Pontus Johnson

Enterprise architecture analysis with extended influence diagrams

The discipline of enterprise architecture advocates the use of models to support decision-making on enterprise-wide information system issues. In order to provide such support, enterprise architecture models should be amenable to analyses of various properties, as e.g. the level of enterprise information security. This paper proposes the use of a formal language to support such analysis. Such a language needs to be able to represent causal relations between, and definitions of, various concepts as well as uncertainty with respect to both concepts and relations. To support decision making properly, the language must also allow the representation of goals and decision alternatives. This paper evaluates a number of languages with respect to these requirements, and selects influence diagrams for further consideration. The influence diagrams are then extended to fully satisfy the requirements. The syntax and semantics of the extended influence diagrams are detailed in the paper, and their use is demonstrated in an example.

A Tool for Enterprise Architecture Analysis

The discipline of enterprise architecture advocates the use of models to support decision-making on enterprise-wide information system issues. In order to provide such support, enterprise architecture models should be amenable to analyses of various properties, as e.g. the availability, performance, interoperability, modifiability, and information security of the modeled enterprise information systems. This paper presents a software tool for such analyses. The tool guides the user in the generation of enterprise architecture models and subjects these models to analyses resulting in quantitative measures of the chosen quality attribute. The paper describes and exemplifies both the architecture and the usage of the tool.

A probabilistic relational model for security risk analysis

Information system security risk, defined as the product of the monetary losses associated with security incidents and the probability that they occur, is a suitable decision criterion when considering different information system architectures. This paper describes how probabilistic relational models can be used to specify architecture metamodels so that security risk can be inferred from metamodel instantiations. A probabilistic relational model contains classes, attributes, and class-relationships. It can be used to specify architectural metamodels similar to class diagrams in the Unified Modeling Language. In addition, a probabilistic relational model makes it possible to associate a probabilistic dependency model to the attributes of classes in the architectural metamodel. This paper proposes a set of abstract classes that can be used to create probabilistic relational models so that they enable inference of security risk from instantiated architecture models. If an architecture metamodel is created by specializing the abstract classes proposed in this paper, the instantiations of the metamodel will generate a probabilistic dependency model that can be used to calculate the security risk associated with these instantiations. The abstract classes make it possible to derive the dependency model and calculate security risk from an instance model that only specifies assets and their relationships to each other. Hence, the person instantiating the architecture metamodel is not required to assess complex security attributes to quantify security risk using the instance model.

Where's the Theory for Software Engineering?

Darwins theory of natural selection, Maxwells equations, the theory of demand and supply; almost all established academic disciplines place great emphasis on what their core theory is. This is not, however, the case in software engineering. What is the reason behind the software engineering communitys apparent indifference to a concept that is so important to so many others?

The Effect of IT Governance Maturity on IT Governance Performance

There are several best practice based frameworks that detail effective arrangements for the internal structure of an IT organization. Although it is reasonable that there is a correlation between the quality of the internal structure of an IT organization – labeled IT governance maturity, and the external impact of the same IT organization on the business – labeled IT governance performance, this has not been validated. The results, based on 35 case studies, confirm the hypotheses of a positive correlation between IT governance maturity and IT governance performance. Among IT processes described in 34 references, the internal structure of the IT organization, clearly defined organizational structures and relationships, mature quality management, and cost allocation show the strongest positive correlation to IT governance performance. The maturity of project management and service level management, as well as performance and capacity management, show almost no correlation to IT governance performance. The findings can be used to improve current frameworks for IT governance.

Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models

To facilitate rational decision making regarding cyber security investments, decision makers need to be able to assess expected losses before and after potential investments. This paper presents a model based assessment framework for analyzing the cyber security provided by different architectural scenarios. The framework uses the Bayesian statistics based Extended Influence Diagrams to express attack graphs and related countermeasures. In this paper it is demonstrated how this structure can be captured in an

Architecture analysis of enterprise systems modifiability - Models, analysis, and validation

Enterprise architecture (EA) models can be used in order to increase the general understanding of enterprise systems and to perform various kinds of analysis. This paper presents instantiated architectural models based on a metamodel for enterprise systems modifiability analysis, i.e. for assessing the cost of making changes to enterprise-wide systems. The instantiated architectural models detailed are based on 21 software change projects conducted at four large Nordic companies. Probabilistic relational models (PRMs) are used for formalizing the EA analysis approach. PRMs enable the combination of regular entity-relationship modeling aspects with means to perform enterprise architecture analysis under uncertainty. The modifiability metamodel employed in the analysis is validated with survey and workshop data (in total 110 experts were surveyed) and with the data collected in the 21 software change projects. Validation indicates that the modifiability metamodel contains the appropriate set of elements. It also indicates that the metamodel produces estimates within a 75% accuracy in 87% of the time and has a mean accuracy of 88% (when considering projects of 2000 man-hours or more).

Enterprise Architecture: A Framework Supporting System Quality Analysis

Enterprise Architecture is a model-based approach to business-oriented IT management. To promote good IT decision making, an enterprise architecture framework needs to explicate what kind of analyses it supports. Since creating enterprise architecture models is expensive and without intrinsic value, it is desirable to only create enterprise architecture models based on metamodels that support well-defined analyses. This paper suggests a metamodel derived specifically with a set of theory-based system quality analyses in mind. The ISO 9126-based theory behind the system quality analysis is introduced in the shape of an extended influence diagram. Finally, an example illustrates that our theory-based metamodel does support system quality analysis.

Report on the Second SEMAT Workshop on General Theory of Software Engineering (GTSE 2013)

Many academic disciplines have general theories, which apply across the discipline and underlie much of its research. Examples include the Big Bang theory (cosmology), Maxwells equations (electrodynamics), the theories of the cell and evolution (biology), the theory of supply and demand (economics), and the general theory of crime (criminology). Software engineering, in contrast, has no widely-accepted general theory. Consequently, the SEMAT Initiative organized a workshop to encourage development of general theory in software engineering. Workshop participants reached broad consensus that software engineering would benefit from better theoretical foundations, which require diverse theoretical approaches, consensus on a primary dependent variable and better instrumentation and descriptive research.

The IT Organization Modeling and Assessment Tool: Correlating IT Governance Maturity with the Effect of IT

Does good IT governance improve the effect of IT? This paper presents the IT Organization Modeling and Assessment Tool (ITOMAT) which has been created to overcome operationalization and subjectivity weaknesses in the Control Objectives for Information and related Technology (COBIT) framework. ITOMAT was applied to assess IT governance maturity in four case studies. Simultaneously, external metrics of the effect of IT were collected and correlated to the maturity levels. Based on the correlations, a model linking internal and external measures was created. The model can be used to predict the effect of IT given the maturity levels of IT processes.