120 likes | 313 Views
FY 2004 Initiative: Risk Assessment of Software Architectures. Less risk, sooner WVU UI: Risk Assessment of Software Architectures. Hany Ammar, Katerina Goseva-Popstojanova, Ajith Guedem, Kalaivani Appukutty, Walid AbdelMoez, and Ahmad Hassan
E N D
FY 2004 Initiative: Risk Assessment of Software Architectures Less risk, sooner WVU UI: Risk Assessment of Software Architectures Hany Ammar, Katerina Goseva-Popstojanova,Ajith Guedem, Kalaivani Appukutty, Walid AbdelMoez, and Ahmad Hassan LANE Department of Computer Science and Electrical EngineeringWest Virginia University
Outline • Problem • Approach • Importance/benefits • Relevance to NASA • Accomplishments • Next steps
Problem • Allocation of V&V resources to high risk system components, usage scenarios, and requirements • Reliability-based, • Performance-based, and • Maintainability-based risk assessment Methodologies • Frequency of a mishap * Severity of consequences • Severity Analysis • Severity of consequences • Benefits: • Find & rank critical • Requirements, scenarios, • components, and connectors What keeps satellites working 24/7 ? The ARIANE 5explosion
Approach • Develop architecture-based approach for risk assessment • Overall system/subsystem • Different functional Requirements • Key scenarios associated with requirements • Heavily used scenarios • Scenarios that are used infrequently but perform critical function • Develop risk factors • Define risk factors as • Probabilityof an undesired event * Severity of Consequences
Importance/benefits • Estimate risk factors for components and requirements at a scenario level at the early stages of development • Identify and rank the severity of components • How ? Details in technical presentation
Relevance to NASA • According to Dr. Martin Feather (NASA-JPL)“Risks are all the things that, should they occur, lead to loss of requirements.” • “According to NASA-STD-8719.13A, risk is a function of the possible frequency of occurrence of an undesired event, the potential severity of resulting consequences, and the uncertainties associated with the frequency and severity.”
Relevance to NASA A PRA Presentation by M. Greenfield, 2nd NASA PRA Workshop, June 2001
Relevance to NASA Case Studies The methodology is illustrated on the Flight Operations System (FOS) of NASA's Earth Observing System (EOS) • NASA's Earth Observing System (EOS) is the first observing system to offer integrated measurements of the Earth's processes • The Flight Operations Segment (FOS) of EOS is responsible for the planning, scheduling, commanding, and monitoring of the spacecraft and the instruments on board • We have evaluated the performance-based risk of the Commanding service
Accomplishments • Developed a methodology and a process for severity analysis • Developed a risk assessment methodology that can be used in the Defect Detection and Prevention (DDP) process developed at JPL
Next steps FY05 • Develop a methodology and a process for maintainability-based risk assessment FY06 • Develop a methodology for ranking software functions or components based on their risk factors and integrate it with CARA
Publications • H. H. Ammar, T. Nikzadeh, and J. B. Dugan "Risk Assessment of Software Systems Specifications," IEEE Transactions on Reliability, To Appear September 2001 • Sherif M. Yacoub, Hany H. Ammar , “A Methodology for Architecture-Level Reliability Risk Analysis,” IEEE Transactions on Software Engineering, June 2002, pp. 529-547 • K. Goseva-Popstojanova , A. Hassan, A. Guedem, W. Abdelmoez, D. Nassar, H. Ammar, A. Mili, “Architectural-Level Risk Analysis using UML”, IEEE Transaction on Software Engineering, October 2003. • T. Wang, A. Hassan, A. Guedem, W. Abdelmoez, K. Goseva-Popstojanova, H. Ammar, “Architectural Level Risk Assessment Tool Based on UML Specifications”, 25th International Conference on Software Engineering, Portland, Oregon, May 3 - 10, 2003. • A. Hassan, K. Goseva-Popstojanova, H. Ammar, “Methodology for Architecture Level Hazard Analysis”, ACS/IEEE International Conference on Computer Systems and Applications (AICCSA 03), Tunis, Tunisia, July 14-18, 2003. • A. Hassan, W. Abdelmoez , A.Guedem, K. Apputkutty, K.Goseva-Popstojanova, H.Ammar, “Severity Analysis at Architectural Level Based on UML Diagrams”, 21st International System Safety Conference, Ottawa, Ontario, Canada, August 4-8, 2003. • Hany H. Ammar, Sherif M. Yacoub, Alaa Ibrahim, “A Fault Model for Fault Injection Analysis of Dynamic UML Specifications,” International Symposium on software Reliability Engineering, IEEE Computer Society, November 2001 • Rania M. Elnaggar, Vittorio Cortellessa, Hany Ammar, “A UML-based Architectural Model for Timing and Performance Analyses of GSM Radio Subsystem” , 5th World Multi-Conference on Systems, Cybernetics and Informatics, July. 2001, Received Best Paper Award URL is http://www.csee.wvu.edu/~ammar/
Publications • A Ibrahim, Sherif M. Yacoub, Hany H. Ammar, “Architectural-Level Risk Analysis for UML Dynamic Specifications,” Proceedings of the 9th International Conference on Software Quality Management (SQM2001), Loughborough University, England, April 18-20, 2001, pp. 179-190 • Ahmed Hassan, Walid M. Abdelmoez, Rania M. Elnaggar, Hany H. Ammar, “An Approach to Measure the Quality of Software Designs from UML Specifications,” 5th World Multi-Conference on Systems, Cybernetics and Informatics and the 7th international conference on information systems, analysis and synthesis ISAS July. 2001. • Hany H. Ammar, Vittorio Cortellessa, Alaa Ibrahim “Modeling Resources in a UML-based Simulative Environment”, ACS/IEEE International Conference on Computer Systems and Applications (AICCSA'2001), Beirut, Lebanon, 26-29 June 2001 URL is http://www.csee.wvu.edu/~ammar/