Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Visualized Assurance Approach for Enterprise Architecture

  • Received : 2019.01.23
  • Accepted : 2019.04.20
  • Published : 2019.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

In software engineering, to ensure reliability between systems, describing both system architecture and assurance arguments between system elements is considered necessary. There are proposals for system architecture assurance, but use of these traditional methods often requires development of different diagrams using different editors. Because the visual sense of the traditional methods is inadequate, errors readily occur when manipulating different diagrams. Therefore, it is essential that the assurance of dependability between components and systems is visualized and easy to understand. In this paper, an integrated approach to describe the relationship between system actors and system architecture is proposed, and this approach is clarified using an enterprise architecture modeling language. A case study is carried out and comparison to the traditional approach $d^*$ framework is explained. The comparison results show that the proposed approach is more suitable for ensuring dependability in system architecture.

Keywords

E1ICAW_2019_v17n2_117_f0001.png 이미지

Fig. 1. General structure of visualization for enterprise architecture.

E1ICAW_2019_v17n2_117_f0002.png 이미지

Fig. 2. Model of relationship for business layer and assurance case.

E1ICAW_2019_v17n2_117_f0003.png 이미지

Fig. 3. Model of relationship for business layer and assurance case in ArchiMate.

E1ICAW_2019_v17n2_117_f0004.png 이미지

Fig. 4. Example of a depend-on relationship.

E1ICAW_2019_v17n2_117_f0005.png 이미지

Fig. 5. Using ArchiMate to describe the dependency relationship.

E1ICAW_2019_v17n2_117_f0006.png 이미지

Fig. 6. Digital signature process in ArchiMate.

E1ICAW_2019_v17n2_117_f0007.png 이미지

Fig. 7. Depend-on relationships of the digital signature process in ArchiMate.

E1ICAW_2019_v17n2_117_f0008.png 이미지

Fig. 8. An assurance case for the digital signature process in ArchiMate.

E1ICAW_2019_v17n2_117_f0009.png 이미지

Fig. 9. Depend-on relationships between business actors.

Table 1. Mapping between the meta-model and ArchiMate elements

E1ICAW_2019_v17n2_117_t0001.png 이미지

Table 2. Comparison between ArchiMate and d*framework

E1ICAW_2019_v17n2_117_t0002.png 이미지

Table 3. Number of nodes and relationships in ArchiMate and d*framework

E1ICAW_2019_v17n2_117_t0003.png 이미지

References

  1. I. Sommerville, Software Engineering, 10th ed., Pearson, 2015.
  2. J. Jacobson, I. Booch, and G. Rumbaugh, Unified Modeling Language Reference Manual, Addison-Wesley Professional, 2004.
  3. S. Friedenthal, A. Moore, and R. Steiner, A Practical Guide to SysML, Third Edition: The Systems Modeling Language, Morgan Kaufmann, 2014.
  4. E. Yu, Social Modeling for Requirements Engineering, The MIT Press, 2011.
  5. S. Yamamoto and Y. Matsuno, "d* framework: Inter-dependency model for dependability," in Proceeding of International Conference on Dependable Systems and Networks, Boston, USA, 2012.
  6. The Open Group, ArchiMate 3.0 Specification, Van Haren Publishing, 2016.
  7. The Open Group, Dependability through $Assuredness^{TM}$ (O-DA) Framework, 2013.
  8. K. Tim and R. Weaver, "The goal structuring notation - a safety argument notation," in Proceeding of the Dependable Systems and Networks 2004 Workshop on Assurance Cases, 2004. -
  9. Y. Matsuno, J. Nakazawa, M. Takeyama, M. Sugaya, and Y. Ishikawa, "Toward a language for communication among stakeholders," in Proceeding of IEEE Pacific Rim International Symposium on Dependable Computing, Tokyo, Japan, 2010. DOI: 10.1109/PRDC.2010.47.
  10. T. Saruwatari, T. Hishino, and S. Yamamoto, "Method to share responsibility knowledge of dependability cases," in Proceeding of International Conference on Knowledge-Based and Intelligent Information & Engineering Systems, Kitakyushu, Japan, 2013. DOI: 10.1016/j.procs.2013.09.193.
  11. T. Kelly, Concepts and Principles of Compositional Safety Case Construction, COMSA, 2001.
  12. T. Saruwatari, S. Yamamoto, and Y. Matsuno, "A comparative study of d?framework and GSN," in Proceeding of IEEE International Symposium on Software Reliability Engineering, Pasadena California, United States, 2013. DOI: 10.1109/ISSREW.2013.6688913.
  13. T. Saruwatari and S. Yamamoto, "D* framework creation procedure from collaboration diagram," IT Convergence Practice, vol. 2, no. 2, pp. 43-54, 2014.
  14. T. Saruwatari and S. Yamamoto, "Creation of assurance case using collaboration diagram," in Proceeding of Asian Conference on Availability, Reliability and Security, Bali, Indonesia, 2014. DOI: 10.1007/978-3-642-55032-4_41.
  15. M. Lankhorst, Enterprise Architecture at Work - Modeling Communication and Analysis, Springer, 2013.
  16. G. Wierda, A Serious Introduction to the Archimate(r) Enterprise Architecture Modeling Language, R&A, 2014.
  17. L. Chung, B. A. Nixon, E. Yu, and J. Mylopoulos, Non-Functional Requirements in Software Engineering, Kluwer Academic Publishers, 2000.
  18. E. Grandry, C. Feltus, and E. Dubois, "Conceptual integration of enterprise architecture management and security risk management," in Proceeding of 17th IEEE International Enterprise Distributed Object Computing Conference Workshops, Vancouver, British Columbia, Canada, 2013. DOI: 10.1109/EDOCW.2013.19.
  19. M. Korman, T. Sommestad, J. Hallberg, J. Bengtsson, and M. Ekstedt, "Overview of enterprise information needs in information security risk assessment," in Proceeding of 18th IEEE International Enterprise Distributed Object Computing Conference, Ulm, Germany, 2014. DOI: 10.1109/EDOC.2014.16.
  20. S. Yamamoto and N. Kobayashi, "Mobile security assurance through ArchiMate," in Proceeding of International Symposium on Mobile Internet Security, Taichung, Taiwan, 2016. DOI: 10.1007/978-981-10-7850-7_2.
  21. W. Abbass, A. Baina, and M. Bellafkih, "Improvement of information system security risk management," in Proceeding of 4th IEEE International Colloquium on Information Science and Technology, Tangier, Morocco, 2016. DOI: 10.1109/CIST.2016.7805039.
  22. N. Mayer and C. Feltus, "Evaluation of the risk and security overlay of ArchiMate to model information system security risks," in Proceeding of IEEE 21st International Enterprise Distributed Object Computing Conference, Quebec City, Quebec, Canada, 2017. DOI: 10.1109/EDOCW.2017.30.
  23. S. Yamamoto, "An approach to assure dependability through ArchiMate," in Proceeding of International Conference on Computer Safety, Reliability, and Security, Delft, The Netherlands, 2014. DOI: 10.1007/978-3-319-24249-1_5.
  24. Q. Zhi, S. Yamamoto, and S. Morisaki, "IMSA - intra model security assurance," Journal of Internet Services and Information Security, vol. 8, no. 2, pp. 18-32, 2018. DOI: 10.22667/JISIS.2018.05.31.018.
  25. S. Yamamoto, Q. Zhi, and S. Morisaki, "A composite dependability for enterprise architecture," in Proceeding of International Conference on Knowledge-Based and Intelligent Information & Engineering Systems, Belgrade, Serbia, 2018. DOI: 10.1016/j.procs.2018.08.050.
  26. Y. Matsuno, H. Takamura, and Y. Ishikawa, "A dependability case editor with pattern library," in Proceeding of International Symposium on High Assurance Systems Engineering, San Jose, California, United States, 2010. DOI: 10.1109/HASE.2010.26.