Paul W. Oman

Metrics for assessing a software system's maintainability

It is noted that the factors of software that determine or influence maintainability can be organized into a hierarchical structure of measurable attributes. For each of these attributes the authors show a metric definition consistent with the published definitions of the software characteristic being measured. The result is a tree structure of maintainability metrics which can be used for purposes of evaluating the relative maintainability of the software system. The authors define metrics for measuring the maintainability of a target software system and discuss how those metrics can be combined into a single index of maintainability.<<ETX>>

The MILS architecture for high-assurance embedded systems

High-assurance systems require a level of rigor, in both design and analysis, not typical of conventional systems. This paper provides an overview of the Multiple Independent Levels of Security and Safety (MILS) approach to high-assurance system design for security and safety critical embedded systems. MILS enables the development of a system using manageable units, each of which can be analysed separately, avoiding costly analysis required of more conventional designs. MILS is particularly well suited to embedded systems that must provide guaranteed safety or security properties.

An examination of the effects of requirements changes on software maintenance releases

Requirements are the foundation of the software release process. They provide the basis for estimating costs and schedules, as well as developing design and testing specifications. When requirements have been agreed on by both clients and maintenance management, then adding to, deleting from, or modifying those existing requirements during the execution of the software maintenance process impacts the maintenance cost, schedule, and quality of the resulting product. The basic problem is not the changing in itself, but rather the inadequate approaches for dealing with changes in a way that minimizes and communicates the impact to all stakeholders. Using data collected from one organization on 44 software releases spanning seven products, this paper presents two quantitative techniques for dealing with requirements change in a maintenance environment. First, exploratory data analysis helps one to understand the sources, frequency, and types of changes being made. Second, a regression model helps managers communicate the cost and schedule effects of changing requirements to clients and other release stakeholders. These two techniques can help an organization provide a focus for management action during the software maintenance process. Copyright

The application of software maintainability models in industrial software systems

Abstract The impact of software maintainability has become one of the most important aspects of past, present, and future software systems. Tools and models that can measure software maintainability will play an increasingly important role in the software industry. This article reviews two early attempts at software maintainability assessment and describes five recently developed models. Two of these are then applied to industrial software systems, and the results are evaluated. Each of the two models are shown to be effective in evaluating industrial software systems at the component, subsystem, and system levels.

Maintainability measurements on industrial source code maintenance activities

It is clear that the burden of software maintenance increases proportionately with our inventory of software systems. Our inventory is increasing because we now recognize existing code as reusable assets rather than liabilities. With this recognition comes an understanding of the importance of evaluating code quality and maintainability. We show how maintainability metrics can be used to gauge the effect of perfective and adaptive maintenance on large industrial software systems. In a series of four studies we measure the maintainability of the source code before and after a prescribed maintenance activity. These measurements permit us to analyze the effect of the maintenance activities as well as evaluating the models sensitivity to code change.

A multi-layered approach to security in high assurance systems

Past efforts at designing and implementing ultra high assurance systems for government security and safety have centered on the concept of a monolithic security kernel responsible for a system-wide security policy. This approach leads to inflexible, overly complex operating systems that are too large to evaluate at the highest assurance levels (e.g., Common Criteria EAL 5 and above). We describe a new multi-layered approach to the design and verification of embedded trustworthy systems that is currently being used in the implementation of real time, embedded applications. The framework supports multiple levels of safety and multiple levels of security, based on the principle of creating separate layers of responsibility and control, with each layer responsible for enforcing its own security policy.

Development and application of an automated source code maintainability index

When software maintenance results in changing the source code, the change frequently occurs in an undisciplined manner that results in source code that is inherently more difficult to maintain. The long-term effect may be thought of as a downward spiral that culminates in virtually ‘unmaintainable’ code where it is more cost effective to just start again. Too often, software personnel and managers, aware that the code is becoming less maintainable, have been unable to estimate with useful accuracy the degree to which maintainability has diminished. The result is that they either continue to waste time and money maintaining code which is effectively unmaintainable, or they opt to live with what seems to be bad code, not touching it for fear of breaking it. To avoid this state of affairs, software developers need to be able to quanitify both the current level of software maintainability and the impact on it of any given change. This paper discusses the application of software metrics as a tool for quantifying code maintainability and, by extension, for making decisions. The first part of the discussion focuses on deriving a minimal set of easily calculated metrics which, when taken together, can produce a single-valued quantification (or index) of code maintainability. Case studies are then presented which serve to illustrate not only the degree to which software can degrade over time, but how this ‘maintainability index’ (MI) can be used to quantify maintainability and aid decision making. Finally, a methodology for making metric assessments readily available to software personnel is presented so that they can now easily integrate maintainability metrics into maintenance (and development) processes. As a result, the downward spiral of code degradation becomes at least recognizable, hopefully less precipitous, and perhaps avoidable entirely. © 1997 by John Wiley & Sons, Ltd.

Intrusion Detection and Event Monitoring in SCADA Networks

This paper describes the implementation of a customized intrusion detection and event monitoring system for a SCADA/sensor testbed. The system raises alerts upon detecting potential unauthorized access and changes in device settings. By markedly increasing the logging of critical network events, the system shows dramatic improvements in both the security and overall auditing capabilities. In addition to its role in securing SCADA networks, the system assists operators in identifying common configuration errors.

Programming style authorship analysis

Detecting instances of software theft and plagiarism is a difficult problem. The statistical analysis of peculiar words or phrases known to be used by an author is a common method of settling authorship disputes in English literature. This paper presents a similar method for identifying authorship of programs. The method is based on typographic or layout style program characteristics. Our experiments show that these characteristics can be useful in determining authorship. The major benefits of the method are that it is simple, easy to automate, and can be used in conjunction with other program fingerprinting methodologies.

A taxonomy for programming style

Programming style guidelines, style analyzers, and code formatters have been developed without a solid empirical or theoretical basis. In this paper we provide: (1) a justification for developing a programming style taxonomy, (2) an operational style taxonomy, (3) example applications of the taxonomy illustrating the diverse and sometimes contradictory nature of programming style guidelines, and (4) a discussion on how the taxonomy can be used to further teaching and research in programming style. The taxonomy provides a context for understanding and identifying specific style factors and empirical studies necessary to determine the effects of style on program comprehension. The results of this paper have a direct impact on programming instruction, programming standards, automated style analyzers, and code formatting tools like pretty-printers and syntax directed editors.