Technical Reports

 

Return to Technical Report System

USC-CSE-2006-615 (pdf)

A Framework for the Assessment and Selection on Software Compononents and Connectors in COTS-based Architectures

Jesal Bhuta, Chris A. Mattmann, Nenad Medvidovic, Barry Boehm

Abstract: Software systems today are composed from prefabricated commercial components and connectors that provide complex functionality and engage in complex interactions. Unfortunately, because of the distinct assumptions made by developers of these products, successfully integrating them into a software system can be complicated, often causing budget and schedule overruns. A number of integration risks can often be resolved by selecting the .right. set of COTS components and connectors that can be integrated with minimal effort. In this paper we describe a framework for selecting COTS software components and connectors ensuring their interoperability in software-intensive systems. Our framework is built upon standard definitions of both COTS components and connectors and is intended for use by architects and developers during the design phase of a software system. We highlight the utility of our framework using a challenging example from the data-intensive systems domain. Our preliminary experience in using the framework indicates an increase in interoperability assessment productivity by 50% and accuracy by 20%.

Source: Sixth Working IEEE/IFIP Conference on Software Architecture, Mumbai, India.

Added 09/19/2006


USC-CSE-2006-614 (pdf)

System-of-Systems Cost Estimation: Analysis of Lead System Integrator Engineering Activities

Jo Ann Lane and Dr. Barry Boehm

Abstract: As organizations strive to expand system capabilities through the development of system-of-systems (SoS) architectures, they want to know "how much effort" and "how long" to implement the SoS. In order to answer these questions, it is important to first understand the types of activities performed in SoS architecture development and integration and how these vary across different SoS implementations. This paper provides results of research conducted to determine types of SoS Lead System Integrator (LSI) activities and how these differ from the more traditional system engineering activities described in Electronic Industries Alliance (EIA) 632 (“Processes for Engineering a System”). This research further analyzed effort and schedule issues on “very large” SoS programs to more clearly identify and profile the types of activities performed by the typical LSI and to determine organizational characteristics that significantly impact overall success and productivity of the LSI effort. The results of this effort have been captured in a reduced-parameter version of the Constructive SoS Integration Cost Model (COSOSIMO) that estimates LSI SoS Engineering (SoSE) effort.Keywords: System of Systems, System of Systems Engineering, Lead System Integrator, Cost Model.

Source: Inter-Symposium 2006, The International Institute for Advanced Studies in Systems Research and Cybernetics

Added 09/19/2006


USC-CSE-2006-613 (pdf)

21st Century Processes for Acquiring 21st Century Software-Intensive Systems of Systems


Dr. Barry Boehm and Jo Ann Lane


Abstract: Our experiences in helping to define, acquire, develop, and assess 21st century software-intensive system of systems (SISOS ) have taught us that traditional 20th century acquisition and development processes do not work well on such systems. This article summarizes the characteristics of such systems, and indicates the major problem areas in using traditional processes on them. We also present new processes that we and others have been developing, applying, and evolving to address 21st century SISOS. These include extensions to the risk-driven spiral model to cover broad (many systems), deep (many supplier levels), and long (many increments) acquisitions needing rapid fielding, high assurance, adaptability to high change traffic, and complex interactions with evolving Commercial Off-the-Shelf (COTS) products, legacy systems, and external systems.

Published in CrossTalk, May 2006

Added 09/19/2006


USC-CSE-2006-612 (pdf)

Factors Influencing System-of-Systems Architecting and Integration Costs

Jo Ann Lane

Abstract: Today’s need for more complex, more capable systems in a short timeframe is leading more organizations towards the integration of existing systems into network-centric, knowledge-based system-of-systems (SoS). Software and system cost model tools to-date have focused on the software and system development activities of a single software system. As we view the new SoS architectures, we find that the effort associated with the integration of these SoSs is not handled well, if at all, in current cost models. USC’s Center for Software Engineering (CSE) began work on a SoS cost model, the Constructive SoS Integration Model (COSOSIMO), in late 2003. This model has evolved using feedback obtained from USC CSE affiliates and other experts in industry and academia. This paper presents an overview of the COSOSIMO cost model, descriptions of the size drivers and cost factors currently in the model, a summary of survey feedback received from USC CSE affiliates and other interested experts from industry, and the impact of survey findings on the current COSOSIMO cost model. It concludes with future plans for the COSOSIMO model.

Source: Proceedings of Conference on Systems Engineering Research 2005

Added: 09/19/2006


USC-CSE-2006-611 (pdf)

Synthesis of Existing Cost Models to Meet System of Systems Needs

Jo Ann Lane and Dr. Barry Boehm

Abstract: Today’s need for more complex, more capable systems in a short timeframe is leading more organizations towards the integration of existing systems into network-centric, knowledge-based system-of-systems (SoS). Software and system cost model tools to date have focused on the software and system development activities of a single software system, but none to date adequately estimate the integration of multiple systems into an SoS. This paper presents an overview of the activities that must be included in an SoS cost model and describes an approach for estimating SoS effort using the Constructive Cost Model (COCOMO®) suite of estimation tools to estimate SoS Lead System Integrator (LSI) effort as well as the total SoS development effort.

Source: Proceedings of Conference on Systems Engineering Research (CSER) 2006

Added: 09/19/2006


USC-CSE-2006-610 (pdf)

Synthesizing SoS Concepts for Use in Cost Estimation


Authors: Jo Ann Lane and Ricardo Valerdi


Abstract - Today’s need for more complex, capable systems in a short timeframe is leading many organizations towards the integration of existing systems into network-centric, knowledge-based system-of-systems (SoS). Software and system cost model tools to date have focused on the software and system development activities of a single system. When viewing the new SoS architectures, one finds that the effort associated with the design and integration of these SoSs is not handled well, if at all, in current cost models. This paper includes (1) a comparison of various SoS definitions and concepts with respect to cost models, (2) a classification of these definitions in terms of product, process, and personnel focus, and (3) the definition of a set of discriminators for defining model boundaries and potential drivers for an SoS cost estimation model. Eleven SoS definitions are synthesized to provide reasonable coverage for different properties of SoS and illustrated in two examples.

Keyworkds: System of Systems definitions, cost estimation, cost modeling, FCS, GEOSS

Source: Proceedings of IEEE 2005 International Conference on Systems, Man, and Cybernetics

Added: 09/19/2006


 

USC-CSE-2006-609 (pdf)

 

Measuring Security Investment Benefit for COTS Based Systems - A Stakeholder Value Driven Approach


Yue Chen, Barry Boehm, Luke Sheppard


This paper presents the improved version of the Threat Modeling method based on Attacking Path Analysis (T-MAP) which quantifies security threats by calculating the total severity weights of relevant attacking paths for Commercial Off The Shelf (COTS) based systems.

* Manuscript submitted for exclusive review by the 29 th International Conference on Software Engineering, September 8, 2006.

© All rights are reserved by co-authors.

Added: September 9th, 2006


USC-CSE-2006-608 (pdf)

 

A Framework for Intelligent Assessment and Resolution of Commercial Off-The-Shelf (COTS) Product Incompatibilities


Jesal Bhuta

Added: May 11, 2006, Updated June 16, 2006

 


 

USC-CSE-2006-607 (pdf)

 

Value Driven Security Threat Modeling Based on Attacking Path Analysis*


Yue Chen, Barry Boehm, Luke Sheppard

Security threat modeling has been an important but difficult topic. This paper presents a novel quantitative threat modeling method, the Threat Modeling method based on Attacking Path Analysis (T-MAP), which quantifies security threats by calculating the total severity weights of relevant attacking paths for Commercial Off The Shelf (COTS) systems. Compared to existing approaches, T-MAP is sensitive to an organization's business value priorities and IT environment. It distills the technical details of thousands of software vulnerabilities into management-friendly numbers at a high-level. T-MAP can help system designers evaluate the security performance of COTS systems and analyze the effectiveness of security practices. In the case study, we demonstrate the steps of using T-MAP to analyze the cost-effectiveness of how IT system patching and upgrades can improve security. In addition, we introduce a software tool that automates the T-MAP framework.

. All rights are reserved (c) by co-authors.

*Accepted at the 40th Hawaii International Conference on System Sciences, June 15, 2006 .

Added: May 11, 2006, Updated June 16, 2006


 

USC-CSE-2006-606 (pdf)

 

COSOSIMO Parameter Definitions


Jo Ann Lane

The Constructive System-of-Systems (SoS) Integration Cost Model (COSOSIMO) is designed to estimate the effort associated with the Lead System Integrator (LSI) activities to define the SoS architecture, identify sources to either supply or develop the required SoS component systems, and eventually integrate and test these high level component systems. This technical report is an update to the COSOSIMO parameter definitions dated March 2006 and describes the parameters for each of the COSOSIMO sub-models. The parameters include a set of size drivers that are used to calculate a nominal effort for the sets of activities associated with the sub-model and a set of cost drivers that are used to adjust the nominal effort based on related SoS architecture, process, and personnel characteristics..

. All rights are reserved (c) by the authors.

Added: May 11, 2006, Updated June 16, 2006

 


  USC-CSE-2006-605 (pdf)

Towards An Approach for Security Risk Analysis in COTS Based Development


Dan Wu, Ye Yang

Abstract:

More and more companies tend to use secure products as COTS to develop their secure systems due to resource limitations. The security concerns add more complexity as well as potential risks to COTS selection process, and it is always a great challenge for developers to make the selection decisions. In this paper, we provide a method for security risk analysis in COTS based de-velopment (CBD) based on Common Criteria and our previous work in identi-fying general risk items for CBD. The research result provides useful insights for developers in identifying security risks, so that it can be used to aid for the COTS selection decision.

Proceedings of Software Process Workshop/Workshop on Software Process Simulation 2006

(SPW/ProSim 2006)

Shanghai, China, 05/2006

added: May 10, 2006


  USC-CSE-2006-604 (pdf)

An Energy Consumption Framework for Distributed Java-Based Software Systems


Chiyoung Seo, Sam Malek, Nenad Medvidovic

Abstract:

In this paper we define and evaluate a framework for estimating the energy consumption of Java-based software systems. Our primary objective in devising the framework is to enable an engineer to make informed decisions when adapting a system's architecture, such that the energy consumption on hardware devices with a finite battery life is reduced, and the lifetime of the system's key software services increases. Our framework explicitly takes a component-based perspective, which renders it well suited for a large class of today's distributed, dynamic, and mobile applications. The framework allows the engineer to estimate the software system's energy consumption at construction time and refine it at runtime. In a large number of distributed application scenarios, the framework showed very good precision on the whole, giving results that were within 5% (and often less) of the actually measured power losses incurred by executing the software. While our empirical evidence suggests that the framework is broadly applicable as-is, our work to date has highlighted a number of future enhancements..

added: May 10, 2006



 

USC-CSE-2006-603 (pdf)

Some Future Trends And Implications for Systems And Software Engineering Processes


Barry Boehm

Abstract: In response to the increasing criticality of software within systems and the increasing demands being put onto 21st century systems, systems and software engineering processes will evolve significantly over the next two decades. This paper identifies eight relatively surprise-free trends - the increasing interaction of software engineering and systems engineering; increased emphasis on users and end value; increased emphasis on systems and software dependability; increasingly rapid change; increasing global connectivity and need for systems to interoperate; increasingly complex systems of systems; increasing needs for COTS, reuse, and legacy systems and software integration; and computational plenty. It also identifies two wild card trends: increasing software autonomy and combinations of biology and computing. It then discusses the likely influences of these trends on systems and software engineering processes between now and 2025, and presents an emerging scalable spiral process model for coping with the resulting challenges and opportunities of developing 21st century software-intensive systems and systems of systems.

Systems Engineering
Volume 9, Issue 1, 2006. Pages 1-19
Copyright © 2006 Wiley Periodicals, Inc.

added: May 08, 2006


USC-CSE-2006-602 (pdf)

If you are interested in knowing more about the paper, please contact the author directly.

 

A User Centric Approach for Improving A Distributed Software System's Deployment Architecture


Sam Malek *, Nenad Medvidovic *, Chiyoung Seo *, Marija Mikic-Rakic **

Abstract: The quality of service (QoS) provided by a distributed software system
depends on many system parameters, such as network bandwidth, reliability of
links, frequencies of software component interactions, etc. A distributed
system's deployment architecture can have a significant impact on its QoS.
Furthermore, the deployment architecture will influence user satisfaction,
as users typically have varying QoS preferences for the system services they
access. Finding a deployment architecture that will maximize the users'
overall satisfaction is a challenging, multi-faceted problem. In this paper,
we present a framework model and a set of generic algorithms that can be
tailored and instantiated to address this problem. We also provide an
evaluation of our approach by applying it on a large number of
representative scenarios.

All right reserved (c) by authors.

added: May 08, 2006


 

USC-CSE-2006-601

 

If you are interested in knowing more about the paper, please contact the author directly.

 

Software Connectors for Highly Distributed and Voluminous Data Intensive Systems


Chris A. Mattmann, Advisor: Nenad Medvidovic

Abstract: We describe a research agenda for selecting combinations of software connectors in order to quantifiably satisfy different use-case scenarios for large volume data distribution. We outline the necessity for an appropriate categorization framework which allows a user to confidently select amongst the different distribution connectors available. The categorization framework is based on a classification of distribution connectors along eight key dimensions of data distribution. Finally we describe our approach for testing and validating quantifiable functional properties of data distribution connectors, and their ability to satisfy specified data distribution scenarios.

All right reserved (c) by authors.

added: Feb 06, 2006


USC-CSE-2006-600 (pdf)

 

Cost Estimation for Secure Software & Systems


Ed Colbert, Dan Wu, Yue Chen, Dr. Barry Boehm

Overview: The Center for Software Engineering (CSE) at the University of Southern California
(USC) is extending the widely–used Constructive Cost Model version 2 (COCOMO® II)
[Boehm, Abts, et al. 2000] to account for developing secure software. CSE is also
developing a model for estimating the cost to acquire secure systems, and is evaluating
the effect of security goals on other models in the COCOMO® family. We will present the work to date.

Accepted at ISPA 2006

All right reserved (c) by authors.

added: Jan 16, 2006

 

Return to Technical Report System

Copyright 2004, 2005, 2006 The University of Southern California

The written material, text, graphics, and software available on this page and all related pages may be copied, used, and distributed freely as long as the University of Southern California as the source of the material, text, graphics or software is always clearly indicated and such acknowledgement always accompanies any reuse or redistribution of the material, text, graphics or software; also permission to use the material, text, graphics or software on these pages does not include the right to repackage the material, text, graphics or software in any form or manner and then claim exclusive proprietary ownership of it as part of a commercial offering of services or as part of a commercially offered product.