首页 | 官方网站   微博 | 高级检索  
相似文献
 共查询到10条相似文献,搜索用时 140 毫秒
1.
2.
This paper aims to present an ontology model of software engineering to represent its knowledge. The fundamental knowledge relating to software engineering is well described in the textbook entitled Software Engineering by Sommerville that is now in its eighth edition [1] and the white paper, Software Engineering Body of Knowledge (SWEBOK), by the IEEE [2] upon which software engineering ontology is based. This paper gives an analysis of what software engineering ontology is, what it consists of, and what it is used for in the form of usage example scenarios. The usage scenarios presented in this paper highlight the characteristics of the software engineering ontology. The software engineering ontology assists in defining information for the exchange of semantic project information and is used as a communication framework. Its users are software engineers sharing domain knowledge as well as instance knowledge of software engineering.  相似文献   

3.
Software security: we know we want it, we make choices and tradeoffs that have implications for it, yet, in a general sense, it has escaped true definition and defied measurement. Definition and measurement though are sequential, meaning that something must be defined to make any comparisons against it. In a technical sense, many have positioned software security as protecting the confidentiality, integrity and availability of data, resources and sometimes the application itself. This „definition” tries to capture security broadly but in practice the importance of these things — and the value that defending them has to an organization — varies wildly. More important than defining what security is, we need to capture what it means in context, and what it costs. The only definition that really matters to the enterprise then is one that deals with the contextual nature of security, risk, and pain. This paper is an attempt to explore what software security means to enterprises. Its purpose is to lay the foundation for software security metrics that are truly actionable by the business community to help drive security decisions for the software they buy, build, and outsource. The thoughts, ideas, insights and proposals here come from the members of the Application Security Industry Consortium (AppSIC)0, a group of software security executives, researchers, analysts and practitioners from the vendor, enterprise consumer, academic, and analyst communities. Our intention in writing it is to spur debate on the topic, and, through the input of the community, create a foundation upon which to build software security metrics that are meaningful to business.  相似文献   

4.
《Ergonomics》2012,55(11):1549-1560
  相似文献   

5.
Software patterns have been widely studied in order to reuse of design knowledge in software design phase. However, few patterns have been known in the area of safety. This paper addresses a mechanism for safety and its software pattern in a reactive system. We construct a pattern composed of a mechanism called an event checker including several software patterns to check scenarios, i.e., the order of events and their timing constraints. Next, we show examples of its implementation to railroad models using Java. Moreover, we discuss the safety in the domain of a reactive system by means of this event checker and its software reliability by using this pattern.  相似文献   

6.
To secure their information assets, organizations should seek support from enterprise security architectures. Security patterns are a good way to build and test new security mechanisms, but they have some limitations related to their usability. In previous work, we defined a new type of security pattern called Enterprise Security Pattern. The main objective of these patterns is to provide an instance of model-driven architecture, which offers a solution to recurring problems that have to do with information systems security. In recent years, the hiring of Software as a Service (SaaS) from cloud providers has become very popular. There seem to be many advantages of using these services, but organizations need to be aware of a variety of threats, as well as being prepared to handle them. In another work undertaken previously, we defined an enterprise security pattern called Secure Software as a Service (Secure SaaS), which the organizations could apply to protect their information assets when using SaaS. In this paper, we present different instances of the solution models of the enterprise security pattern Secure SaaS, aiming to verify the risks that an organization would assume if each of the instances were deployed. With this approach, we intend to show how the design decisions adopted when performing the transformations between the solution models can have a direct impact on the security provided by the pattern.  相似文献   

7.
A software architecture is a key asset for any organization that builds complex software-intensive systems. Because of an architecture's central role as a project blueprint, organizations should analyze the architecture before committing resources to it. An analysis helps to ensure that sound architectural decisions are made. Over the past decade a large number of architecture analysis methods have been created, and at least two surveys of these methods have been published. This paper examines the criteria for analyzing architecture analysis methods, and suggests a new set of criteria that focus on the essence of what it means to be an architecture analysis method. These criteria could be used to compare methods, to help understand the suitability of a method, or to improve a method. We then examine two methods—the Architecture Tradeoff Analysis Method and Architecture-level Modifiability Analysis—in light of these criteria, and provide some insight into how these methods can be improved. Rick Kazman is a Senior Member of the Technical Staff at the Software Engineering Institute of Carnegie Mellon University and Professor at the University of Hawaii. His primary research interests are software architecture, design and analysis tools, software visualization, and software engineering economics. He also has interests in human-computer interaction and information retrieval. Kazman has created several highly influential methods and tools for architecture analysis, including the SAAM and the ATAM. He is the author of over 80 papers, and co-author of several books, including “Software Architecture in Practice”, and “Evaluating Software Architectures: Methods and Case Studies”. Len Bass is a Senior Member of the Technical Staff at the Software Engineering Institute (SEI). He has written two award winning books in software architecture as well as several other books and numerous papers in a wide variety of areas of computer science and software engineering. He is currently working on techniques for the methodical design of software architectures and to understand how to support usability through software architecture. He has been involved in the development of numerous different production or research software systems ranging from operating systems to database management systems to automotive systems. Mark Klein is Senior Member of the Technical Staff of the Software Engineering Institute. He has over 20 years of experience in research on various facets of software engineering, dependable real-time systems and numerical methods. Klein's most recent work focuses on the analysis of software architectures, architecture tradeoff analysis, attribute-driven architectural design and scheduling theory. Klein's work in real-time systems involved the development of rate monotonic analysis (RMA), the extension of the theoretical basis for RMA, and its application to realistic systems. Klein's earliest work involved research in high-order finite element methods for solving fluid flow equations arising in oil reservoir simulation. He is the co-author two books: “A Practitioner's Handbook for Real-Time Analysis: Guide to Rate Monotonic Analysis for Real-Time Systems” and “Evaluating Software Architecture: Methods and Case Studies”. Anthony J. Lattanze is an Associate Teaching Professor at the Institute for Software Research International (ISRI) at Carnegie Mellon University (CMU) and a senior member of the technical staff at the Software Engineering Institute (SEI). Anthony teaches courses in CMUs Masters of Software Engineering Program in Software Architecture, Real-Time/Embedded Systems, and Software Development Studio. His primary research interest is in the area software architectural design for embedded, software intensive systems. Anthony consults and teaches throughout industry in the areas of software architecture design and architecture evaluation. Prior to Carnegie Mellon, Mr. Lattanze was the Chief of Software Engineering for the Technology Development Group at the United States Flight Test Center at Edwards Air Force Base, CA. During his tenure at the Flight Test Center, he was involved with a number of software and systems engineering projects as a software and systems architect, project manager, and developer. During this time as he was involved with the development, test, and evaluation of avionics systems for the B-2 Stealth Bomber, F-117 Stealth Fighter, and F-22 Advanced Tactical Fighter among other systems. Linda Northrop is the director of the Product Line Systems Program at the Software Engineering Institute (SEI) where she leads the SEI work in software architecture, software product lines and predictable component engineering. Under her leadership the SEI has developed software architecture and product line methods that are used worldwide, a series of five highly-acclaimed books, and Software Architecture and Software Product Line Curricula. She is co-author of the book, “Software Product Lines: Practices and Patterns,” and a primary author of the SEI Framework for Software Product Line Practice.  相似文献   

8.
G. B. Gerace 《Calcolo》1965,2(4):493-539
Summary This paper gives a unified treatment for electronic sequential circuit realizations and suitable procedures for synthesizing them. This is done by showing that every sequential circuit operating in synchronous mode can be transformed into an equivalent sequential circuit operating in fundamental mode with the same number of internal states. The basic idea is to consider, for both the major types of sequential circuits, circuits having pulse inputs—PS circuits for sequential circuits operating in synchronous mode, andPF circuits for sequential circuits operating in fundamental mode—and to investigate the relationship between them. A concurrent and a self concurrent operation is defined forPF circuits, and it is shown that any synchronon mode sequential circuit can be transformed into an equivalent normal or self-concurrentPF circuit realization inherently free ofessential hazards and critical races. Moreover, it is seen that static hazards that can influence the circuit operation can be detected and eliminated by formal methods. The circuit realizations discussed in this paper are composed by a defined number of subcircuits, and it is shown that these subcircuits can in turn be decomposed to obtain circuit realizations with flip-flops or register elements. Finally, it is shown that by similar methods level-input fundamental mode sequential circuits can also be transformed into self-concurrentPF circuit realizations in order to eliminate essential hazards and critical races. This paper has been communicated at the ?Colloque d'Algebre de Boole?, Grenoble, January 11–15, 1965, and reported in the C.S.C.E. Internal Report II. 9. May, 1965.  相似文献   

9.
Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmented with a certificate (or proof). The intended benefit is that the program consumer can locally validate the certificate w.r.t. the “untrusted” program by means of a certificate checker—a process which should be much simpler, efficient, and automatic than generating the original proof. The practical uptake of PCC greatly depends on the existence of a variety of enabling technologies which allow both proving programs correct and replacing a costly verification process by an efficient checking procedure on the consumer side. In this work we propose Abstraction-Carrying Code (ACC), a novel approach which uses abstract interpretation as enabling technology. We argue that the large body of applications of abstract interpretation to program verification is amenable to the overall PCC scheme. In particular, we rely on an expressive class of safety policies which can be defined over different abstract domains. We use an abstraction (or abstract model) of the program computed by standard static analyzers as a certificate. The validity of the abstraction on the consumer side is checked in a single pass by a very efficient and specialized abstract-interpreter. We believe that ACC brings the expressiveness, flexibility and automation which is inherent in abstract interpretation techniques to the area of mobile code safety.
  相似文献   

10.
In modern computer games, "bots" - intelligent realistic agents play a prominent role in the popularity of a game in the market. Typically, bots are modeled using finite-state machine and then programmed via simple conditional statements which are hard-coded in bots logic. Since these bots have become quite predictable to an experienced games player, a player might lose interest in the game. We propose the use of a game theoretic based learning rule called fictitious play for improving behavior of these computer game bots which will make them less predictable and hence, more a enjoyable game.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司    京ICP备09084417号-23

京公网安备 11010802026262号