Software Components

2010 ◽  
pp. 351-363
Author(s):  
Adnan Bader ◽  
Sita Ramakrishnan
Keyword(s):  
Trust Model ◽  
Future Research ◽  
Software Systems ◽  
Software Components ◽  
Object Oriented Design ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Component Based Software Engineering ◽  
Different Characteristics ◽  
The Impact

Component-based software engineering (CBSE) has rapidly gained currency over recent years. Software developed as components and as assemblies of components has realised the reuse slogan originally associated with object-oriented design. In this chapter we define what software components are along with their different characteristics and classifications. We also cover the widely debated definitions of software components to emphasise the fact that components possess different properties that can mean different things to different people. We discuss the impact of using components on the software development lifecycle and review a number of different approaches developed to procure and integrate components in software systems. Finally, the risks associated with using software components are discussed in detail with along with a trust model. Trends in CBSE research are discussed towards the end to explore some potential areas of future research.

scholarly journals Evolution of Security Engineering Artifacts

2014 ◽  
Vol 5 (4) ◽  
pp. 48-98 ◽  
Author(s):  
Michael Felderer ◽  
Basel Katt ◽  
Philipp Kalb ◽  
Jan Jürjens ◽  
Martín Ochoa ◽  
...  
Keyword(s):  
State Of The Art ◽  
The State ◽  
Security Requirements ◽  
Future Research ◽  
Software Systems ◽  
Security Engineering ◽  
Security Models ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Comprehensive Survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research.

Evolution of Security Engineering Artifacts

2015 ◽  
pp. 1508-1562
Author(s):  
Michael Felderer ◽  
Basel Katt ◽  
Philipp Kalb ◽  
Jan Jürjens ◽  
Martín Ochoa ◽  
...  
Keyword(s):  
State Of The Art ◽  
The State ◽  
Security Requirements ◽  
Future Research ◽  
Software Systems ◽  
Security Engineering ◽  
Security Models ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Comprehensive Survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research.

scholarly journals Time Granularity Impact on Propagation of Disruptions in a System-of-Systems Simulation of Infrastructure and Business Networks

2021 ◽  
Vol 18 (8) ◽  
pp. 3922
Author(s):  
Mateusz Iwo Dubaniowski ◽  
Hans Rudolf Heinimann
Keyword(s):  
Recovery Time ◽  
System Of Systems ◽  
Future Research ◽  
Business Networks ◽  
Simulation Experiments ◽  
Huge Impact ◽  
High Level ◽  
Systems Simulation ◽  
Different Characteristics ◽  
The Impact

A system-of-systems (SoS) approach is often used for simulating disruptions to business and infrastructure system networks allowing for integration of several models into one simulation. However, the integration is frequently challenging as each system is designed individually with different characteristics, such as time granularity. Understanding the impact of time granularity on propagation of disruptions between businesses and infrastructure systems and finding the appropriate granularity for the SoS simulation remain as major challenges. To tackle these, we explore how time granularity, recovery time, and disruption size affect the propagation of disruptions between constituent systems of an SoS simulation. To address this issue, we developed a high level architecture (HLA) simulation of three networks and performed a series of simulation experiments. Our results revealed that time granularity and especially recovery time have huge impact on propagation of disruptions. Consequently, we developed a model for selecting an appropriate time granularity for an SoS simulation based on expected recovery time. Our simulation experiments show that time granularity should be less than 1.13 of expected recovery time. We identified some areas for future research centered around extending the experimental factors space.

Creating and Applying Security Goal Indicator Trees in an Industrial Environment

2014 ◽  
pp. 999-1013
Author(s):  
Alessandra Bagnato ◽  
Fabio Raiteri ◽  
Christian Jung ◽  
Frank Elberzhager
Keyword(s):  
Software Development ◽  
Software Systems ◽  
Full Potential ◽  
Security Vulnerabilities ◽  
Industrial Project ◽  
Project Environment ◽  
Development Tools ◽  
Development Lifecycle ◽  
Software Development Lifecycle

Security inspections are increasingly important for bringing security-relevant aspects into software systems, particularly during the early stages of development. Nowadays, such inspections often do not focus specifically on security. With regard to security, the well-known and approved benefits of inspections are not exploited to their full potential. This book chapter focuses on the Security Goal Indicator Tree application for eliminating existing shortcomings, the training that led to their creation in an industrial project environment, their usage, and their reuse by a team in industry. SGITs are a new approach for modeling and checking security-relevant aspects throughout the entire software development lifecycle. This book chapter describes the modeling of such security goal based trees as part of requirements engineering using the GOAT tool dedicated plug-in and the retrieval of these models during the various phases of the software development lifecycle in a project by means of Software Vulnerability Repository Services (SVRS) created in the European project SHIELDS (SHIELDS - Detecting known security vulnerabilities from within design and development tools).

An Approach to Formal Specification of Component-Based Software

2011 ◽  
pp. 34-42
Author(s):  
Tarek Zernadji ◽  
Raida Elmansouri ◽  
Allaoua Chaoui
Keyword(s):  
Software Engineering ◽  
Software Reuse ◽  
Formal Specification ◽  
Component Composition ◽  
Software Systems ◽  
Software Components ◽  
Design Component ◽  
Component Design ◽  
Component Based Software Engineering ◽  
Expected Benefits

Current research on software reuse in Component Based Software Engineering (CBSE) covers a variety of fields, including component design, component specification, component composition, component-based framework. CBSE is quickly becoming a mainstream approach to software development and most researchers are hoping that it will be solutions to all the problems that led to software crisis. The software engineering techniques specific to this discipline, in phases such as modeling, verification or validation of component based software systems still insufficient and need more research efforts. ECATNets (Extended Concurrent Algebraic Term Nets) are frameworks for specification, modeling and validation of concurrent and distributed systems. They are characterized by their semantics defined in terms of rewriting logic. The objective of this article is to propose a formal specification of software components by using ECATNets formalism. The expected benefits of this work are: Offer a formal notation for describing the different features of concurrent and distributed software components; Defining a formal unambiguous semantic to describe behavior of the composed system.

scholarly journals Software Development Initiatives to Identify and Mitigate Security Threats - Two Systematic Mapping Studies

2016 ◽  
Author(s):  
Paulina Silva ◽  
René Noël ◽  
Santiago Matalonga ◽  
Hernán Astudillo ◽  
Diego Gatica ◽  
...  
Keyword(s):  
Software Development ◽  
Software Security ◽  
The Other ◽  
Software Systems ◽  
Security Threats ◽  
Controlled Experiments ◽  
Systematic Mapping ◽  
Development Lifecycle ◽  
Secure Software ◽  
Software Development Lifecycle

Software Security and development experts have addressed the problem of building secure software systems. There are several processes and initiatives to achieve secure software systems. However, most of these lack empirical evidence of its application and impact in building secure software systems. Two systematic mapping studies (SM) have been conducted to cover the existent initiatives for identification and mitigation of security threats. The SMs created were executed in two steps, first in 2015 July, and complemented through a backward snowballing in 2016 July. Integrated results of these two SM studies show a total of 30 relevant sources were identified; 17 different initiatives covering threats identification and 14 covering the mitigation of threats were found. All the initiatives were associated to at least one activity of the Software Development Lifecycle (SDLC); while 6 showed signs of being applied in industrial settings, only 3 initiatives presented experimental evidence of its results through controlled experiments, some of the other selected studies presented case studies or proposals.

A Review of Software Quality Methodologies

2012 ◽  
pp. 129-150 ◽  
Author(s):  
Saqib Saeed ◽  
Farrukh Masood Khawaja ◽  
Zaigham Mahmood
Keyword(s):  
Software Development ◽  
Software Quality ◽  
Software Systems ◽  
High Quality ◽  
Software Applications ◽  
Pervasive Systems ◽  
Development Lifecycle ◽  
Development Cycle ◽  
Software Development Lifecycle ◽  
Reliable Software

Pervasive systems and increased reliance on embedded systems require that the underlying software is properly tested and has in-built high quality. The approaches often adopted to realize software systems have inherent weaknesses that have resulted in less robust software applications. The requirement of reliable software suggests that quality needs to be instilled at all stages of a software development paradigms, especially at the testing stages of the development cycle ensuring that quality attributes and parameters are taken into account when designing and developing software. In this respect, numerous tools, techniques, and methodologies have also been proposed. In this chapter, the authors present and review different methodologies employed to improve the software quality during the software development lifecycle.

scholarly journals Generation and Visualization of Static Function Call Graph for Large C Codebases

2021 ◽  
Vol 10 (6) ◽  
pp. 1-6
Author(s):  
Sourabh S Badhya ◽  
◽  
Shobha G ◽  
Keyword(s):  
Software Development ◽  
Static Analysis ◽  
Software Systems ◽  
Call Graph ◽  
Analysis Methods ◽  
Development Lifecycle ◽  
Function Call ◽  
Software Development Lifecycle ◽  
The Many

As software systems evolve, there is a growing concern on how to manage and maintain a large codebase and fully understand all the modules present in it. Developers spend a significant amount of time analyzing dependencies before making any changes into codebases. Therefore, there is a growing need for applications which can easily make developers comprehend dependencies in large codebases. These applications must be able to analyze large codebases and must have the ability to identify all the dependencies, so that new developers can easily analyze the codebase and start making changes in short periods of time. Static analysis provides a means of analyzing dependencies in large codebases and is an important part of software development lifecycle. Static analysis has been proven to be extremely useful over the years in their ability to comprehend large codebases. Out of the many static analysis methods, this paper focuses on static function call graph (SFCG) which represents dependencies between functions in the form of a graph. This paper illustrates the feasibility of many tools which generate SFCG and locks in on Doxygen which is extremely reliant for large codebases. The paper also discusses the optimizations, issues and its corresponding solutions for Doxygen. Finally, this paper presents a way of representing SFCG which is easier to comprehend for developers.

Innovative Approaches in Pair Programming to Enhance the Quality of Software Development

2018 ◽  
Vol 10 (2) ◽  
pp. 42-53
Author(s):  
Naresh E. ◽  
Vijaya Kumar B.P.
Keyword(s):  
Software Development ◽  
Negative Impact ◽  
Extreme Programming ◽  
Pair Programming ◽  
Software Projects ◽  
Development Lifecycle ◽  
Software Development Lifecycle ◽  
Efficient Code ◽  
The Impact

The article tries to shed some light on the impact of human psychology on the effective use of pair programming in the modern Software development lifecycle such as SCRUM, Extreme Programming which are in turn used on heterogeneous software projects. This article also tries to identify that if the authors try to pair people keeping their psychology in mind that pair can come up with code with fewer defects, with efficient code, if the paper tries to pair people randomly without any planning or thinking might create a pair which let aside create inefficient code and lead to be unproductive nature, and even it will create a negative impact on the project and the team. This article introduces a few novel approaches in framing the pairs in pair programming's like known and unknown pairs, coder and reviewer pair and coder and tester pair. Applying the described approaches, an industry can improve the quality of the delivered product and improve the efficiency of software engineers.

A Review of Software Quality Methodologies

2014 ◽  
pp. 34-49
Author(s):  
Saqib Saeed ◽  
Farrukh Masood Khawaja ◽  
Zaigham Mahmood
Keyword(s):  
Software Development ◽  
Software Quality ◽  
Software Systems ◽  
High Quality ◽  
Software Applications ◽  
Pervasive Systems ◽  
Development Lifecycle ◽  
Development Cycle ◽  
Software Development Lifecycle ◽  
Reliable Software

Pervasive systems and increased reliance on embedded systems require that the underlying software is properly tested and has in-built high quality. The approaches often adopted to realize software systems have inherent weaknesses that have resulted in less robust software applications. The requirement of reliable software suggests that quality needs to be instilled at all stages of a software development paradigms, especially at the testing stages of the development cycle ensuring that quality attributes and parameters are taken into account when designing and developing software. In this respect, numerous tools, techniques, and methodologies have also been proposed. In this chapter, the authors present and review different methodologies employed to improve the software quality during the software development lifecycle.

Sign in / Sign up

Export Citation Format

Share Document