A framework for improving quality in misuse case models

Purpose – Security is a vital requirement for software systems. Misuse case models allow system designers to inject security considerations within their designs early in the development cycle rather than patching an end system with security mechanisms after it was developed. The notation and syntactical rules of misuse case models are relatively simple. However, misuse case modeling practitioners are highly vulnerable to modeling pitfalls, creating defective models that can have catastrophic effects downstream in the development cycle. This paper seeks to present a framework that unitizes antipatterns to help remedy defective misuse case models and poor modeling practices. Design/methodology/approach – A repository of antipatterns was constructed and formatted to be machine‐readable whenever possible so that it can be utilized by the proposed framework. The feasibility of the proposed approach was then demonstrated using a real‐world misuse case model of an online bookstore system. Findings – The results indicate that the overall quality and clarity of the bookstore misuse case model is improved by applying the proposed technique and framework. Research limitations/implications – This research work presents a series of domain‐independent antipatterns. Users of this framework may be interested to develop domain‐dependent antipatterns to better suit their modeling and development needs. Originality/value – The proposed approach will help misuse case modelers, especially novice ones, to improve the quality of their current models as well as future models.