Shuji Morisaki

A system theoretic assurance case review

Assurance case is widely recognized as the fundamental document to certify safety critical systems. Several assurance case review methods are proposed to validate correctness of syntax rules, and traceability among artifacts and assurance cases. However, it is not established to review assurance cases from the point of target configuration information to be assured. In this paper, an assurance case review approach is proposed based on system theory. The proposed approach uses a system diagram to represent configuration information such as artifact models, quality attributes, and risk definitions.

IT Demand Governance using Business Goal Structuring Notation

Given that the Balanced Scorecard (BSC) can also be used to decompose business goals into a tree- type structure, one would expect there to be a need for structuring and expressing business goals using Goal Structuring Notation (GSN). This article proposes Business Goal Structuring Notation (BGSN) based on an idea derived from said consideration. In addition, it also compares BSC with BGSN and Goal, Question, Metric-Business Strategy (GQM-BS) to verify the effectiveness of BGSN.

Identifying recurring association rules in software defect prediction

Association rule mining discovers patterns of co-occurrences of attributes as association rules in a data set. The derived association rules are expected to be recurrent, that is, the patterns recur in future in other data sets. This paper defines the recurrence of a rule, and aims to find a criteria to distinguish between high recurrent rules and low recurrent ones using a data set for software defect prediction. An experiment with the Eclipse Mylyn defect data set showed that rules of lower than 30 transactions showed low recurrence. We also found that the lower bound of transactions to select high recurrence rules is dependent on the required precision of defect prediction.

Fault-Prone Module Prediction Using a Prediction Model and Manual Inspection

This paper proposes a fault-prone prediction approach that combines a fault-prone prediction model and manual inspection. Manual inspection is conducted by a predefined checklist that consists of questions and scoring procedures. The questions capture the fault signs or indications that are difficult to be captured by source code metrics used as input by prediction models. Our approach consists of two steps. In the first, the modules are prioritized by a fault-prone prediction model. In the second step, an inspector inspects and scores α percent of the prioritized modules. We conducted a case study of source code modules in commercial software that had been maintained and evolved over ten years and compared AUC (Area Under the Curve) values of Alberg Diagram among three prediction models: (A) support vector machines, (B) lines of code, and (C) random predictor with four prioritization orders. Our results indicated that the maximum AUC values under appropriate α and the coefficient of the inspection score were larger than the AUC values of the prediction models without manual inspection in each of the four combinations and the three models in our context. In two combinations, our approach increased the AUC values to 0.860 from 0.774 and 0.724. Our results also indicated that one of the combinations monotonically increased the AUC values with the numbers of manually inspected modules. This might lead to flexible inspection; the number of manually inspected modules has not been preliminary determined, and the inspectors can inspect as many modules as possible, depending on the available effort.

Quantitative Evaluation of IT Management Activity Knowledge

It is well known that IT management is the critical success factor for operating IT systems. However, the quantitative knowledge to evaluate the IT management capability of organizations has not been known. This paper proposes a quantitative IT management activity knowledge to evaluate IT management capability of organizations. The IT management activity Knowledge (ITMAK) is defined based on the 8 composite activities, that are IT management basic, IT risk analysis, vision construction, communication, product design, process design, investment optimization, and human resource development. The proposed ITMAK has also been applied to Japanese IT management experts. The result shows that ITMAK can effectively be applied to visualize the IT management activities of the organizations.

A Composite Dependability for Enterprise Architecture

Abstract For assuring dependability among systems, it is necessary to describe not only system architecture, but also assurance argument between elements of systems. The composite dependability means for assuring dependability between components of a system. Several approaches have been focused to show the assurance of one single system. Moreover, a unified method to describe both assurance case and system architecture in the same diagram has not been known. This paper proposes a unified method to describe assurance case and system architecture by using an Enterprise Architecture modeling language, Examples of the proposed method are also described. The result shows the method is effectively applicable for assuring dependability of business, application, and technology architecture.

An Empirical Evaluation of Detecting Omissions by Comparing Words between Requirement and Architectural Documents

This paper presents the result of the empirical evaluation of detection of omitted requirements that are not described by using words appearance and words senses appearance. The evaluation investigated whether omitted requirements can be detected by difference between a set of words in software requirement document and a set of words in software architectural design document. The evaluation also investigated whether omitted requirements can be detected by difference between a set of words senses. First, the evaluation extracted a set of words that appear in a software requirement document and do not appear in the corresponding software architectural design document. The evaluation extracted a set of words senses that appear in a requirement document and do not appear in software architectural design document. Then, an analyst checked whether corresponding design description with each requirement sentence that contains each word and word sense of the sets exist or not. The result of the word appearance evaluation with 5 pairs of software requirement document and architectural design document shows that 82 requirement sentences were not described in the corresponding architectural design document. The result of the word sense appearance evaluation with 2 pairs of documents shows that 31 requirement sentences were not described in the corresponding architectural design document in addition to the word appearance evaluation.

Mobile Security Assurance for Automotive Software Through ArchiMate

ArchiMate is used to describe Business, Application and Technology Architectures models for Enterprise Architecture. Although the effectiveness of creating security case method in ArchiMate has been shown for mobile services, the applicability of the method was not discussed for the automotive mobile software development. In this paper, the method of creating security cases for mobile architecture models in ArchiMate is applied to an automotive mobile service and evaluated. The result shows the applicability of the method for various mobile security architecture domains.

The Evaluation Knowledge of Standard Software Asset using The Seven Samurai Framework

The knowledge which is needed on automotive software development, increases significantly according to large-scale, complexity of automotive software. Therefore, it is very difficult for an engineer to understand the whole software development. This paper introduces a way of constructing a meta-model, which visualizes the knowledge of expert engineers, based on The Seven Samurai framework. It can solve issues of system development by considering the seven types of elements which are defined in this framework. And then, its name was defined based on the famous Japanese cinema. Additionally, this paper shows the evaluation results of applying the meta-model to the evaluation of actual standard software assets in the product line, and then the effectiveness of the proposed approach is confirmed based on the results.

An empirical evaluation of the effectiveness of inspection scenarios developed from a defect repository

Abstracting and summarizing high-severity defects detected during inspections of previous software versions could lead to effective inspection scenarios in a subsequent version in software maintenance and evolution. We conducted an empirical evaluation of 456 defects detected from the requirement specification inspections conducted during the development of industrial software. The defects were collected from an earlier version, which included 59 high-severity defects, and from a later version, which included 48 high-severity defects. The results of the evaluation showed that nine defect types and their corresponding inspection scenarios were obtained by abstracting and summarizing 45 defects in the earlier version. The results of the evaluation also showed that 46 of the high-severity defects in the later version could be potentially detected using the obtained inspection scenarios. The study also investigated which inspection scenarios can be obtained by the checklist proposed in the value-based review (VBR). It was difficult to obtain five of the inspection scenarios using the VBR checklist. Furthermore, to investigate the effectiveness of cluster analysis for inspection scenario development, the 59 high-severity defects in the earlier version were clustered into similar defect groups by a clustering algorithm. The results indicated that cluster analysis can be a guide for selecting similar defects and help in the tasks of abstracting and summarizing defects.