22,402 research outputs found
Automating SLA-Driven API Development with SLA4OAI
The OpenAPI Specification (OAS) is the de facto standard
to describe RESTful APIs from a functional perspective. OAS has been
a success due to its simple model and the wide ecosystem of tools supporting the SLA-Driven API development lifecycle. Unfortunately, the
current OAS scope ignores crucial information for an API such as its
Service Level Agreement (SLA). Therefore, in terms of description and
management of non-functional information, the disadvantages of not having a standard include the vendor lock-in and prevent the ecosystem to
grow and handle extra functional aspects.
In this paper, we present SLA4OAI, pioneering in extending OAS not
only allowing the specification of SLAs, but also supporting some stages
of the SLA-Driven API lifecycle with an open-source ecosystem. Finally,
we validate our proposal having modeled 5488 limitations in 148 plans
of 35 real-world APIs and show an initial interest from the industry with
600 and 1900 downloads and installs of the SLA Instrumentation Library
and the SLA Engine.Ministerio de EconomÃa y Competitividad TIN2015-70560-RMinisterio de Ciencia, Innovación y Universidades RTI2018-101204-B-C21Ministerio de Educación, Cultura y Deporte FPU15/0298
Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems
In recent years, Industrial Control Systems (ICS) have become an appealing
target for cyber attacks, having massive destructive consequences. Security
metrics are therefore essential to assess their security posture. In this
paper, we present a novel ICS security metric based on AND/OR graphs that
represent cyber-physical dependencies among network components. Our metric is
able to efficiently identify sets of critical cyber-physical components, with
minimal cost for an attacker, such that if compromised, the system would enter
into a non-operational state. We address this problem by efficiently
transforming the input AND/OR graph-based model into a weighted logical formula
that is then used to build and solve a Weighted Partial MAX-SAT problem. Our
tool, META4ICS, leverages state-of-the-art techniques from the field of logical
satisfiability optimisation in order to achieve efficient computation times.
Our experimental results indicate that the proposed security metric can
efficiently scale to networks with thousands of nodes and be computed in
seconds. In addition, we present a case study where we have used our system to
analyse the security posture of a realistic water transport network. We discuss
our findings on the plant as well as further security applications of our
metric.Comment: Keywords: Security metrics, industrial control systems,
cyber-physical systems, AND-OR graphs, MAX-SAT resolutio
AUTOMATING OUTPUT SIZE AND REUSE METRICS IN A REPOSITORY-BASED COMPUTER AIDED SOFTWARE ENGINEERING (CASE) ENVIRONMENT
Measurement of software development productivity is needed in order to control software costs, but it is
discouragingly labor-intensive and expensive. Computer aided software engineering (CASE) technologies --
especially repository-based, integrated CASE -- have the potential to support the automation of this
measurement. In this paper, we discuss the development of automated analyzers for function point and
software reuse measurement for object-based CASE. Both analyzers take advantage of the existence of a
representation of the application system that is stored within an object repository, and that contains the
necessary information about the application system. We also discuss metrics for software reuse
measurement, including reuse leverage, reuse value and reuse classification, that are motivated by managerial
requirements and the efforts, within industry and the IEEE, to standardize measurement. The functionality
and the analytical capabilities of state-of-the-art automated software metrics analyzers are illustrated in the
context of an investment banking industry application, that is similar to systems deployed at the New York
City-based investment bank where these tools were developed and tested.Information Systems Working Papers Serie
AUTOMATING OUTPUT SIZE AND REUSE METRICS IN A REPOSITORY-BASED COMPUTER AIDED SOFTWARE ENGINEERING (CASE) ENVIRONMENT
Measurement of software development productivity is needed in order to control software costs, but it is
discouragingly labor-intensive and expensive. Computer aided software engineering (CASE) technologies --
especially repository-based, integrated CASE -- have the potential to support the automation of this
measurement. In this paper, we discuss the development of automated analyzers for function point and
software reuse measurement for object-based CASE. Both analyzers take advantage of the existence of a
representation of the application system that is stored within an object repository, and that contains the
necessary information about the application system. We also discuss metrics for software reuse
measurement, including reuse leverage, reuse value and reuse classification, that are motivated by managerial
requirements and the efforts, within industry and the IEEE, to standardize measurement. The functionality
and the analytical capabilities of state-of-the-art automated software metrics analyzers are illustrated in the
context of an investment banking industry application, that is similar to systems deployed at the New York
City-based investment bank where these tools were developed and tested.Information Systems Working Papers Serie
AUTOMATING OUTPUT SIZE AND REUSABILITY METRICS IN AN OBJECT-BASED COMPUTER AIDED SOFTWARE ENGINEERING (CASE) ENVIRONMENT
Measurement of software development productivity is needed in order to control
software costs, but it is discouragingly labor-intensive and expensive. Computer aided
software engineering (CASE) technologies -- especially object-oriented, integrated CASE
-- have the potential to support the automation of this measurement. In this paper, we
discuss the conceptual development of automated analyzers for function point and
software reusability measurement for object-based CASE. Both analyzers take advantage
of the existence of a representation of the application system that is stored within an
object repository, and that contains the necessary information about the application
system. We also propose new metrics for software reusability measurement, including
reuse leverage, reuse value and reuse classification. The functionality and analytic
capabilities of state-of-the-art automated software metrics analyzers are illustrated in the
context of an investment banking industry application.Information Systems Working Papers Serie
- …