4900 test 2
What do Gamma et al. suggest are the four essential elements of a design pattern?
1. A name that is a meaningful reference to the pattern. 2. A description of the problem area that explains when the pattern may be applied. 3. A solution description of the parts of the design solution that can be instantiated in different ways. This often expressed graphically and shows the relationships between the objects and object classes in the solution. 4. A statement of the consequences the results and trade offs of applying the pattern. This can help designers understand whether or not a pattern can be used in a particular situation.
What are the three types of user testing?
1. Alpha testing, where a selected group of software users work closely with the development team to test early releases of the software. 2. Beta testing, where a release of the software is made available to a larger group of users to allow them to experiment and to raise problems that they discover with the system developers. 3. Acceptance testing, where customers test a system to decide whether or not it is ready to be accepted from the system developers and deployed in the customer environment.
What are essential tools in a software development platform?
1. An integrated compiler and syntax-directed editing system that allows you to create, edit, and compile code. 2. A language debugging system. 3. Graphical editing tools, such as tools to edit uml models 4. Testing tools, such as JUnit, that can automatically run a set of tests on a new version of a program. 5. Tools to support refactoring and program visualization. 6. Configuration management tools to manage source code versions and to integrate and build systems.
List 4 design guidelines for secure systems engineering?
1. Base security decisions on an explicit security policy 2. Use defense in depth 3. Fail securely 4. Balance security and usability
Briefly describe the three principal stages of testing for a commercial software system
1. Development testing is where the system is tested during development to discover bugs and defects. System designers and programmers are likely to be involved in the testing process. 2. Release testing is where a separate testing team tests a complete version of the system before it is released to users. The aim of release testing is to check that the system meets requirements of the system stakeholders. 3. User testing is where users or potential users of a system test the system in their own environment. For software products, the "user" may be an internal marketing group that decides if the software can be marketed, sold, and released.
What are the three different types of software maintenance and how is effort distributed across these maintenance types?
1. Fault repairs to fix bugs and vulnerabilities: Coding errors are usually relatively cheap to correct; design errors are more expensive because they may involve rewriting several program components. Requirements errors are the most expensive to repair because extensive system redesign may be necessary. 2. Environmental adaptation to adapt the software to new platforms and environments: This type of maintenance is required when some aspect of a system's environment, such as the hardware, the platform operating system, or other support software, changes. Application systems may have to be modified to cope with these environmental changes. 3. Functionality addition to add new features and to support new requirements: This type of maintenance is necessary when system requirements change in response to organizational or business change. The scale of the changes required to the software is often much greater than for the other types of maintenance.
What are 4 ways to incorporate deployment support in a system?
1. Include support for viewing and analyzing configurations 2. Minimize default privileges 3. Localize configuration 4. Provide easy ways to fix security vulnerabilities
List 4 types of security threats.
1. Interception threats that allow an attacker to gain access to an asset 2. Interruption threats that allow an attacker to make part of the system unavailable 3. Modification threats that allow an attacker to tamper with a system asset. 4. Fabrication threats that allow an attacker to insert false information into a system.
What are the three important classes of interface errors?
1. Interface misuse 2. Interface misunderstanding 3. Timing errors
What process metrics might be used to assess maintainability?
1. Number of requests for corrective maintenance 2. Average time required for impact analysis 3. Average time taken to implement a change request 4. Number of outstanding change request
What are the 3 stages of risk assessment?
1. Preliminary risk assessment 2. Design risk assessment 3. Operational risk assessment
What fundamental issues have to be considered when designing system architecture for security? Are these issues compatible or conflicting - and why?
1. Protection how should the system be organized so that critical assets can be protected against external attack? 2. Distribution how should system assets be distributed so that the consequences of a successful attack are minimized? These issues are conflicting because if you put all your asserts in one place you can build several protection layers. If this system is compromised though, all your asserts are compromised.
What are the strategic options for legacy system evolution?
1. Scrap the system completely: This option should be chosen when the system is not making an effective contribution to business processes. This usually occurs when business processes have changed since the system was installed and are no longer reliant on the legacy system. 2. Leave the system unchanged and continue with regular maintenance: This option should be chosen when the system is still required but is fairly stable and the system users make relatively few change requests. 3. Reengineer the system to improve its maintainability: This option should be chosen when the system quality has been degraded by change and where new change to the system is still being proposed. This process may include developing new interface components so that the original system can work with other, newer systems. 4. Replace all or part of the system with a new system: This option should be chosen when factors, such as new hardware, mean that the old system cannot continue in operation, or where off-the-shelf systems would allow the new system to be developed at a reasonable cost. In many cases, an evolutionary replacement strategy can be adopted where major system components are replaced by off-the-shelf systems with other components reused wherever possible.
Explain 2 reasons why security testing is especially difficult.
1. Security requirements, like some safety requirements, are shall not requirements. That is, they specify what should not happen rather than system functionality or required behavior. It is not usually possible to define this unwanted behavior as simple constraints to be checked by the system. 2. The people attacking a system are intelligent and are actively looking for vulnerabilities that they can exploit.
What are the principal systems re-engineering activities?
1. Source code translation 2. Reverse engineering 3. Program structure improvement 4. Program modularization 5. Data reengineering
What are the fundamental elements of a legacy system?
1. System hardware: Legacy systems may have been written for hardware that is no longer available, that is expensive to maintain, and that may not be compatible with current organizational IT purchasing policies. 2. Support software: The legacy system may rely on a range of support software from the operating system and utilities provided by the hardware manufacturer through to the compilers used for system development. Again, these may be obsolete and no longer supported by their original providers. 3. Application software: The application system that provides the business services is usually made up of a number of application programs that have been developed at different times. Some of these programs will also be part of other application software systems. 4. Application data: These data are processed by the application system. In many legacy systems, an immense volume of data has accumulated over the lifetime of the system. This data may be inconsistent, may be duplicated in several files, and may be spread over a number of different databases. 5. Business Processes: These processes are used in the business to achieve some business objective. An example of a business process in an insurance company would be issuing an insurance policy; in a manufacturing company, a business process would be accepting an order for products and setting up the associated manufacturing process. Business processes may be designed around a legacy system and constrained by the functionality that it provides. 6. Business policies and rules: These are definitions of how the business should be carried out and constraints on the business. Use of the legacy application system may be embedded in these policies and rules.
What guidelines does Whittaker suggest for defect testing?
1. Test software with sequences that have only a single value. Programmers naturally thing of sequences as made up of several values, and sometimes they embed this assumption in their programs. 2. Use different sequences of different sizes in different tests. This decreases the chances that a program with defects will accidentally produce a correct output because of some accidental characteristics of the input. 3. Derive tests so that the first, middle, and last elements of the sequence are accessed.
What are the essential elements of an organizational security policy?
1. The assets that must be protected 2. The level of production that is required for different types of assets 3. The responsibilities of individual users, managers, and the organization 4. Existing security procedures and technologies that should be maintained
What factors should be assessed to understand the relationship between a system and its environment?
1. The number and complexity of system interface: The larger the number of interfaces and the more complex these interfaces, the more likely it is that interface changes will be required as new requirements are proposed. 2. The number of inherently volatile system requirements: Requirements that reflect organizational policies and procedures are likely to be more volatile than requirements that are based on stable domain characteristics. 3. The business processes in which the system is used: As business processes evolve, they generate system change requests. As a system is integrated with more and more business processes, there are increased demands for changes.
What are the 5 key activities in an object-oriented design process?
1. Understand and define the context and the external interactions with the system. 2. Design the system architecture. 3. Identify the principal objects in the system. 4. Develop design models. 5. Specify interfaces
Briefly describe 3 approaches that may be used to identify object classes?
1. Use a grammatical analysis of a natural language description of the system to be constructed. Objects and attributes are nouns; operations or services are verbs. 2. Use tangible entities in the application domain such as aircraft, roles such as manager, events such as request, interactions such as meeting, locations such as offices, organizational units such as companies, and so on. 3. Use a scenario-based analysis where various scenarios of system use are identified and analyzed in turn. As each scenario is analyzed, the team responsible for the analysis must identify the required objects, attributes, and operations.
What are the stages in the system evolution process and what triggers that process?
1. impact analysis 2. Release planning 3. Change implementation 4. System release
Explain the distinction between a Vulnerability and an Exposure.
A vulnerability is weakness in a system that can be exploited to cause loss or harm while an exposure is the potential loss or harm that can be caused.
What are the principal aims of software configuration management?
During the development process, many different versions of each software component are created. If you don't keep tract of these versions in a configuration management system, you are liable to include the wrong versions of these components in your system. It is basically a system that allows multiple developers to develop code and plan with each other so that they do not overwrite each others code. It also allows for backtracking incase a version has an error or bug in it.
Why might it sometimes be necessary to bypass the normal change management system and make urgent changes to a system?
Emergency system repairs might need to be done if time is of the essence. These are changes that are quick and workable rather than the best solution. After a urgent change it is recommended to write new code to prevent system degeneration and to make the code more usable.
Why is it important to specify the interfaces of components that are being developed by a software engineering team?
It is important to specify interfaces so that objects and subsystems can be designed in parallel.
Briefly describe the idea of open-source development.
Open-source development is an approach to software development in which the source code of a software system is published and volunteers are invited to participate in the development process. Source code should always be available for users to examine and modify as they wish. This is an idea that the internet is used to recruit volunteer developers to contribute.
How does operational security differ from application and infrastructure security?
Operation security is concerned with the secure operation and use of the organizations systems. Infrastructure security is concerned with maintaining the security of all systems and networks that provide an infrastructure and a set of shared services to the organization.
What tests should be included in object class testing?
Partition testing where you identify groups of inputs that have common characteristics and should be processed in the same way. Guideline-based testing where you use testing guidelines to choose test cases.
What is an SQL Poisoning attack and how can testing determine if the source code is susceptible to such an attack?
SQL poisoning attack is an attack where an attacker will enter a string that is commonly interpreted by a server that is an SQL fragment. To avoid this by specially formatting the structure of system inputs that are expected. To test if it is susceptible you can test using inputs that include SQL commands.
What are the advantages of inspections over testing?
Several studies and experiments have shown that inspections are more effective for defect discovery than program testing. More than 60 percent of the errors in a program can be detected using informal program inspections.
Why is software evolution important?
Software evolution is important to help keep systems running stable and to make sure that they can run with new hardware without any issues. It is also important for system improvement and maintenance.
What should be the principal concerns of system testing?
System testing should focus on testing component interactions.
What are the 4 levels at which software reuse is possible?
The abstraction level where knowledge of successful abstractions is reused. The object level where objects classes and methods from libraries are reused. The component level where collections of objects are reused. The system level where entire application systems are reused.
Why is it expensive and risky to replace legacy systems with new systems?
The cost to replace the legacy system might outweigh the savings that come from maintaining the system. It is risky because new software development might fail and it might not deliver improvements promised. Systems can not be fully integrated with the new software after part of it is finished and can cause more work after paying a high amount of money.
What do you understand by the system context and interaction model?
These models present complementary views of the relationships between a system and its environment. The system context model is a structural model that demonstrates the other systems in the environment of the system being developed. An interaction model is a dynamic model that shows how the system interacts with its environment.
How do design patterns contribute to reuse?
Using patterns means that you reuse the ideas but can adapt the implementation to suit the system you are developing. Most of the time a experienced programmer will be the only one who can recognize when to use a pattern.
What is the distinction between validation and verification?
Validation: Are we building the right product? Verification: Are we building the product right?