66,035 research outputs found
Patterns of information security postures for socio-technical systems and systems-of-systems
This paper describes a proposal to develop patterns
of security postures for computer based socio-technical systems and systems-of-systems. Such systems typically span many organisational boundaries, integrating multiple computer systems, infrastructures and organisational processes. The paper describes the motivation for the proposed work, and our approach to the development, specification, integration and validation of security patterns for socio-technical and system-of-system scale systems
Detecting Coordination Problems in Collaborative Software Development Environments
Software development is rarely an individual effort and generally involves teams of developers collaborating to generate good reliable code. Among the software code there exist technical dependencies that arise from software components using services from other components. The different ways of assigning the design, development, and testing of these software modules to people can cause various coordination problems among them. We claim\ud
that the collaboration of the developers, designers and testers must be related to and governed by the technical task structure. These collaboration practices are handled in what we call Socio-Technical Patterns.\ud
The TESNA project (Technical Social Network Analysis) we report on in this paper addresses this issue. We propose a method and a tool that a project manager can use in order to detect the socio-technical coordination problems. We test the method and tool in a case study of a small and innovative software product company
Recommended from our members
Extending IT infrastructures in the service sector organisations through enterprise resource planning – a telecom case study
Copyright @ 2012 ISEing.Service Sector Organisations (SSOs) have significantly focused on adopting and implementing Enterprise Resource Planning (ERP) systems to automate their prime business processes, enhance organisational productivity with lower costs and prompt service delivery to fulfil consumer demands. Thus, ERP systems are considered as a principal source to provide imperative information vital for strategic decision making process. On the contrary, ERP systems adoption and implementation is also highly considered as a challenging and expensive process that not only requires rigorous efforts but also demands to have an exhaustive investigation of influential factors that are critical to the adoption and implementation of ERP systems. As a result, the authors exhibit that it is of great significance to investigate this area within SSOs. In so doing, this paper thus focuses on the ERP critical success factors from five different categories such as: stakeholders; process; technology; organisation; and project based on the literature analysis. These perspectives comprise of 24 factors that are imperative for a successful ERP adoption and implementation. These factors are validated through an in-depth qualitative single case study based research. The findings from the literature and empirical demonstrate that most of the factors influencing the decision making process for ERP adoption and implementation are highly significant with exception to few that have either low or medium importance
Threats Management Throughout the Software Service Life-Cycle
Software services are inevitably exposed to a fluctuating threat picture.
Unfortunately, not all threats can be handled only with preventive measures
during design and development, but also require adaptive mitigations at
runtime. In this paper we describe an approach where we model composite
services and threats together, which allows us to create preventive measures at
design-time. At runtime, our specification also allows the service runtime
environment (SRE) to receive alerts about active threats that we have not
handled, and react to these automatically through adaptation of the composite
service. A goal-oriented security requirements modelling tool is used to model
business-level threats and analyse how they may impact goals. A process flow
modelling tool, utilising Business Process Model and Notation (BPMN) and
standard error boundary events, allows us to define how threats should be
responded to during service execution on a technical level. Throughout the
software life-cycle, we maintain threats in a centralised threat repository.
Re-use of these threats extends further into monitoring alerts being
distributed through a cloud-based messaging service. To demonstrate our
approach in practice, we have developed a proof-of-concept service for the Air
Traffic Management (ATM) domain. In addition to the design-time activities, we
show how this composite service duly adapts itself when a service component is
exposed to a threat at runtime.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Deriving Information Requirements from Responsibility Models
This paper describes research in understanding the requirements for complex information systems that are constructed from one or more generic COTS systems. We argue that, in these cases, behavioural requirements are largely defined by the underlying system and that the goal of the requirements engineering process is to understand the information requirements of system stakeholders. We discuss this notion of information requirements and propose that an understanding of how a socio-technical system is structured in terms of responsibilities is an effective way of discovering this type of requirement. We introduce the idea of responsibility modelling and show, using an example drawn from the domain of emergency planning, how a responsibility model can be used to derive information requirements for a system that coordinates the multiple agencies dealing with an emergency
Recommended from our members
Global perspectives on legacy systems
Summarises findings of two international workshops on legacy systems, held in conjunction with an EPSRC managed programme. Issues covered include the nature and dynamics of legacy systems, the co-evolution of software and organisations, issues around software as a technology (its engineering and its management), and organisational/people issues
Collaborative design : managing task interdependencies and multiple perspectives
This paper focuses on two characteristics of collaborative design with
respect to cooperative work: the importance of work interdependencies linked to
the nature of design problems; and the fundamental function of design
cooperative work arrangement which is the confrontation and combination of
perspectives. These two intrinsic characteristics of the design work stress
specific cooperative processes: coordination processes in order to manage task
interdependencies, establishment of common ground and negotiation mechanisms in
order to manage the integration of multiple perspectives in design
On the structure of problem variability: From feature diagrams to problem frames
Requirements for product families are expressed in terms of commonality and variability. This distinction allows early identification of an appropriate software architecture and opportunities for software reuse. Feature diagrams provide intuitive notations and techniques for representing requirements in product line development. In this paper, we observe that feature diagrams tend to obfuscate three important descriptions: requirements, domain properties and specifications. As a result, feature diagrams do not adequately capture the problem structures that underlie variability, and inform the solution structures of their complexity. With its emphasis on separation of the three descriptions, the problem frames approach provides a conceptual framework for a more detailed analysis of variability and its structure. With illustrations from an example, we demonstrate how problem frames analysis of variability can augment feature diagrams
- …