4. The Many Faces of Software Unreliability ASQ Reliability Division Webinar January 12, 2012 Defining software reliability Measuring software reliability Achieving software reliability The future
18. The Many Faces of Software Unreliability Measuring software reliability
19. Reliability : measured in… … success/failure probability … M ean T ime T o F ailure
20. M ean T ime T o R epair mission failure $ loss risk exposure measured in …
21.
22.
23.
24. R O I = return investment R O R I = risk exposure reduction reliability investment
25. Risk Avoidance costs $3 x 10 3 4 x 10 -4 $4 x 10 3 risk exposure reduction of $10 4 -$4 x 10 3 = $6 x 10 3
26. Risk Avoidance costs $3 x 10 3 4 x 10 -4 $4 x 10 3 risk exposure reduction of $10 4 -$4 x 10 3 = $6 x 10 3 Return On Risk Exposure Reduction =$6 x 10 3 / $3 x 10 3 = 2.0
27. Risk Mitigation costs $5 x 10 3 10 -3 Probability of occurrence $3 x 10 6 $3 x 10 3 risk exposure reduction of $10 4 -$3 x 10 3 = $7 x 10 3
28. Risk Mitigation costs $5 x 10 3 10 -3 Probability of occurrence $3 x 10 6 $3 x 10 3 risk exposure reduction of $10 4 -$3 x 10 3 = $7 x 10 3 Return On Risk Exposure Reduction =$7 x 10 3 / $5 x 10 3 = 1.4
29. The Many Faces of Software Unreliability Achieving software reliability
30.
31. Software Reliability Engineering E Establish quantitative reliability targets Construct usage profiles of operational system Test statistically to predict system reliability
42. DACS projected products: Handbook series Software Reliability and Security Testing Software Reliability and Security Specification Software Reliability and Security Assessment and Improvement Training offerings Software Reliability and Security Fundamentals + industry-specific modules Research support
AAA = Access Authentication and Authorization ( or Authentication, Authorization, and Accounting)
AAA = Access Authentication and Authorization ( or Authentication, Authorization, and Accounting)
ACT: Toward unifying the constructs of attack and defense trees . Arpan Roy, Dong Seong Kim, and Kishor S. Trivedi. SECURITY AND COMMUNICATIONS NETWORKS. 2011. 3 :1-15