Emil Lupu, profile picture
Uploaded byEmil Lupu
2,246 views

Goal Decomposition and Abductive Reasoning for Policy Analysis and Refinement

This document discusses an approach to policy refinement and analysis using goal decomposition, abductive reasoning, and formal representations of policies and managed objects. The approach involves decomposing high-level goals into refined policies using patterns, and applying abductive reasoning to derive policy elements and ensure consistency during refinement. Formal models of policies, goals, and managed objects are used to enable analysis, validation, and detect conflicts. The approach provides explanations for refinement and analysis results. The document also discusses limitations and comparisons to other policy refinement techniques.

Embed presentation

Goal-Decomposition and Abductive Reasoning for Policy Refinement and Analysis Emil Lupu Department of Computing Imperial College London work in collaboration with A. Bandara and A. Russo
Goals and Initial Observations •  Policy Refinement: (stepwise) derivation of enforceable policies from higher level goals and SLAs. •  Cannot be automated generally. Requirements →Implementation •  Difficult in general: incomplete specifications, numerous possibilities. ⇒ Easier if problem is constrained •  Simpler in practice: Application specific goals typically achieved in a small number of ways. Need to encode typical solutions. ⇒ Patterns.
Approach •  Pattern-based Requirements Engineering technique for goalelaboration. •  Abductive reasoning used to derive policy elements for refined policies. •  Abductive reasoning for policy analysis to ensure consistency of refinement. •  Formal representation for policies and managed objects automatically derived from design-level models (UML) and policy specification notations (Ponder). A. Bandara, E. Lupu, A. Russo, et al. Policy Refinement for DiffServ Quality of Service Management. IEEE eTNSM 3(2):2-13, 2006. Originally Proposed 1999, also see Policy 2003 and Policy 2004
Rationale •  Pattern based approach: –  Define and apply the “application specific” refinement patterns –  Encode policies resulting from refinement in a new pattern: reuse. •  Formal Specification –  For detecting inconsistencies (conflicts), performing analysis and validation •  Model of Managed Objects –  Because policies are dependent upon the state of managed resources •  Abductive reasoning –  To be able to reason with partial information –  To provide explanations during analysis –  To elaborate plan of actions for achieving goals
Policy Analysis and Refinement Framework Behavioural model of managed objects Policy specification Organisational model of managed objects Property checks Goals Errors + Conflicts Low-level Actions Refined Policies
Policy Refinement High-Level Policy On file transfer, if external recipient transfer should be prohibited (Event) (Condition) (Goal) P ⇒ !Q P ⇒ !R D C Elaborate Abduce Strategy Strategy Strategy Select Select B KAOS Patterns Objects Map A E R ⇒ !Q On transferFile(File, From, To) when To.Organisation != From.Organisation; subject s = /VMRSvcMgr; target t = From.Organisation.Firewall; do t.blockTraffic(‘ftp’, From.IP, To.IP);
Policy Analysis and Refinement Toolkit UML Editor Analysis/Refinement Client Tool (e.g. ArgoUML) Domain Service Analysis Service Persistence Provider Analyser File RDBMS LDAP … A-System XMI File CodeGen XSLT SISCtus Prolog Policies, Managed Objects, Goals, Domain Structure Presentation and demo at: http://www.doc.ic.ac.uk/~bandara/research/ponderART-Demo/ Prolog Files
Advantages and Limitations •  Combines refinement, analysis and, validation. •  Permits reuse of solutions once derived. •  Provides understandable explanations: –  Why a particular plan of actions is a suitable refinement? –  Which strategy is being used? –  Which sequence of events leads to a specific conflict? •  May provide multiple solutions in an unconstrained problem space. Should be combined with approaches to compare refinement solutions e.g., utility functions. •  Requires some technical knowledge and human intervention. •  Requires models of managed resources. Can be combined with model transformation techniques.
Model-checking for policy refinement •  Model-checking: popular for analysis since using search space reduction techniques. Tools such as SPIN allow verification of larger models. •  The “price” paid for this reduction is that only a subset (and often a single) solution is returned - the counter example to a property •  Binary value - property holds unless a counter example is found. •  Why is the counter example is an adequate refinement solution? •  Use of SPIN for test generation: 1) inadequate coverage of generated tests 2) traces too long to be useful (Gargantini & Heitmeyer ESEC/FSE 1999) J Rubio-Loyola, J Serrat, M Charalambides, P Flegkas, G Pavlou. A Functional Solution for Goal-oriented Policy Refinement. IEEE Policy 2006. Canada. J Rubio-Loyola, J Serrat, M Charalambides, P Flegkas, G Pavlou. A Methodological Approach toward the Refinement Problem in Policy-based Systems. IEEE CommMag Oct. 2006, pp. 60-68
Any solution is not suitable for refinement! •  Can I get from A to B? - Analysis problem. •  How should I go to B each time I need it? - Policy Refinement problem
Further Thoughts on Model-Checking •  Requires complete information regarding the initial system state. Can the absence of a counterexample simply be due to missing information regarding the initial state? •  Is specialised for the dynamic behaviour and temporal properties. How can static properties be checked e.g. “what access rights have been granted to junior operators users?”
Case-based Reasoning Approaches •  In essence a classification problem: input (configuration) parameters w.r.t. desired values for the high level goal. •  Successful in some areas: product selection, image interpretation, intrusion detection. Mostly for “numerical problems”. Functional decomposition is more difficult. •  Relies on: solutions being known or leant, similarity metrics existing, non overlapping cases, knowing “all” relevant configuration parameters. •  Does not provide explanations unless similarity metrics are meaningful. Debugging case-based inferences is a nightmare. •  Useful for constrained numerical problems. Selection amongst a number of known solutions, e.g. patterns (for planning), parameter values for reconfiguration actions. MS Beigi, S Calo D Verma. Policy Transformation Techniques in Policy-based Systems Management IEEE Policy 2004, New-York, June 2004.
Policy Transformation Using the Policy Continuum •  Policy Continuum, cf. 1993-1995 debate on the number of levels of abstraction. •  Whenever I hear Transformation I think of Compilation –  Useful for transforming a device independent model into device commands. –  Applicable when the input language and the output language are well defined and a transformation process exists that can transform all inputs into outputs –  Difficult to reverse transformations. Difficult to “manage” the number of transformations required and their interdependencies. Correctness? Consistency? Explanations? Require formal reasoning. •  Ontologies … again. –  If specified with all integrity constraints and relations are they less complex than formal specifications? –  Ontolgy “mapping” is intractable in the general case event when applied to simple labelling. In which cases is it tractable? S Davy, B Jennings, J Strassner. Conflict-Prevention via Model-Driven Policy Refinement. IEEE DSOM’06, LNCS 4269, pp 209-220.
Conclusions •  Policy Refinement is work in progress. •  … but there has been a lot of progress in the last 3-4 years. •  Initial spectrum of techniques can tackle different aspects of refinement. Tools and implementations have been developed. •  Experimentation in application specific domains required: characteristics of application domains, complexity studies, … •  Combination of techniques required for more generic cases. •  CBR, pattern based goal decomposition, abductive reasoning and model transformation address slightly different problems and are complementary to some degree. •  Model checking: useful analysis technique, but refinement is different •  Ontology mapping and transformation. Beyond trivial application specific mappings will require other refinement techniques for its magic.

More Related Content

PDF
Autonomous Pervasive Systems and the Policy Challenges of a Small World!
byEmil Lupu
 
PDF
Who has the data ... and will breach the duty of confidence
byEmil Lupu
 
PDF
WSN Security Research Directions
byEmil Lupu
 
PPT
Poster nci 2010
bybdemchak
 
PPTX
Multi-factor Information Security Risk in Information System
bytulipbiru64
 
PPTX
Ann
byHassan khan
 
PDF
Tommi kramer 2013-06-21-caise-re2-kramer
bycaise2013vlc
 
PDF
Presentation IEEE 7001 Std.pdf
byFedeMarengo
 
Autonomous Pervasive Systems and the Policy Challenges of a Small World!
byEmil Lupu
 
Who has the data ... and will breach the duty of confidence
byEmil Lupu
 
WSN Security Research Directions
byEmil Lupu
 
Poster nci 2010
bybdemchak
 
Multi-factor Information Security Risk in Information System
bytulipbiru64
 
Ann
byHassan khan
 
Tommi kramer 2013-06-21-caise-re2-kramer
bycaise2013vlc
 
Presentation IEEE 7001 Std.pdf
byFedeMarengo
 

What's hot

PPTX
Cyber Security Architecture - A Systems Approach December 05 2012
byJoseph Hennawy
 
PPTX
Mobile Computing - Research Survey May 05 2012
byJoseph Hennawy
 
PPT
Machine Learning Methods for Parameter Acquisition in a Human ...
bybutest
 
PPTX
Interface interoperability
bymsdanij
 
PPT
06 styles and_greenfield_design
byMajong DevJfu
 
PDF
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
byDETER-Project
 
PDF
The Science of Cyber Security Experimentation: The DETER Project
byDETER-Project
 
PDF
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
byDETER-Project
 
PPTX
Big Data Analytics and Advanced Computer Networking Scenarios
byStenio Fernandes
 
PPT
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
byGlobal Risk Forum GRFDavos
 
PPTX
Mobile Multimodal Interaction: An Investigation and Implementation of Context...
byMafer Solorzano
 
PDF
Kostogryzov 10.12.2009
byMathmodels Net
 
PDF
Inspiration to Application: A Tutorial on Artificial Immune Systems
byJulie Greensmith
 
PPT
Level 3 IT Principles Overview
byStellaITEC
 
PPTX
Predicting Defects Using Change Genealogies (ISSE 2013)
byKim Herzig
 
DOCX
KA Resume
byKeith Anderson
 
Cyber Security Architecture - A Systems Approach December 05 2012
byJoseph Hennawy
 
Mobile Computing - Research Survey May 05 2012
byJoseph Hennawy
 
Machine Learning Methods for Parameter Acquisition in a Human ...
bybutest
 
Interface interoperability
bymsdanij
 
06 styles and_greenfield_design
byMajong DevJfu
 
The DETER Project: Towards Structural Advances in Experimental Cybersecurity ...
byDETER-Project
 
The Science of Cyber Security Experimentation: The DETER Project
byDETER-Project
 
The DETER Project: Advancing the Science of Cyber Security Experimentation an...
byDETER-Project
 
Big Data Analytics and Advanced Computer Networking Scenarios
byStenio Fernandes
 
Towards a methodology for a Quantitative (Risk) Assessment of Critical Infras...
byGlobal Risk Forum GRFDavos
 
Mobile Multimodal Interaction: An Investigation and Implementation of Context...
byMafer Solorzano
 
Kostogryzov 10.12.2009
byMathmodels Net
 
Inspiration to Application: A Tutorial on Artificial Immune Systems
byJulie Greensmith
 
Level 3 IT Principles Overview
byStellaITEC
 
Predicting Defects Using Change Genealogies (ISSE 2013)
byKim Herzig
 
KA Resume
byKeith Anderson
 

Similar to Goal Decomposition and Abductive Reasoning for Policy Analysis and Refinement

PPTX
Sad
bypooja_doshi
 
PDF
Algorithmic Impact Assessment: Fairness, Robustness and Explainability in Aut...
byAdriano Soares Koshiyama
 
PPT
Problem Solving Methodology 2011 - 2014
bysnoonan
 
PPT
Mass declassification sept 23 2010v2.1
byJeff Jonas
 
PPT
Chapter04
byFranco Valdez
 
PPTX
Sadchap3
byAshok Patel
 
PDF
Formal Verification
byIlia Levin
 
PPTX
System_Planning_And_The_Initial_Investigation
bySwapnil Walde
 
PDF
Laser 3-incremental
byCarlo Ghezzi
 
PPT
Ch07
byguest50f28c
 
PPT
Ch07
byHumberto Bruno Pontes Silva
 
PDF
SocioTechnical-systems-sim
byRub Afonso
 
DOCX
CIS 321 Case Study ‘Equipment Check-Out System’MILESTONE 3 – PRO.docx
byclarebernice
 
ODT
Design Results
byRoman Agaev
 
PPTX
Complement Software Testing with Static Analysis
byJohn Ruberto
 
PPT
Ch02
byKodok Ngorex
 
PPT
Chap06
byprofessorkarla
 
PDF
Highly Dependable Software 1st Edition Marvin Zelkowitz Phd Ms Bs
byklunkaskeyam
 
PPTX
Osimo crossover-roadmap
byosimod
 
PPTX
Challenges-and-Consideration-in-Programming-Logic-and-Design...pptx
byRusherGamer1
 
Sad
bypooja_doshi
 
Algorithmic Impact Assessment: Fairness, Robustness and Explainability in Aut...
byAdriano Soares Koshiyama
 
Problem Solving Methodology 2011 - 2014
bysnoonan
 
Mass declassification sept 23 2010v2.1
byJeff Jonas
 
Chapter04
byFranco Valdez
 
Sadchap3
byAshok Patel
 
Formal Verification
byIlia Levin
 
System_Planning_And_The_Initial_Investigation
bySwapnil Walde
 
Laser 3-incremental
byCarlo Ghezzi
 
Ch07
byguest50f28c
 
Ch07
byHumberto Bruno Pontes Silva
 
SocioTechnical-systems-sim
byRub Afonso
 
CIS 321 Case Study ‘Equipment Check-Out System’MILESTONE 3 – PRO.docx
byclarebernice
 
Design Results
byRoman Agaev
 
Complement Software Testing with Static Analysis
byJohn Ruberto
 
Ch02
byKodok Ngorex
 
Chap06
byprofessorkarla
 
Highly Dependable Software 1st Edition Marvin Zelkowitz Phd Ms Bs
byklunkaskeyam
 
Osimo crossover-roadmap
byosimod
 
Challenges-and-Consideration-in-Programming-Logic-and-Design...pptx
byRusherGamer1
 

Recently uploaded

PDF
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
PDF
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PDF
WCAG Analyzer Tools and Techniques for User-Friendly Websites
byAccessibility Analyzer
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
The State of the Gen AI economy - 2025 - The Meliora Company
byClive Dickens
 
PDF
API-First Architecture in Financial Systems
bycyy111112
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
Session 2 - Solving Unstructured & Complex Documents with UiPath IXP
byDianaGray10
 
PPTX
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PDF
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
PPTX
communication-skills-with-technology tools
byJaleto Sunkemo
 
PDF
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
WCAG Analyzer Tools and Techniques for User-Friendly Websites
byAccessibility Analyzer
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
The State of the Gen AI economy - 2025 - The Meliora Company
byClive Dickens
 
API-First Architecture in Financial Systems
bycyy111112
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Session 2 - Solving Unstructured & Complex Documents with UiPath IXP
byDianaGray10
 
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
communication-skills-with-technology tools
byJaleto Sunkemo
 
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 

Goal Decomposition and Abductive Reasoning for Policy Analysis and Refinement

  • 1.
    Goal-Decomposition and Abductive Reasoningfor Policy Refinement and Analysis Emil Lupu Department of Computing Imperial College London work in collaboration with A. Bandara and A. Russo
  • 2.
    Goals and InitialObservations •  Policy Refinement: (stepwise) derivation of enforceable policies from higher level goals and SLAs. •  Cannot be automated generally. Requirements →Implementation •  Difficult in general: incomplete specifications, numerous possibilities. ⇒ Easier if problem is constrained •  Simpler in practice: Application specific goals typically achieved in a small number of ways. Need to encode typical solutions. ⇒ Patterns.
  • 3.
    Approach •  Pattern-based RequirementsEngineering technique for goalelaboration. •  Abductive reasoning used to derive policy elements for refined policies. •  Abductive reasoning for policy analysis to ensure consistency of refinement. •  Formal representation for policies and managed objects automatically derived from design-level models (UML) and policy specification notations (Ponder). A. Bandara, E. Lupu, A. Russo, et al. Policy Refinement for DiffServ Quality of Service Management. IEEE eTNSM 3(2):2-13, 2006. Originally Proposed 1999, also see Policy 2003 and Policy 2004
  • 4.
    Rationale •  Pattern basedapproach: –  Define and apply the “application specific” refinement patterns –  Encode policies resulting from refinement in a new pattern: reuse. •  Formal Specification –  For detecting inconsistencies (conflicts), performing analysis and validation •  Model of Managed Objects –  Because policies are dependent upon the state of managed resources •  Abductive reasoning –  To be able to reason with partial information –  To provide explanations during analysis –  To elaborate plan of actions for achieving goals
  • 5.
    Policy Analysis andRefinement Framework Behavioural model of managed objects Policy specification Organisational model of managed objects Property checks Goals Errors + Conflicts Low-level Actions Refined Policies
  • 6.
    Policy Refinement High-Level Policy On filetransfer, if external recipient transfer should be prohibited (Event) (Condition) (Goal) P ⇒ !Q P ⇒ !R D C Elaborate Abduce Strategy Strategy Strategy Select Select B KAOS Patterns Objects Map A E R ⇒ !Q On transferFile(File, From, To) when To.Organisation != From.Organisation; subject s = /VMRSvcMgr; target t = From.Organisation.Firewall; do t.blockTraffic(‘ftp’, From.IP, To.IP);
  • 7.
    Policy Analysis andRefinement Toolkit UML Editor Analysis/Refinement Client Tool (e.g. ArgoUML) Domain Service Analysis Service Persistence Provider Analyser File RDBMS LDAP … A-System XMI File CodeGen XSLT SISCtus Prolog Policies, Managed Objects, Goals, Domain Structure Presentation and demo at: http://www.doc.ic.ac.uk/~bandara/research/ponderART-Demo/ Prolog Files
  • 8.
    Advantages and Limitations • Combines refinement, analysis and, validation. •  Permits reuse of solutions once derived. •  Provides understandable explanations: –  Why a particular plan of actions is a suitable refinement? –  Which strategy is being used? –  Which sequence of events leads to a specific conflict? •  May provide multiple solutions in an unconstrained problem space. Should be combined with approaches to compare refinement solutions e.g., utility functions. •  Requires some technical knowledge and human intervention. •  Requires models of managed resources. Can be combined with model transformation techniques.
  • 9.
    Model-checking for policyrefinement •  Model-checking: popular for analysis since using search space reduction techniques. Tools such as SPIN allow verification of larger models. •  The “price” paid for this reduction is that only a subset (and often a single) solution is returned - the counter example to a property •  Binary value - property holds unless a counter example is found. •  Why is the counter example is an adequate refinement solution? •  Use of SPIN for test generation: 1) inadequate coverage of generated tests 2) traces too long to be useful (Gargantini & Heitmeyer ESEC/FSE 1999) J Rubio-Loyola, J Serrat, M Charalambides, P Flegkas, G Pavlou. A Functional Solution for Goal-oriented Policy Refinement. IEEE Policy 2006. Canada. J Rubio-Loyola, J Serrat, M Charalambides, P Flegkas, G Pavlou. A Methodological Approach toward the Refinement Problem in Policy-based Systems. IEEE CommMag Oct. 2006, pp. 60-68
  • 10.
    Any solution isnot suitable for refinement! •  Can I get from A to B? - Analysis problem. •  How should I go to B each time I need it? - Policy Refinement problem
  • 11.
    Further Thoughts onModel-Checking •  Requires complete information regarding the initial system state. Can the absence of a counterexample simply be due to missing information regarding the initial state? •  Is specialised for the dynamic behaviour and temporal properties. How can static properties be checked e.g. “what access rights have been granted to junior operators users?”
  • 12.
    Case-based Reasoning Approaches • In essence a classification problem: input (configuration) parameters w.r.t. desired values for the high level goal. •  Successful in some areas: product selection, image interpretation, intrusion detection. Mostly for “numerical problems”. Functional decomposition is more difficult. •  Relies on: solutions being known or leant, similarity metrics existing, non overlapping cases, knowing “all” relevant configuration parameters. •  Does not provide explanations unless similarity metrics are meaningful. Debugging case-based inferences is a nightmare. •  Useful for constrained numerical problems. Selection amongst a number of known solutions, e.g. patterns (for planning), parameter values for reconfiguration actions. MS Beigi, S Calo D Verma. Policy Transformation Techniques in Policy-based Systems Management IEEE Policy 2004, New-York, June 2004.
  • 13.
    Policy Transformation Usingthe Policy Continuum •  Policy Continuum, cf. 1993-1995 debate on the number of levels of abstraction. •  Whenever I hear Transformation I think of Compilation –  Useful for transforming a device independent model into device commands. –  Applicable when the input language and the output language are well defined and a transformation process exists that can transform all inputs into outputs –  Difficult to reverse transformations. Difficult to “manage” the number of transformations required and their interdependencies. Correctness? Consistency? Explanations? Require formal reasoning. •  Ontologies … again. –  If specified with all integrity constraints and relations are they less complex than formal specifications? –  Ontolgy “mapping” is intractable in the general case event when applied to simple labelling. In which cases is it tractable? S Davy, B Jennings, J Strassner. Conflict-Prevention via Model-Driven Policy Refinement. IEEE DSOM’06, LNCS 4269, pp 209-220.
  • 14.
    Conclusions •  Policy Refinementis work in progress. •  … but there has been a lot of progress in the last 3-4 years. •  Initial spectrum of techniques can tackle different aspects of refinement. Tools and implementations have been developed. •  Experimentation in application specific domains required: characteristics of application domains, complexity studies, … •  Combination of techniques required for more generic cases. •  CBR, pattern based goal decomposition, abductive reasoning and model transformation address slightly different problems and are complementary to some degree. •  Model checking: useful analysis technique, but refinement is different •  Ontology mapping and transformation. Beyond trivial application specific mappings will require other refinement techniques for its magic.