Software Architecture Risk Assessment

(SARA) Tool

Khader Shaik, Wallid Abdelmoez, Dr. Hanny Ammar

Lane Department of Computer Science and Electrical Engineering,

West Virginia University,

Morgantown, WV 26506-6109

This work is funded in part by grants to West Virginia University Research Corp. from the National Science Foundation (NSF-ITR) Program, and from the NASA Office of Safety and Mission Assurance (OSMA) through

the NASA Independent Verification and Validation (IV&V) Facility, Fairmont, West Virginia.

Outline• Introduction

• Functional Requirements

• Architecture

• Demo

• Conclusion and Future Work

Introduction

• A sound architecture is the means to build a software system with high quality attributes.

• As architecture became a more significant artifact in developing software systems, the need to quantitatively analyze the architecture has become eminent.

• Risk assessment helps projects to avoid unpredicted catastrophic problems. Also, it largely prevents wrong allocation of resources.

• According to NASA-STD-8719.13A standard, risk is a function

of the anticipated frequency of occurrence of an undesired event,

the potential severity of resulting consequences, and the uncertainties

associated with the frequency and severity.

• In this paper, we present a tool that support architectural level

model-based risk assessment, which includes –Maintainability based risk

–Reliability based risk and

–Requirements based risk.

Introduction (contd..)

Introduction (contd..)

• Maintainability-based risk – takes into account the probability that the software product will need to endure a certain type of maintenance and the consequences of performing this maintenance on the system.

•Reliability-based risk:

– takes into account the probability that the software product will fail in the operational environment and the consequences of that failure. .

• Requirements-based risk – deals with the probability that the software will experience a requirement failure and the consequences of such failures.

Functional Requirements

• It extends our earlier Architectural-level Risk Assessment Tool (ARAT) by providing support for more architectural models and different perspective of risk assessment other than reliability- based risk.

• The tool accepts different type of inputs. It parses these input files and produce quantitative metrics that are used to estimate the required risk factors.

• The input formats are from:

–StarUML models (XMI Files)

–Rose RealTime models (.txt Files) and

–Java Understand models (.txt and .PUX static analysis files) .

• As software architecture explicates the structure of the system in terms of components and interactions among them to accomplish the desired requirements, we have considered Class Diagrams, Sequence Diagrams, Use Case Diagrams and State Chart Diagrams.

Functional Requirements (contd..)

Architecture

DEMO • The demo of the SARA Tool is provided by taking Maintainability Risk with CM-1 as Case Study for StarUML format .

• The inputs required for this module are– XMI (XML Metadata Interchange) file of the Design from StarUML– .txt document for estimating Initial Change Probability (Optional)

• The Evaluations: All are Component level

– Change Propagation Probability Metrics– Size of Change Probability Metrics– Initial Change Probabilities both for Corrective and Adaptive cases– Corrective Maintainability Risk and – Adaptive Maintainability Risk

TMALI

+hkData()+dciGetEvents()+dpaSetNumEvents()+dpaEvent()

DCI

+tmaliEvents()+tmaliNullEvents()+dpaConfigDone()

CCM

+tmaliDciTimeoutSet()+tmaliHkGet()+icuiHBSend()+dpaModeCmd()+icuiHkGet()+dcxHkGet()+dpaHkGet()+bitHkGet()+tisHkGet()+edacHkGet()+scuiHkGet()+scuiEnq()

ICUI

+read()+ccmCmdEnq()+write()+hkData()+dpaModeReady()+dpaEnqDone() SSI

+readData()+write()

DCX

+dpaEnqDone()+hkData()+scuiEnq()+scuiEnqDone()

DPA

+tmaliWaitForEvents()+tmaliGetEvents()+dciConfigure()+dciConfigure()+scuiEnqDone()+icuiChanBound()+icuiReady()+icuiEnq()+dcxEnq()+dcxEnqDone()+hkData()+events()+scuiEnq()

1553

+tisTimeSync()+writeEDone()

SCUI

+hkData()+dcxEventIn()+dcxEnqDone()+dpaEnqDone()+write()+writeE()

BIT

+hkData()

TIS

+hkData()

EDAC

+hkData()

Case Study:CM-1: Class Diagram from StarUML

Some of the Sequence Diagrams of CM-1 Model :

SETUP ICUI SSI CCM DPA

1 : initDpa()

2 : initCcm()

3 : initSsi()

4 : initIcui()

5 : read()

6 : readData()

7 : ccmCmdEnq()

8 : dpaModeCmd()

9 : icuiChanBound()

10 : write()

SETUP ICUI SSI CCM DPA TMALI

1 : initTmali()

2 : initDpa()

3 : initCcm()

4 : initSsi()

5 : initIcui()

6 : read()

7 : readData()

8 : ccmCmdEnq()

9 : dpaModeCmd()

10 : TmaliDoiTimeoutSet()

SETUP CCM BIT DCX DPA EDAC ICUI SCUI TIS TMALI 1553

1 : initMilstd()

2 : initTmali()

3 : initTis()

4 : initScui()

5 : initIcui()

6 : initEdac()

7 : initDpa()

8 : initDcx()

9 : initBit()

10 : initCcm()

11 : hkData()

12 : hkData()

13 : dcxHkGet()

14 : hkData()15 : dpaHkGet()

16 : hkData()

17 : edacHkGet()

18 : hkData()

19 : icuiHkGet()

20 : hkData()

21 : scuiHkGet()

22 : hkData()

23 : tisHkGet()

24 : hkData()

25 : tmaliHkGet()

26 : hkData()

27 : scuiEnq()

28 : write()

Some of the Sequence Diagrams of CM-1 Model :

XMI file exported from StarUML

------The following slides takes us to the tour of the Tool demo

DEMO of the SARA Tool……

Conclusion and Future Work• Software Architecture Risk Assessment (SARA) Tool is designed

and implemented as a tool for computing and analyzing architectural level risk factors like Maintainability Risk, Reliability Risk and Requirement Risk.

• Among our venues of further research, we are considering – to support more input formats for the tool and test with multiple

case studies. – to add other risk assessment perspectives like performance-based

risk.– to support evaluation of Product Line Architectures (PLA).– to make it a web based open source tool.

Thank You