• International Journal of Computer Science & Network Security
• /
• v.24 no.7
• /
• pp.1-10
• /
• 2024

Software architecture are High-level design decisions shaping a software system's components, structure, and interactions. It can be a blueprint for development, evolution, and ongoing maintenance. This research investigates the communication practices employed by software architects and developers to ensure adherence to the designed software architecture. It explores the factors influencing the selection of follow-up methods and the impact of follow-up frequency on successful implementation. Findings reveal that formalized follow-up procedures are not yet a ubiquitous element within the software development lifecycle. While electronic communication, particularly email, appears to be the preferred method for both architects and developers, physical and online meetings are utilized less frequently. Interestingly, the study suggests a potential confidence gap, with architects expressing concerns about developers' ability to faithfully implement the architecture. This may lead to architects providing additional clarification. Conversely, while most developers reported confidence in their software knowledge, overly detailed architecture documentation may pose challenges, highlighting the need for architects to consider alternative communication strategies. A key limitation of this study is the sample size, restricting the generalizability of the conclusions. However, the research offers valuable preliminary insights into the communication practices employed for architecture implementation, paving the way for further investigation with a larger and more diverse participant pool.

• 한국IT서비스학회:학술대회논문집
• /
• 2003.11a
• /
• pp.233-240
• /
• 2003

To develop high-quality software systems satisfying the customer's needs, user-centered design (UCD) process has been emphasized in the area of human-computer interaction. And component-based development (CBD) has been extensively studied to realize a systematic software reuse, thereby reducing the time-to-market and the development cost. Balanced integration of user-centered design process and CBD process will be a promising way for successful software construction, which effectively achieves three goals: the quality of software, the cost of software development, and the time-to-market. However, traditional CBD methodology seems to lack the concept of user-centered design process and the relevant methods. This paper proposes a way of incorporating user-centered design process into a CBD methodology. Firstly, this paper gives the brief introduction of UCD. Secondly, we explain typical UCD activities and methods along the phase of systems development lifecycle and propose the use of usability maturity model (UMM) for integrating UCD activities and methods with those of CBD methodology. Finally, as a case study, we describe the results of comparing the UCD activities to the activities of MaRMI-III, which has been developed as a CBD methodology at ETRI.

• The KIPS Transactions:PartD
• /
• v.8D no.4
• /
• pp.401-408
• /
• 2001

Object-oriented software development methods are used to develop object-oriented software systems. Object-oriented systems are believed to habe better modularity, reusability, maintainability, and extensibility than systems modeled in conventional methods. Current object-oriented software development methods, however, are modeled in terms of procedural, functional, and structural models. There models cause problems such as tight coupling among activities, and uncontrolled access to global artifacts. In this paper, were introduce OMOS(Object-oriented software development Method for Object-oriented software System), an object-oriented modeling of object-oriented software development methods. Artifacts and their related activities are modeled as classes and objects. Development lifecycles are modeled as interactions among the objects. By modeling the software development method in an object-oriented way, OMOS achieves better reusability, flexibility, extensibility, and maintainability.

• International Journal of Computer Science & Network Security
• /
• v.23 no.2
• /
• pp.65-78
• /
• 2023

Investigations on information security factors re- main elusive at small and medium enterprises (SMEs), es- specially for custom-made software solutions. This article aims to investigate, classify, adopt factors from recent literature addressing information security resources. SMEs al- ready have information security in place, but they are not easy to adopt through the negotiation processes between the in-house software development companies and custom-made software clients at SMEs. This article proposes a strategic framework for implementing the process of adoption of the information security factors at SMEs after conducting a systematic snapshot approach for investigating and classifying the resources. The systematic snapshot was conducted using a search strategy with inclusion and exclusion criteria to retain 128 final reviewed papers from a large number of papers within the period of 2001-2022. These papers were analyzed based on a classification schema including management, organizational, development, and environmental categories in software development lifecycle (SDLC) phases in order to define new security factors. The reviewed articles addressed research gaps, trends, and common covered evidence-based decisions based on the findings of the systematic mapping. Hence, this paper boosts the broader cooperation between in-house software development companies and their clients to elicit, customize, and adopt the factors based on clients' demands.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.2
• /
• pp.243-250
• /
• 2013

We have entered into an era of smart software system where the many kinds of embedded software, especially SCADA and Automotive software not only require high reliability and safety but also high-security. Removing software weakness during the software development lifecycle is very important because hackers exploit weaknesses which are source of software vulnerabilities when attacking a system. Therefore the coding rule as like core functions of MISRA-C should expand their coding focus on security. In this paper, we used CERT-C secure coding rules for nuclear-related software being developed to demonstrate high-safety software, and proposed how to remove software weakness during development.

• Industrial Engineering and Management Systems
• /
• v.7 no.1
• /
• pp.51-56
• /
• 2008

With growing demand for zero defects, predicting reliability of software systems is gaining importance. Software reliability models are used to estimate the reliability or the number of latent defects in a software product. Most reliability models to estimate the reliability of software in the literature are based on the development lifecycle stages. However, in the maintenance phase, the software needs to be corrected for errors and to be enhanced for the requests from users. These decrease the reliability of software. Software Reliability Growth Models (SRGMs) have been applied successfully to model software reliability in development phase. The software reliability in maintenance phase exhibits many types of systematic or irregular behaviors. These may include cyclic behavior as well as long-term evolutionary trends. The cyclic behavior may involve multiple periodicities and may be asymmetric in nature. In this paper, SGRM has been adapted to develop a reliability prediction model for the software in maintenance phase. The model is established using maintenance data from a commercial shop floor control system. The model is accepted to be used for resource planning and assuring the quality of the maintenance work to the user.

• Proceedings of the KSR Conference
• /
• 2006.11b
• /
• pp.947-953
• /
• 2006

ATC on-board equipment require realtime embedded software with high level of safety and reliability. To satisfy these requirements, many techniques are applied to the development of software during the lifecycle. In case of software modeling, object-oriented methodology is widening its niche replacing traditional structured methodology and modeling in UML using a CASE tool is a growing trend. In this paper, we modeled ATC on-board software in UML using Rhapsody, which is a modeling tool for realtime embedded software. We modeled the behavior of ATC on-board equipment based on state machine diagram and validated the model using the animation feature provided in the tool. According to our study, the CASE tool based on UML showed high level of applicability in modeling and verifying the software with complex behavioral characteristics.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.2
• /
• pp.127-137
• /
• 2012

Recently, as modern Internet uses mashups, Web 3.0, JavaScript/AJAX widely, the rate at which new vulnerabilities are being discovered is increasing rapidly. It can subsequently introduce big security threats. In order to efficiently mitigate these web application vulnerabilities and security threats, it is needed to rank vulnerabilities based on severity and consider the severe vulnerabilities during a specific phase of software development lifecycle (SDLC) for web applications. In this paper, we have first verified whether the risk rating methodology of OWASP Top 10 vulnerabilities is a reasonable one or not by analyzing the vulnerability data of web applications in the US National Vulnerability Database (NVD). Then, by inspecting the vulnerability information of web applications based on OWASP Top-10 2010 list and CWE (Common Weakness Enumeration) directory, we have mapped the web-related entries of CWE onto the entries of OWASP Top-10 2010 and prioritized them. We have also presented which phase of SDLC is associated with each vulnerability entry. Using this approach, we can prevent or mitigate web application vulnerabilities and security threats efficiently.

• Proceedings of the KIEE Conference
• /
• 2007.07a
• /
• pp.1201-1202
• /
• 2007

Safety critical systems are those in which a failure can have serious and irreversible consequences. Nowadays digital technology has been rapidly applied to critical system such as railways, airplanes, nuclear power plants, vehicles. The main difference between analog system and digital system is that the software is the key component of the digital system. The digital system performs more varying and highly complex functions efficiently compared to the existing analog system because software can be flexibly designed and implemented. The flexible design make it difficult to predict the software failures. This paper reviews safety standard and criteria for safety critical system such as railway system and introduces the framework for the software lifecycle. The licensing procedure for the railway software is also reviewed.

• Journal of Internet Computing and Services
• /
• v.6 no.2
• /
• pp.13-24
• /
• 2005

Software development by component integration is the mainstream for time-to-market and is the solution for overcoming the short lifecycle of software. Therefore, the effective techniques for component integration have been working. However, the systematic and practical technique has not been proposed. One of main issues for component integration is how to specify integration and the component architecture for operating the specification, in this paper, we propose a workflow variability design technique for component integration, This technique focuses on designing to a connection contract based on the component architecture. The connection contract is designed to use the provided interface of component and the architecture can assemble and customize components by the connection contract dynamically.