Header

Search
Department of Informatics - Communication Systems Group

Formalization and Evaluation of Decentralization Requirements in Decentralized Identity Systems

Type Status Published Supervisor Email
MA Open 28 April 2026 Daria Schumm schumm@ifi.uzh.ch

Reliance on Non-Functional Requirements (NFR) to evaluate systems leads to ambiguous results, limited (if not impossible) reproducibility of the analysis, and unclear correlations to the desired qualities of a system. Yet, Functional Requirements (FR) are essential to a system's functionality, because they describe the relationship between input, output, and state, as well as define what a system should do to achieve certain NFR (that is, qualities). To reach clear conclusions about a DI and SSI system, there is a need for an evaluation framework that is based on FR. Building on FR and NFR, a reproducible evaluation framework is necessary not only for future researchers to understand existing systems but also to convey a coherent message about technologies to the end-user, improving transparency and trust in new technology.

This thesis will develop an evaluation approach for assessing whether a DI/SSI system truly fulfills its promised qualities, particularly decentralization, since it ensures no organization has complete control over identity data. To address this, the work will develop a methodology based on [1]. Particularly, the project formalizes the decentralization requirements and core DI/SSI use cases to enable logical reasoning about system behavior, and implements an automated compliance evaluator. 

Sources to Consider:

[1] M. Robol, T. D. Breaux, E. Paja and P. Giorgini, "Consent verification monitoring," ACM Transactions on Software Engineering and Methodology32(1), pp. 1-33, 2023. doi: https://doi.org/10.1145/3490754 

[2] H. Post, C. Sinz, F. Merz, T. Gorges and T. Kropf, "Linking Functional Requirements and Software Verification",2009 17th IEEE International Requirements Engineering Conference, Atlanta, GA, USA, 2009, pp. 295-302, doi: 10.1109/RE.2009.43

[3] A. Goknil, I. Kurtev and K. Van Den Berg, "Generation and validation of traces between requirements and architecture based on formal trace semantics", Journal of Systems and Software88, 2014, pp.112-137.

[4] S. Liu, Y. Chen, F. Nagiya and J. A. McDermid, "Formal Specification-Based Inspection for Verification of Programs", IEEE Transactions on Software Engineering, 38(5), 2012. 

Prerequisites

  • Requirements engineering 
  • Formal methods / logic