PurposeThe purpose of the present work is to mathematically model the reliability growth of a multi-version software system that is affected by infected patches.Design/methodology/approachThe work presents a mathematical model that studies the reliability change due to the insertion of an infected patch in multi-version software. Various distribution functions have been considered to highlight the varied aspects of the model. Furthermore, weighted criteria approach has been discussed to facilitate the choice of the model.FindingsThe model presented here is able to quantify the effect of an infected patch on multi-version software. The model captures the hike in bug content due to an infected patch.Originality/valueMulti-version systems have been studied widely, but the role of an infected patch has not been yet explored. The effect of an infected patch has been quantified by modeling the extra bugs generated in the system. This bug count would prove helpful in further studies for optimal resource allocation and testing effort allocation.
A carefully planned software development process helps in maintaining the quality of the software. In today's scenario the primitive software development models have been replaced by the Agile based models like SCRUM, KANBAN, LEAN, etc. Although, every framework has its own boon, the reason for widespread acceptance of the agile-based approach is its evolutionary nature that permits change in the path of software development. The development process occurs in iterative and incremental cycles called sprints. In SCRUM, which is one of the most widely used agile-based software development modeling framework; the sprint length is fixed throughout the process wherein; it is usually taken to be 1-4 weeks. But in practical application, the sprint length should be altered intuitively as per the requirement. To overcome this limitation, in this paper, a methodical work has been presented that determines the optimal sprint length based on two varied and yet connected attributes; the cost incurred and the work intensity required. The approach defines the number of tasks performed in each sprint along with the corresponding cost incurred in performing those tasks. Multi-attribute utility theory (MAUT), a multi-criterion decision making approach, has been utilized to find the required trade-off between two attributes under consideration. The proposed modeling framework has been validated using real life data set. With the use of the model, the optimal sprint for each sprint could be evaluated which was much shorter than the original length. Thus, the results obtained validate the proposal of a dynamic sprint length that can be determined before the start of each sprint. The structure would help in cost as well as time savings for a firm.
Patching service provides software firms an option to deal with the leftover bugs and is thereby helping them to keep a track of their product. More and more software firms are making use of this concept of prolonged testing. But this framework of releasing unprepared software in market involves a huge risk. The hastiness of vendors in releasing software patch at times can be dangerous as there are chances that firms release an infected patch. The infected patch (es) might lead to a hike in bug occurrence and error count and might make the software more vulnerable. The current work presents an understanding of such situation through mathematical modeling framework; wherein, the distinct behavior of testers (during in-house testing and field testing) and users is described. The proposed model has been validated on two software failure data sets of Tandem Computers and Brazilian Electronic Switching System, TROPICO R-1500.
With the increase in the discovery of vulnerabilities, the expected exploits occurred in various software platform has shown an increased growth with respect to time. Only after being discovered, the potential vulnerabilities might be exploited. There exists a finite time lag in the exploitation process; from the moment the hackers get information about the discovery of a vulnerability and the time required in the final exploitation. By making use of the time lag approach, we have developed a framework for the vulnerability exploitation process that occurred in multiple stages. The time lag between the discovery and exploitation of a vulnerability has been bridged via the memory kernel function over a finite time interval. The applicability of the proposed model has been validated using various software exploit datasets.
Software developers endeavor to build their products with the least number of bugs. Despite this, many vulnerabilities are detected in software that threatens its integrity. Various automated software i.e., vulnerability scanners, are available in the market which helps detect and manage vulnerabilities in a computer, application, or a network. Hence, the choice of an appropriate vulnerability scanner is crucial to ensure efficient vulnerability management. The current work serves a dual purpose, first, to identify the key factors which affect the vulnerability discovery process in a network. The second, is to rank the popular vulnerability scanners based on the identified attributes. This will aid the firm in determining the best scanner for them considering multiple aspects. The multi-criterion decision making based ranking approach has been discussed using the Intuitionistic Fuzzy set (IFS) and Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) to rank the various scanners. Using IFS TOPSIS, the opinion of a whole group could be simultaneously considered in the vulnerability scanner selection. In this study, five popular vulnerability scanners, namely, Nessus, Fsecure Radar, Greenbone, Qualys, and Nexpose have been considered. The inputs of industry specialists i.e., people who deal in software security and vulnerability management process have been taken for the ranking process. Using the proposed methodology, a hierarchical classification of the various vulnerability scanners could be achieved. The clear enumeration of the steps allows for easy adaptability of the model to varied situations. This study will help product developers become aware of the needs of the market and design better scanners. And from the user's point of view, it will help the system administrators in deciding which scanner to deploy depending on the company's needs and preferences. The current work is the first to use a Multi Criterion Group Decision Making technique in vulnerability scanner selection.
Pay-as-you-go access to computer resources is a major selling point of the cloud computing model. Cloud tenants demand complete networking of their dedicated resources to simply implement network functions and services, in addition to the conventional computer resources. The flexibility and convenience of on-demand resource provisioning make cloud computing a compelling computing platform. The key to meeting fluctuating needs and maximizing return on investment from Cloud-supporting infrastructure is dynamic resource allocation and reallocation. For traditional IaaS, we offer an energy-efficient resource allocation strategy based on bin packing. In this paper, we present an accurate energy-conscious method for initial resource allocation by casting the issue of energy-efficient resource allocation as a bin-packing model. The available VMs (virtual machines) employ a modified version of the max-min scheduling technique, which saves money and resources. The results of this study give a framework for comparing and contrasting the many different resource distribution approaches that have been proposed by other researchers. The importance of efficient data centers for the cloud is growing. Power consumption has been a major problem due to its expanding size and widespread usage. The overarching purpose of this effort is to create models and algorithms for resource allocation that are both energy-efficient and take into account a variety of relevant factors
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.