• Title/Summary/Keyword: Software risk

Search Result 873, Processing Time 0.029 seconds

A Study of Risk Analysis Model on Web Software (웹 소프트웨어의 위험분석 모델에 관한 연구)

  • Kim, Jee-Hyun;Oh, Sung-Kyun
    • Journal of the Korea Society of Computer and Information
    • /
    • v.11 no.3
    • /
    • pp.281-289
    • /
    • 2006
  • Even though software developing environment has been changing to Web basis very fast, there are just few studies of quality metric or estimation model for Web software. In this study after analyzing the correlation between the risk level and property of objects using linear regression, six middle sized industrial system has been used to propose the correlation model of size and Number of Classes(NOC), size and Number of Methods(NOM), complexity and NOC, and complexity and NOM. Among of six systems 5 systems(except S06) have high correlation between size(LOC) and NOM, and four systems(except S04 & S06) have high correlation between complexity and NOC / NOM. As Web software architecture with three sides of Server, Client and HTML, complexity of each sides has been compared, two system(S04, S06) has big differences of each sides compleity values and one system(S06) has very higher complexity value of HTML, So the risk level could be estimated through NOM to improve maintenance in case of that the system has no big differences of each sides complexity.

  • PDF

Study on Risk Analysis for Software Functional Safety of Marine Navigational Equipment (항해장비 소프트웨어 기능안전성 확보를 위한 위험분석 단계 연구)

  • Lim, Sang-Woo;Lee, Seojeong;Yang, Hoi-seok
    • Journal of Digital Contents Society
    • /
    • v.18 no.2
    • /
    • pp.393-401
    • /
    • 2017
  • As the importance of software in various industry areas has been increased, the number of accidents related to software safety are growing up. The key industries such as railroads, aviation and medicine, recommend IEC 61508 and international safety standards for their own to achieve functional safety and reduce the issues caused by that. For equipment of ship navigation, there are not any particular standards or guidance which Korean users can introduce as considering software functional safety. This article defines the procedure and outcomes of the risk analysis in order to secure software functional safety in marine navigational equipment and applies them to an echo sounder as a case study.

The software design for the aircraft and the similar game environment construction (항공기와 유사한 게임 개발환경 구축을 위한 소프트웨어 설계)

  • Kim, Hyo-gwan;Han, Gyu-Seok;Jang, Won;Choi, Min-Hyung;Choi, Young-Gyu
    • The Journal of Korea Institute of Information, Electronics, and Communication Technology
    • /
    • v.6 no.2
    • /
    • pp.101-104
    • /
    • 2013
  • The actual aircraft flight training can be done, but falls pilots primary flight training skills to the many risks and costs are formidable. It also requires considerable skill to follow at a higher risk of flight training is the same. These things through software simulation training can reduce the risk and cost of the expected risk situations such as virtual reality development and has the advantage that you can try. In this paper, the characteristics and actual aircraft flight dynamics of the considered armed ballistics software platform for game development by designing a student wants to become a pilot in the aircraft is to help you understand.

RELIABILITY ANALYSIS OF DIGITAL SYSTEMS IN A PROBABILISTIC RISK ANALYSIS FOR NUCLEAR POWER PLANTS

  • Authen, Stefan;Holmberg, Jan-Erik
    • Nuclear Engineering and Technology
    • /
    • v.44 no.5
    • /
    • pp.471-482
    • /
    • 2012
  • To assess the risk of nuclear power plant operation and to determine the risk impact of digital systems, there is a need to quantitatively assess the reliability of the digital systems in a justifiable manner. The Probabilistic Risk Analysis (PRA) is a tool which can reveal shortcomings of the NPP design in general and PRA analysts have not had sufficient guiding principles in modelling particular digital components malfunctions. Currently digital I&C systems are mostly analyzed simply and conventionally in PRA, based on failure mode and effects analysis and fault tree modelling. More dynamic approaches are still in the trial stage and can be difficult to apply in full scale PRA-models. As basic events CPU failures, application software failures and common cause failures (CCF) between identical components are modelled.The primary goal is to model dependencies. However, it is not clear which failure modes or system parts CCF:s should be postulated for. A clear distinction can be made between the treatment of protection and control systems. There is a general consensus that protection systems shall be included in PRA, while control systems can be treated in a limited manner. OECD/NEA CSNI Working Group on Risk Assessment (WGRisk) has set up a task group, called DIGREL, to develop taxonomy of failure modes of digital components for the purposes of PRA. The taxonomy is aimed to be the basis of future modelling and quantification efforts. It will also help to define a structure for data collection and to review PRA studies.

Human Risk Assessment of a Contaminated Site Using Korean Risk-Based Corrective Action (K-RBCA) Software (한국형 소프트웨어를 이용한 유류.중금속 복합오염지역의 인체위해성평가 및 RBCA Tool Kit과의 비교분석)

  • Nam, Taek-Woo;Ryu, Hye-Rim;Kim, Young-Jin;Ko, Seok-Oh;Baek, Ki-Tae;Nam, Kyoung-Phile
    • Journal of Soil and Groundwater Environment
    • /
    • v.16 no.1
    • /
    • pp.32-41
    • /
    • 2011
  • By using a newly developed Korean risk-based corrective action (K-RBCA) software (K-RBCA) and the RBCA Tool Kit, risk assessment was performed on a site that was contaminated with aromatic hydrocarbons and heavy metals. Eight chemicals including benzene, ethylbenzene, xylenes, naphthalene, benz(a) anthracene, benzo(b) fluoranthene, benzo(a) pyrene, and arsenic that exceeded the US EPA Soil Screening Level were chosen as the target pollutants. A conceptual site model was constructed based on the site-specific effective exposure pathways. According to the RBCA Tool Kit the carcinogenic risk of arsenic was larger than $10^{-6}$, which is the generally acceptable carcinogenic risk level. The K-RBCA estimated the same level of carcinogenic risk for arsenic. With the RBCA Tool Kit, the carcinogenic risk of benzo(a) pyrene was estimated to be about $1.3{\times}10^{-6}$. However, with the K-RBCA benzo(a) pyrene did not exhibit any risk. The inconsistency between the softwares was attributed to the different fundamental settings (i.e., medium division) between the two softwares. While the K-RBCA divides medium into surface soil, subsurface soil, and groundwater, the RBCA Tool Kit divides medium into only soil and groundwater. These differences lead to the different exposure pathways used by the two softwares. The K-RBCA considers the exposure pathways in surface soil and subsurface soil separately to estimate risk, however, the RBCA Tool Kit considers the surface soil and subsurface soil as one and uses the integrated exposure pathways to estimate risk. Thus the resulting risk is higher when the RBCA Tool Kit is used than when the K-RBCA is used. The results from this study show that there is no significant difference in the risks estimated by the two softwares, thus, it is reasonable to use the K-RBCA we developed in risk assessment of soil and groundwater. In addition, the present study demonstrates that the assessor should be familiar with the characteristics of a contaminated site and the assumptions used by a risk assessment software when carrying out risk assessment.

Guidelines for Project Quality Management System (프로젝트 품질경영시스템 지침)

  • Choi Sung-Woon
    • Proceedings of the Safety Management and Science Conference
    • /
    • 2006.04a
    • /
    • pp.525-544
    • /
    • 2006
  • This paper is to introduce guidelines for project quality management system. International standards such as ISO 10006, IEC 62198, ISO/IEC TR 16326 and ISO 15188 are considered. This study is to discuss guidelines for quality management in projects, and application guidelines for project risk management, and guide for the application of ISO/IEC 12207 to software project management, and project management guidelines for terminology standardization.

  • PDF

Study on evaluating risk factors under software partitioning order (소프트웨어 분할 발주하에서의 위험요인 평가에 관한 연구)

  • Cha, Hwan-Ju;Kim, Ja-Hee;Kim, Woo-Jae
    • 한국IT서비스학회:학술대회논문집
    • /
    • 2009.11a
    • /
    • pp.499-504
    • /
    • 2009
  • 최근 공공기관에서는 소프트웨어 산업의 선진화를 위하여 소프트웨어 분할발주 제도를 도입 검토하고 있다. 성공적인 제도 도입을 위해 사전에 고려해야 하는 사항을 제도 도입시 예상되는 위험요인 도출 및 분석, 평가를 통해 파악하고자 한다. 먼저 문헌연구를 통해 소프트웨어 산업의 일반적인 위험요인을 바탕으로, 설문조사를 통해 분할발주 하에서의 위험요인의 영향도 변화 파악 및 추가 위험요인을 도출한다. 이를 바탕으로 AHP기법을 통해 위험요인간 우선순위를 분석하여 위험요인 평가모델을 제시한다.

  • PDF

Hazard Analysis Process Based on STPA Using SysML (SysML을 이용한 STPA 기반의 위험원 분석 프로세스)

  • Choi, Na-yeon;Lee, Byong-gul
    • Journal of Internet Computing and Services
    • /
    • v.20 no.3
    • /
    • pp.1-11
    • /
    • 2019
  • Today's software systems are becoming larger and more complicated, and the risk of accidents and failures have also grown larger. Software failures and accidents in industrial fields such as automobiles, nuclear power plants, railroad industries, etc. may lead to severe damage of property and human life. The safety-related international standards, such as IEC 61508 have been established and applied to industries for decades. The safety life cycle specified in the standards emphasize the activities to develop safety requirements through hazard and risk analysis in the early stage of software development. In this paper, we propose 'Hazard Analysis Process based on STPA using SysML' in order to ensure the safety of software at the early stage of software development. The proposed hazard analysis can be effectively performed minimizing the loss of hazard by using the BDD and the IBD of SysML to define the control structure of a system. The proposed method also improves the specification of the safety constraints(requirement) by using SD. As a result, it is possible to identify the hazard without missing and identify the hazard scenarios in detail, and safety can be sufficiently ensured in the early stage of software development.

A Study on Implementation of Risk Based Inspection Procedures to a Petrochemical Plant (RBI 절차의 석유화학 플랜트 적용에 관한 연구)

  • Song, Jung-Soo;Shim, Sang-Hoon;Kim, Ji-Yoon;Yoon, Kee-Bong
    • Transactions of the Korean Society of Mechanical Engineers A
    • /
    • v.27 no.3
    • /
    • pp.416-423
    • /
    • 2003
  • During the last ten years, the need has been increased for reducing maintenance cost for aged equipments and ensuring safety, efficiency and profitability of petrochemical and refinery plants. RBI (Risk Based Inspection) methodology is one of the most promising technologies satisfying the need in the field of integrity management. In this study, a user-friendly software, realRBl for RBI based on the API 581 code was developed. This software has modules for evaluating qualitative and semi-quantitative risk level, analyzing quantitative risks using the potential consequences of a failure of the pressure boundary, and assessing the likelihood of failure. A quantitative analysis was performed for 16 columns in a domestic NCC (Naphtha Cracking Center) plant whose operating time reaches about 12 years. Each column was considered as two equipment parts by dividing into top and bottom. Generic column failure frequencies were adjusted based on likelihood data. After determining release rate, release duration and release mass for each failure scenario, flammable/explosive and toxic consequences were assessed. Current risks for 32 equipment parts were evaluated and risk based prioritization were determined as a final result.

Implementing Software Risk Management Process based on CMMI (CMMI기반의 소프트웨어 리스크 관리 프로세스 구축)

  • Do, Sung-Ryong;Han, Hyuk-Soo
    • Journal of Convergence Society for SMB
    • /
    • v.1 no.1
    • /
    • pp.45-53
    • /
    • 2011
  • There are always many kinds of risks in software development such as frequent changes of requirements. Especially those risks related to the software characteristic of non-visibility can be threat to the project success. That lead us to the need of process implementation to reduce and minimize those risks. Although, most of the organization recognizes the importance of risk management, actual implementation requires professional knowledge in this area. CMMI, the de facto standard in process reference model, also emphasizes on risk management process area but only provides goals and practices to be implemented, not detail procedure and methods. In this paper, we developed Risk management implementation model based on IDEAL, the process improvement model based on CMMI. The proposed model will help the organizations to implement risk management process which is proper to their situation in the factor of organization size and project characteristics.

  • PDF