Sommerville I. Software Engineering (9th edition)
Подождите немного. Документ загружается.
754 Subject Index
embedded software systems, (continued)
RUP and, 53
simulators and, 196
embedded systems design, 540–47
embrace change (agile manifesto), 60
emergent system properties, 268, 269–71, 286
enduring requirements, 112
enterprise application frameworks, 432
Enterprise Java Beans (EJB), 432, 454, 455, 458, 496
Enterprise Resource Planning systems. See ERP
systems
entertainment systems, 11
entity-oriented services, 519
environmental adaptation, 243–44
Environmental Control pattern, 548, 550–52
environment assessment, 255
environments (see also IDEs)
architectural patterns and, 156
CASE tools and, 37, 58, 174, 597, 602
environment workflows, 52
work, 613
environment specialization (software product lines), 436
equipment inventory system, 579
equity trading system, 379, 389
equivalence partitioning, 214–15
ergonomics, systems engineering and, 275
ERP (Enterprise Resource Planning) systems, 7, 429,
430, 442, 443, 444, 448, 450, 451, 671
error-prone constructs, 359–61, 364
errors
human, 282–84, 286, 297
operator, 263, 270, 282, 312, 321
timing, 217–18
error tolerance, 293
esteem needs, 604
estimation risks, 598, 599
estimation techniques (project planning), 633–46
algorithmic cost modeling, 634, 635–37
COCOMO II model, 248, 464, 637–45
experience-based techniques, 634
ethical/professional responsibility, 14–17, 24
ethnography, 108–9, 715
E-type systems, 240
event-based controls, 164
event-driven modeling, 135–38
event metrics, 711–12, 729
evolution (software evolution), 6, 9, 24, 28, 43,
234–60
defined, 53
development v., 43, 235–36, 257
diagram, 44
maintenance and, 8, 24, 43
processes, 237–40
program evolution dynamics, 240–42
refactoring and, 44, 66, 71, 250–52
servicing and, 236–37
spiral model of, 235–36, 257
system evolution v., 284–85
exceptions
handlers for, 357–59
process, 718
executable system creation, 695
Executable UML (xUML), 142
experience-based techniques (estimation techniques), 634
experience-based testing, 405
explicit security policies, 380–81
exposure, 303, 304
exposure assessment (security requirements), 331
exposure limitation and recovery, 305
extensions, core systems with, 576–77
external requirements, 88–89
extreme programming (XP), 64–72, 77
acceptance testing and, 230
agile methods and, 59
continuous integration and, 65, 66, 68, 76, 78, 697,
698
principles/practices, 66
project planning and, 632–33
release cycle in, 65
requirements engineering and, 36, 38
test-first development and, 66, 68, 69–70, 223, 231
user requirements in, 69, 78
F
Façade pattern, 192
failure propagation, 270
failures
hardware, 290
human errors and, 282–84, 286, 297
operational, 263, 270, 282, 291, 312, 321
software, 4, 12, 48, 265–66, 270, 290, 291, 294, 297,
300, 320, 321, 327, 333, 349, 411, 467, 480
fat-client model, 492
fault (system faults), 297
avoidance, 299, 342
detection and removal, 299, 342
repair, 243–44
tolerance, 299, 342
Subject Index 755
fault tree analysis, 317–19, 336
feasibility assessment (security requirements), 331
feasibility studies, 37, 100
film library, 162
floating-point numbers, 359
formal logic (hazard analysis), 317
formal methods (software development), 32, 49, 95,
139, 333, 337, 396
B method, 32, 55, 335, 396
MDE and, 139
system models, 334
verification and, 395–97
formal specifications, 95, 333–36, 337
formal verification, 340, 396, 397, 398, 405,
406
4+1 view model, 120, 145, 153, 175
functional emergent properties, 269–71
functional reliability specification, 328
functional requirements, 84–87, 115, 310
functional specialization (software product lines),
436
function reuse, 426
G
‘Gang of Four,’ 190, 191, 192
gas pump (state machine model), 545
generalization 131–33, 185–6, 190, 201
generator-based reuse, 431
generic development process, 53, 178
generic software products, 6–7
glue code, 468, 469, 476
GNU build system, 196
GNU General Public License (GPL), 200
Gnutella, 499
Goal-Question-Metric (GQM), 674, 712–13,
730
go-to statements, 359, 364, 585
GPS receiver, 512, 513
GQM (Goal-Question-Metric), 674, 712–13,
730
graphical models. See models
groups, 607–14
communications, 613–14
composition (case study), 610
organization, 610–13
growth modeling, reliability, 402–3
guideline-based testing, 213
guidelines
hiring, 611
dependable programming, 355–63
system security, 380–85
H
handlers, exceptions, 357–59
hardware reliability, 270
hazard, 301
assessment, 314–17
avoidance, 301–2, 319
detection and removal, 302, 319
identification, 314
logs, 409–10
probability, 301
severity, 301
hazard-driven approach to requirements derivation,
336
heterogeneity challenge, 10
high-availability systems, 152, 198, 295,
325, 351
high speed data acquisition systems, 553, 554,
560, 569
honesty (people management), 603
host-target development, 193, 196–98, 202
human errors, 282–84, 286, 297
human needs hierarchy, 604
I
ICASE, 639
identification requirements, 329
IDEs (Interactive Development Environments)
defined, 37, 197
ECLIPSE environment and, 37, 68, 80, 197, 204,
251, 523
general-purpose, 197
host-target development and, 193, 196–98, 197,
202
repository architecture for, 159, 160
IEC 61508 safety life cycle, 347
IEC (International Electrotechnical Commission)
standard for safety management, 313
immunity requirements, 329
756 Subject Index
implementation (system implementation), 10, 12, 24,
28, 38–41, 53, 193–98
design and, 38–41, 53, 176–78, 193–98, 201
issues, 193–98
life-cycle phase, 31
workflow, 52, 529–33
improvement. See process improvement
improvement identification and prioritization (process
change process), 719
in-car information system, 512–13
inception phase (RUP), 50–51
incremental delivery, 34, 44, 47–48, 60
incremental development, 30, 32–34, 53, 58, 67, 69
incremental integration, testing and, 219
incremental planning (XP), 66
independent development, 691
informal safety argument (insulin pump), 416–17
information systems, 18, 167–69
inheritance, 132, 184, 185, 186, 190, 203, 212, 360,
364, 432, 435, 670, 674
input/output mapping, 298
input/output messages (UML), 524
input processing, default, 360–61
inputs, validity checks of, 356–57, 383
insider attacks, 369
inspection checklist, 667
inspections, 208–9, 218, 585, 663–68. See also
reviews
insulin pump control system, 18–20
activity model of, 19, 135
dependability properties for, 293
failure in, 327
fault tree analysis for, 317–19
formal specification for, 334
hardware components (diagram), 19
hazard log for, 410
hazards in, 314
informal safety argument and, 416–17
insulin dose computation (with safety checks) in,
415
order processing diagram in, 135
requirements specification for, 96
risk classification for, 316–17
safety claim hierarchy for, 414
safety requirements for, 320
structured arguments and, 412–13
structured requirement specification of, 97
tabular specification and, 98
integration, reuse and, 35
integrity requirements, 329
intellectual property rights, 14
interaction models, 124–28, 179–81, 485–86
interaction-oriented people, 606
Interactive Development Environments. See IDEs
interactive transaction-based applications, 11
interception, 483
interface design, 39, 188, 189
interface misunderstanding, 217
interface misuse, 217
interfaces
component, 188–89, 201, 216–18
service, 534
interface specification, 188–89
interface testing, 217
internal/external software relationships, 670
International Electrotechnical Commission (IEC)
standard for safety management, 313
Internet banking system, 494
Internet worm, 305, 308, 383, 392
interpreting measurements, 676–77, 713
interrupts, 360, 483
interviewing, 104–5, 715
intolerable risks, 315
introspection (process analysis), 716
intrusion detection requirements, 330
inventory management system, 581
inversion of control, in frameworks, 434
ISO 92001 standards framework, 660–63
iterative development/delivery, 45, 52, 53
Iterator pattern, 192
J
J2EE, 36, 141, 454
Java
embedded systems development and, 546
program testing, 222
real-time systems development and, 547
join points, 571–75, 587
JUnit, 42, 55, 70, 81, 197, 212, 222, 232, 444, 695
L
language processing systems, 166, 169–72
latent conditions, 283
layered architecture pattern, 157–59, 167–69, 172
Subject Index 757
layered protection architecture, 378
learning (process analysis), 716
legacy systems
management, 245, 252–57, 285
service interfaces and, 525–27, 534
wrapping, 250, 430, 464, 526
Lehman’s laws, 240–42, 257
Lesser General Public License, GNU, 200
LIBSYS, 158–59
licensing
open source, 200–201
software engineers and, 408
life cycles
risk analysis, 312, 330
safety, 347
software, 30–32
Linux, 199, 200, 204, 367, 383, 392, 436,
558, 563
logical view, 153, 172
logs, 382–83, 409–10
M
mainline, 684
maintainability, 8, 18, 24, 90, 149, 152, 178, 209, 244,
245, 247, 293, 709
maintenance (software maintenance), 8, 24, 43,
242–52
agile methods and, 61–62
architectural design and, 152–53
/development costs, 244, 257
development v., 43
effort distribution, 244
life-cycle phase, 31
prediction, 246–48
types of, 243, 257
make utility (Unix), 196
malware, 14, 290, 501
management (software management), 12, 24, 591–92.
See also configuration management; people
management; process improvement; project
management; project planning; quality
management
manifesto, agile, 56, 59, 60, 141, 688, 708
master-slave architectures, 490–91
mathematical specifications, 95. See also formal
methods.
MDA. See model-driven architecture
MDD. See model-driven development
MDE. See model-driven engineering
measurement. See also metrics
ambiguity in, 676–77, 713
controller/predictor, 669
interpreting, 676–77, 713
process measurement, 711–14, 729
medical records system. See MHC-PMS
Mental Health Care-Patient Management System. See
MHC-PMS
merging, 684, 693
message passing interfaces, 217
metrics
AVAIL, 332–34, 336
event, 711–12, 729
GQM approach, 674, 712–13, 730
for non-functional requirements, 90
product, 672–73
for reliability, 322–24, 336
resource utilization, 711–12, 729
software measurement and, 668–77
static software product, 673
time, 711–12, 729
MHC-PMS (Mental Health Care-Patient Management
System), 20–22
aggregation association in, 133
AOSE and, 571–75
asset analysis (risk assessment report) for,
332–33
class diagrams and, 130, 131
context model of, 122
dose checking test case, 69, 70
functional requirements in, 83, 84, 85, 86
generalization hierarchy and, 132, 133
goals of, 20–21, 272
key features of, 21
layered architecture pattern in, 158, 167–69
non-functional requirements in, 89
organization (diagram) of, 20
privacy and, 21–22
process model of involuntary detention in, 123
requirements-based testing and, 225
safety and, 21–22
scenario in, 106
scenario testing and, 226
security concepts and, 303–4
sequence diagrams and, 126–28
stakeholders for, 103
story cards and, 66, 67
success criteria and, 272–73
task cards and, 68, 69
758 Subject Index
MHC-PMS (continued)
threat and control analysis for, 333
use case modeling and, 124, 125, 126
use cases for, 107
Microsoft driver verification system, 336, 400
microwave oven, 11, 136–38, 538, 545
middleware, 196, 264, 432, 487–88
minimization strategies (risk management), 601
model checking, 334, 339, 395, 396, 397–98, 417
Model component (MVC), 155
model-driven architecture (MDA), 138–41
model-driven development (MDD), 40
model-driven engineering (MDE), 138–42,
143, 430
models, 11, 95, 118–46
activity, 19, 29, 120, 135, 143, 718
agile modeling, 59, 80, 120, 145
algorithmic cost modeling, 635–37
behavioral, 133–38, 143
broadcast, 182
component, 458–61
context, 121–24, 142, 179–81
continuous CMMI, 727–28
data-driven, 134–35
dynamic, 129, 179, 185, 186, 201
event-driven, 135–38
fat-client, 492
formal system, 334
generalization, 131–33, 201
interaction, 124–28, 179–81, 485–86
P-CMM, 606, 722
process, 29–36, 53, 718, 729
real-time system, 544–46
reliability growth, 402, 403
semantic data, 93, 130, 145
Software CMM Maturity model, 644, 683, 721,
722, 727
staged CMMI, 725–27
state machine, 186, 187, 201, 397, 398, 545
static, 129, 186, 201
structural, 129–33, 143, 185
subsystem, 185, 186
‘Swiss cheese,’ 283–84, 286
Systems Engineering Capability Model, 722, 731
of testing process, 210
thin-client, 492
use case, 100, 120, 124–26, 142, 180, 181
Model-View-Controller. See MVC
modification attack, 483
modification timestamps, 696
motivation (people management), 603–7
multi-tier client-server architectures, 493–95
MVC (Model-View-Controller), 155, 156, 157, 159,
432–33
MySQL, 199, 433
N
natural language specification, 94, 96–97
.NET framework, 36, 141, 430, 432, 454, 458, 459,
466, 496, 584
neutron flux data acquisition, 554
non-determinism, 268, 271–72, 282
non-functional
emergent properties, 269–71
reliability requirements, 324–28
requirements, 85, 87–91, 115, 310
non-repudiation requirements, 330
nuclear systems, 17
N-version programming, 95, 352–53
O
object classes, 182–84, 189
object constraint language (OCL), 142, 189, 472–73
objective setting (spiral model), 49
object level reuse, 194, 426
Object Management Group (OMG), 138, 139
object-oriented
design, 178–89, 201
requirements analysis, 100, 129
Objectory method, 106
Observe and React pattern, 547, 548–60
Observer pattern, 190, 191, 192, 433
OCL (object constraint language), 142, 189, 472–73
OilSoft example, 622–23
OMG (Object Management Group), 138, 139
on-site customers (XP), 66
open source development, 198–201, 202
operational profiles, 227, 402–3, 404, 417, 418
operation incompatibility, 469
operation incompleteness, 469
operation/maintenance (life-cycle phase), 31
operation stage (sociotechnical systems), 273–74,
281–85, 286
operator errors, 263, 270, 282, 291, 312, 321
Subject Index 759
operator reliability, 270
Oracle, 164
organizational constraints (process analysis), 716
organizational design patterns, 155
organizational requirements, 88–89
organizational risks, 598, 599
organizational security policy, 332
overhead costs, 620
OWL-S, 525, 536
P
p2p architectures. See peer-to-peer architectures
packing robot control system, 148, 149
pair programming, 66, 71–72
parallelism, 360
parameter incompatibility, 469
parameter interfaces, 216
partition testing, 213–15
password checkers, 405
path testing, 216
patient information system. See MHC-PMS
patient records system (PRS), 125, 127, 128
patterns (design patterns), 189–93, 430
P-CMM (People Capability Maturity Model), 606, 722
peer-to-peer (p2p) architectures, 498–501
People Capability Maturity Model (P-CMM), 606, 722
people management, 595, 602–7
people risks, 598, 599
performance
architectural design and, 152
testing, 227
periodic stimuli, 540–41
personality types, 606
person approach (human errors), 282
Petri net analysis, 317
petrol pump (state machine model), 545
PharmaSoft example, 621–22
photo library, 472–74
physical view, 154, 172
physiological needs, 604
PIMs (platform independent models), 140, 141
pipe and filter compiler architecture, 170, 171
pipe and filter pattern, 162, 163–64, 172
plan-driven development
agile methods v., 62–64, 77, 623
processes, 29, 30, 42, 43, 62–64, 77
project planning and, 623–26
planning. See also project planning
incremental, 66
requirements management planning, 112–13
risk, 597, 600–602
Scrum and, 56, 57, 59, 72–74, 78, 631, 632
spiral model and, 49
test, 209, 349, 407
planning game, 632–33
platform independent models (PIMs), 140, 141
platform-level protection, 377, 378
platform specialization (software product lines), 436
platform specific models (PSMs), 140, 141
plug-ins, 197, 440
POFOD (probability of failure on demand), 322–24,
336
pointcuts, 571–75, 587
pointers, 359–60
polymorphism, 190, 251, 435
post-architecture model, 642–45
post/pre-conditions (software processes), 28
practice perspective (RUP), 50, 52–53
prediction, maintenance, 246–48
predictor/controller measurements, 669
preliminary risk analysis, 312, 330
pre/post-conditions (software processes), 28
preventative maintenance. See refactoring
primary safety-critical software, 300
privacy
MHC-PMS and, 21–22
requirements, 330
probability of failure on demand (POFOD), 322–24,
336
problem tracking, 196
procedural interfaces, 217
process (software processes), 12, 27–55
activities, 6, 9, 28, 36
analysis, 710, 714, 715–18
assurance, 406–10
change, 710, 718–21
agile manifesto and, 60, 65
CBSE, 461–68
characteristics, 346, 709
defined, 9, 24, 53
dependable, 345–48
evolution, 237–40
for safety assurance, 408–10
standardization and, 29, 346, 658, 659, 709
exceptions, 718
process improvement, 29, 705–31
agile methods and, 706, 728
approaches to, 706, 728
760 Subject Index
process (continued)
CMMI process improvement framework, 721–28,
729
goals of, 709, 728
improvement cycle, 710–11, 729
improvement process, 708–11
maturity approach, 706, 728
measurement, 710, 711–14, 729
models, 29–36, 53, 718, 729
Process Pipeline pattern, 548, 552–53
quality (process-based), 657
specialization (software product lines), 436
standards, 29, 346, 658, 659
training stage, 720
view, 154, 172
procurement/acquisition stage (sociotechnical systems),
273–74, 275–77, 286
producer-consumer pattern, 182, 544
product instance development, 438
productivity, software, 638
product
metrics, 672–73
requirements, 88–89
risks, 596–97
software processes outouts, 28
standards, 658, 659
professional/ethical responsibility, 14–17, 24
professional software development. See development
profiles, operational, 227, 402–3, 404, 417, 418
program architectures. See application architectures
program evolution dynamics, 240–42
program generators, 430
program inspections, 208–9, 218, 585, 666–68. See
also reviews
program libraries, 430
programmer/tester pairs, 210–11
programming. See also extreme programming
aspect-oriented, 580–84
egoless, 71
guidelines, 355–63
real-time, 546
techniques/activities, 12, 40–41
program structure improvement, 249
project duration/staffing (COCOMO II), 645–46
project management, 593–617
activities of, 595
agile, 72–74
workflow, 52
project planning, 595, 618–50
agile methods and, 631–33
estimation techniques, 633–46
plan-driven development and, 623–26
process, 624–26
scheduling and, 626–30
software pricing and, 621–23
supplements, 624
project plans, 623–24
project risks, 596–97
proposal writing, 595
protection architecture, layered, 378
protection systems, 349–50
prototyping (system prototyping), 44, 45–46, 53, 109,
111
PSMs (platform specific models), 140, 141
Python, 79, 160, 170, 177, 178, 432
Q
QoS. See quality of service
quality management, 651–80
software measurement/metrics and, 668–77
software quality and, 655–57
software standards and, 657–63
quality of service (QoS), 484, 504
quality of service extensions, 576
quantitative reliability specifications, 324–26
questionnaires, 714, 715
R
range checks, 357
rapid software development, 57–58
rate of occurrence of failure (ROCOF), 332–34,
336
Rational Unified Process. See RUP
realism checks, 110
real-time operating systems (RTOS), 558–61
real-time systems, 538–39, 561
design, 540–44
modeling, 544–46
programming, 546
timing analysis, 554–57
reasonableness checks, 357
recognition strategy (survivability), 387, 389
recoverability, design for, 384–85
recovery requirements (functional reliability
requirement), 328
Subject Index 761
recovery strategy (survivability), 387–88, 389
recursion, 360
redundancy, diversity and, 343–44, 363, 383
redundancy requirements (functional reliability
requirement), 328
reengineering (software reengineering), 248–50,
257
refactoring, 44, 66, 71, 250–52, 257
reference architectures, 171
regression testing, 223
regulation, of software, 407
release, 684
release management, 682, 699–701, 702
release testing, 224–27
reliability (system reliability), 4, 5, 8, 269, 270–71,
295–99, 306
growth modeling, 402, 403
metrics, 322–24, 336
requirements, 324–28, 336
specification, 320–28
testing, 401–4
remote procedure calls (RPCs), 486, 498
repairability, 269, 293
replicated architectures, 348
reporting, 595, 695
repository architectural pattern, 159–60, 172
representation checks, 357
requirements (software requirements), 12, 83
agile methods and, 84
analysis and definition (life-cycle phase), 31
change management, 113–14
classification and organization, 101
definition of, 83, 115
design spiral, 279–80
development, 278
discovery, 101, 103–4
document (software requirements specification),
91–94, 115
elicitation/analysis, 37, 100–110, 115
enduring, 112
evolution, 111
functional, 84–87, 115, 310
management, 100, 111–14, 115
modification (reuse-based development), 35
non-functional, 85, 87–91, 115, 310
prioritization and negotiation, 101
reviews, 110, 111, 346, 347
risks, 598, 599
specification, 37–38, 84, 85, 86, 94–96, 102
testing (requirements-based), 224–25
traceability, 113, 114, 225, 409, 601
validation, 38, 99, 110–11, 115
volatile, 112
requirements engineering, 6, 9, 12, 24, 28, 36–38, 53,
82–117
agile methods and, 63
concern-oriented, 577–80
defined, 53
resistance strategy (survivability), 387, 389
resource allocation system, architecture of, 437
resource management systems, 167–69, 172, 436, 437,
460, 546, 558, 561
resource utilization metrics, 711–12, 729
respect (people management), 603
responsibility, ethical/professional, 14–17, 24
restart capabilities, 361
RESTful services, 483, 511, 512, 536
reuse (software reuse), 12, 24, 30, 35–36, 53, 190,
193–95, 201, 425–51
reuse model (COCOMO II), 640–42
reuse-oriented software engineering, 30, 35–36, 53,
426–28, 453
reverse engineering, 249, 250
reviews, 208, 218
/checklists (hazard analysis), 317
inspections and, 663–68
review process, 664–65
rework, 31, 39, 44, 57, 58, 72, 110, 278, 599, 600,
623, 643
risk, 301. See also specific risks
analysis, 311–12, 313, 321, 330–32, 336, 597,
598–600
decomposition stage, 312, 313, 322
driven requirements specification, 311–12
driven security requirements process, 330–32
identification, 311, 313, 321, 597, 598
indicators, 602
management, 49, 50, 330, 595–602
monitoring, 597, 602
planning, 597, 600–602
reduction, 312, 313, 319–20, 322
triangle, 315–16
types, 600
robot control system, 148, 149
robustness (process characteristic), 346, 709
ROCOF (rate of occurrence of failure), 332–34,
336
roles (software processes), 28
RPCs (remote procedure calls), 486, 498
RTOS. See real-time operating systems
Ruby, 12, 79, 432
RUP (Rational Unified Process), 50–53, 178
762 Subject Index
S
SaaS. See software as a service
safety, 299–302
architectural design and, 152
assurance processes, 408–10
defined, 306
ethics and, 16–17
MHC-PMS and, 20–21
requirements, 320, 337
security risk management and, 330
specification, 313–20
terminology, 301
safety claim hierarchy (insulin pump control
system), 414
safety-critical systems, 299–302
development process and, 418
risk triangle for, 315–16
system failure and, 300
safety/dependability cases, 410–17, 418
safety needs (human needs hierarchy), 604
SAP, 7, 164, 442
Sarbanes-Oxley accounting regulations,
34, 275
scaling agile methods, 74–77, 78
scattering, 569–70, 587
scenario-based analysis, 183
scenarios, 105–6
testing, 225–26
schedule representation, 627–30
scheduling (project planning), 626–30
SCI (software configuration item), 684
Scrum, 56, 57, 59, 72–74, 78, 631, 632
secure deployment, 390
secure systems design, 375–86, 390
security, 302–5
architectural design and, 152, 376–80
assurance, 393–421
auditing requirements, 330
checklist, 406
defined, 306
dependability and, 8, 12, 24, 292
design for, 375–86
as emergent property, 269
engineering, 366–92
failure, 382
guidelines, 380–85
loopholes, 305
policies, 380–81
requirements, 329–33, 337
risk management, 330, 369–75, 390
specification, 329–33
terminology, 303
testing, 404–6, 418
threats, 390
trust and, 8, 10
/usability guideline, 382
validation, 418
self-monitoring architectures, 350–52
self-oriented people, 606
self-realization needs, 604
semantic data models, 93, 130, 145
semicentralized P2P architecture, 501
sensor-based data collection systems, 18
separation of concerns, 567–71
sequence diagrams, 120, 124, 126–28, 186
service candidate identification, 518–21
service engineering process, 518–27, 534
service implementation/deployment, 524–25
service interface design, 521–24
service interfaces, 534
service-oriented architectures (SOAs),
498, 508–36
defined, 534
SaaS v., 502
software reuse and, 430
services, 13, 36, 509, 514
business, 519, 534
business process model and, 534
classification of, 520, 534
components v., 514–18
construction (by composition) of, 528–29
coordination, 519, 534
defined, 509, 515
as reusable components, 514–18
software development and, 527–34
testing, 533–34
utility, 519, 534
servicing, evolution and, 236–37
shared memory interfaces, 217
simplicity (agile methods), 60, 65, 66
simulation, 11
simulators, 196, 626, 694
single point of failure (avoidance), 381–82
size checks, 357
Skype, 499
small releases (XP), 66
SOAP, 509, 510, 511, 512, 513, 516, 535
SOAs. See service-oriented architectures
social change, business and, 10
social engineering, 369, 383, 391
Subject Index 763
social layer, 264–65
social needs, 604
sociotechnical systems, 263–88
software
attributes, 6, 8, 24
defined, 5, 6, 24
efficiency, 8, 12, 24
failures, 4, 12
internal/external relationships, 670
issues with, 10
product types, 6–7, 10–12, 24
regulation of, 407
zero-defects, 32, 396
software architecture catalog, Booch’s, 150, 173, 174
software as a service (SaaS), 13, 501–5
Software CMM Maturity model, 644, 683, 721,
722, 727
software component analysis, 673–75
software components. See components
software configuration item (SCI), 684
‘software crisis’, 5
software development tools. See CASE tools
software diversity, 344, 345, 349, 353–55, 363
software engineering
activities of, 6, 9, 28, 36
with aspects, 576–87
challenges for, 4, 6, 10
computer science v., 6, 9
costs of, 6
defined, 6, 7–8
diversity, 10–12
ethical responsibility and, 14–17, 24
fundamental notions in, 12, 24, 28
history of, 5
importance of, 8–9
licensing and, 408
process analysis and, 716
reuse-oriented, 30, 35–36, 53, 426–28, 453
systems engineering v., 6, 9, 266, 274
Web and, 6, 13–14
software life cycle, 30–32. See also waterfall model
software measurement/metrics, 668–77
software pricing (project planning), 621–23
software processes. See processes
software productivity, 638
software product lines, 434–40, 448
software reengineering. See reengineering
software reliability. See reliability
software requirements specification (SRS), 91–94, 115
software reuse. See reuse
software systems. See systems
source code checksums, 696
source code translation, 249
SPARK/Ada language, 336
specifications (software specifications), 6, 9, 12, 24,
28, 36–38, 309–40
speculative generality, 251
SPICE approach, 722
spikes, 67
SPIN model checker, 397
spiral models, 48–50, 99–100, 235–36, 257, 279–80
sprints (Scrum), 73, 78, 665
SQL (Structured Query Language), 174, 199, 383,
389, 405, 433, 494
SQL poisoning attack, 383, 405
SRS (software requirements specification), 91–94, 115
staff allocation chart, 631
staged CMMI model, 725–27
stakeholders, 103
stand-alone applications, 10–11, 36
standards
documentation, 658
ISO 92001 standards framework, 660–63
process, 29, 346, 658, 659, 709
product, 658, 659
software, 657–63
web service, 36, 386, 426, 461, 483, 510
Statecharts, 135, 545
state diagrams (UML), 120, 135, 136, 143, 186, 187,
188, 203
state machine models, 186, 187, 201, 397, 398, 545
static analysis, 395–400, 417
static analyzers, 197, 218, 334, 395, 398–400
static models, 129, 186, 201
static perspective (RUP), 50
static software product metrics, 673
static verification, 336
statistical testing, 417
stimulus/response (embedded systems), 540–41
storage management, 691
story cards, 65, 66, 67, 69
stress testing, 218, 227, 232
structural models, 129–33, 143, 185
structural testing, 585, 586
structured analysis methods, 100, 134
structured arguments, 411–13, 418
structured design methods, 40, 178
structured natural language, 95
Structured Query Language. See SQL
structured safety arguments, 414–17, 418
structured specifications, 97–98
subsystem engineering, 279, 280