 19.8%) [pdf]

The REfine tool employs gamification techniques to enable the crowd-centric elicitation and refinement of requirements for software products. The participants/players can achieve points in different categories: ideator, commenter, and assessor, depending on their behavior. The most active and useful participants are rewarded by being invited to the focus groups that discuss the requirements with the company that develops the software.

More information on REfine can be found here

The tool is part of the M.Sc. work of Remco Snijders.

REfine: A Gamified Platform for Participatory Requirements Engineering (Remco Snijders, Fabiano Dalpiaz, Sjaak Brinkkemper, Mahmood Hosseini, Raian Ali, Atilla Özüm), In Proceedings of the First International Workshop on Crowd-Based Requirements Engineering (CrowdRE 2015), IEEE, 2015. [pdf]

STS-ml is a Socio-Technical Security modeling language for the specification of security and trustworthiness requirements of systems operating in a cross-organizational environment. The language is built on top of social concepts, such as role, agent, goal, delegation, authorization, etc. STS-Tool is the CASE tool for STS-ml, it is an Eclipse RCP application and supports multi-view modeling.

The tool is part of the Ph.D. work of Elda Paja.

STS-Tool is freely available at

Modelling and Reasoning about Security Requirements in Socio-Technical Systems (Elda Paja, Fabiano Dalpiaz, Paolo Giorgini), In Data and Knowledge Engineering, 2015. (To appear) [pdf]

Contextual Feature Models (CFMs) extend traditional feature models with the concept of context, so as to minimize the effort and the need for domain experts when configuring a product for a prospective operational environment. CFMs express the way the organizational context affects the inclusion/exclusion and the applicability of context. Importantly, CFMs distinguish between the business context, which concerns the organizational characteristics of an enterprise, and the technical context, which concerns the technical infrastructure required to operationalize a feature. FM-Context is the support tool for CFMs. It allows for modeling contextual feature models and it enables-using a disjunctive Datalog reasoner-automated reasoning concerning Business-IT alignment.

FM-Context can be downloaded (Win32 only) from here

Aligning Software Configuration with Business and IT Context (Fabiano Dalpiaz, Raian Ali, Paolo Giorgini), In Proceedings of the 24th International Conference on Advanced Information Systems Engineering (CAiSE'12), Springer, volume 7328, 2012. [pdf]

An agent is often unable to achieve its requirements (goals) using only its own capabilities. Thus, it needs to interact with other agents. We conceptualize a software system as an agent. GCAdapt relies upon the abstraction of social commitment in order to identify possible ways for an agent to achieve its goals by using both its capabilities and the commitments (promises with contractual validity) that other agents make. GCAdapt is a simulator: given a set of goals for an agent (expressed as a goal model), a set of commitments, the current state of affairs, and an adaptation policy, GCAdapt determines the best strategy to achieve the goals (according to the adaptation policy). Then, the designer can interact with GCAdapt and simulate failure and threats: GCAdapt will identify an alternative solution and update the state of the agent accordingly.

GCAdapt can be downloaded (Linux only) from here

A demonstration made with Flash can be downloaded here

Adaptation in Open Systems: Giving Interaction its Rightful Place (Fabiano Dalpiaz, Amit K. Chopra, Paolo Giorgini, John Mylopoulos), In Proceedings of the 29th International Conference on Conceptual Modeling (ER 2010), Springer, volume 6412, 2010. [pdf]

Exploiting Contextual and Social Variability for Software Adaptation (Fabiano Dalpiaz), Ph.D. dissertation, University of Trento, Italy, 2011. [pdf]

The BIM-Tool is an Eclipse RCP Application that supports graphical modelling and analysis with the Business Intelligence Model (BIM) language. The tool supports two kinds of reasoning: (1) "what-if" analysis (also known as bottom-up reasoning): given input information about goals, processes, situations, indicators, and domain assumptions, how does this input propagate to other elements in the model? (2) "is it possible?" analysis (also known as top-down reasoning): is there a possible strategy that provides satisfaction/denial evidence to a set of (not) desired goals, situations, etc? Technically, automated reasoning encodes the two problems into a disjuntive datalog program.

The website of BIM-Tool is the following: can be downloaded (Linux only) from

BIM-Tool: Modeling and Reasoning Support for Strategic Business Models (Fabiano Dalpiaz, Daniele Barone, Jennifer Horkoff, Lei Jiang, John Mylopoulos), In Proceedings of the Sixth International i* Workshop (istar'13)), 2013. [pdf]