Catálogo de publicaciones - libros

Typically, COTS evaluations embody a first stage intended to determine rapidly which products are suitable in a target context. This stage –called “filtering” or “screening” – chooses a set of alternatives to be considered for more detailed evaluation. For successful filtering processes, composers increasingly focus on closing the gap between required and offered functionality, hence reducing ambiguity of information for comparison. In this paper, we introduce a filtering process, which is based on early measurement of functional suitability of COTS candidates. Measures are immersed in a Six Sigma-based process aiming at improving the filtering process itself as well as its deliverables.

Ensuring proper selection of COTS components is key to the success of component-based software development approaches. Although several approaches and criteria have been proposed for component selection, we lack techniques that can be used to systematically evaluate components against selection criteria for functionality, security, fault tolerance, and quality attributes. We propose a comprehensive approach for enabling the selection of COTS components by employing component understanding and fault injection testing techniques that aid in building an integrated comprehension model of the components. This model accumulates information regarding how each candidate component fared with respect to each criterion. This model can be used not only to aid in the final decision making process, but also serve as a guide during the component comprehension and evaluation stages.

Software projects involving integration of multiple commercial as well as in-house components, often confront interoperability problems. This is a result of the component selection process being limited to piecewise evaluation of system capabilities while neglecting a more thorough evaluation of interoperability between candidate components. Such problems often lead to increased costs and schedule overruns. Based on empirical data gathered from five years of developing e-services applications at USC-CSE, we have developed and applied a method for component selection that focuses on piecewise evaluation, as well as the interoperability between the candidate components. In this paper we describe the method and present a real-world example showing how it operates within the spiral process model generator.

Volvo Parts is a company within the Volvo Group handling supply chain management for the aftermarket. The company has been growing quickly through mergers and today has a diverse set of different IT systems to support similar or even identical functionalities. The business challenge is to implement one global process for material management supported by one common IT system for all the warehouses. The presentation will focus on the technical challenges and lessons learned within the project, replacing 20+ different IT systems, both in-house developed and bought packages, with one COTS-based IT system. Since the new system is expected to have a long lifetime, we need to secure that the COTS based solution is open, flexible and scalable over time. Integration to existing systems is another key part of the architecture needed in this solution.

The selection process is a crucial activity of the development of COTS-based systems. A key step of the evaluation of COTS components carried out during selection is the matching between user requirements and COTS features. We propose a goal-based approach to guide the matching process, using quality models for leveraging goals and COTS features. The different mismatch situations that may arise are reasoned by means of exploratory scenarios. We demonstrate the approach with the mail server case study.

The potential for problems due to malicious code increases in direct proportion with the number of COTS software used in a system. Because of this, many practitioners have used a variety of techniques to address potential attacks. Yet, little guidance has been offered as to which techniques work best, when, and under what conditions. To rectify this problem, we have created a framework that can be used to help those interested in addressing vulnerabilities with a solution. The framework matches defenses to attacks using a risk-based approach that focuses on providing cost-effective protection.

System designers using off-the-shelf components (OTSCs), whose internals they cannot change, often use add-on “wrappers” to adapt the OTSCs’ behaviour as required. In most cases, wrappers are used to change “functional” properties of the components they wrap. In this paper we discuss instead , the use of wrappers to improve the dependability – i.e., “non-functional” properties like availability, reliability, security, and/or safety – of a component and thus of a system. Wrappers can improve dependability by adding fault tolerance, e.g. graceful degradation, or error recovery mechanisms. We discuss the rational specification of such protective wrappers in view of system dependability requirements, and highlight some of the design trade-offs and uncertainties that affect system design with OTSCs and wrappers, and that differentiate it from other forms of fault-tolerant design.

The increasing application of COTS-components and component-based software engineering has entailed the development of appropriate component specifications. In the embedded systems domain it would be desirable to benefit from these component specifications to integrate and automate safety and reliability analysis. For this reason, we propose in this paper a component-based dependability analysis technique that annotates components with failure mode assumptions. The probabilities and dependencies of these failure modes are specified by Component Fault Trees (CFT’s). Based on these CFT’s and the architectural model the propagation of failures throughout the system can be automatically determined and a quantitative analysis is possible.

The development of Real Time Distributed Control Systems (RTDCS) is a very complex and multi-part issue where different specific tools are to be used. As these specialized tools are not designed to work together, it would be desirable to have a flexible tool framework where all the information were managed and stored following a predefined Model Driven Architecture. XML technologies and Web Applications (implemented as a component-based multi-tier application design defined by J2EE) have been selected to put into practice such a framework. It is proposed a model-based approach to develop software systems that require the collaboration of specific tools. This collaboration is achieved thanks to a Tool Collaboration Engine based on XML and Web Applications. A prototype of the framework was built for RTDCS, yet these concepts can easily be applied to any area of knowledge. The paper presents some conclusions on the integration of COTS.

Systems constructed from diverse software products are often difficult to assemble and deploy correctly, particularly as the products evolve and the underlying platform changes over time. Many of these problems arise because of the many assumptions and dependencies, often implicit, that software products make about the context in which they are deployed. This paper describes an approach to managing the dependencies between the software elements of a system during assembly and deployment. A formal model of dependencies is developed, and it is shown how the model can be applied during the deployment process to verify the correct assembly of a system. The approach is designed to allow system developers, assemblers, and deployers to be part of the user group that collectively manages the dependencies that exist within an assembly.