SOFTWARE QUALITY AND PRODUCTIVITY: ARE THEY COMPATIBLE?

Long, Rick, Crump, Peter

10 1900

International Telemetering Conference Proceedings / October 25-28, 1999 / Riviera Hotel and Convention Center, Las Vegas, Nevada / Many view quality and productivity as competing concepts. After all, doesn’t high software quality come at a high cost? Doesn’t it mean that a large amount of "extra stuff" needs to be done during the software development cycle? And, doesn’t that mean that software productivity takes a back seat to (and a major hit from) quality efforts? This paper will explore these issues. This paper provides some preliminary data that supports how a disciplined software engineering process can (and has) resulted in high quality software while actually increasing productivity. Data has been gathered on organizations that have a disciplined, quality-oriented software engineering process in place. That data shows that quality and productivity can (and do) coexist. The data will be discussed along with an explanation of how these results can be achieved.

Software engineering

quality

productivity

Personal Software Process

Team Software Process

Komandinio programų kūrimo proceso tyrimas / Analysis of the team software process (tsp)

Gavrilov, Andrej

08 September 2009

Siekiant pagerinti kuriamų programinių produktų kokybę, IT įmonės taiko skirtingus proceso modelius. Populiariausi iš jų gebėjimo brandos modelis (CMMI) ir ISO 15504. Šie modeliai nusako, kas (kokie procesai) turi būti vykdoma brandžioje organizacijoje, tačiau neatsako į klausimą: kaip tai turi būti daroma. Komandinis programų kūrimo procesas (TSP) pateikia strategiją, kartu su procedūrų rinkiniu, skirtą disciplinuotų programų kūrimo metodų naudojimui komandos lygyje. Pagrindinė su TSP susijusi problema – oficialios dokumentacijos trūkumas. Pirmas darbo tikslas yra rekonstruoti TSP metodiką. Antras tikslas yra sukurti TSP diegimo metodiką. Pirmoje darbo dalyje yra aprašyta bendra TSP struktūra, TSP ryšys su asmeniniu programų kūrimo procesu (PSP) ir brandos modeliu CMMI. Antroje dalyje yra pateiktas rekonstruotas TSP modelis ir TSP diegimo metodika apibrėžtam projekto komandos tipui. / IT organizations use different models to guide their software process improvement efforts. The most popular are the Capability Maturity Model Integration for Software (CMMI-SW) and ISO 15504. Still these organizations often struggle with implementation details. Both the CMMI-SW and ISO 15504 describe what an organization at a high level of process maturity should be doing, but do not says how it should be implemented. The Team Software Process (TSP) provides a framework as well as a set of processes, procedures, guidelines, and tools for project teams to use in the mature software development process. The main problem of the Team Software Process is the lack of official documentation. So the first goal of this master thesis is to reconstruct TSP methodology. The second goal is to produce TSP implementation guide. This master thesis contains the main structure of the TSP, it’s relation with the Personal Software Process (PSP) ant the Capability Maturity Model (CMMI), reconstructed TSP model and TSP implementation guide for defined project team type.

Komandinis programų kūrimo procesas

TSP diegimas

Team Software Process (TSP)

TSP implementation

Securing Network Connected Applications with Proposed Security Models

Konstantaras, Dimitrios, Tahir, Mustafa

January 2008

<p>In today’s society, serious organizations need protection against both internal and external attacks. There are many different technologies available that organizations can incorporate into their organization in order to enhance security for their networking applications. Unfortunately, security is way to often considered as an afterthought and therefore implemented as an external part of the applications. This is usually performed by introducing general security models and technologies.</p><p>However, an already developed, well structured and considered security approach – with proper implementation of security services and mechanisms – different security models can be used to apply security</p><p>within the security perimeter of an organization. It can range from built into the application to the edge of a private network, e.g. an appliance. No matter the choice, the involved people must possess security expertise to deploy the proposed security models in this paper, that have the soul purpose to secure applications.</p><p>By using the Recommendation X.800 as a comparison framework, the proposed models will be analyzed in detail and evaluated of how they provide the security services concerned in X.800. By reasoning about what security services that ought to be implemented in order to prevent or detect diverse security attacks, the organization needs to carry out a security plan and have a common understanding of the defined security policies.</p><p>An interesting finding during our work was that, using a methodology that leads to low KLOC-values results in high security, though low KLOC-values and high security go hand-in-hand.</p>

Security service

security mechanism

security protocol

security policy

X.800 standard

attacks

application proxy

firewall

Virtual Private Network (VPN)

plugin

filter

Team Software Process (TSP)

IPsec

Common Criteria (CC)

DMZ

Computer science

Datavetenskap

Securing Network Connected Applications with Proposed Security Models

Konstantaras, Dimitrios, Tahir, Mustafa

January 2008

In today’s society, serious organizations need protection against both internal and external attacks. There are many different technologies available that organizations can incorporate into their organization in order to enhance security for their networking applications. Unfortunately, security is way to often considered as an afterthought and therefore implemented as an external part of the applications. This is usually performed by introducing general security models and technologies. However, an already developed, well structured and considered security approach – with proper implementation of security services and mechanisms – different security models can be used to apply security within the security perimeter of an organization. It can range from built into the application to the edge of a private network, e.g. an appliance. No matter the choice, the involved people must possess security expertise to deploy the proposed security models in this paper, that have the soul purpose to secure applications. By using the Recommendation X.800 as a comparison framework, the proposed models will be analyzed in detail and evaluated of how they provide the security services concerned in X.800. By reasoning about what security services that ought to be implemented in order to prevent or detect diverse security attacks, the organization needs to carry out a security plan and have a common understanding of the defined security policies. An interesting finding during our work was that, using a methodology that leads to low KLOC-values results in high security, though low KLOC-values and high security go hand-in-hand.

Security service

security mechanism

security protocol

security policy

X.800 standard

attacks

application proxy

firewall

Virtual Private Network (VPN)

plugin

filter

Team Software Process (TSP)

IPsec

Common Criteria (CC)

DMZ

Computer Sciences

Datavetenskap (datalogi)