Software requirement risk assessment using UML

Appukkutty, Kalaivani; Ammar, H.H.; Popstajanova, K.G.

doi:10.1109/aiccsa.2005.1387101

Cited by 7 publications

(6 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The method applies complexity analysis of components and connectors, expert judgments for severity analysis and Markov models to estimate the risk factor of the different system scenarios. A method for estimating risk in the early phases of design is proposed in [5], where the analysis is conducted at the requirements-level based on UML design specifications. In [149] the authors propose a framework that models cluster computing systems' availability based on UML design notations, and evaluates system availability by transforming the UML availability modeling into corresponding analytical models (e.g.…”

Section: Other Techniquesmentioning

confidence: 99%

“…The overall experience from the use of the threat-modeling tool 5 during the Statnett-07 trial to model threats "on-the-fly" compared to the previous approach, where the analyst team made the threat diagrams between workshop 1 and 2, were good. The threat diagrams capture threat scenarios in an intuitive manner and it seemed easy for the participants to relate to the diagrams and provide input during the brainstorming sessions.…”

mentioning

confidence: 99%

See 1 more Smart Citation

On the Comprehension of Security Risk Scenarios

Hogganvik

Stølen

13th International Workshop on Program Comprehension (IWPC'05)

View full text Add to dashboard Cite

Section: Other Techniquesmentioning

confidence: 99%

mentioning

confidence: 99%

On the Comprehension of Security Risk Scenarios

Hogganvik

Stølen

13th International Workshop on Program Comprehension (IWPC'05)

View full text Add to dashboard Cite

“…The steps of our requirement-risk assessment methodology are presented in This methodology has been published as [9] and has been applied on an illustrative case study in [10].…”

Section: Methodology For Estimating Requirements-based Risk Factorsmentioning

confidence: 99%

Software risk assessment based on UML models

Appukkutty¹

View full text Add to dashboard Cite

Software Risk Assessment based on UML models Kalaivani Appukkutty Risk is the possibility of suffering loss. Risks identified during the early stages of software development are easier and cheaper to handle by making changes to the software architecture. This thesis presents methodologies to assess software risk using Unified Modeling Language (UML) specifications of the software from the early design stages. We present methodologies to assess two types of software risk: Requirementsbased risk and Performance-based risk. In assessing requirements-based risk, each requirement is mapped to a specific operational scenario in UML. The risk factor of a scenario in a failure mode is obtained by combining the probability of failure of the scenario and the severity of the failure. For the performance-based risk analysis, we use UML diagrams with performance related annotations, build a software execution model for each scenario and then map it to a system execution model using the deployment information. For estimating the performance-based failures of each scenario we use an asymptotic bounding analysis. The methodologies are applied on various case studies.

show abstract

“…Thus, the work presented in this paper can be used for estimating severity of component/connector failures in reliability-based risk assessment methodology [2], and severity of scenario failures in performance-based risk assessment [6], and requirements-based risk assessment [7]. …”

Section: Pace Commissionmentioning

confidence: 99%

“…This process of estimating severity can be automated in development environments supporting UML by annotating the hazard analysis results and the cost of failure information in the UML diagrams. We use this methodology for reliability-based risk assessment [2], performance-based risk assessment [6], and requirement-based risk assessment of software systems [7].…”

mentioning

confidence: 99%

UML based severity analysis methodology

Hassan

Goševa-Popstojanova

Ammar

Annual Reliability and Maintainability Symposium, 2005. Proceedings.

View full text Add to dashboard Cite

According to the NASA Standard on software safety [1], risk is a function of the anticipated frequency of occurrence of an undesired event, the potential severity of resulting consequences, and the uncertainties associated with the frequency and severity.The authors in [2] developed a methodology for risk assessment of software architectures based on the Unified Modeling Language (UML) [3]. The methodology estimates the probability of software components/connectors failures by measuring the complexity/coupling of the UML dynamic specifications [4]. Severity is estimated based on the MIL_STD_1629A [5] and using the classical technique of Failure Mode and Effect Analysis (FMEA). In this paper we address the problem of assessing the severity based on UML artifacts and using the cost of failures of software components and connectors as well as failures of system execution scenarios. We propose a severity assessment methodology which is performed combining three different hazard analysis techniques: Functional Failure Analysis (FFA), Failure Mode and Effect Analysis (FMEA), and Fault Tree Analysis (FTA). The methodology integrates these techniques in order to assess the severity of failures of system scenarios and the severity of failures of each architectural element (component/connector) early in the software analysis and design phases. FFA is used as a top-down approach based on system scenarios to identify the system level failures. FMEA is used as a bottom-up appraoch based on the detailed view of the system to identify the possible causes of component/connector failures. Finally, FTA correlates the results of FMEA and FFA. This process of estimating severity can be automated in development environments supporting UML by annotating the hazard analysis results and the cost of failure information in the UML diagrams. We use this methodology for reliability-based risk assessment [2], performance-based risk assessment [6], and requirement-based risk assessment of software systems [7].

show abstract

Software requirement risk assessment using UML

Cited by 7 publications

References 6 publications

On the Comprehension of Security Risk Scenarios

On the Comprehension of Security Risk Scenarios

Software risk assessment based on UML models

UML based severity analysis methodology

Contact Info

Product

Resources

About