Uncertainty explicit assessment of off-the-shelf software: A Bayesian approach

Assessment of software COTS components is an essential part of component-based software development. Poorly chosen components may lead to solutions of low quality and that are difficult to maintain. The assessment may be based on incomplete knowledge about the COTS component itself and other aspects (e.g. vendor's credentials, etc.), which may affect the decision of selecting COTS component(s). We argue in favor of assessment methods in which uncertainty is explicitly represented ('uncertainty explicit' methods) using probability distributions. We provide details of a Bayesian model, which can be used to capture the uncertainties in the simultaneous assessment of two attributes, thus, also capturing the dependencies that might exist between them. We also provide empirical data from the use of this method for the assessment of off-the-shelf database servers which illustrate the advantages of 'uncertainty explicit' methods over conventional methods of COTS component assessment which assume that at the end of the assessment the values of the attributes become known with certainty.

[1]  Barry W. Boehm,et al.  Composable process elements for developing COTS-based applications , 2003, 2003 International Symposium on Empirical Software Engineering, 2003. ISESE 2003. Proceedings..

[2]  C. Alves,et al.  CRE : A Systematic Method for COTS Components Selection , 2007 .

[3]  Richard G. Hamlet,et al.  Partition Testing Does Not Inspire Confidence , 1990, IEEE Trans. Software Eng..

[4]  Edward N. Adams,et al.  Optimizing Preventive Service of Software Products , 1984, IBM J. Res. Dev..

[5]  Dar-Biau Liu,et al.  A risk-mitigating model for the development of reliable and maintainable large-scale commercial-off-the-shelf integrated software systems , 1997, Annual Reliability and Maintainability Symposium.

[6]  Lorenzo Strigini,et al.  Fault diversity among off-the-shelf SQL database servers , 2004, International Conference on Dependable Systems and Networks, 2004.

[7]  John D. Musa,et al.  Operational profiles in software-reliability engineering , 1993, IEEE Software.

[8]  Daniel Port,et al.  Assessing COTS Assessment: How Much Is Enough? , 2004, ICCBSS.

[9]  Geert Poels,et al.  Proceedings of the 8th ECOOP Workshop on Quantitative Approaches in Object-Oriented Software Engineering (QAOOSE 2004) , 2004 .

[10]  Lorenzo Strigini,et al.  On Designing Dependable Services with Diverse Off-the-Shelf SQL Servers , 2003, WADS.

[11]  Cornelius Ncube,et al.  PORE : Procurement Oriented Requirements Engineering Method for the Component-Based Systems Engineering Development Paradigm , 1999 .

[12]  Jyrki Kontio,et al.  A COTS Selection Method and Experiences of Its Use , 1995 .

[13]  Neil A. M. Maiden,et al.  Acquiring COTS Software Selection Requirements , 1998, IEEE Softw..

[14]  Carme Quer,et al.  Combined Selection of COTS Components , 2002, ICCBSS.

[15]  Sarah Brocklehurst,et al.  Recalibrating Software Reliability Models , 1990, IEEE Trans. Software Eng..

[16]  Nancy G. Leveson,et al.  An experimental evaluation of the assumption of independence in multiversion programming , 1986, IEEE Transactions on Software Engineering.

[17]  W. R. Buckland,et al.  Distributions in Statistics: Continuous Multivariate Distributions , 1974 .

[18]  Marco Torchiano,et al.  Assessment of Reusable COTS Attributes , 2003, ICCBSS.

[19]  Dave E. Eckhardt,et al.  A Theoretical Basis for the Analysis of Multiversion Software Subject to Coincident Errors , 1985, IEEE Transactions on Software Engineering.

[20]  Erhard Rahm,et al.  Web, Web-Services, and Database Systems , 2003, Lecture Notes in Computer Science.

[21]  W. R. Buckland,et al.  Distributions in Statistics: Continuous Multivariate Distributions , 1973 .

[22]  Peter M. Chen,et al.  Whither generic recovery from application faults? A fault study using open-source software , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[23]  Neil A. M. Maiden,et al.  Acquiring COTS software selection requirements , 1998, Proceedings of IEEE International Symposium on Requirements Engineering: RE '98.

[24]  Lorenzo Strigini,et al.  Fault Tolerance via Diversity for Off-the-Shelf Products: A Study with SQL Database Servers , 2007, IEEE Transactions on Dependable and Secure Computing.

[25]  Rogério de Lemos,et al.  Architecting Dependable Systems VI , 2009, WADS.

[26]  David F. McAllister,et al.  An Experimental Evaluation of Software Redundancy as a Strategy For Improving Reliability , 1991, IEEE Trans. Software Eng..

[27]  R. Likert “Technique for the Measurement of Attitudes, A” , 2022, The SAGE Encyclopedia of Research Design.

[28]  David Wright,et al.  Some Conservative Stopping Rules for the Operational Testing of Safety-Critical Software , 1997, IEEE Trans. Software Eng..

[29]  Noah Treuhaft,et al.  Recovery Oriented Computing (ROC): Motivation, Definition, Techniques, , 2002 .

[30]  M. Ochs,et al.  A method for efficient measurement-based COTS assessment and selection method description and evaluation results , 2001, Proceedings Seventh International Software Metrics Symposium.

[31]  Santiago Comella-Dorda,et al.  A Process for COTS Software Product Evaluation , 2002, ICCBSS.

[32]  Elaine J. Weyuker,et al.  Analyzing Partition Testing Strategies , 1991, IEEE Trans. Software Eng..

[33]  Laurence Brooks,et al.  CHAPTER 53 APPLYING SOCIAL-TECHNICAL APPROACH FOR COTS SELECTION * , 1999 .

[34]  Bev Littlewood,et al.  Conceptual Modeling of Coincident Failures in Multiversion Software , 1989, IEEE Trans. Software Eng..

[35]  Vladimir Stankovic,et al.  Improving DBMS Performance through Diverse Redundancy , 2006, 2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06).

[36]  Sallie Gregor,et al.  Storyboard Process to Assist in Requirements Verification and Adaptation to Capabilities Inherent in COTS , 2002, ICCBSS.

[37]  Jim Gray,et al.  Why Do Computers Stop and What Can Be Done About It? , 1986, Symposium on Reliability in Distributed Software and Database Systems.

[38]  Bev Littlewood,et al.  Assessment of the Reliability of Fault-Tolerant Software: A Bayesian Approach , 2000, SAFECOMP.

[39]  Günther Ruhe,et al.  Intelligent Support for Selection of COTS Products , 2002, Web, Web-Services, and Database Systems.

[40]  Antonio Vallecillo,et al.  Quality Attributes for COTS Components , 2002 .

[41]  Peter T. Popov Reliability Assessment of Legacy Safety-Critical Systems Upgraded with Off-the-Shelf Components , 2002, SAFECOMP.