scholarly journals Automating Risk Analysis of Software Design Models

2014 ◽  
Vol 2014 ◽  
pp. 1-12 ◽  
Author(s):  
Maxime Frydman ◽  
Guifré Ruiz ◽  
Elisa Heymann ◽  
Eduardo César ◽  
Barton P. Miller
Keyword(s):  
Risk Analysis ◽  
Security Threats ◽  
Software Developers ◽  
Threat Modeling ◽  
Grid Middleware ◽  
Development Methodology ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Flow Diagrams ◽  
The Cost

The growth of the internet and networked systems has exposed software to an increased amount of security threats. One of the responses from software developers to these threats is the introduction of security activities in the software development lifecycle. This paper describes an approach to reduce the need for costly human expertise to perform risk analysis in software, which is common in secure development methodologies, by automating threat modeling. Reducing the dependency on security experts aims at reducing the cost of secure development by allowing non-security-aware developers to apply secure development with little to no additional cost, making secure development more accessible. To automate threat modeling two data structures are introduced, identification trees and mitigation trees, to identify threats in software designs and advise mitigation techniques, while taking into account specification requirements and cost concerns. These are the components of our model for automated threat modeling, AutSEC. We validated AutSEC by implementing it in a tool based on data flow diagrams, from the Microsoft security development methodology, and applying it to VOMS, a grid middleware component, to evaluate our model's performance.

scholarly journals Software Risk Analysis with the use of Classification Techniques: A Review

2020 ◽  
Vol 10 (3) ◽  
pp. 5678-5682 ◽  
Author(s):  
M. N. A. Khan ◽  
A. M. Mirza ◽  
I. Saleem
Keyword(s):  
Risk Analysis ◽  
Software Development ◽  
Software Development Process ◽  
Critical Aspect ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Software Risk ◽  
The Cost ◽  
Tools And Techniques ◽  
Risk Analysis And Management

Risk analysis and management is a critical aspect of the software development process. Various risks are associated with every phase of the software development lifecycle. The early identification of risks in each phase of software development coupled with mitigating plans can help to reduce the cost of the product and increase software quality. This study aims to explore various tools and techniques used in the literature of analyzing and managing risks. Most risk analysis techniques have been applied in the requirement analysis phase, so there is a scarcity of tools supporting automated risk analysis. Accommodating various types of risk factors to predict the software risks reduces the accuracy of the classifier.

Development of Diagnostic Communication Module on KWP 2000 According to AUTOSAR

2010 ◽  
Vol 171-172 ◽  
pp. 462-467
Author(s):  
Zheng Fang ◽  
Feng Wu ◽  
Yong Guang Zhang ◽  
Qiang Guo ◽  
Duan Luo
Keyword(s):  
Software Development ◽  
Whole Process ◽  
Automotive Electronic ◽  
Development Methodology ◽  
Control Units ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Communication Module ◽  
Communication Software ◽  
Development Methods

AUTOSAR (AUTomotive Open System Architecture) defines a set of supporting distributed, function-driven software development methods and automotive electronic control units on the software architecture standardization program. KWP2000 (Keyword Protocol 2000) is a widely used automotive vehicle diagnostic protocol, the protocol to achieve a complete vehicle diagnostic services, and meet the OBDII (On Board Diagnose II) standard. This article describes the whole process which the KWP2000 communication software components based on K-line is designed in the MATLAB platform according to the AUTOSAR standard. The simulation tests and real tests showed good diagnostic performance of communication software. The software development methodology according to AUTOSAR not only improves the reusability and portability, but also reduces the software development lifecycle.

scholarly journals Software Development Initiatives to Identify and Mitigate Security Threats - Two Systematic Mapping Studies

2016 ◽  
Author(s):  
Paulina Silva ◽  
René Noël ◽  
Santiago Matalonga ◽  
Hernán Astudillo ◽  
Diego Gatica ◽  
...  
Keyword(s):  
Software Development ◽  
Software Security ◽  
The Other ◽  
Software Systems ◽  
Security Threats ◽  
Controlled Experiments ◽  
Systematic Mapping ◽  
Development Lifecycle ◽  
Secure Software ◽  
Software Development Lifecycle

Software Security and development experts have addressed the problem of building secure software systems. There are several processes and initiatives to achieve secure software systems. However, most of these lack empirical evidence of its application and impact in building secure software systems. Two systematic mapping studies (SM) have been conducted to cover the existent initiatives for identification and mitigation of security threats. The SMs created were executed in two steps, first in 2015 July, and complemented through a backward snowballing in 2016 July. Integrated results of these two SM studies show a total of 30 relevant sources were identified; 17 different initiatives covering threats identification and 14 covering the mitigation of threats were found. All the initiatives were associated to at least one activity of the Software Development Lifecycle (SDLC); while 6 showed signs of being applied in industrial settings, only 3 initiatives presented experimental evidence of its results through controlled experiments, some of the other selected studies presented case studies or proposals.

scholarly journals Proposal for a Software Sustainability Design Catalogue

2018 ◽  
Author(s):  
Shola Oyedeji ◽  
Birgit Penzenstadler ◽  
Ahmed Seffah
Keyword(s):  
Software Engineering ◽  
Software Development ◽  
Research And Development ◽  
Case Studies ◽  
Software Systems ◽  
Major Research ◽  
Software Developers ◽  
Software Designers ◽  
Development Lifecycle ◽  
Software Development Lifecycle

Like other ICT communities, sustainability in software engineering is a major research and development concerns. Current research focusses on eliciting the meanings of sustainability and proposing approaches for its engineering and integration into the mainstream software development lifecycle. However, few concrete guidelines that software designers can apply effectively are available and applicable. Such guidelines are needed for the elicitation of sustainability requirements and testing software against these guidelines. This paper introduces a sustainability design catalogue to assist software developers and managers in eliciting sustainability requirements, and then in measuring and testing software sustainability. The paper reviews the current research on sustainability in software engineering which is the grounds for the development of the catalogue. Four different case studies were analyzed using the Karlskrona manifesto on sustainability design. The output from this research paper is a software sustainability design catalogue through which a pilot framework is proposed that includes a set of sustainability goals, concepts and methods. The integration of sustainability for/in software systems requires a concrete framework that exemplifies how to apply and quantify sustainability. The paper demonstrates how the proposed software sustainability design catalogue provides a step towards this direction through a series of guidelines.

scholarly journals Comprehensive study of software testing: Categories, levels, techniques, and types

2020 ◽  
Author(s):  
Mubarak Albarka Umar
Keyword(s):  
Software Testing ◽  
Software Quality ◽  
Testing Methods ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Pros And Cons ◽  
Testing Techniques ◽  
Combination Of Methods ◽  
The Right ◽  
Comprehensive Study

<p><i>Software Testing is the process of evaluating a software program to ensure that it performs its intended purpose. Software testing verifies the safety, reliability, and correct working of software. The growing need for quality software makes software testing a crucial stage in Software Development Lifecycle. There are many methods of testing software, however, the choice of method to test a given software remains a major problem in software testing. Although, it is often impossible to find all errors in software, employing the right combination of methods will make software testing efficient and successful. Knowing these software testing methods is the key to making the right selection. This paper presents a comprehensive study of software testing methods. An explanation of Testing Categories was presented first, followed by Testing Levels (and their comparison), then Testing Techniques (and their comparison). For each Testing Levels and Testing Techniques, examples of some testing types and their pros and cons were given with a brief explanation of some of the important testing types. Furthermore, a clear and distinguishable explanation of two confused and contradictory terms (Verification and Validation) and how they relate to Software Quality was provided.</i></p>

Sign in / Sign up

Export Citation Format

Share Document