SEI Documents List
[2007] [2006] [2005] [2004] [2003] [2002] [2001] [2000] [1999] [1998] [1997] [1996] [1995] [1994] [1993] [1992] [1991] [1990] [1989] [1988] [1987] [1986] [PDF]
1998 Reports
Special Reports
CMU/SEI-98-SR-002,
ADA343704
Assessment of CORBA and POSIX Designs for FAA En Route Resectorization
Meyers, B.; Plakosh, D.; Place, P.; Klein, M.; & Kazman, R.
Modernizing the En Route system presents major acquisition issues to the Federal Aviation Administration (FAA). At the present time, efforts are underway to upgrade the En Route system, primarily focusing on the host computer system. This report addresses the use of different technologies and an architectural tradeoff approach on a typical En Route system problem. We were requested to consider the problem of resectorization, i.e., the combination and decombination of sectors (and fix posting areas) during operation of the En Route center. Such capabilities may become desirable for an implementation of free flight. Two technologies have been applied to develop solutions to this problem, namely Common Object Request Broker Architecture (CORBA) and POSIX.21 (Portable Operating System Interface Standard). The former is based on an object-oriented model, while the latter is based on a message-passing model.
http://www.sei.cmu.edu/publications/documents/98.reports/98sr002/98sr002abstract.html
CMU/SEI-98-SR-006,
ADA350855
Mapping MetaH into ACME
Barbacci, M. & Weinstock, C.
This report explores the translation of MetaH into ACME as a first step into the translation of MetaH to other architecture description languages (e.g., Rapide) to take advantage of any toolsets developed for the target language. We start by comparing the meta-models of ACME and MetaH, we establish mapping rules for each MetaH construct, and we present a full MetaH example taken from the MetaH Library at Honeywell. The report concludes with a brief description of possible alternative paths to obtain (limited) Rapide behavioral specifications from MetaH timing and sequencing of operations.
http://www.sei.cmu.edu/publications/documents/98.reports/98sr006/98sr006abstract.html
CMU/SEI-98-SR-013,
ADA362584
Perceived Control of Software Developers and Its Impact on the Successful Diffusion of Information Technology
Green, G. & Hevner, A.
Why are beneficial software engineering practices not being used effectively in the development of software systems? This question has intrigued researchers in software engineering for many years. Billions of dollars per year are spent, and a large proportion wasted, on building and maintaining software systems that are either never completed or, if completed, are of poor quality. This state of software development has led to the introduction of innovative tools and techniques to support the software development process. Initial evidence from use of these tools and techniques shows significant improvements in development productivity and software quality. However, many of these potentially beneficial tools and techniques have not been widely adopted or diffused. This research seeks to examine the reason for why this is so: What factors explain the successful diffusion of new software development techniques into practice?
http://www.sei.cmu.edu/publications/documents/98.reports/98sr013/98sr013abstract.html
CMU/SEI-98-SR-003,
ADA346343
Report on the Second International Workshop on Development and Evolution of Software Architectures for Product Families
Clements, P. & Weiderman, N.
In February 1998, the European Architectural Reasoning for Embedded Software (ARES) project sponsored the Second International Workshop on Development and Evolution of Software Architectures for Product Families. The workshop brought together practitioners and academics from Europe and the United States who are working in the area of software product families; that is, the production of related software systems from a common set of core assets. Chief among those assets is a shared software and/or system architecture. This workshop explored problems of architecture creation, description, evaluation, recovery, and architecture-based process in the context of building a product family. This report summarizes the discussions and outcomes of the workshop.
http://www.sei.cmu.edu/publications/documents/98.reports/98sr003/98sr003abstract.html
Security Improvement Modules
CMU/SEI-SIM-005,
ADA351646
Preparing to Detect Signs of Intrusion
Kochmar, J.; Allen, J.; Alberts, C.; Cohen, C.; Ford, G.; Fraser, B.; Konda, S.;
Kossakowski, K.; & Simmel, D.
It is essential that those responsible for your organization's information systems and networks be adequately prepared to detect evidence of breaches in security when they occur. Without advance preparation, it will be difficult, if not impossible, to determine if an intruder has been present and the extent of the damage caused by the intrusion. Thorough preparation will permit you to detect an intrusion or an intrusion attempt during or soon after it occurs. Preparation involves consideration of your security policy and supporting procedures, your critical business information, your systems, your networks, your user community (internal and external), and the tools to be employed in detecting intrusions.
A general security goal is to prevent intrusions. Even if you have sophisticated prevention measures in place, your strategy for detecting intrusions must include preparation. This module is a companion to Detecting Signs of Intrusion.
The practices contained in this module identify advance preparations you must make to enable you to obtain evidence of an intrusion or an intrusion attempt. They are designed to help you prepare by configuring your data, systems, networks, workstations, tools, and user environments to capture the necessary information for detecting signs of intrusion.
http://www.cert.org/security-improvement/#modules
CMU/SEI-SIM-003,
ADA336329
Security for Information Technology Service Contracts
Allen, J.; Ford, G.; Fraser, B.; Kochmar, J.; Konda, S.; Simmel, D.; &
Cunningham, L.
An increasing number of organizations are organizations are contracting with outside companies for installation and maintenance of their information technology (IT). All too often, these organizations experience increased difficulty in providing appropriate oversight of the services and software for which they have contracted. For example, contractor access to the organization's systems is often neither well controlled nor secure, placing information systems and data at risk. The practices recommended in this document are designed to assist your organization in managing the contractor, managing the contract, and deterring common, known security problems when IT services and software are externally contracted.
http://www.cert.org/security-improvement/#modules
Technical Reports
CMU/SEI-98-TR-011,
ADA351653
Agora: A Search Engine for Software Components
Seacord, R.; Hissam, S.; & Wallnau, K.
Agora is a software prototype being developed by the Commercial Off-the-Shelf (COTS)-Based Systems Initiative at the Software Engineering Institute (SEI). The object of this work is to create an automatically generated and indexed worldwide database of software products classified by component model. Agora combines introspection with Web search engines to reduce the costs of bring software to, and finding components in, the software marketplace. This report describes Agora's role in an emerging component industry and the features and capabilities provided by Agora. The implementations of a JavaBeans agent and a Common Object Request Broker Architecture (CORBA) agent are also described. These agents are used to gather components of their respective types.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr011/98tr011abstract.html
CMU/SEI-98-TR-008,
ADA350761
Architecture Tradeoff Analysis Method, The
Kazman, R.; Klein, M.; Barbacci, M.; Longstaff, T.; Lipson, H.; & Carriere, J.
This paper presents the Architecture Tradeoff Analysis Method (ATAM), a structured technique for understanding the tradeoffs inherent in the architectures of software-intensive systems. This method was developed to provide a principled way to evaluate a software architecture's fitness with respect to multiple competing quality attributes: modifiability, security, performance, availability, and so forth. These attributes interact, and improving one often comes at the price of worsening one or more of the others. The method helps us reason about architectural decisions that affect quality attribute interactions. The ATAM is a spiral model of design, one of postulating candidate architectures followed by analysis and risk mitigation that lead to refined architectures.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr008/98tr008abstract.html
CMU/SEI-98-TR-010,
ADA351644
Browsers for Distributed Systems: Universal Paradigm or Siren's Song?
Seacord, R. & Hissam, S.
Web-based browsers are quickly becoming ubiquitous in the workplace. Software development managers are quick to incorporate browsers into a broad range of software development projects, often inappropriately. The purpose of this technical report is to examine the technical issues relevant to incorporating browsers as a component of a commercial off-the-shelf (COTS) -based solution. Issues examined include portability, performance, functionality, severity, human factors, distribution, installation, upgrading, component-based development, runtime configuration management, and licensing.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr010/98tr010abstract.html
CMU/SEI-98-TR-014,
ADA355070
Case Study in Survivable Network System Analysis
Ellison, R.; Linger, R.; Longstaff, T.; & Mead, N.
This paper presents a method for analyzing the survivability of distributed network systems and an example of its application. Survivability is the capability of a system to fulfill its mission, in a timely manner, in the presence of attacks, failures, or accidents. Survivability requires capabilities for intrusion resistance, recognition, and recovery. The Survivable Network Analysis (SNA) method builds on the Information Security Evaluation previously developed by permitting assessment of survivability strategies at the architecture level. Steps in the SNA method include system mission and architecture definition, essential capability definition, compromisable capability definition, and survivability analysis of architectural softspots that are both essential and compromisable. Intrusion scenarios play a key role in the method. SNA results are summarized in a Survivability Map which links recommended survivability strategies for resistance, recognition, and recovery to the system architecture and requirements. This case study summarizes the application and results of applying the SNA method to a subsystem of a large-scale, distributed healthcare system. The study recommended specific modifications to the subsystem architecture to support survivability objectives. Positive client response to study recommendations suggests that the method can provide significant added value for ensuring survivability of system operations. As a result of this case study, the SNA method, artifacts, and lessons learned will be available to apply architectural analysis for survivability to proposed and legacy DoD distributed systems.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr014/98tr014abstract.html
CMU/SEI-98-TR-001,
ADA340194
Coming Attractions in Program Understanding II: Highlights of 1997 and Opportunities in 1998
Tilley, S.
This report highlights important developments in program-understanding work in 1997 and outlines some of the opportunities in the field in 1998. A framework of three focus areas is used to categorize research and development activities in program understanding: investigating cognitive aspects, developing support mechanisms, and maturing the practice. Although significant progress was made in these areas, the rapid changes in the software engineering landscape are giving rise to several new challenges. Three of the most important in the coming year are leveraging the Web, black-box understanding, and the Year 2000 problem.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr001/98tr001abstract.html
CMU/SEI-98-TR-006,
ADA353168
Continuously Improving Software Process
Willis, R.; Rova, R.; Scott, M.; Johnson, M.; Ryskowski, J.; Moon, J.; & Shumate,
K.; & Winfield, T.
This report describes the software improvement activities of Hughes Aircraft Company over the last 25 years. The focus is on continuous improvement of the software development process and the deployment of that process from a single organization at Fullerton, California, to virtually all the 5000 software engineers of Hughes Aircraft. For this achievement, the widespread deployment of a continuously improving software process, Hughes Aircraft was awarded the 1997 IEEE Computer Society Software Process Achievement Award.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr006/98tr006abstract.html
CMU/SEI-98-TR-007,
ADA346252
DoD Product Line Practice Workshop Report
Bergey, J.; Clements, P.; Cohen, S.; Donohoe, P.; Jones, L.; Krut, B.; Northrop, L.;
Tilley, S.; Smith, D.; & Withey, J.
The Department of Defense (DoD) Product Line Practice workshop, Product Lines: Bridging the Gap-Commercial Success to DoD Practice was a hands-on meeting held in March 1998. Its purpose was to identify industry-wide best practices in software product lines, to share DoD product line experience, to explore the technical and non-technical issues involved, and to discuss ways in which the current gap between commercial best practice and DoD practice can be bridged. This report synthesizes the workshop presentations and discussions that described selected product line practices and identified barriers and enablers to achieving these practices within the DoD.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr007/98tr007abstract.html
CMU/SEI-98-TR-009,
ADA354756
Model-Based Verification: A Technology for Dependable Upgrade
Gluch, D. & Weinstock, C.
This is a preliminary report on the technological foundations of model-based verification for engineering software system upgrades. It describes the historical background and technical foundations for the approach and begins to provide a basis for the transition of model-based verification into practice. Critical technical and procedural issues that have been or are being addressed to ensure successful transition are examined. The report is aimed at providing technical insight and understanding for software management and engineering personnel on this emerging technology for verification of software system upgrades.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr009/98tr009abstract.html
CMU/SEI-98-TR-012,
ADA354685
People CMM®-Based Assessment Method Description
Hefley, W. & Curtis, B.
This document provides a high-level overview of the People Capability Maturity Model® (CMM®)-Based Assessment Method. It introduces the People CMM as a source of guidelines for improving the capability and readiness of an organization's workforce in the context of the IDEALSM approach to process improvement. In order to measure the capability and maturity of an organization's workforce practices, an appraisal method has been developed for the People CMM. This document describes the requirements and methods for the People CMM-Based Assessment Method. This method is a diagnostic tool that supports, enables, and encourages an organization's commitment to improving its ability to attract, develop, motivate, organize, and retain the talent needed to steadily improve its organizational capability. The method helps an organization gain insight into its workforce capability by identifying strengths and weaknesses of its current practices related to the People CMM. The method focuses on identifying improvements that are most beneficial, given an organization's business goals and current maturity level. Brief descriptions of the method activities, roles, and responsibilities are provided. The SEI Appraiser Program is discussed, detailing the requirements for persons qualified to lead People CMM-Based Assessments.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr012/98tr012abstract.html
CMU/SEI-98-TR-005,
ADA343688
Reverse-Engineering Environment Framework, A
Tilley, S.
This report describes a framework for reverse-engineering environments used to aid program understanding. The framework is based on a descriptive model that categorizes important support mechanism features based on a hierarchy of attributes. The attributes include cognitive model support, reverse-engineering tasks, canonical activities that are characteristic of the reverse-engineering process, quality attributes supported by the reverse-engineering environment, and miscellaneous characteristics.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr005/98tr005title.htm
CMU/SEI-98-TR-017,
ADA358797
rlogin(1): The Untold Story
Rogers, L.
Coding defects account for a significant portion of the reports received by the CERT Coordination Center® (CERT/ CC). Through in-depth analysis of these reports and generalizing our findings from those analyses, we have begun to create guidelines for mitigation strategies for existing defects and avoidance strategies when coding new software. In this document, we report the results of our analysis of the well-known defect in the rlogin program. We discuss the coding defect in detail, three mitigation strategies devised to remedy the defect, and two avoidance strategies offered as a guide to reducing the instances of similar coding defects in new programs. We end with three design notes aimed at eliminating these defects at the hardware and protocol design level.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr017/98tr017abstract.html
CMU/SEI-98-TR-015,
ADA354691
Second Product Line Practice Workshop Report
Bass, L.; Chastek, G.; Clements, P.; Northrop, L.; Smith, D.; & Withey, J.
The second Software Engineering Institute Product Line Practice Workshop was a hands-on meeting held in November 1997 to share industry practices in software product lines and to explore the technical and non-technical issues involved. This report synthesizes the workshop presentations and discussions, which identified factors involved in product line practices and analyzed issues in the areas of software engineering, technical management, and enterprise management.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr015/98tr015abstract.html
CMU/SEI-98-TR-003,
ADA351640
Software Acquisition Improvement Framework (SAIF) Definition
Fisher, M.; Damer, R.; Reed, L.; & Barbour, R.
The Software Acquisition Improvement Framework (SAIF) is a computer-aided system that supports the improvement of an organization's software acquisition process capability and performance. The framework integrates an acquisition- process reference model, such as the Software Acquisition Capability Maturity Model® (SA-CMM®); a process that defines the improvement approach, such as the SEI's IDEALSM) method; plus guidance and other artifacts, which support the use of the model and improvement process. The guidance and artifacts are stored in a repository that automatically links them to the rest of the framework. This linking is structured to ensure that the reference model, the improvement process, and the supporting artifacts are available to the organization at the right time in the improvement process phases and to focus on the areas for which the organization seeks improvement. This document discusses rationale behind the need for the SAIF, the elements constituting the SAIF, and the intended operational usage of the SAIF.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr003/98tr003abstract.html
CMU/SEI-98-TR-013,
ADA358781
Study of Practice Issues in Model-Based Verification Using the Symbolic Model Verifier (SMV), A
Srinivasan, G. & Gluch, D.
This report presents the results of a study on the practice issues involved in using the Symbolic Model Verifier (SMV) for model checking software systems. The case study is of a Simplex implementation: the Simplex coordinated demonstration system for reliable system upgrade. The investigation consisted of generating a system model (using both statechart and SMV notations), specifying claims (expected properties) of the system as temporal logic formulae, and checking those formulae with respect to the SMV model. The various steps involved in the modeling process are described. Examples of the claims, their results, and a description of how the SMV tool analyzed them are detailed. Key engineering decisions made during the modeling process and a work breakdown of the effort are also presented.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr013/98tr013abstract.html
CMU/SEI-98-TR-004,
ADA353172
Transition Packages for Expediting Technology Adoption: The Prototype Requirements Management Transition Package
Fowler, P. & Patrick, M.
This report describes the experience of building and evaluating a prototype transition package for organizations implementing processes in support of the Requirements Management key process area of the Software Engineering Institute's Capability Maturity Model® for Software.1 This report presents our conclusions based on evaluation and review of the prototype by users typical of the audience targeted for transition packages. Feedback from these users indicated that they were typical "early or late majority" adopters. They found the transition package helpful for orientation and education as part of implementing requirements management practices in their organizations. This report also describes the foundations in research and practice on which the transition package concept is based. We argue in this report that transition packages, as part of a complete "whole product" that includes training and consulting, can be an effective mechanism for expediting the diffusion, adoption, and implementation of important technologies. Finally, we describe what we now know about creating transition packages and how they might be used.
http://www.sei.cmu.edu/publications/documents/98.reports/98tr004/98tr004abstract.html
[2007] [2006] [2005] [2004] [2003] [2002] [2001] [2000] [1999] [1998] [1997] [1996] [1995] [1994] [1993] [1992] [1991] [1990] [1989] [1988] [1987] [1986] [PDF]