All Matches
Solution Library
Expert Answer
Textbooks
Search Textbook questions, tutors and Books
Oops, something went wrong!
Change your search query and then try again
Toggle navigation
FREE Trial
S
Books
FREE
Tutors
Study Help
Expert Questions
Accounting
General Management
Mathematics
Finance
Organizational Behaviour
Law
Physics
Operating System
Management Leadership
Sociology
Programming
Marketing
Database
Computer Network
Economics
Textbooks Solutions
Accounting
Managerial Accounting
Management Leadership
Cost Accounting
Statistics
Business Law
Corporate Finance
Finance
Economics
Auditing
Ask a Question
AI Study Help
New
Search
Search
Sign In
Register
study help
business
software testing and quality assurance
Questions and Answers of
Software Testing And Quality Assurance
17.1. Why is it important that all component interactions are defined through ‘requires’ and‘provides’ interfaces?
understand some of the difficulties and problems that arise during the process of component composition.
know the principal activities in the CBSE process for reuse and the CBSE process with reuse;
understand what is meant by a component and a component model;
know that component-based software engineering is concerned with developing standardized components based on a component model, and composing these into application systems;
16.10. The reuse of software raises a number of copyright and intellectual property issues. If a customer pays a software contractor to develop a system, who has the right to reuse the developed
16.9. Explain why adaptors are usually needed when systems are constructed by integrating COTS products. Suggest three practical problems that might arise in writing adaptor software to link two COTS
16.8. Identify six possible risks that can arise when systems are constructed using COTS. What steps can a company take to reduce these risks?
16.7. Why have many large companies chosen ERP systems as the basis for their organizational information system? What problems may arise when deploying a large-scale ERP system in an organization?
16.6. Most desktop software, such as word processing software, can be configured in a number of different ways. Examine software that you regularly use and list the configuration options for that
16.5. Using the example of the weather station system described in Chapters 1 and Chapter 7, suggest a product line architecture for a family of applications that are concerned with remote monitoring
16.4. Explain what is meant by ‘inversion of control’ in application frameworks. Explain why this approach could cause problems if you integrated two separate systems that were originally created
16.3. Give four circumstances where you might recommend against software reuse.
16.2. Suggest why the savings in cost from reusing existing software are not simply proportional to the size of the components that are reused.
16.1. What are the major technical and nontechnical factors that hinder software reuse? Do you personally reuse much software and, if not, why not?
have learned how systems can be developed by configuring and composing off-the-shelf application software systems.
have been introduced to software product lines, which are made up of a common core architecture and configurable, reusable components;
understand the concept of an application framework as a set of reusable objects and how frameworks can be used in application development;
understand the benefits and problems of reusing software when developing new systems;
15.10. Assume you were part of a team that developed software for a chemical plant, which failed, causing a serious pollution incident. Your boss is interviewed on television and states that the
15.9. The door lock control mechanism in a nuclear waste storage facility is designed for safe operation. It ensures that entry to the storeroom is only permitted when radiation shields are in place
15.8. List four types of systems that may require software safety cases, explaining why safety cases are required.
15.7. The MHC-PMS has to be secure against attacks that might reveal confidential patient information. Some of these attacks have been discussed in Chapter 14. Using this information, extend the
15.6. Suggest how you would go about validating a password protection system for an application that you have developed. Explain the function of any tools that you think may be useful.
15.5. Using examples, explain why security testing is a very difficult process.
15.4. Explain why ensuring system reliability is not a guarantee of system safety.
15.3. Explain why it is practically impossible to validate reliability specifications when these are expressed in terms of a very small number of failures over the total lifetime of a system.
15.2. Suggest a list of conditions that could be detected by a static analyzer for Java, C++, or any another programming language that you use. Comment on this list compared to the list given in
15.1. Explain when it may be cost effective to use formal specification and verification in the development of safety-critical software systems. Why do you think that critical systems engineers are
have been introduced to safety and dependability cases that present arguments and evidence of system safety and dependability.
know why process assurance is important, especially for software that has to be certified by a regulator;
understand the basics of reliability and security testing and the inherent problems of testing critical systems;
understand how different approaches to static analysis may be used in the verification of critical software systems;
14.10. For the equity trading system discussed in Section 14.2.1, whose architecture is shown in Figure 14.5, suggest two further plausible attacks on the system and propose possible strategies that
14.9. Explain how the complementary strategies of resistance, recognition, and recovery may be used to enhance the survivability of a system.
14.8. For any off-the-shelf software system that you use (e.g., Microsoft Word), analyze the configuration facilities included and discuss any problems that you find.
14.7. What is social engineering? Why is it difficult to protect against it in large organizations?
14.6. Explain why it is important to use diverse technologies to support distributed systems in situations where system availability is critical.
14.5. Explain, using an analogy drawn from a non-software engineering context, why a layered approach to asset protection should be used.
14.4. Using your answers to question 2 about the MHC-PMS, assess the risks associated with that system and propose two system requirements that might reduce these risks.
14.3. Explain why there is a need for risk assessment to be a continuing process from the early stages of requirements engineering through to the operational use of a system.
14.2. For the MHC-PMS, suggest an example of an asset, exposure, vulnerability, attack, threat, and control.
14.1. Explain the important differences between application security engineering and infrastructure security engineering.
understand the notion of system survivability and why survivability analysis is important for complex software systems.
be aware of software architectures and design guidelines for secure systems development;
know how life-cycle risk assessment and operational risk assessment are used to understand security issues that affect a system design;
understand the difference between application security and infrastructure security;
13.10. The use of techniques for the production of safe software, as discussed in this chapter, obviously includes considerable extra costs. What extra costs can be justified if 100 lives would be
13.9. Explain why you should explicitly handle all exceptions in a system that is intended to have a high level of availability.
13.8. Give two reasons why different versions of a system based around software diversity may fail in a similar way.
13.7. It has been suggested that the control software for a radiation therapy machine, used to treat patients with cancer, should be implemented using N-version programming. Comment on whether or not
13.6. You are responsible for the design of a communications switch that has to provide 24/7 availability, but which is not safety-critical. Giving reasons for your answer, suggest an architectural
13.5. Imagine you are implementing a software-based control system. Suggest circumstances in which it would be appropriate to use a fault-tolerant architecture, and explain why this approach would be
13.4. What is the common characteristic of all architectural styles that are geared to supporting software fault tolerance?
13.3. Give two examples of diverse, redundant activities that might be incorporated into dependable processes.
13.2. Explain why it is reasonable to assume that the use of dependable processes will lead to the creation of dependable software.
13.1. Give four reasons why it is hardly ever cost effective for companies to ensure that their software is free of faults.
be aware of good programming practice that should be used in dependable systems engineering.
understand how different architectural styles may be used to implement software redundancy and diversity;
know how dependable software processes contribute to the development of dependable software;
understand how system dependability can be achieved by using redundant and diverse components;
12.10. Should software engineers working on the specification and development of safety-related systems be professionally certified in some way? Explain your reasoning.
12.9. Extend the table in Figure 12.11 to identify two further threats to the MHC-PMS, along with associated controls. Use these as a basis for generating further software security requirements that
12.8. Explain why there is a need for both preliminary security risk assessment and life-cycle security risk assessment during the development of a system.
12.7. There are two essential safety requirements for the train protection system: The train shall not enter a segment of track that is signaled with a red light. The train shall not exceed the
12.6. A train protection system automatically applies the brakes of a train if the speed limit for a segment of track is exceeded, or if the train enters a track segment that is currently signaled
12.5. Suggest appropriate reliability metrics for the classes of software systems below. Give reasons for your choice of metric. Predict the usage of these systems and suggest appropriate values for
12.4. A safety-critical software system for treating cancer patients has two principal components: A radiation therapy machine that delivers controlled doses of radiation to tumor sites. This
12.3. In the insulin pump system, the user has to change the needle and insulin supply at regular intervals and may also change the maximum single dose and the maximum daily dose that may be
12.2. Explain why the risk-based approach is interpreted in different ways when specifying safety and security.
12.1. Explain why the boundaries in the risk triangle shown in Figure 12.12 are liable to change with time and changing social attitudes.
be aware of the advantages and disadvantages of using formal, mathematical specifications of a system.
know the different types of security requirements that may be required in a complex system;
have been introduced to metrics for reliability specification and how these are used to specify measurable reliability requirements;
understand how fault trees can be used to help analyze risks and derive safety requirements;
understand how a risk-driven approach can be used for identifying and analyzing safety, reliability, and security requirements;
11.10. As an expert in computer security, you have been approached by an organization that campaigns for the rights of torture victims and have been asked to help the organization gain unauthorized
11.9. Using the MHC-PMS as an example, identify three threats to this system (in addition to the threat shown in Figure 11.8). Suggest controls that might be put in place to reduce the chances of a
11.8. In computer security terms, explain the differences between an attack and a threat.
11.7. In a medical system that is designed to deliver radiation to treat tumors, suggest one hazard that may arise and propose one software feature that may be used to ensure that the identified
11.6. Reliability and safety are related but distinct dependability attributes. Describe the most important distinction between these attributes and explain why it is possible for a reliable system
11.5. Identify six consumer products that are likely to be controlled by safety-critical software systems.
11.4. Giving reasons for your answer, suggest which dependability attributes are likely to be most critical for the following systems:An Internet server provided by an ISP with thousands of customers
11.3. Why do the costs of assuring dependability increase exponentially as the reliability requirement increases?
11.2. What are the most important dimensions of system dependability?
11.1. Suggest six reasons why software dependability is important in most sociotechnical systems.
understand that to achieve secure, dependable software, you need to avoid mistakes during the development of a system, to detect and remove errors when the system is in use, and to limit the damage
be aware of the specialized terminology that is used when discussing security and dependability;
understand the four principal dimensions of dependability, namely availability, reliability, safety, and security;
understand why dependability and security are usually more important than the functional characteristics of a software system;
=+· Are all navigation choices clearly labeled?
=+Can the interface be customized to the specific needs of a user?
=+condition (associated with software functionality) is uncovered?
=+Does the interface provide useful diagnosis and guidance when an error
=+Will the interface recognize common cognitive or manipulative mistakes and explicitly guide the user back on the right track?
=+tinue to operate without failure or degradation?
=+prescribed input boundaries? More importantly, will the software con-
=+Will the software recognize the error if data values are at or just outside
=+depth to which a user must navigate to get something done?
=+Have hierarchical operations been organized in a way that minimizes the
Showing 900 - 1000
of 3313
First
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Last