Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Outline
Motivation
Proposed strategy
Detailed actions
Conclusion
A Recommended Strategy
Software security vulnerabilities are often caused by
Recommended Practices
Statistical testing - Usage based testing permits
SEI
The security of a software-intensive system is
directly related to the quality of its software1.
Over 90% of software security incidents are
A Final Source
One of the key things that developers can do to
Basic Assumptions
T ( j , k ) [(k 1) 1]c
T ( j , k ) jkct
Baldwin and Clark. Design Rules The Power of Modularity,
volume 1, MIT Press, 2000.
Basic assumptions - 2
Though estimates vary, the cost of removing defect increases
dramatically later in the life cycle.
Design
IBM
Boehm
Remus
Design
Inspection
Code
Development
Test
1.5
60
15 to 40
20
Acceptance Production
100
30 to 70
40 to
1000
82
Ackerman
2 to 10
Russell
2 to 4
30
Premise
Our premise is that poorly written software
Context
A chain of
Domain
Expert
User:
Frequency:
See Also:
Class Name
Responsibility
Super Class
Collaborator
Requirements
model inspection
Domain
Analysis
Client
Analysis
model inspection
Incremental
Integration
and
System Testing
Class Specification
Application
Analysis
Class
Design
Class
Derivation
Class
Reuse
Implementation
Architectural
Design
ntr
olle
r
Co
quality should
be threaded
through the
entire process
so that
validation is
most effective
and efficient.
Requirements
Refinement
Model
Testing
Class Delivery
Architecture
inspection
View
Class
Development
Cluster
design inspection
A Proposed Strategy
Develop method engineering tactics and guidelines