A Review of Software Quality Methodologies

Pervasive systems and increased reliance on embedded systems require that the underlying software is properly tested and has in-built high quality. The approaches often adopted to realize software systems have inherent weaknesses that have resulted in less robust software applications. The requirement of reliable software suggests that quality needs to be instilled at all stages of a software development paradigms, especially at the testing stages of the development cycle ensuring that quality attributes and parameters are taken into account when designing and developing software. In this respect, numerous tools, techniques, and methodologies have also been proposed. In this chapter, the authors present and review different methodologies employed to improve the software quality during the software development lifecycle.

Download Full-text

Creating and Applying Security Goal Indicator Trees in an Industrial Environment

Software Design and Development ◽

10.4018/978-1-4666-4301-7.ch048 ◽

2014 ◽

pp. 999-1013

Author(s):

Alessandra Bagnato ◽

Fabio Raiteri ◽

Christian Jung ◽

Frank Elberzhager

Keyword(s):

Software Development ◽

Software Systems ◽

Full Potential ◽

Security Vulnerabilities ◽

Industrial Project ◽

Project Environment ◽

Development Tools ◽

Development Lifecycle ◽

Software Development Lifecycle

Security inspections are increasingly important for bringing security-relevant aspects into software systems, particularly during the early stages of development. Nowadays, such inspections often do not focus specifically on security. With regard to security, the well-known and approved benefits of inspections are not exploited to their full potential. This book chapter focuses on the Security Goal Indicator Tree application for eliminating existing shortcomings, the training that led to their creation in an industrial project environment, their usage, and their reuse by a team in industry. SGITs are a new approach for modeling and checking security-relevant aspects throughout the entire software development lifecycle. This book chapter describes the modeling of such security goal based trees as part of requirements engineering using the GOAT tool dedicated plug-in and the retrieval of these models during the various phases of the software development lifecycle in a project by means of Software Vulnerability Repository Services (SVRS) created in the European project SHIELDS (SHIELDS - Detecting known security vulnerabilities from within design and development tools).

Download Full-text

Code Reuse

Social Media Data Extraction and Content Analysis - Advances in Data Mining and Database Management ◽

10.4018/978-1-5225-0648-5.ch014 ◽

2017 ◽

pp. 433-451

Author(s):

Donna Bridgham

Keyword(s):

Software Development ◽

Application Process ◽

Quality Cost ◽

Code Reuse ◽

Software Applications ◽

Discovery Phase ◽

Development Lifecycle ◽

Software Development Lifecycle

The reuse of code can be used to add or update functionalities with little or no modifications to new or existing software applications. Developers have reused sections of code when the code is available but have been hindered by finding the code that is needed for an application. By creating a code repository, code would be available to developers in a systemic method. The code would be available for functional and nonfunctional uses in applications. Since the code has already be written, during the discovery phase of projects the developers involved should be able to search the repository for the code that is needed for strategies and problems that have already been successfully been implemented. Quality, cost, and time should be the focus of code reuse. To maximize code reuse, a code repository that is properly categorized and indexed would add to the software development lifecycle by making code available to developers that they can use with confidence. The code repository will improve the application process.

Download Full-text

Software Development Initiatives to Identify and Mitigate Security Threats - Two Systematic Mapping Studies

CLEI electronic journal ◽

10.19153/cleiej.19.3.5 ◽

2016 ◽

Cited By ~ 1

Author(s):

Paulina Silva ◽

René Noël ◽

Santiago Matalonga ◽

Hernán Astudillo ◽

Diego Gatica ◽

...

Keyword(s):

Software Development ◽

Software Security ◽

The Other ◽

Software Systems ◽

Security Threats ◽

Controlled Experiments ◽

Systematic Mapping ◽

Development Lifecycle ◽

Secure Software ◽

Software Development Lifecycle

Software Security and development experts have addressed the problem of building secure software systems. There are several processes and initiatives to achieve secure software systems. However, most of these lack empirical evidence of its application and impact in building secure software systems. Two systematic mapping studies (SM) have been conducted to cover the existent initiatives for identification and mitigation of security threats. The SMs created were executed in two steps, first in 2015 July, and complemented through a backward snowballing in 2016 July. Integrated results of these two SM studies show a total of 30 relevant sources were identified; 17 different initiatives covering threats identification and 14 covering the mitigation of threats were found. All the initiatives were associated to at least one activity of the Software Development Lifecycle (SDLC); while 6 showed signs of being applied in industrial settings, only 3 initiatives presented experimental evidence of its results through controlled experiments, some of the other selected studies presented case studies or proposals.

Download Full-text

Generation and Visualization of Static Function Call Graph for Large C Codebases

International Journal of Soft Computing and Engineering - Regular Issue ◽

10.35940/ijsce.f3507.0710621 ◽

2021 ◽

Vol 10 (6) ◽

pp. 1-6

Author(s):

Sourabh S Badhya ◽

◽

Shobha G ◽

Keyword(s):

Software Development ◽

Static Analysis ◽

Software Systems ◽

Call Graph ◽

Analysis Methods ◽

Development Lifecycle ◽

Function Call ◽

Software Development Lifecycle ◽

The Many

As software systems evolve, there is a growing concern on how to manage and maintain a large codebase and fully understand all the modules present in it. Developers spend a significant amount of time analyzing dependencies before making any changes into codebases. Therefore, there is a growing need for applications which can easily make developers comprehend dependencies in large codebases. These applications must be able to analyze large codebases and must have the ability to identify all the dependencies, so that new developers can easily analyze the codebase and start making changes in short periods of time. Static analysis provides a means of analyzing dependencies in large codebases and is an important part of software development lifecycle. Static analysis has been proven to be extremely useful over the years in their ability to comprehend large codebases. Out of the many static analysis methods, this paper focuses on static function call graph (SFCG) which represents dependencies between functions in the form of a graph. This paper illustrates the feasibility of many tools which generate SFCG and locks in on Doxygen which is extremely reliant for large codebases. The paper also discusses the optimizations, issues and its corresponding solutions for Doxygen. Finally, this paper presents a way of representing SFCG which is easier to comprehend for developers.

Download Full-text

Proposal for a Software Sustainability Design Catalogue

10.20944/preprints201805.0464.v1 ◽

2018 ◽

Author(s):

Shola Oyedeji ◽

Birgit Penzenstadler ◽

Ahmed Seffah

Keyword(s):

Software Engineering ◽

Software Development ◽

Research And Development ◽

Case Studies ◽

Software Systems ◽

Major Research ◽

Software Developers ◽

Software Designers ◽

Development Lifecycle ◽

Software Development Lifecycle

Like other ICT communities, sustainability in software engineering is a major research and development concerns. Current research focusses on eliciting the meanings of sustainability and proposing approaches for its engineering and integration into the mainstream software development lifecycle. However, few concrete guidelines that software designers can apply effectively are available and applicable. Such guidelines are needed for the elicitation of sustainability requirements and testing software against these guidelines. This paper introduces a sustainability design catalogue to assist software developers and managers in eliciting sustainability requirements, and then in measuring and testing software sustainability. The paper reviews the current research on sustainability in software engineering which is the grounds for the development of the catalogue. Four different case studies were analyzed using the Karlskrona manifesto on sustainability design. The output from this research paper is a software sustainability design catalogue through which a pilot framework is proposed that includes a set of sustainability goals, concepts and methods. The integration of sustainability for/in software systems requires a concrete framework that exemplifies how to apply and quantify sustainability. The paper demonstrates how the proposed software sustainability design catalogue provides a step towards this direction through a series of guidelines.

Download Full-text

Creating and Applying Security Goal Indicator Trees in an Industrial Environment

Threats, Countermeasures, and Advances in Applied Information Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-0978-5.ch014 ◽

2012 ◽

pp. 266-280

Author(s):

Alessandra Bagnato ◽

Fabio Raiteri ◽

Christian Jung ◽

Frank Elberzhager

Keyword(s):

Software Development ◽

Software Systems ◽

Full Potential ◽

Software Vulnerability ◽

Security Vulnerabilities ◽

Industrial Project ◽

Project Environment ◽

Development Lifecycle ◽

Software Development Lifecycle

Security inspections are increasingly important for bringing security-relevant aspects into software systems, particularly during the early stages of development. Nowadays, such inspections often do not focus specifically on security. With regard to security, the well-known and approved benefits of inspections are not exploited to their full potential. This book chapter focuses on the Security Goal Indicator Tree application for eliminating existing shortcomings, the training that led to their creation in an industrial project environment, their usage, and their reuse by a team in industry. SGITs are a new approach for modeling and checking security-relevant aspects throughout the entire software development lifecycle. This book chapter describes the modeling of such security goal based trees as part of requirements engineering using the GOAT tool dedicated plug-in and the retrieval of these models during the various phases of the software development lifecycle in a project by means of Software Vulnerability Repository Services (SHIELDS, Software Vulnerability Repository Services) created in the European project SHIELDS (SHIELDS, SHIELDS - Detecting known security vulnerabilities from within design and development tools).

Download Full-text