• Proceedings of the Korea Information Assurance Society Conference
• /
• 2004.05a
• /
• pp.141-144
• /
• 2004

The Common Criteria (CC) philosophy is to provide assurance based upon an evaluation of the IT product or system that is to be trusted. Evaluation has been the traditional means of providing assurance. It is essential that not only the customer' srequirements for software functionality should be satisfied but also the security requirements imposed on the software development should be effectively analyzed and implemented in contributing to the security objectives of customer's requirements. Unless suitable requirements are established at the start of the software development process, the resulting end product, however well engineered, may not meet the objectives of its anticipated consumers. By the security evaluation, customer can sure about the quality of the products or systems they will buy and operate. In this paper, we propose a selection guide for If products by showing relationship between security engineering and security evaluation and make help user and customer select appropriate products or system.

• Nuclear Engineering and Technology
• /
• v.54 no.5
• /
• pp.1635-1643
• /
• 2022

STPA (System-Theoretic Process Analysis) is a widely used safety analysis technique to identify UCAs (Unsafe Control Actions) resulting in potential losses. It is totally dependent on the experience and ability of analysts to construct an information model called Control Structures, upon which analysts try to identify unsafe controls between system components. This paper proposes a formal approach to support the manual identification of UCAs, effectively and systematically. It allows analysts to mechanically extract Process Model, an important element that makes up the Control Structures, from a formal requirements specification for a software controller. It then concisely constructs the contents of Context Tables, from which analysts can identify all relevant UCAs effectively, using a software fault tree analysis technique. The case study with a preliminary version of a Korean nuclear reactor protections system shows the proposed approach's effectiveness and applicability.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.3
• /
• pp.65-75
• /
• 2019

Non-Functional Requirements (NFR) play a crucial role during the software development process. Currently, NFRs are considered more important than Functional Requirements and can determine the success of a software system. NFRs can be very complicated to understand due to their subjective manner and especially their conflicting nature. Self-adaptive systems (SAS) are operating in dynamically changing environment. Furthermore, the configuration of the SAS systems is dynamically changing according to the current systems context. This means that the configuration that manages the trade-off between NFRs in this context may not be suitable in another. This is because the NFRs satisfaction is based on a per-context basis. Therefore, one context configuration to satisfy one NFR may produce a conflict with another NFR. Furthermore, current approaches managing Non-Functional Requirements trade-off stops managing them during the system runtime which of concern. To solve this, we propose fragmentizing the NFRs and their alternative solutions in form of Multi-entity Bayesian network fragments. Consequently, when changes occur, our system creates a situation specific Bayesian network to measure the impact of the system's conditions and environmental changes on the NFRs satisfaction. Moreover, it dynamically decides which alternative solution is suitable for the current situation.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.31 no.4
• /
• pp.100-105
• /
• 2008

Cost reduction, time to market, and quality improvement of software product are critical issues to the software companies which try to survive in recent competitive market environments. Software Product Line Engineering (SPLE) is one of the approaches to address these issues. The goal of software product line is to maximize the software reuse and achieve the best productivity with the minimum cost. In software product line, software components are classified into the common and variable modules for composition work. In this paper, we proposed a dynamic composition process based on aspect-oriented programming methodology in which software requirements are classified into the core-concerns and cross-cutting concerns, and then assembled into the final software product. It enables developers to concentrate on the core logics of given problem, not the side-issues of software product such as transactions and logging. We also proposed useful composition patterns based on aspect oriented programming paradigm. Finally, we implemented a prototype of the proposed process using Java and Aspect to show the proposed approach's feasibility. The scenario of the prototype is based on the embedded analysis software of telecommunication devices.

• KIPS Transactions on Software and Data Engineering
• /
• v.12 no.7
• /
• pp.285-294
• /
• 2023

As software grows continuously in scale and complexity, the role of software architecture has become increasingly important across various industries. Although software architects often rely on their experience and intuition when designing such architecture, there is a variety of methodologies being researched for architecture design. However, these methodologies do not address the specific effects of applying multiple architectural patterns to a system or the sequence in which they should be applied. In this study, we explain the variation in architectural design results depending on the order in which the same set of architectural patterns is applied to a single system. Based on this phenomenon, we identify requirements for applying architectural patterns and propose a method of classifying the patterns to be applied. We also propose a prioritization process for requirements to efficiently apply the classified patterns in a specific order. Finally, we show a case study that prioritizing requirements based on architectural pattern types is beneficial for efficient software architecture design in terms of quality attributes.

• Journal of Internet Computing and Services
• /
• v.22 no.3
• /
• pp.59-66
• /
• 2021

This study proposes a requirements monitoring method that systematically performs traceability management and change management for requirements in order to improve the quality of software systems in the software development process. To this end, we present the artifact change history management models to systematically perform change management for individual artifacts and the traceability matrixes to define the relationship between artifacts. It also proposes a visual dashboard that makes it easy to grasp the situation in which changes are propagated to related artifacts when specific artifacts change.

• Journal of Korean Society for Quality Management
• /
• v.34 no.3
• /
• pp.1-18
• /
• 2006

CMMI(Capability Maturity Model Integration) has been recognized as a critical method to validate the competitiveness of software development organization since its introduction. CMMI imposes additional requirements on the software development organization which has been established and certified to the ISO 9001 quality management system. This paper reviews the similarities and differences between CMMI and ISO 9001. This paper also examines what ate required to deploy the CMMI on the aircraft software development organization which has been certified to ISO 9001. The results of this study will help software development organization to provide the direction for implementing CMMI. Some suggestions are presented to identify and strengthen the weak portion of the software process quality management system.

• Journal of the Korean Society of Industry Convergence
• /
• v.25 no.2_2
• /
• pp.247-255
• /
• 2022

Robot Process Automation (RPA) is a computer technology called Robotic Process Automation, a form of business process automation based on the concept of software robots or artificial intelligence (AI) walkers. In general, in traditional workflow automation tools, software developers design software that creates a set of actions to automate tasks and interfaces for the back-end systems using internal APIs or dedicated script languages. However, in RPA software, automation can be implemented by configuring an operating processor as if the general user is directly performing the task of the application. In other words, it can be said that it is a suitable development method for automating simply repetitive tasks rather than developing specific programs in which all necessary functions are implemented, as in general software development. Thus, this is more appropriate for configuring and automating RPA software in traditional manufacturing companies that are not easy to develop and apply smart factories or high-end AI software. Therefore, this research aims to analyze the requirements required at the actual manufacturing companies, focusing on the manufacturer's case in Changwon, Gyeongsangnam-do, called SinceWin Co., Ltd., and to examine the possibility of RPA software in the manufacturing companies by implementing actual RPA software that supports office automation. Through the research, it was confirmed that the actually implemented RPA software met the requirements of the company and helped manufacturer practice significantly by automating the parts that were worked error-prone and manually periodically.

• International Journal of Computer Science & Network Security
• /
• v.21 no.7
• /
• pp.191-204
• /
• 2021

The software development life cycle (SDLC) is a procedure used to develop a software system that meets both the customer's needs and real-world requirements. The first phase of the SDLC involves creating a conceptual model that represents the involved domain in reality. In requirements engineering, building such a model is considered a bridge to the design and construction phases. However, this type of model can also serve as a basic model for identifying business processes and how these processes are interconnected to achieve the final result. This paper focuses on process modeling in organizations, per se, beyond its application in the SDLC when an organization needs further documentation to meet its growth needs and address regular changes over time. The resultant process documentation is created alongside the daily operations of the business process. The model provides visualization and documentation of processes to assist in defining work patterns, avoiding redundancy, or even designing new processes. In this paper, a proposed diagrammatic representation models each process using one diagram comprising five actions and two types of relations to build three levels of depiction. These levels consist of a static description, events, and the behavior of the modeled process. The viability of a thinging machine is demonstrated by re-modeling some examples from the literature.

• 제어로봇시스템학회:학술대회논문집
• /
• 2000.10a
• /
• pp.416-416
• /
• 2000

The Systems Engineering, as a methodology for engineering and management of today's ever-growing complex system, is a comprehensive and iterative problem-solving process. The process centers on the analysis and management of the stakeholders'needs throughout the entire Life-cycle of a system and searches for an optimized system architecture. There are many essential needs and requirements to be met when a system development task is carried out. Systems Engineering Management PLan(SEMP), as a specification for system development process, must be established to satisfy constraints and requirements of stakeholders successfully and to prevent cost overrun and schedule delay. The paper suggests a systematic SEMP development process and demonstrates a data model and schema for computer-aided systems engineering software, RDD-100, for use in the development and management of SEMP These are being applied to the systems engineering technology development task for the next-generation high-speed railway systems in progress.