Hiroshi Sakaki

Evaluation of IT systems considering characteristics as system of systems

It is important for IT system integration (SI) to evaluate non-functional requirements (NFR) in design phase. However, since IT systems show system of systems (SoS) characteristics, the evaluation is a difficult work. An IT system consisting of independently developed systems has to be evaluated comprehensively as a whole system. Moreover, the details of some systems are often unknown, i.e., black box. Model-based systems engineering is a promising approach for the evaluation in design phase. This paper describes our in-house tool named CASSI (Computer Aided System model-based System Integration environment). CASSI consists of a repository of “system models” as elements to model an SoS, and tools to evaluate NFR of the SoS. CASSI includes two aspects; modeling as detailed as possible for precise evaluation and including black box as necessary. This paper represents the results and effectiveness of applying CASSI to SI.

A model-based method for security configuration verification

Various kinds of access control mechanisms have been employed in todays computer systems to protect confidential information. Since high expertise is required for the system configuration maintenance, detecting vulnerabilities due to configuration errors is a difficult task. In this paper, we propose a model-based configuration verification method that can find complex errors of two major access control mechanisms, network packet filtering and file access control. This method constructs an information flow model using the configurations of the two mechanisms and verifies whether the system is configured to suffice access policies defined by system administrators. Through the development of a prototype system and its experimental use, we confirmed that the proposed method could discover configuration errors of Web servers that might cause information leakage.

Qualitative Simulation for Early-Stage Service Design

Currently, the importance of services is widely accepted in various industries. Given this background, fundamental research on service engineering is carried out quite actively. Service engineering seeks to provide design methodology for services from an engineering perspective.

Determining Appropriate IT Systems Design Based on System Models

Developing IT systems to satisfy Service Level Objectives (SLOs) of various Non-Functional Requirements (NFRs) while minimizing cost is in great demand. To automatically find the best system design, we propose an effective optimization method based on models of IT systems and their NFR evaluations. Our method is able to handle SLOs whose satisfaction is hard to check analytically as constraints and can be applied to a wide variety of system sizing problems.