Electronic data interchange : an implementation methodology

Meyer, Ettienne

11 1900

The purpose of the research is to propose and evaluate a methodology for implementing EDI to assist organisations in reaping the anticipated benefits. The research involved the systematic analysis of the state of the art of EDI and paradigms of methodologies, to define a model for the EDI implementation methodology, and to define criteria for evaluating such a model. The methodology was developed and modelled utilising the software process model, as adopted by Boehm (1988) and later duPlessis and van der Walt (1992), as a framework. Next a synthesis of the assimilated knowledge and brainstorming of project teams involved in EDI pilot projects, was used to systematically develop an EDI implementation methodology. The methodology was evaluated by utilising it in the implementation of EDI between two organisations, Computer Equipment Brokers (PTY) and Marksec (PTY). It was concluded that the methodology was efficient for implementing EDI. / Computing / M. Sc. (Information Systems)

ANSI

EDIF Act

SITPROSA

X.400

X.25

Interchange agreement

Value Added Network (VAN)

Groupware

Software Development Life Cycle (SDLC)

Software engineering

Methodology

Software process model

Spiral model

Reengineering

BPR

657.450285

Software engineering

Electronic data interchange

Groupware (Computer software)

Value-added networks

Integration testing of object-oriented software

Skelton, Gordon William

08 1900

This thesis examines integration testing of object-oriented software. The process of integrating and testing procedural programs is reviewed as foundation for testing object-oriented software. The complexity of object-oriented software is examined. The relationship of integration testing and the software development life cycle is presented. Scenarios are discussed which account for the introduction of defects into the software. The Unified Modeling Language (UML) is chosen for representing pre-implementation and post-implementation models of the software. A demonstration of the technique of using post-implementation models representing the logical and physical views as an aid in integration and system testing of the software is presented. The use of UML diagrams developed from the software is suggested as a technique for integration testing of object-oriented software. The need for automating the data collection and model building is recognized. The technique is integrated into the Revised Spiral Model for Object-Oriented Software Development developed by du Plessis and van der Walt. / Computing / D.Phil. (Computer Science)

Software testing

Integration testing

Object-oriented

Software Development Life Cycle

Process model

Unified Modeling Language (UML)

Software quality

Software quality assurance

Software modeling

005.117

UML (Computer science)

System analysis

Computer software -- Development

Computer software -- Testing

Knowledge-based support for object-oriented design

Loock, Marianne

06 1900

The research is conducted in the area of Software Engineering, with emphasis on the design phase of the Software Development Life Cycle (SDLC). The object-oriented paradigm is the point of departure. The investigation deals with the problem of creating support for the design phase of object-oriented system development. This support must be able to guide the system designer through the design process, according to a sound design method, highlight opportunities for prototyping and point out where to re-iterate a design step, for example. A solution is proposed in the form of a knowledge-based support system. In the prototype this support guides a designer partially through the first step of the System Design task for object-oriented design. The intention is that the knowledge-based system should capture the know-how of an expert system designer and assist an inexperienced system designer to create good designs. / Computing / M. Sc. (Information Systems)

Object-oriented design

Knowledge-based support system

Design methodology

Object-orientation

Software engineering

Software development life cycle

Design cycle

Object-oriented system development

System designer

Expert system

005.1

Expert systems (Computer science)

Computer software -- Development

Software engineering

<b>The Significance of Automating the Integration of Security and Infrastructure as Code in Software Development Life Cycle</b>

Hephzibah Adaeze Igwe (19213285)

28 July 2024

<p dir="ltr">The research focuses on integrating automation, specifically security and Infrastructure as Code (IaC), into the Software Development Life Cycle (SDLC). This integration aims to enhance the efficiency, quality, and security of software development processes. The study explores the benefits and challenges associated with implementing DevSecOps practices, which combine development, security, and operations into a unified process.</p><h3>Background and Motivation</h3><p dir="ltr">The rise of new technologies and increasing demand for high-quality software have made software development a crucial aspect of business operations. The SDLC is essential for ensuring that software meets user requirements and maintains high standards of quality and security. Security, in particular, has become a critical focus due to the growing threat of cyber-attacks and data breaches. By integrating security measures early in the development process, companies can better protect their software and data.</p><h3>Objectives</h3><p dir="ltr">The primary objectives of this research are:</p><ol><li><b>Examine the Benefits and Challenges</b>: To investigate the advantages and difficulties of integrating DevSecOps and IaC within the SDLC.</li><li><b>Analyze Impact on Security and Quality</b>: To assess how automation affects the security and quality of software developed through the SDLC.</li><li><b>Develop a Framework</b>: To create a comprehensive framework for integrating DevSecOps and IaC into the SDLC, thereby improving security and reducing time to market.</li></ol><h3>Methodology</h3><p dir="ltr">The research employs a mixed-methods approach, combining qualitative and quantitative methods:</p><ul><li><b>Qualitative</b>: A literature review of existing research on DevSecOps, IaC, and SDLC, providing a theoretical foundation and context.</li><li><b>Quantitative</b>: Building a CI/CD (Continuous Integration/Continuous Deployment) pipeline from scratch to collect empirical data. This pipeline serves as a case study to gather insights into how automation impacts software security and quality.</li></ul><h3>Tools and Technologies</h3><p dir="ltr">The study utilizes various tools, including:</p><ul><li><b>GitHub</b>: For version control and code repository management.</li><li><b>Jenkins</b>: To automate the CI/CD pipeline, including building, testing, and deploying applications.</li><li><b>SonarQube</b>: For static code analysis, detecting code quality issues, and security vulnerabilities.</li><li><b>Amazon Q</b>: An AI-driven tool used for code generation and security scanning.</li><li><b>OWASP Dependency-Check</b>: To identify vulnerabilities in project dependencies.</li><li><b>Prometheus and Grafana</b>: For monitoring and collecting metrics.</li><li><b>Terraform</b>: For defining and deploying infrastructure components as code.</li></ul><h3>Key Findings</h3><ul><li><b>Reduction in Defect Density</b>: Automation significantly reduced defect density, indicating fewer bugs and higher code quality.</li><li><b>Increase in Code Coverage</b>: More comprehensive testing, leading to improved software reliability.</li><li><b>Reduction in MTTR, MTTD, and MTTF</b>: Enhanced system reliability and efficiency, with faster detection and resolution of issues.</li><li><b>Improved System Performance</b>: Better performance metrics, such as reduced response time and increased throughput.</li></ul><h3>Conclusion</h3><p dir="ltr">The study concludes that integrating security and IaC automation into the SDLC is crucial for improving software quality, security, and development efficiency. However, despite the clear benefits, many companies are hesitant to adopt these practices due to perceived challenges, such as the upfront investment, complexity of implementation, and concerns about ROI (Return on Investment). The research underscores the need for continued innovation and adaptation in software development practices to meet the evolving demands of the technological landscape.</p><h3>Areas for Further Research</h3><p dir="ltr">Future studies could explore the broader impact of automation on developer productivity, job satisfaction, and long-term security practices. There is also potential for developing advanced security analysis techniques using machine learning and artificial intelligence, as well as investigating the integration of security and compliance practices within automated SDLC frameworks.</p>

Technology management

Cloud computing

Automated software engineering

Automation

SDLC

Software Development Life Cycle

DevSecOps

Iac

Infrastructure as Code

CI/CD

Code Quality

Static Code Analysis

ML

Vulnerability Management

Security

AI

Machine Learning

Artificial Intelligence

Supply Chain Security

Job Satisfaction

Developer Productivity