Software Architecture Thoughts for the System Security Design
|
|
- Brent Warner
- 6 years ago
- Views:
Transcription
1 Software Architecture Thoughts for the System Security Design Software Engineering Institute Carnegie Mellon University Pittsburgh, PA James Ivers April 17, 2007
2 Role of Software Architecture If the only criterion for software was to get the right answer, we would not need architectures unstructured, monolithic systems would suffice. But other things also matter, like modifiability time of development performance coordination of work teams Quality attributes such as these are largely dependent on architectural decisions. All design involves tradeoffs among quality attributes. The earlier we reason about tradeoffs, the better. 2
3 Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 3
4 Scoping the Problem What is being defined in the architecture? New features/assets Integration between new features/assets and existing systems Recommendations for existing features/assets What constraints are we under? Business (e.g., deadlines, cost, or regulatory standards) Technical (e.g., existing assets or interfaces) What are the driving quality attributes? Security, modifiability, reliability, performance, usability, etc. How do we manage the trade-offs among qualities How will the architecture be used? Basis for implementation Detailed analyses Contract between component suppliers and acquirers 4
5 Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 5
6 The Architecture Design Process An architecture design follows (should, really!) this process: 1. Create a measurable specification of quality attribute requirements that need to be supported by the architecture 2. Evaluate if the current architecture you have fulfills those requirements 3. If not, make some changes to the architecture to improve and repeat step 2 4. If yes, Lucky you! You are done. As simple as this may sound, it creates a huge problem 6
7 The Dilemma of the Architect 1 Initial architecture may look like this Architect There decides are many possibilities to make the architecture better Such as this one or this one Architecture Decision A view of possible architectures 7
8 The Dilemma of the Architect 2 And the process repeats A view of possible architectures Until (hopefully) a solution is found Unacceptable Architecture Acceptable Architecture Solution! Decision 8
9 The Dilemma of the Architect 3 A view of possible architectures but and there the are perfect many more solution architectures the might project be that runs have out there of not time! been explored! Unacceptable Architecture Acceptable Architecture Solution! Decision 9
10 Attribute-Driven Design (ADD) Method The ADD method is an approach to defining software architectures by basing the design process on the architecture s quality attribute requirements. It follows a recursive decomposition process where, at each stage in the decomposition, tactics and architectural patterns are chosen to satisfy a set of quality attribute scenarios. Constraints Functional requirements Quality requirements ADD Decomposition of the architecture 10
11 Steps of the ADD Method 1. Choose the element to decompose. 2. Refine the element according to these steps: a. Choose the architectural significant requirements. b. Choose an architectural pattern that satisfies the architectural significant requirements. c. Instantiate elements and allocate functionality from the use cases using multiple views. d. Define interfaces of the child elements. e. Verify and refine use cases and quality scenarios and make them constraints for the child elements. 3. Repeat these steps for the next element. Remember that early decisions constrain later decisions. Make those with the biggest impact early. 11
12 Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 12
13 View-Based Documentation All modern approaches to software architecture creation and documentation are based on views. A general principle for documenting a software architecture is Documenting a software architecture is a matter of documenting the relevant views and then adding information that applies to more than one view. + + = 13
14 Views An architecture is a multidimensional construct, too involved to be seen all at once. Systems are composed of many structures that show modules, their composition/decomposition and mapping to code units processes and how they synchronize programs and how they call or send data to each other how software is deployed on hardware how teams cooperate to build the system how components and connectors work at runtime Views are representations of structures. We use them to manage complexity by separating concerns. 14
15 What Is the Right Set of Views? Unlike approaches that prescribe a fixed set of views, we take a more general approach: Choose the best views for each situation. Which views are right depends on 1. the structures that are inherent in the software 2. who the stakeholders are and how they will use the documentation How do stakeholders use documentation? education introducing people to the project communication especially among stakeholders architect to developers architect to (current or future) architect analysis assuring quality attributes 15
16 But Which Views to Consider? Module Uses Decomposition Class/Generalization Layered Allocation Work Assignment Deployment Implementation 16
17 Producing Documentation Documenting individual views Unambiguous notations Enough information to support purpose Rationale! Mapping between views Reconciling different perspectives to avoid inconsistencies Many analyses require information found in different views Standards compliance IEEE 1471, ISO/IEC 42010:2007 Etc. 17
18 Key Topics in Creating a Software Architecture Scoping the problem Defining/refining the architecture Documenting the architecture Evaluating the architecture 18
19 Why Evaluate an Architecture? Because so much is riding on it! An unsuitable architecture can precipitate disaster. Architecture determines the structure of the project. Because we can! Repeatable, structured methods offer a low-cost risk mitigation capability that can be employed early in the development life cycle. Making sure an architecture is the right one simply makes good sense. Architecture evaluation should be a standard part of every architecture-based development methodology. 19
20 Evaluation Techniques There are a variety of techniques for performing architecture evaluations, each having a different cost and providing different information. These techniques fall into two broad categories: 1. questioning techniques - are applied to evaluate an architecture for any given reason 2. measuring techniques - are applied to answer questions about specific quality attributes 20
21 Conceptual Flow of the ATAM Business Drivers Quality Attributes Scenarios Software Architecture Architectural Approaches Architectural Decisions Analysis Tradeoffs impacts Sensitivity Points Risk Themes distilled into Non-Risks Risks 21
22 Typical Output from Evaluations Set of ranked issues, risks, risk themes, or problem areas that have supporting data are contained in a formal report are used as feedback to the project Set of scenarios, questions, or checklists for future use Identification of potentially reusable components Enhanced system documentation Estimation of the evaluation s costs and benefits of the evaluation Improvements to the evaluation technique or process 22
23 A cco u n t S e rve r-m a in KEY C om p one nt Ty pe s: C lie nt S e rv er D at ab as e D at ab as e A p plic atio n C lie n t Teller 1 A cco u nt D at ab a se A c cou n t S e rve r-b a cku p ASTER Gateway A d m in istra tive A tta c hm e nt C o n n e c to r T y p es : P u blis h -S u sc rib e C lie n t-s erv e r R e qu es t /R e p ly D atabase Access SYBASE Repository RPC V0 Gateway DS Component Exposed RPC Interface Maintenance Tool SQL Exposed SQL Interface SEI Software Architecture Methods & Techniques QAW Patterns and tactics Sketches of candidate views, determined by patterns <<layer>> B <<layer>> A <<allowed to <<layer>> use>> A <<allowed to <<allowed use>> to <<layer>> use>> A Chosen, combined views plus documentation beyond views KEY <<layer>> B <<segment>> <<segment>> <<segment>> B1 B2<<allowed to <<allowed B3 use>> to use>> <<allowed <<layer>> to use>> B <<segment>> <<segment>> <<segment>> B1 B2<<allowed to B3 use>> <<allowed to use>> <<segment>> <<segment>> <<segment>> <<layer>> CB1 B2 B3 <<allowed to use>> <<layer>> C <<layer>> C ADD Prioritized QA scenarios Views & Beyond (VaB) ATAM Requirements Stakeholders 23
24 For More Information James Ivers World Wide Web: Technical reports Case studies Tools & templates Software Architecture in Practice, 2 nd Edition Documenting Software Architectures: Views and Beyond Evaluating Software Architectures: Methods and Case Studies 24
An Architect s Point of View. TSP Symposium Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213
An Architect s Point of View on TSP TSP Symposium 2011 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Felix Bachmann 09/2011 An Architect s Point of View on TSP 2 The Good
More informationAttribute-Driven Design
Attribute-Driven Design Minsoo Ryu Hanyang University msryu@hanyang.ac.kr Attribute-Driven Design The ADD method is an approach to defining a software architecture in which the design process is based
More informationSoftware Architecture
Software Architecture Does software architecture global design?, architect designer? Overview What is it, why bother? Architecture Design Viewpoints and view models Architectural styles Architecture asssessment
More informationSoftware Architectures. Lecture 6 (part 1)
Software Architectures Lecture 6 (part 1) 2 Roadmap of the course What is software architecture? Designing Software Architecture Requirements: quality attributes or qualities How to achieve requirements
More informationLecture 16: (Architecture IV)
Lecture 16: (Architecture IV) Software System Design and Implementation ITCS/ITIS 6112/8112 091 Fall 2008 Dr. Jamie Payton Department of Computer Science University of North Carolina at Charlotte Oct.
More informationQuality Attribute Driven Software Architecture Reconstruction. Version 1.0 QADSAR SATURN page 1
Pittsburgh, PA 15213-3890 Quality Attribute Driven Software Architecture Reconstruction SATURN Workshop April 7, 2005 Liam O Brien Sponsored by the U.S. Department of Defense 2005 by Carnegie Mellon University
More informationCurrent Best Practices in Software Architecture. Session 1: What Is Software Architecture? Why Is It Important?
Pittsburgh, PA 15213-3890 Current Best Practices in Software Architecture Session 1: What Is Software Architecture? Why Is It Important? Paul Clements Software Engineering Institute Carnegie Mellon University
More informationCh 1: The Architecture Business Cycle
Ch 1: The Architecture Business Cycle For decades, software designers have been taught to build systems based exclusively on the technical requirements. Software architecture encompasses the structures
More informationWHAT IS SOFTWARE ARCHITECTURE?
WHAT IS SOFTWARE ARCHITECTURE? Chapter Outline What Software Architecture Is and What It Isn t Architectural Structures and Views Architectural Patterns What Makes a Good Architecture? Summary 1 What is
More informationADD 3.0: Rethinking Drivers and Decisions in the Design Process
ADD 3.0: Rethinking Drivers and Decisions in the Design Process Rick Kazman Humberto Cervantes SATURN 2015 Outline Presentation Architectural design and types of drivers The Attribute Driven Design Method
More informationIntroduction to software architecture Revision : 732
Introduction to software architecture Revision : 732 Denis Conan Septembre 2018 Foreword The content of these slides is extracted from the following references: L. Bass, P. Clements, and R. Kazman. Software
More informationArchitectural Blueprint The 4+1 View Model of Software Architecture. Philippe Kruchten
Architectural Blueprint The 4+1 View Model of Software Architecture Philippe Kruchten Model What is a model? simplified abstract representation information exchange standardization principals (involved)
More informationRequirements Validation and Negotiation
REQUIREMENTS ENGINEERING LECTURE 2017/2018 Joerg Doerr Requirements Validation and Negotiation AGENDA Fundamentals of Requirements Validation Fundamentals of Requirements Negotiation Quality Aspects of
More informationArchitectural Blueprint
IMPORTANT NOTICE TO STUDENTS These slides are NOT to be used as a replacement for student notes. These slides are sometimes vague and incomplete on purpose to spark a class discussion Architectural Blueprint
More informationAn Industry Definition of Business Architecture
Architecture: State of the Art / State of the Practice ---------------------------- William M. Ulrich Tactical Strategy Group, Inc. www.systemtransformation.com An Industry Definition of Architecture A
More informationSoftware Architecture. Lecture 5
Software Architecture Lecture 5 Roadmap of the course What is software architecture? Designing Software Architecture Requirements: quality attributes or qualities How to achieve requirements : tactics
More informationSOFTWARE ARCHITECTURES UNIT I INTRODUCTION AND ARCHITECTURAL DRIVERS
IT6602 SOFTWARE ARCHITECTURES UNIT I INTRODUCTION AND ARCHITECTURAL DRIVERS SYLLABUS: Introduction What is software architecture? Standard Definitions Architectural structures Influence of software architecture
More informationWhat is Software Architecture
What is Software Architecture Is this diagram an architecture? (ATM Software) Control Card Interface Cash Dispenser Keyboard Interface What are ambiguities in the previous diagram? Nature of the elements
More informationOG0-091 Q&As TOGAF 9 Part 1
CertBus.com OG0-091 Q&As TOGAF 9 Part 1 Pass The Open Group OG0-091 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: 100% Passing Guarantee 100% Money Back Assurance
More informationCh 1: The Architecture Business Cycle
Ch 1: The Architecture Business Cycle For decades, software designers have been taught to build systems based exclusively on the technical requirements. Software architecture encompasses the structures
More informationRequirement Analysis
Requirement Analysis Requirements Analysis & Specification Objective: determine what the system must do to solve the problem (without describing how) Done by Analyst (also called Requirements Analyst)
More informationOG The Open Group OG TOGAF 9 Combined Part 1 and Part 2
The Open Group OG0-093 TOGAF 9 Combined Part 1 and Part 2 1 Set1, Part 1 QUESTION: 1 Which of the following TOGAF components was created to enable architects to design architectures addressing Boundaryless
More informationQuality Attribute Design Primitives and the Attribute Driven Design Method 1
Quality Attribute Design Primitives and the Attribute Driven Design Method 1 Len Bass, Mark Klein, and Felix Bachmann Software Engineering Institute Carnegie Mellon University Pittsburgh, Pa 15213 USA
More informationThe Analysis and Proposed Modifications to ISO/IEC Software Engineering Software Quality Requirements and Evaluation Quality Requirements
Journal of Software Engineering and Applications, 2016, 9, 112-127 Published Online April 2016 in SciRes. http://www.scirp.org/journal/jsea http://dx.doi.org/10.4236/jsea.2016.94010 The Analysis and Proposed
More informationISO/IEC/ IEEE INTERNATIONAL STANDARD. Systems and software engineering Architecture description
INTERNATIONAL STANDARD ISO/IEC/ IEEE 42010 First edition 2011-12-01 Systems and software engineering Architecture description Ingénierie des systèmes et des logiciels Description de l'architecture Reference
More informationSolving the Enterprise Data Dilemma
Solving the Enterprise Data Dilemma Harmonizing Data Management and Data Governance to Accelerate Actionable Insights Learn More at erwin.com Is Our Company Realizing Value from Our Data? If your business
More informationMaintaining & Increasing Stakeholder Confidence in IT Architecture
Maintaining & Increasing Stakeholder Confidence in IT Architecture Eoin Woods eoin@artechra.com www.eoinwoods.info 1 Content Defining IT Architecture IT Architecture & Requirements Identifying Stakeholders
More informationRequirements Specifications & Standards
REQUIREMENTS ENGINEERING LECTURE 2014/2015 Dr. Jörg Dörr Requirements Specifications & Standards AGENDA Standards & Templates Natural Language Requirements Specification with Conceptual Models Suitable
More informationDesigning Software Architecture to Achieve Business Goals
Designing Software Architecture to Achieve Business Goals Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 2009 Carnegie Mellon University Sponsored by the U.S. Department
More informationResponse to the. ESMA Consultation Paper:
Response to the ESMA Consultation Paper: Draft technical standards on access to data and aggregation and comparison of data across TR under Article 81 of EMIR Delivered to ESMA by Tahoe Blue Ltd January
More informationArchitecture Viewpoint Template for ISO/IEC/IEEE 42010
Architecture Viewpoint Template for ISO/IEC/IEEE 42010 Rich Hilliard r.hilliard@computer.org VERSION 2.1b Abstract This is a template for specifying architecture viewpoints in accordance with ISO/IEC/IEEE
More informationRoles and Responsibilities on DevOps Adoption
Roles and Responsibilities on DevOps Adoption Hasan Yasar Technical Manager, Adjunct Faculty Member Secure Lifecycle Solutions CERT SEI CMU Software Engineering Institute Carnegie Mellon University Pittsburgh,
More information<<Subsystem>> Software Architecture Document
Ref Contract Number: Contractor: Copy SAD TEMPLATE of Software Architecture Document SAD Template Page 1 of 21 Software Architecture Document Prepared by: Title Name Signature
More informationVendor: The Open Group. Exam Code: OG Exam Name: TOGAF 9 Part 1. Version: Demo
Vendor: The Open Group Exam Code: OG0-091 Exam Name: TOGAF 9 Part 1 Version: Demo QUESTION 1 According to TOGAF, Which of the following are the architecture domains that are commonly accepted subsets of
More informationModule 3. Overview of TOGAF 9.1 Architecture Development Method (ADM)
Module 3 Overview of TOGAF 9.1 Architecture Development Method (ADM) TOGAF 9.1 Structure The Architecture Development Method (ADM) Needs of the business shape non-architectural aspects of business operation
More informationTowards The Adoption of Modern Software Development Approach: Component Based Software Engineering
Indian Journal of Science and Technology, Vol 9(32), DOI: 10.17485/ijst/2016/v9i32/100187, August 2016 ISSN (Print) : 0974-6846 ISSN (Online) : 0974-5645 Towards The Adoption of Modern Software Development
More informationBusiness Architecture Implementation Workshop
Delivering a Business Architecture Transformation Project using the Business Architecture Guild BIZBOK Hands-on Workshop In this turbulent and competitive global economy, and the rapid pace of change in
More informationEuropean Component Oriented Architecture (ECOA ) Collaboration Programme: Architecture Specification Part 2: Definitions
European Component Oriented Architecture (ECOA ) Collaboration Programme: Part 2: Definitions BAE Ref No: IAWG-ECOA-TR-012 Dassault Ref No: DGT 144487-D Issue: 4 Prepared by BAE Systems (Operations) Limited
More informationMathematics and Computing: Level 2 M253 Team working in distributed environments
Mathematics and Computing: Level 2 M253 Team working in distributed environments SR M253 Resource Sheet Specifying requirements 1 Overview Having spent some time identifying the context and scope of our
More informationFundamentals to Creating Architectures using ISO/IEC/IEEE Standards
Fundamentals to Creating Architectures using ISO/IEC/IEEE Standards What to Architect? How to Architect? IEEE Goals and Objectives Chartered by IEEE Software Engineering Standards Committee to: Define
More informationIntroduction. A Brief Description of Our Journey
Introduction If you still write RPG code as you did 20 years ago, or if you have ILE RPG on your resume but don t actually use or understand it, this book is for you. It will help you transition from the
More information1 Executive Overview The Benefits and Objectives of BPDM
1 Executive Overview The Benefits and Objectives of BPDM This is an excerpt from the Final Submission BPDM document posted to OMG members on November 13 th 2006. The full version of the specification will
More informationA Beginners Guide to UML Part II
A Beginners Guide to UML Part II Dan Brown, Dunstan Thomas Consulting Summary In the first part of this article, I examined the origins and definition of the UML to provide a basic understanding of what
More informationSTEP Data Governance: At a Glance
STEP Data Governance: At a Glance Master data is the heart of business optimization and refers to organizational data, such as product, asset, location, supplier and customer information. Companies today
More informationEXIN Expert in IT Service Management based on ISO/IEC Preparation Guide
EXIN Expert in IT Service Management based on ISO/IEC 20000 Preparation Guide Edition June 2016 Copyright 2016 EXIN All rights reserved. No part of this publication may be published, reproduced, copied
More informationSERVICE TRANSITION ITIL INTERMEDIATE TRAINING & CERTIFICATION
SERVICE TRANSITION ITIL INTERMEDIATE TRAINING & CERTIFICATION WHAT IS ITIL ST? The intermediate level of ITIL offers a role based hands-on experience and in-depth coverage of the contents. Successful implementation
More informationISO / IEC 27001:2005. A brief introduction. Dimitris Petropoulos Managing Director ENCODE Middle East September 2006
ISO / IEC 27001:2005 A brief introduction Dimitris Petropoulos Managing Director ENCODE Middle East September 2006 Information Information is an asset which, like other important business assets, has value
More informationLecture 5: Requirements Specifications
Lecture 5: Requirements Specifications Why we need to write specifications Purpose and audience Choosing an appropriate size and formality Desiderata for Specifications Properties of good specifications
More informationSOFTWARE ARCHITECTURE & DESIGN INTRODUCTION
SOFTWARE ARCHITECTURE & DESIGN INTRODUCTION http://www.tutorialspoint.com/software_architecture_design/introduction.htm Copyright tutorialspoint.com The architecture of a system describes its major components,
More informationNick Rozanski Andy Longshaw Eoin Woods. Sold! How to Describe, Explain and Justify your Architecture
Nick Rozanski Andy Longshaw Eoin Woods Sold! How to Describe, Explain and Justify your Architecture Objectives of Today If you are an architect who has to produce an Architectural Description, then this
More informationDiseño y Evaluación de Arquitecturas de Software. Architecture Based Design Method
Diseño y Evaluación de Arquitecturas de Software Architecture Based Design Method César Julio Bustacara Medina Facultad de Ingeniería Pontificia Universidad Javeriana 08/10/2015 1 Architecture Based Design
More informationBriefing Date. Purpose
Applying the Systems Engineering Method for the Joint Capabilities Integration and Development System (JCIDS) Chris Ryder and Dave Flanigan 27 October 2005 Purpose JCIDS prescribes a joint forces approach
More informationRequirements to models: goals and methods
Requirements to models: goals and methods Considering Garlan (2000), Kruchen (1996), Gruunbacher et al (2005) and Alter (2006-08) CIS Department Professor Duane Truex III Wojtek Kozaczynski The domain
More informationDeriving safety requirements according to ISO for complex systems: How to avoid getting lost?
Deriving safety requirements according to ISO 26262 for complex systems: How to avoid getting lost? Thomas Frese, Ford-Werke GmbH, Köln; Denis Hatebur, ITESYS GmbH, Dortmund; Hans-Jörg Aryus, SystemA GmbH,
More informationHP Application Lifecycle Management. Upgrade Best Practices
HP Application Lifecycle Management Upgrade Best Practices Document Release Date: October 2010 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty
More informationBPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.
BPS Suite and the OCEG Capability Model Mapping the OCEG Capability Model to the BPS Suite s product capability. BPS Contents Introduction... 2 GRC activities... 2 BPS and the Capability Model for GRC...
More informatione-sens Nordic & Baltic Area Meeting Stockholm April 23rd 2013
e-sens Nordic & Baltic Area Meeting Stockholm April 23rd 2013 Objectives of the afternoon parallel tracks sessions 2 Meeting objectives High level: Identification of shared interests with emphasis on those
More informationDocument Engineering
1 of 44 3/4/2007 10:40 AM Document Engineering Strategic Computing and Communications Technology 12 March 2007 Bob Glushko glushko@ischool.berkeley.edu 2 of 44 3/4/2007 10:40 AM Plan for Today's Lecture
More informationUser Documentation Development Life Cycle (UDDLC)
WWW.ALMAHACONSULTING.CA User Documentation Development Life Cycle (UDDLC) STANDARD OPERATING PROCEDURE BUSINESS PROCESS DOCUMENT DOCUMENT STATUS: VERSION 0.1 Department BUSINESS TRANSFORMATION Process
More informationImproving Security in the Application Development Life-cycle
Improving Security in the Application Development Life-cycle Migchiel de Jong Software Security Engineer mdejong@fortifysoftware.com March 9, 2006 General contact: Jurgen Teulings, 06-30072736 jteulings@fortifysoftware.com
More informationBDSA Introduction to OOAD. Jakob E. Bardram
BDSA Introduction to OOAD Jakob E. Bardram Programming is Fun Developing Quality Software is Hard. Craig Larman in [OOAD] book 2 Object-Oriented Analysis & Design (OOAD) This Lecture Unified Modeling Language
More informationGuide to IREE Certification
Guide to IREE Certification Certification Congratulations on your decision to pursue Investor Ready Energy Efficiency (IREE) Certification for your project! As a building owner, by choosing to pursue IREE
More informationBusiness Analysis for Practitioners - Requirements Elicitation and Analysis (Domain 3)
Business Analysis for Practitioners - Requirements Elicitation and Analysis (Domain 3) COURSE STRUCTURE Introduction to Business Analysis Module 1 Needs Assessment Module 2 Business Analysis Planning Module
More informationSoftware Life-Cycle Management
Ingo Arnold Department Computer Science University of Basel Introduction Software Life-Cycle Management Architecture Handbook View Model Architecture View Models If this is real world s physical complexity..
More informationAbout HP Quality Center Upgrade... 2 Introduction... 2 Audience... 2
HP Quality Center Upgrade Best Practices White paper Table of contents About HP Quality Center Upgrade... 2 Introduction... 2 Audience... 2 Defining... 3 Determine the need for an HP Quality Center Upgrade...
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationThe Impact of SOA Policy-Based Computing on C2 Interoperation and Computing. R. Paul, W. T. Tsai, Jay Bayne
The Impact of SOA Policy-Based Computing on C2 Interoperation and Computing R. Paul, W. T. Tsai, Jay Bayne 1 Table of Content Introduction Service-Oriented Computing Acceptance of SOA within DOD Policy-based
More informationTest Architect A Key Role defined by Siemens
Test Architect A Key Role defined by Siemens Siemens Munich, Germany January 30 February 3, 2017 http://www.oop-konferenz.de Agenda Why do we need a Test Architect? What are the responsibilities and tasks
More information90% of data breaches are caused by software vulnerabilities.
90% of data breaches are caused by software vulnerabilities. Get the skills you need to build secure software applications Secure Software Development (SSD) www.ce.ucf.edu/ssd Offered in partnership with
More informationneeds, wants, and limitations
In broad terms Process in which the needs, wants, and limitations of end users of a product are given extensive attention at each stage of the design process. ISO principles which says that the design
More informationCOURSE BROCHURE. ITIL - Intermediate Service Transition. Training & Certification
COURSE BROCHURE ITIL - Intermediate Service Transition. Training & Certification What is ITIL ST? The intermediate level of ITIL offers a role based hands-on experience and in-depth coverage of the contents.
More informationArchitectures of Distributed Systems 2011/2012
Architectures of Distributed Systems 2011/2012 Component Based Systems Johan Lukkien TU/e Computer TU/e Informatica, Science, System Architecture and Networking 1 Goals Students have an overview of motivation
More informationThe Confluence of Physical and Cyber Security Management
The Confluence of Physical and Cyber Security Management GOVSEC 2009 Samuel A Merrell, CISSP James F. Stevens, CISSP 2009 Carnegie Mellon University Today s Agenda: Introduction Risk Management Concepts
More informationTech Advantage Benchmarking Your Cyber Security Program. March 5, 2014
Tech Advantage Benchmarking Your Cyber Security Program March 5, 2014 Elements of Cyber Security Confidentiality Integrity C Security Availability I A Perfect security is unattainable Overview What is
More informationCopyright protected. Use is for Single Users only via a VHP Approved License. For information and printed versions please see
TOGAF 9 Certified Study Guide 4th Edition The Open Group Publications available from Van Haren Publishing The TOGAF Series: The TOGAF Standard, Version 9.2 The TOGAF Standard Version 9.2 A Pocket Guide
More informationHITSP Standards Harmonization Process -- A report on progress
Document Number: HITSP 06 N 75 Date: May 4, 2006 HITSP Standards Harmonization Process -- A report on progress Arlington, VA May 4 th, 2006 0 What Was Done Reviewed obligations from federal contract Observed
More informationRequirements Gathering
Introduction to Requirements Gathering Prepared for: St. Edwards University Analysis, Modeling and Design MCIS6310 Dr. David Franke 6 June 2006 Copyright 2005-2006 Tyner Blain LLC 1 Outline 1. Overview
More informationArchitectural Design
Architectural Design Topics i. Architectural design decisions ii. Architectural views iii. Architectural patterns iv. Application architectures PART 1 ARCHITECTURAL DESIGN DECISIONS Recap on SDLC Phases
More informationThe software lifecycle and its documents
The software lifecycle and its documents Supplementary material for Software Architecture course B. Meyer, May 2006 Lifecycle models Origin: Royce, 1970, Waterfall model Scope: describe the set of processes
More informationGovernment of Ontario IT Standard (GO ITS)
Government of Ontario IT Standard (GO ITS) GO-ITS Number 56.3 Information Modeling Standard Version # : 1.5 Status: Approved Prepared under the delegated authority of the Management Board of Cabinet Queen's
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE Digital Policy Management consists of a set of computer programs used to generate, convert, deconflict, validate, assess
More informationIntroduction - SENG 330. Object-Oriented Analysis and Design
Introduction - SENG 330 Object-Oriented Analysis and Design SENG 330 Fall 2006 Instructor: Alex Thomo Email: thomo@cs.uvic.ca Office hours: Office Hours: TWF 12:30-1:30 p.m. Location: ECS 556 Objective:
More informationLecture 8: Use Case -Driven Design. Where UML fits in
Lecture 8: Use Case -Driven Design The Role of UML in the Software Process E.g. ICONIX Domain Models Use Cases 2008 Steve Easterbrook. This presentation is available free for non-commercial use with attribution
More informationArchitectural Design
Architectural Design Topics i. Architectural design decisions ii. Architectural views iii. Architectural patterns iv. Application architectures Chapter 6 Architectural design 2 PART 1 ARCHITECTURAL DESIGN
More informationISO & ISO & ISO Cloud Documentation Toolkit
ISO & ISO 27017 & ISO 27018 Cloud ation Toolkit Note: The documentation should preferably be implemented order in which it is listed here. The order of implementation of documentation related to Annex
More informationFIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION
FIVE BEST PRACTICES FOR ENSURING A SUCCESSFUL SQL SERVER MIGRATION The process of planning and executing SQL Server migrations can be complex and risk-prone. This is a case where the right approach and
More informationWhat is Software Architecture? What is Principal?
What is Software Architecture? Definition: A software system s architecture is the set of principal design decisions about the system Software architecture is the blueprint for a software system s construction
More informationSoftware Design Report
Software design is a process by which the software requirements are translated into a representation of software components, interfaces, and data necessary for the implementation phase. The SDD shows how
More informationWhat s a BA to do with Data? Discover and define standard data elements in business terms
What s a BA to do with Data? Discover and define standard data elements in business terms Susan Block, Lead Business Systems Analyst The Vanguard Group Discussion Points Discovering Business Data The Data
More informationUser-centered design and the requirement process
User-centered design and the requirement process The slides are based on slides by Tuva Solstad and Anne-Stine Ruud Husevåg Outline A general introduction to iterative methodology and user-centered design
More informationRequirements Validation and Negotiation
REQUIREMENTS ENGINEERING LECTURE 2015/2016 Eddy Groen Requirements Validation and Negotiation AGENDA Fundamentals of Requirements Validation Fundamentals of Requirements Negotiation Quality Aspects of
More informationChapter 6 Architectural Design. Chapter 6 Architectural design
Chapter 6 Architectural Design 1 Topics covered Architectural design decisions Architectural views Architectural patterns Application architectures 2 Software architecture The design process for identifying
More informationThe Process of Software Architecting
IBM Software Group The Process of Software Architecting Peter Eeles Executive IT Architect IBM UK peter.eeles@uk.ibm.com 2009 IBM Corporation Agenda IBM Software Group Rational software Introduction Architecture,
More informationJelena Roljevic Assistant Vice President, Business Intelligence Ronald Layne Data Governance and Data Quality Manager
Jelena Roljevic Assistant Vice President, Business Intelligence roljevic@gwu.edu Ronald Layne Data Governance and Data Quality Manager rlayne@gwu.edu July 13, 2016 Key Takeaways 1. How to ensure strong
More informationAttribute Driven Design (ADD 3.0) Tackling complexity in the heart of Software Architecture. Luis Manuel Muegues Acosta Software Architect at Ryanair
Attribute Driven Design (ADD 3.0) Tackling complexity in the heart of Software Architecture Luis Manuel Muegues Acosta Software Architect at Ryanair Webinair esummit IASA 23 August 2017 Welcome to everyone
More informationReview of Basic Software Design Concepts. Fethi Rabhi SENG 2021
Review of Basic Software Design Concepts Fethi Rabhi SENG 2021 1 Topics The development process Planning Designing Implementing 2 1. The development process How to organise activities related to the creation,
More informationMicrosoft SharePoint Server 2013 Plan, Configure & Manage
Microsoft SharePoint Server 2013 Plan, Configure & Manage Course 20331-20332B 5 Days Instructor-led, Hands on Course Information This five day instructor-led course omits the overlap and redundancy that
More informationGeneral Framework for Secure IoT Systems
General Framework for Secure IoT Systems National center of Incident readiness and Strategy for Cybersecurity (NISC) Government of Japan August 26, 2016 1. General Framework Objective Internet of Things
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationBUILDING GOOD-QUALITY FUNCTIONAL SPECIFICATION MODEL
BUILDING GOOD-QUALITY FUNCTIONAL SPECIFICATION MODEL A few words on Samares Engineering Research and Consultancy on Systems Engineering Requirement engineering Model-Based Systems Engineering Co-simulation
More information