Home   >   CSC-OpenAccess Library   >    Manuscript Information
Software Reliability and Quality Assurance Challenges in Cyber Physical Systems Security
Abel Yeboah-Ofori
Pages - 115 - 130     |    Revised - 31-07-2020     |    Published - 31-08-2020
Volume - 14   Issue - 3    |    Publication Date - August 2020  Table of Contents
MORE INFORMATION
KEYWORDS
Software Reliability, Secure Tropos, I*, Cyber Physical Systems, Function Point Analysis.
ABSTRACT
Software Reliability is the probability of failure-free software operation for a specified period of time in a specified environment. Cyber threats on software security have been prevailing and have increased exponentially, posing a major challenge on software reliability in the cyber physical systems (CPS) environment. Applying patches after the software has been developed is outdated and a major security flaw. However, this has posed a major software reliability challenge as threat actors are exploiting unpatched and insecure software configuration vulnerabilities that are not identified at the design phase. This paper aims to investigate the SDLC approach to software reliability and quality assurance challenges in CPS security. To demonstrate the applicability of our work, we review existing security requirements engineering concepts and methodologies such as TROPOS, I*, KAOS, Tropos and Secure Tropos to determine their relevance in software security. We consider how the methodologies and function points are used to implement constraints to improve software reliability. Finally, the function points concepts are implemented into the CPS security components. The results show that software security threats in CPS can be addressed by integrating the SRE approach and function point analysis in the development to improve software reliability.
1 Google Scholar 
2 refSeek 
3 Scribd 
4 SlideShare 
A. Dhakad, A. S.Rajawat. "A Novel Variant of Function Point Analysis for Accurate Software Size Estimation". International Journal of Engineering & Scientific Research. Vol 4. Issue 2. 2016.
A. J. Albrecht, "Measuring Application Development Productivity". Proceedings of the Joint SHARE, GUIDE, and IBM Application Development Symposium, Monterey, California, October 14-17, 1979. IBM Corporation (1979), pp. 83-92.
A. Susi, A. Perini, and A. Mylopoulos. "The Tropos Methodology and its Use". Informatica 29. 401-408. 2005.
A. Yeboah-Ofori, and S. Islam, "Cyber Security Threat Modeling for Supply Chain Organizational Environments." Future Internet, 2019. 11, 63, 2019. doi: 10.3390/611030063
A. Yeboah-Ofori, J. D. Abdulai, and F. Katsriku, "Cybercrime and Risk for Cyber Physical Systems: A Review". IJCSDF. Vol. 8 No.1. Pg. 43-57. 2018. http://dx.doi.org/10.17781/P002556.
C. R. Symons, "Function point analysis: difficulties and improvements," in IEEE Xplore Transactions on Software Engineering, vol. 14, no. 1, pp. 2-11, Jan. 1988. DOI: 10.1109/32.4618.
C. Sun, A. Hahn, and C Liu. "Cyber Security of a Power Grid: State of the Art". International Journal of Electrical Power and Energy System, 99, Pp. 45-56. 2018..
CAPEC-437: "Supply Chain. Common Attack Pattern Enumeration and Classification: Domain of Attack". https://capec.mitre.org/data/definitions/437.html MITRE. [Assessed on 05/04/2020]
E. Lee. "Concept Map for Cyber Physical Systems". http://CyberPhysicalSystems.org/CPSConceptMap.xml. 2012. [Accessed on 14/12/2019]
E. S. Yu. "Social Modeling and I*." Faculty of Information, Springer. University of Toronto. http://www.cs.toronto.edu/pub/eric/JMfest09-EY.pdf. [Accessed on 07/03/2020]
L. M. Alves, S. Oliveira, P. Ribeiro, R. J. Machado. "An Empirical Study on the Estimation of Size and Complexity of Software Applications with Function Points Analysis" IEEE International Conference on Computational Science and Its Application. 2014. DOI 10.1109/ICCSA.2014.17.
M. Al Faruque, F. Regazzoni, and M. Pajic. "Design Methodologies for Securing Cyber-Physical Systems". 2010. doi: 10.1109/CODESISSS.2015.7331365.
M. Chenine, J. Ullberg, and G. Ericsson. "A Framework for Wide-Area Monitoring and Control Systems Interoperability and Cybersecurity Analysis". IEEE Transactions on Power Delivery, 29(2), pp. 633-641. 2014. doi: 10.1109/TPWRD.2013.2279182.
M. Pavlidis. S. Islam. And H. Mouratidis. "A CASE Tool to Support Automated Modelling and Analysis of Security Requirements, Based on Secure Tropos". 2012.
N. A. S. Abdullah, S. Abdullah, M. H. Selamat, A. Jaafar. "Potential Security factors in Software Cost Estimation. IEEE International Symposium on Information Technology 2008. DOI. 10.1109/ITSIM.2008.4631983
N. A. S. Abdullah, S. Abdullah, M. H. Selamat, A. Jaafar. "Software Security Characteristics for Function Point Analysis" IEEE Conference. Industrial. (2010). DOI: 10.1109/IEEM.2009.5373328
P. Giorgini, M. Kolp, J. Mylopoulos, M. Pistore. "The Tropos Methodology". doi: 10.1007/1-4020-8058-1_7. 2004.
R. Alavi, S. Islam, D, Jahankhani, H. and A. Al-Nemrat. "Analyzing Human Factors for an Effective Information Security Management System". International Journal of Secure Software Engineering (IJSSE), 4, 50-74. 2013.
Respect-IT. "A KOAS Tutorial". V1.0. 2007. http://www.objectiver.com/fileadmin/download/documents/KaosTutorial.pdf. [Accesse 14/03/2020]
S. Khou, L. O. Mailloux, J. M. Pecarina, and M. Mcevilley. "A Customizable Framework for Prioritizing Systems Security Engineering Processes, Activities, and Tasks". IEEE Access, Vol.5, pp. 12878- 12894, 2017. doi: 10.1109/ACCESS.2017.2714979.
S. Mukherjee, B. Bhattacharya, S. Mandal. "A Survey on Metrics, Models, & Tools of Software Cost Estimation" International Journal of Advanced Research in Computer Engineering & Technology. Vol. 2, Issue 9. 2013.
Dr. Abel Yeboah-Ofori
School of Architecture, Computing & Engineering, University of East London, London, E16 2GA - United Kingdom
u0118547@uel.ac.uk