发布求助
文献互助 智能选刊 最新文献

2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement最新文献

筛选
英文 中文
Software Stability Model (SSM) for Building Reliable Real Time Computing Systems 构建可靠实时计算系统的软件稳定性模型
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.35
Naganathan E.R, Eugene X.P
{"title":"Software Stability Model (SSM) for Building Reliable Real Time Computing Systems","authors":"Naganathan E.R, Eugene X.P","doi":"10.1109/SSIRI.2009.35","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.35","url":null,"abstract":"With lot of advancements coming up in Real Time Systems, the primary controlling factors like security, reliability and trustworthiness have become key elements of success. Our work is based on the concept of Software Stability Model (SSM) applied to Real Time Computing Systems with Adaptive Reconfigurable controls. The primary factors to ascertain stability of physical systems are ‘Controllability’ and ‘Observability’. The intent of this research is to map these contributing factors of physical system stability to the Software Stability Model (SSM) defined in Software Engineering. Identifying the design pattern for a domain using Software Stability Model (SSM) helps one apply the design pattern for a different application/problem in the same domain. This has been demonstrated through the design pattern derived for a Transaction Processing System that involves Adaptive reconfigurable Controls. We have essentially tried to integrate the Software Stability Model defined in Software Engineering with Control Engineering Concepts essentially by defining the Enduring Business Themes (EBTs), Business Objects (BOs) and Industrial Objects (IOs).","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125585951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Visualizing Multiple Program Executions to Assist Behavior Verification 可视化多个程序执行以协助行为验证
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.26
Chunying Zhao, Kang Zhang, Jie Hao, W. E. Wong
{"title":"Visualizing Multiple Program Executions to Assist Behavior Verification","authors":"Chunying Zhao, Kang Zhang, Jie Hao, W. E. Wong","doi":"10.1109/SSIRI.2009.26","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.26","url":null,"abstract":"Visualization techniques have been widely used in representing software artifacts. They play a central role in conveying program information to software developers. While numerous tools have been developed to visualize information such as static software architectures, dynamic program behaviors, and debugging processes, little attention has been paid to visualizing correlations and variations among program representations. This paper investigates the visualization of cross-references across multiple program executions based upon different testing inputs so that meaningful and viewable properties can be presented to the viewpoint from different perspectives. Visualizing such a comparison can help feature location and program behavior verification. It also helps programmers better understand and test their software which can have a significant impact on improving its reliability.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125230747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A Developed Dynamic Environment Fault Injection Tool for Component Security Testing 一种面向组件安全测试的动态环境故障注入工具
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.9
Binbin Qu, Yin Huang, Xiaodong Xie, Yansheng Lu
{"title":"A Developed Dynamic Environment Fault Injection Tool for Component Security Testing","authors":"Binbin Qu, Yin Huang, Xiaodong Xie, Yansheng Lu","doi":"10.1109/SSIRI.2009.9","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.9","url":null,"abstract":"Developers using third party software components need to test them to satisfy quality requirements. In this paper, according to the characteristics of component security test, we present a new tool called GCDEFI (Generic Component Dynamic Environment Fault Injection). GCDEFI adopt environment fault injection based on API interception technology. Faults can be injected by GCDEFI without the source code of target applications under assessment, nor does the injection process involve interruption. To evaluate our tool, we conduct several environment fault injection testing experiments. The results show that our tool is stable and effective.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126043244","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Java Card Performance Optimization of Secure Transaction Atomicity Based on Increasing the Class Field Locality 基于增加类域局部性的安全事务原子性的Java卡性能优化
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.39
Johannes Loinig, C. Steger, R. Weiss, E. Haselsteiner
{"title":"Java Card Performance Optimization of Secure Transaction Atomicity Based on Increasing the Class Field Locality","authors":"Johannes Loinig, C. Steger, R. Weiss, E. Haselsteiner","doi":"10.1109/SSIRI.2009.39","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.39","url":null,"abstract":"Java Cards are embedded systems, very often implemented as smart cards. They are used in banking, e-government, telecommunication, and ticketing. Due to these use cases they have to provide a wide range of security mechanisms and a high performance in relation to the available hardware cost. One of these security features is the transaction mechanism. It ensures that data in persistent memory stays consistent in case of the execution of the application is interrupted unexpectedly by e.g. loss of power. Such transaction mechanisms are very time consuming. Therefore, we propose a caching mechanism for transactions. The mechanism uses a buffer located in RAM and reduces costly write cycles into persistent memory without any loss of security. In order to further increase the performance of this caching mechanism, we additionally introduce a concept to maximize the locality of selected Java fields which are written very often.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128268558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Software Reliability Prediction and Analysis Using Queueing Models with Multiple Change-Points 基于多变化点排队模型的软件可靠性预测与分析
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.11
Chin-Yu Huang, Tsui-Ying Hung, Chao-Jung Hsu
{"title":"Software Reliability Prediction and Analysis Using Queueing Models with Multiple Change-Points","authors":"Chin-Yu Huang, Tsui-Ying Hung, Chao-Jung Hsu","doi":"10.1109/SSIRI.2009.11","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.11","url":null,"abstract":"Over the past three decades, many software reliability growth models (SRGMs) were proposed and they are aimed at predicting and estimating software reliability. One common assumption of these conventional SRGMs is that detected faults will be removed immediately. In reality, this assumption may not be reasonable and may not always occur. Developers need time to identify the root causes of detected faults and then fix them. Besides, during debugging the fault correction rate may not be a constant and could be changed at some certain points as time proceeds. Consequently, in this paper, we will explore and study how to apply queueing model to investigate the fault correction process during software development. We propose an extended infinite server queueing model with multiple change-points to predict and assess software reliability. Experimental results based on real failure data show that proposed model can depicts the change of fault correction rates and predict the behavior of software development more accurately than traditional SRGMs.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130748343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Extending Model Driven Architecture with Software Security Assessment 用软件安全评估扩展模型驱动体系结构
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.21
Xucheng Tang, Beijun Shen
{"title":"Extending Model Driven Architecture with Software Security Assessment","authors":"Xucheng Tang, Beijun Shen","doi":"10.1109/SSIRI.2009.21","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.21","url":null,"abstract":"Security plays a crucial role in software systems. Existing research efforts have addressed the problem of how to model the security aspect of software at a particular phase of software lifecycle. However, security is still not integrated in all the phases of software lifecycle. In this paper we introduce how classical MDA framework can be extended to consider the security aspect. Such extension offers early assessment and early validation of security requirement, which helps to discover security flaws early in the software development process and reduce the cost of removing flaws.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"184 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123842043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Architectural Availability Analysis of Software Decomposition for Local Recovery 面向局部恢复的软件分解体系结构可用性分析
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.10
H. Boudali, Hasan Sözer, M. Stoelinga
{"title":"Architectural Availability Analysis of Software Decomposition for Local Recovery","authors":"H. Boudali, Hasan Sözer, M. Stoelinga","doi":"10.1109/SSIRI.2009.10","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.10","url":null,"abstract":"Non-functional properties, such as timeliness, resource consumption and reliability are of crucial importance for today’s software systems. Therefore, it is important to know the non-functional behavior before the system is put into operation. Preferably, such properties should be analyzed at design time, at an architectural level, so that changes can be made early in the system development process. In this paper, we present an efficient and easy-to-use methodology to predict – at design time – the availability of systems that support local recovery. Our analysis techniques work at the architectural level, where the software designer simply inputs the software modules’ decomposition annotated with failure and repair rates. From this decomposition we automatically generate an analytical model (i.e. a continuous-time Markov chain), from which various performance and dependability measures are then computed, in a way that is completely transparent to the user. A crucial step is the use of intermediate models in the Input/Output Interactive Markov Chain formalism, which makes our techniques, efficient, mathematically rigorous, and easy to adapt. In particular, we use aggressive minimization techniques to keep the size of the generated state spaces small. We have applied our methodology on a realistic case study, namely the MPlayer open source software. We have investigated four different decomposition alternatives and compared our analytical results with the measured availability on a running MPlayer. We found that our predicted results closely match the measured ones.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121329454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
A New Method to Generate Attack Graphs 一种生成攻击图的新方法
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.32
Anmin Xie, Guodong Chen, Yonggang Wang, Zhong Chen, Jian-bin Hu
{"title":"A New Method to Generate Attack Graphs","authors":"Anmin Xie, Guodong Chen, Yonggang Wang, Zhong Chen, Jian-bin Hu","doi":"10.1109/SSIRI.2009.32","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.32","url":null,"abstract":"To address the scalability problem in attack graphs generation, we propose a novel method to generate attack graphs automatically. Our approach constructs a two- tier attack graph framework, which includes a host access graph and some sub-attack graphs. A sub-attack graph describes concrete attack scenarios from one source host to one target host, while the host access graph describes the attacker’s privilege transition among hosts. Our sub-attack graphs and host access graph have remarkable smaller scales and can help network administrators to find the key hosts in attack sequences. Analysis shows that the upper bound computational cost of our model is O(N3), which could also be competed in real time. The following experiment validates our approach.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128088238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Multidimensional Approach to Quality Analysis of IPSec and HTTPS Applications IPSec和HTTPS应用质量分析的多维方法
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.17
M. Barylski, H. Krawczyk
{"title":"Multidimensional Approach to Quality Analysis of IPSec and HTTPS Applications","authors":"M. Barylski, H. Krawczyk","doi":"10.1109/SSIRI.2009.17","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.17","url":null,"abstract":"This paper relates to both security and performance testing of distributed applications working in public-private HTTPS and IPSec environments. It decomposes the application into multidimensional matrix with adequate security and performance metrics for each cell in order to study cross-layer (vertical and horizontal) relations between them. Analysis is supported by experiments that study correlations between user interaction latency and endpoint authentication, data processing throughput and communication security.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123618973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Research and Evaluation on Modularity Modeling in Community Detecting of Complex Network Based on Information Entropy 基于信息熵的复杂网络社区检测模块化建模研究与评价
2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2009-07-08 DOI: 10.1109/SSIRI.2009.15
Xiaolong Deng, Bai Wang, Bin Wu, Shengqi Yang
{"title":"Research and Evaluation on Modularity Modeling in Community Detecting of Complex Network Based on Information Entropy","authors":"Xiaolong Deng, Bai Wang, Bin Wu, Shengqi Yang","doi":"10.1109/SSIRI.2009.15","DOIUrl":"https://doi.org/10.1109/SSIRI.2009.15","url":null,"abstract":"Detecting the community of complex networks became the hot research fields of Graph Ming in recent years and most community detecting methods current try to find correct community structure basing on optimization of Modularity Q.In this article, the author constructs a new theoretic model of Q based on information entropy by simulation and evaluation on some classic dataset and comparison with the classic social network[12] experimental results such as karate network, musicians network, email network and dolphin network by GN and Fast GN algorithm to cast some new light on community detecting. In the implementation, the author developed a visualization evalution tool to analyze the community relationship in entities of complex networks in large scale mobile calling networks and gained some novel results in this area with visualization evaluation tool.","PeriodicalId":196276,"journal":{"name":"2009 Third IEEE International Conference on Secure Software Integration and Reliability Improvement","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122736215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信