Continuous and Proactive Software Architecture Evaluation: An IoT Case

Sobhy, Dalia; Minku, Leandro L.; Bahsoon, Rami; Kazman, Rick

doi:10.1145/3492762

Cited by 3 publications

(3 citation statements)

References 80 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In one recent work, Esper and Schnicke 28 suggest investigating the changeability of I4.0 products using quality scenarios and the architecture‐level modifiability analysis (ALMA) method. Sobhy et al also describe an approach to performing architectural evaluation in an IoT context 29 …”

Section: State‐of‐the‐art and State‐of‐the‐practicementioning

confidence: 99%

“…Some recent works highlight the need to evaluate scenarios and quality attribute properties at runtime, such as the approach described by Cedillo et al, 30 who suggest the use of models for monitoring and evaluating quality properties of cloud services at runtime. The recent work of Sobhy et al 29 uses time series forecasting, based on live data collected, to forecast the future performance of a system by using simulated instances of the architecture. Using the simulation results, an architecture can be adapted at runtime.…”

Section: State‐of‐the‐art and State‐of‐the‐practicementioning

confidence: 99%

See 1 more Smart Citation

Continuous engineering for Industry 4.0 architectures and systems

Antonino

Capilla²,

Kazman

et al. 2022

Softw Pract Exp

Self Cite

View full text Add to dashboard Cite

Traditionally, the quality of a software or system architecture has been evaluated in the early stages of the development process using architecture quality evaluation methods. Emergent approaches like Industry 4.0 require continuous monitoring of both run‐time and development‐time quality properties, in contrast to traditional systems where quality is evaluated at specific milestones using techniques such as project reviews. Considering the dynamics and minimum down‐time imposed by the industrial production domain, it must also be ensured that Industry 4.0 system evaluations are continuously performed with high confidence and with as much automation as possible, using simulations, for instance. In this regard, there is a need to develop new methods for continuously monitoring and evaluating the quality properties of software‐based systems for Industry 4.0, which must be supported by automated quality evaluation techniques. In this research we analyze traditional architecture evaluation methods and Industry 4.0 scenarios, and propose an approach based on Digital Twins and simulations to continuously evaluate runtime quality aspects of the architecture and systems of industrial production plants. The evaluation is based on the instantiation of our approach for a concrete demand of an automation plant in the automotive domain.

show abstract

Section: State‐of‐the‐art and State‐of‐the‐practicementioning

confidence: 99%

Section: State‐of‐the‐art and State‐of‐the‐practicementioning

confidence: 99%

Continuous engineering for Industry 4.0 architectures and systems

Antonino

Capilla²,

Kazman

et al. 2022

Softw Pract Exp

Self Cite

View full text Add to dashboard Cite

show abstract

“…The case study design must comprise case study selection and preparation [14,[17][18][19]. Case study design for new technologies that integrate cloud computing along with other technologies like mobile, routers, sensors, and other IoT devices is more complex than designing case studies for simpler technologies [20,21].…”

Section: -Introductionmentioning

confidence: 99%

Overview on Case Study Penetration Testing Models Evaluation

2023

View full text Add to dashboard Cite

Model evaluation is a cornerstone of scientific research as it represents the findings' accuracy and model performance. A case study is commonly used in evaluating software engineering models. Due to criticism in terms of generalization from a single case study and testers, deciding on the number of case studies used for evaluation and the number of testers has been one of the researchers’ challenges. Multiple case studies with multiple testers can be difficult in some domains, such as penetration testing, due to the complexity and time needed to prepare test cases. This study aims to review the literature and examine the evaluation methods used pertaining to the number of case studies and testers involved. This study is beneficial for researchers, students, and penetration testers as it provides case study design steps that are useful to determine the appropriate number of test cases and testers required. The paper's findings and novelty highlight that a single case study with a single tester is enough to evaluate a model. It also strikes a balance between what is enough for the evaluation and the need to reduce criticisms of a single case study by using two case studies with a single tester. Doi: 10.28991/ESJ-2023-07-03-025 Full Text: PDF

show abstract

A Business-Oriented Methodology to Evaluate the Security of Software Architecture Quantitatively

Chen,

Zhou,

Chen

et al. 2023

Int. J. Soft. Eng. Knowl. Eng.

View full text Add to dashboard Cite

Software architecture security design is a key stage in developing business-oriented system, such as business-critical system, ICT system and AI system. Many typical accidents also remind us that the security of software architecture even plays a more important role than the code security in most software systems. However, there are very few researches which focus on the security of software architecture. Especially, we don’t find a systematic and feasible quantitative method to evaluate the security of software architecture. To fill this gap, we launched a research project focusing on software architecture security since 2019 and try to provide a series of quantitative methods for evaluating the security of software architecture. In this paper, a business-oriented quantitative method was proposed to evaluate the security of software architecture from the view of business-critical security insurance. In our method, both business dependency graph (BDG) and multi-hierarchical dependency graph (MHDG) are defined and constructed first for describing businesses and their relationships, and system components and their relationships; then, attack points and business key-points are identified and labeled on BDG and MHDG; and further, all potential attack paths and effective attack paths in the system based on MHDG are detected; and finally, a set of security indicators is defined and used to evaluate the security of software architecture quantitatively. For more effective experiments, we use software architectures with different styles and different evolution versions. Experimental results show that our method can reflect effectively the security characteristics of software architecture with different styles, can find the security changes of different architecture evolution versions for the same system, and can perform quantitative evaluation of software architecture security efficiently.

show abstract

Continuous and Proactive Software Architecture Evaluation: An IoT Case

Cited by 3 publications

References 80 publications

Continuous engineering for Industry 4.0 architectures and systems

Continuous engineering for Industry 4.0 architectures and systems

Overview on Case Study Penetration Testing Models Evaluation

A Business-Oriented Methodology to Evaluate the Security of Software Architecture Quantitatively

Contact Info

Product

Resources

About