• Journal of KIISE:Software and Applications
• /
• v.30 no.5_6
• /
• pp.529-539
• /
• 2003

Due to the emersion of J2EE (Java 2, Enterprise Edition), many enterprises inside and outside of the country have been developing the enterprise applications appropriate to the J2EE model. With the help of the component model of Enterprise JavaBeans (EJB) which is the J2EE core technology, we can develop the distributed object applications quite simple. EJB application can be implemented by using the component-oriented object transaction middleware and the most applications utilize the distributed transaction. Due to these characteristics, EJB technology became popular and then the study for EJB based application has been done quite actively. However, the research of techniques for the performance monitoring during run-time of the EJB applications has not been done enough. In this paper, we propose the techniques for monitoring the performance of EJB Application on the run time. First, we explore the workflow for the EJB application service and classily the internal operation into several elements. The proposed techniques provide monitoring the performance elements between the classified elements. We can also monitor by extracting the performance information like state transition and process time of the bean which is related to the lifetime occurred during one workflow, and the resource utilization rate.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.33 no.2
• /
• pp.305-318
• /
• 2023

The complexity of software products led many manufacturers to stitch open-source software for composing a product. Using open-source help reduce the development cost, but the difference in the different development life cycles makes it difficult to keep the product up-to-date. For this reason, even the patches for known vulnerabilities are not adopted quickly enough, leaving the entire product under threat. Existing studies propose to use binary differentiation techniques to determine if a product is left vulnerable against a particular vulnerability. Despite their effectiveness in finding real-world vulnerabilities, they often fail to locate the evidence of a vulnerability if it is a small function that usually is inlined at compile time. This work presents our tool FunRank which is designed to identify the short functions. Our experiments using synthesized and real-world software products show that FunRank can identify the short, inlined functions that suggest that the program is left vulnerable to a particular vulnerability.

• Journal of KIISE:Computing Practices and Letters
• /
• v.8 no.6
• /
• pp.657-668
• /
• 2002

Software life cycle consists of requirement analysis, design, implementation, and maintenance phases, and the product of each phase has various format. The UML normalizes such products, and the class diagram, use case diagram, activity diagram and collaboration diagram are usually used for the requirement analysis phase. Because most of UML development tools store such diagrams in a file, there nay be some difficulties of information retrieval and co-work among users. To cope with the difficulties, this paper proposes a database supported methodology to store and manage the diagrams produced by the requirement analysis. In this methodology, the constituents of class, use case, activity and collaboration diagram are first analyzed and then transformed in the form of relational fables. The constituents of such diagrams are stored as tables in a database, and can be easily retrieved from the database by using some queries. This database supported methodology provides the concurrent sharing and high reuse of diagrams.

• KIPS Transactions on Software and Data Engineering
• /
• v.9 no.12
• /
• pp.387-402
• /
• 2020

Conventional automotive development has mainly focused on ensuring correctness and safety and security has been relatively neglected. However, as the number of automotive hacking cases has increased due to the increased Internet connectivity of automobiles, international organizations such as the United Nations Economic Commission for Europe(UNECE) are preparing cybersecurity regulations to ensure security for automotive development. As with other IT products, automotive cybersecurity regulation also emphasize the concept of "Security by Design", which considers security from the beginning of development. In particular, since automotive development has a long lifecycle and complex supply chain, it is very difficult to change the architecture after development, and thus Security by Design is much more important than existing IT products. The problem, however, is that no specific methodology for Security by Design has been proposed on automotive development process. This paper, therefore, proposes a specific methodology for Security by Design on Automotive development. Through this methodology, automotive manufacturers can simultaneously consider aspects of functional safety, and security in automotive development process, and will also be able to respond to the upcoming certification of UNECE automotive cybersecurity regulations.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.05a
• /
• pp.477-480
• /
• 2002

Transparency of position that provide quick service regardless of physical position to users in distribution computing environment is getting into prominence and is developed in component form that many application softwares take advantage of distributed object technology. Because design object in distribution computing environment and OMG introduces OMA for embody, defined CORBA by standard of distributed object technology on OMA's abstract picture object model. Security service in CORBA platform is very important. Present object security service in distribution computing environment that refer standard of sorority and security models of distribution computing platform in CORBA in this treatise and follow in CORBA security service rules.

• Information Systems Review
• /
• v.14 no.1
• /
• pp.1-19
• /
• 2012

A large-scale IS development project takes a long time, thus its project manager needs to be more careful on risk management. In particular, appropriate cutover decision making is critical in large-scale IS development projects because the opening of the large-scale IS significantly impacts the organization. Regardless of its importance, cutover decision making in conventional IS development projects has been done in a quite simple way. Conventional cutover decisions have been made by considering just whether the new IS operates or not from the system, application, and data implementation perspectives. However, this approach may lead to unsatisfactory performance or system failure in complex large-scale IS development. Under this background, we propose a new framework for cutover decision making on large-scale IS projects. To validate the applicability, we applied the framework to a core banking system development case. The case study shows that our framework is effective in proper cutover decision making.

• Journal of KIISE:Software and Applications
• /
• v.29 no.12
• /
• pp.907-925
• /
• 2002

Due to the emersion of J2EE(Java 2, Enterprise Edition), many enterprises inside and outside of the country have been developing the enterprise applications appropriate to the J2EE model. With the help of the component model of Enterprise Java Beans(EJH) which is the J2EE core technology, we can develop the distributed object applications quite simple. EJB application can be implemented by using the component-oriented object transaction middleware and the most applications utilize the distributed transaction. EJB developers can concentrate on the business logic because the EJB server covers the middleware service. Due to these characteristics, EJB technology became popular and then the study for EJB based application has been done quite actively However, the research of metrics for measuring the performance during run-time of the EJB applications has not been done enough. Tn this paper, we explore the workflow for the EJB application service on the run-time and classify the internal operation into several elements. We propose the metrics for evaluating the performance up to the bean level by using the classified elements. First, we analyze the lifecycle according to the bean types which comes from the EJB application on the run-time as to extract each factor used in performance measurement. We also find factors related to a performance and allocate the Performance factors to the metrics as the bean types. We also consider the characteristics like the bean's activation and message passing which happens during bean message call and then analyze the relations of the beans participating in the workflow of the application to make the workflow performance measurement possible. And we devise means to bring performance enhancement of the EJB application using the propose.