Submit Search
Upload
Ac2017 8. metrics forprivacysafety-notes
•
0 likes
•
226 views
Nesma
Follow
Nesma Autumn Conference 2017 - notes Euro Project Office
Read less
Read more
Software
Report
Share
Report
Share
1 of 36
Download now
Download to read offline
Recommended
Draft CE-74 v03 for MAIN review
Draft CE-74 v03 for MAIN review
Nesma
The fact that your poject is agile is not (necessarily) a cost driver arlen...
The fact that your poject is agile is not (necessarily) a cost driver arlen...
Nesma
Bridging the gap rob de munnik - dutch tax office
Bridging the gap rob de munnik - dutch tax office
Nesma
A benchmark based approach to determine language verbosity - Hans Kuijpers - ...
A benchmark based approach to determine language verbosity - Hans Kuijpers - ...
Nesma
Ac2017 6. output based contracting
Ac2017 6. output based contracting
Nesma
6. software cost estimation finally becoming a real profession! - harold va...
6. software cost estimation finally becoming a real profession! - harold va...
Nesma
5. agile estimation reconsidered again esteban sanchez
5. agile estimation reconsidered again esteban sanchez
Nesma
Size matters a lot rick collins - technomics
Size matters a lot rick collins - technomics
Nesma
Recommended
Draft CE-74 v03 for MAIN review
Draft CE-74 v03 for MAIN review
Nesma
The fact that your poject is agile is not (necessarily) a cost driver arlen...
The fact that your poject is agile is not (necessarily) a cost driver arlen...
Nesma
Bridging the gap rob de munnik - dutch tax office
Bridging the gap rob de munnik - dutch tax office
Nesma
A benchmark based approach to determine language verbosity - Hans Kuijpers - ...
A benchmark based approach to determine language verbosity - Hans Kuijpers - ...
Nesma
Ac2017 6. output based contracting
Ac2017 6. output based contracting
Nesma
6. software cost estimation finally becoming a real profession! - harold va...
6. software cost estimation finally becoming a real profession! - harold va...
Nesma
5. agile estimation reconsidered again esteban sanchez
5. agile estimation reconsidered again esteban sanchez
Nesma
Size matters a lot rick collins - technomics
Size matters a lot rick collins - technomics
Nesma
Software sizing as an essential measure past present and future - Dan Galorat...
Software sizing as an essential measure past present and future - Dan Galorat...
Nesma
3. any metric is useless without competence! jaap van der leer - marco dumont
3. any metric is useless without competence! jaap van der leer - marco dumont
Nesma
Session W1 - Reliable Risk Quantification For Project Cost and Schedule
Session W1 - Reliable Risk Quantification For Project Cost and Schedule
Project Controls Expo
A Guide for Capital Project Mamnagers
A Guide for Capital Project Mamnagers
Glen Alleman
Avoid software project horror stories - check the reality value of the estima...
Avoid software project horror stories - check the reality value of the estima...
Harold van Heeringen
Agile+EVM bibliography (v2)
Agile+EVM bibliography (v2)
Glen Alleman
Ev+agile=success
Ev+agile=success
Glen Alleman
Control systems
Control systems
Glen Alleman
Fear and Loathing in Agility: Long Live the Accounting Department
Fear and Loathing in Agility: Long Live the Accounting Department
Accenture | SolutionsIQ
Probabilistic Schedule and Cost Analysis
Probabilistic Schedule and Cost Analysis
Glen Alleman
Alleman coonce-agile-2017 may2
Alleman coonce-agile-2017 may2
Glen Alleman
Agile in the government
Agile in the government
Glen Alleman
Big data meets evm (submitted)
Big data meets evm (submitted)
Glen Alleman
DOES14 - Pat Reed - Project Labor Cost Accounting for Agile Projects
DOES14 - Pat Reed - Project Labor Cost Accounting for Agile Projects
Gene Kim
Focus on the nine I's (v9)
Focus on the nine I's (v9)
Glen Alleman
Capabilities Based Planning
Capabilities Based Planning
Glen Alleman
Project breathalyzer
Project breathalyzer
Glen Alleman
BioPharma Projects: Essentials in Project Controls
BioPharma Projects: Essentials in Project Controls
PMA Consultants
Agile at scale resources
Agile at scale resources
Glen Alleman
DHS - Using functions points to estimate agile development programs (v2)
DHS - Using functions points to estimate agile development programs (v2)
Glen Alleman
Ijetr011834
Ijetr011834
ER Publication.org
Analytic hierarchy process for pif thomas fehlmann
Analytic hierarchy process for pif thomas fehlmann
IWSM Mensura
More Related Content
What's hot
Software sizing as an essential measure past present and future - Dan Galorat...
Software sizing as an essential measure past present and future - Dan Galorat...
Nesma
3. any metric is useless without competence! jaap van der leer - marco dumont
3. any metric is useless without competence! jaap van der leer - marco dumont
Nesma
Session W1 - Reliable Risk Quantification For Project Cost and Schedule
Session W1 - Reliable Risk Quantification For Project Cost and Schedule
Project Controls Expo
A Guide for Capital Project Mamnagers
A Guide for Capital Project Mamnagers
Glen Alleman
Avoid software project horror stories - check the reality value of the estima...
Avoid software project horror stories - check the reality value of the estima...
Harold van Heeringen
Agile+EVM bibliography (v2)
Agile+EVM bibliography (v2)
Glen Alleman
Ev+agile=success
Ev+agile=success
Glen Alleman
Control systems
Control systems
Glen Alleman
Fear and Loathing in Agility: Long Live the Accounting Department
Fear and Loathing in Agility: Long Live the Accounting Department
Accenture | SolutionsIQ
Probabilistic Schedule and Cost Analysis
Probabilistic Schedule and Cost Analysis
Glen Alleman
Alleman coonce-agile-2017 may2
Alleman coonce-agile-2017 may2
Glen Alleman
Agile in the government
Agile in the government
Glen Alleman
Big data meets evm (submitted)
Big data meets evm (submitted)
Glen Alleman
DOES14 - Pat Reed - Project Labor Cost Accounting for Agile Projects
DOES14 - Pat Reed - Project Labor Cost Accounting for Agile Projects
Gene Kim
Focus on the nine I's (v9)
Focus on the nine I's (v9)
Glen Alleman
Capabilities Based Planning
Capabilities Based Planning
Glen Alleman
Project breathalyzer
Project breathalyzer
Glen Alleman
BioPharma Projects: Essentials in Project Controls
BioPharma Projects: Essentials in Project Controls
PMA Consultants
Agile at scale resources
Agile at scale resources
Glen Alleman
DHS - Using functions points to estimate agile development programs (v2)
DHS - Using functions points to estimate agile development programs (v2)
Glen Alleman
What's hot
(20)
Software sizing as an essential measure past present and future - Dan Galorat...
Software sizing as an essential measure past present and future - Dan Galorat...
3. any metric is useless without competence! jaap van der leer - marco dumont
3. any metric is useless without competence! jaap van der leer - marco dumont
Session W1 - Reliable Risk Quantification For Project Cost and Schedule
Session W1 - Reliable Risk Quantification For Project Cost and Schedule
A Guide for Capital Project Mamnagers
A Guide for Capital Project Mamnagers
Avoid software project horror stories - check the reality value of the estima...
Avoid software project horror stories - check the reality value of the estima...
Agile+EVM bibliography (v2)
Agile+EVM bibliography (v2)
Ev+agile=success
Ev+agile=success
Control systems
Control systems
Fear and Loathing in Agility: Long Live the Accounting Department
Fear and Loathing in Agility: Long Live the Accounting Department
Probabilistic Schedule and Cost Analysis
Probabilistic Schedule and Cost Analysis
Alleman coonce-agile-2017 may2
Alleman coonce-agile-2017 may2
Agile in the government
Agile in the government
Big data meets evm (submitted)
Big data meets evm (submitted)
DOES14 - Pat Reed - Project Labor Cost Accounting for Agile Projects
DOES14 - Pat Reed - Project Labor Cost Accounting for Agile Projects
Focus on the nine I's (v9)
Focus on the nine I's (v9)
Capabilities Based Planning
Capabilities Based Planning
Project breathalyzer
Project breathalyzer
BioPharma Projects: Essentials in Project Controls
BioPharma Projects: Essentials in Project Controls
Agile at scale resources
Agile at scale resources
DHS - Using functions points to estimate agile development programs (v2)
DHS - Using functions points to estimate agile development programs (v2)
Similar to Ac2017 8. metrics forprivacysafety-notes
Ijetr011834
Ijetr011834
ER Publication.org
Analytic hierarchy process for pif thomas fehlmann
Analytic hierarchy process for pif thomas fehlmann
IWSM Mensura
Functional point analysis
Functional point analysis
DestinationQA
Software process methodologies and a comparative study of various models
Software process methodologies and a comparative study of various models
iaemedu
gss_windows7_migration_whitepapers
gss_windows7_migration_whitepapers
Bonani Bhattacharjee
Best Practices in Software Cost Estimation - Metrikon 2015 - Frank Vogelezang
Best Practices in Software Cost Estimation - Metrikon 2015 - Frank Vogelezang
Frank Vogelezang
Software metric analysis methods for product development
Software metric analysis methods for product development
iaemedu
Software metric analysis methods for product development
Software metric analysis methods for product development
iaemedu
Software metric analysis methods for product development maintenance projects
Software metric analysis methods for product development maintenance projects
IAEME Publication
IWSM 2014 Overview of COSMIC related papers (Charles Symons)
IWSM 2014 Overview of COSMIC related papers (Charles Symons)
COSMIC - Common Software Measurement International Consortium
Software Estimation Techniques
Software Estimation Techniques
kamal
An Approach of Improve Efficiencies through DevOps Adoption
An Approach of Improve Efficiencies through DevOps Adoption
IRJET Journal
Productivity Factors in Software Development for PC Platform
Productivity Factors in Software Development for PC Platform
IJERA Editor
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
inventionjournals
Building a guided analytics forecasting platform with Knime
Building a guided analytics forecasting platform with Knime
Knoldus Inc.
Jun 08 - PMWT Featured Paper -Tarabykin - XP PAPER - FINAL
Jun 08 - PMWT Featured Paper -Tarabykin - XP PAPER - FINAL
Alex Tarra
Software Reverse Engineering in a Security Context (ncrisc 2018)
Software Reverse Engineering in a Security Context (ncrisc 2018)
Lokendra Rawat
Articulo improving software productivity
Articulo improving software productivity
Catalina Ochoa
The PCNet Project (B)Dynamically Managing ResidualRisk042.docx
The PCNet Project (B)Dynamically Managing ResidualRisk042.docx
oreo10
2012 ieee projects software engineering @ Seabirds ( Trichy, Chennai, Pondich...
2012 ieee projects software engineering @ Seabirds ( Trichy, Chennai, Pondich...
SBGC
Similar to Ac2017 8. metrics forprivacysafety-notes
(20)
Ijetr011834
Ijetr011834
Analytic hierarchy process for pif thomas fehlmann
Analytic hierarchy process for pif thomas fehlmann
Functional point analysis
Functional point analysis
Software process methodologies and a comparative study of various models
Software process methodologies and a comparative study of various models
gss_windows7_migration_whitepapers
gss_windows7_migration_whitepapers
Best Practices in Software Cost Estimation - Metrikon 2015 - Frank Vogelezang
Best Practices in Software Cost Estimation - Metrikon 2015 - Frank Vogelezang
Software metric analysis methods for product development
Software metric analysis methods for product development
Software metric analysis methods for product development
Software metric analysis methods for product development
Software metric analysis methods for product development maintenance projects
Software metric analysis methods for product development maintenance projects
IWSM 2014 Overview of COSMIC related papers (Charles Symons)
IWSM 2014 Overview of COSMIC related papers (Charles Symons)
Software Estimation Techniques
Software Estimation Techniques
An Approach of Improve Efficiencies through DevOps Adoption
An Approach of Improve Efficiencies through DevOps Adoption
Productivity Factors in Software Development for PC Platform
Productivity Factors in Software Development for PC Platform
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
Building a guided analytics forecasting platform with Knime
Building a guided analytics forecasting platform with Knime
Jun 08 - PMWT Featured Paper -Tarabykin - XP PAPER - FINAL
Jun 08 - PMWT Featured Paper -Tarabykin - XP PAPER - FINAL
Software Reverse Engineering in a Security Context (ncrisc 2018)
Software Reverse Engineering in a Security Context (ncrisc 2018)
Articulo improving software productivity
Articulo improving software productivity
The PCNet Project (B)Dynamically Managing ResidualRisk042.docx
The PCNet Project (B)Dynamically Managing ResidualRisk042.docx
2012 ieee projects software engineering @ Seabirds ( Trichy, Chennai, Pondich...
2012 ieee projects software engineering @ Seabirds ( Trichy, Chennai, Pondich...
More from Nesma
2024-04 - Nesma webinar - Benchmarking.pdf
2024-04 - Nesma webinar - Benchmarking.pdf
Nesma
Agile Team Performance Measurement webinar
Agile Team Performance Measurement webinar
Nesma
Software Cost Estimation webinar January 2024.pdf
Software Cost Estimation webinar January 2024.pdf
Nesma
Nesma event June '23 - How to use objective metrics as a basis for agile cost...
Nesma event June '23 - How to use objective metrics as a basis for agile cost...
Nesma
Nesma event June '23 - NEN Practice Guideline - NPR.pdf
Nesma event June '23 - NEN Practice Guideline - NPR.pdf
Nesma
Nesma event June '23 - Easy Function Sizing - Introduction.pdf
Nesma event June '23 - Easy Function Sizing - Introduction.pdf
Nesma
Automotive Software Cost Estimation - The UCE Approach - Emmanuel Mary
Automotive Software Cost Estimation - The UCE Approach - Emmanuel Mary
Nesma
The COSMIC battle between David and Goliath - Paul Hussein
The COSMIC battle between David and Goliath - Paul Hussein
Nesma
Succesful Estimating - It's how you tell the story - Amritpal Singh Agar
Succesful Estimating - It's how you tell the story - Amritpal Singh Agar
Nesma
(Increasing) Predictability of large Government ICT Projects - Koos Veefkind
(Increasing) Predictability of large Government ICT Projects - Koos Veefkind
Nesma
CEBoK for Software Past Present Future - Megan Jones
CEBoK for Software Past Present Future - Megan Jones
Nesma
Agile Development and Agile Cost Estimation - A return to basic principles - ...
Agile Development and Agile Cost Estimation - A return to basic principles - ...
Nesma
Resolving Cost Management and Key Pitfalls of Agile Software Development - Da...
Resolving Cost Management and Key Pitfalls of Agile Software Development - Da...
Nesma
Project Succes is a Choice - Joop Schefferlie
Project Succes is a Choice - Joop Schefferlie
Nesma
Afrekenen met functiepunten
Afrekenen met functiepunten
Nesma
Agile teams get a grip - martijn groenewegen
Agile teams get a grip - martijn groenewegen
Nesma
Software sizing the cornerstone for iceaa's scebok - Carol Dekkers
Software sizing the cornerstone for iceaa's scebok - Carol Dekkers
Nesma
Software estimation challenge diederik wortman - metri
Software estimation challenge diederik wortman - metri
Nesma
Estimation of a micro services based estimation application bhawna thakur -...
Estimation of a micro services based estimation application bhawna thakur -...
Nesma
2. garansys loves estimates for agile projects alexander vermeulen
2. garansys loves estimates for agile projects alexander vermeulen
Nesma
More from Nesma
(20)
2024-04 - Nesma webinar - Benchmarking.pdf
2024-04 - Nesma webinar - Benchmarking.pdf
Agile Team Performance Measurement webinar
Agile Team Performance Measurement webinar
Software Cost Estimation webinar January 2024.pdf
Software Cost Estimation webinar January 2024.pdf
Nesma event June '23 - How to use objective metrics as a basis for agile cost...
Nesma event June '23 - How to use objective metrics as a basis for agile cost...
Nesma event June '23 - NEN Practice Guideline - NPR.pdf
Nesma event June '23 - NEN Practice Guideline - NPR.pdf
Nesma event June '23 - Easy Function Sizing - Introduction.pdf
Nesma event June '23 - Easy Function Sizing - Introduction.pdf
Automotive Software Cost Estimation - The UCE Approach - Emmanuel Mary
Automotive Software Cost Estimation - The UCE Approach - Emmanuel Mary
The COSMIC battle between David and Goliath - Paul Hussein
The COSMIC battle between David and Goliath - Paul Hussein
Succesful Estimating - It's how you tell the story - Amritpal Singh Agar
Succesful Estimating - It's how you tell the story - Amritpal Singh Agar
(Increasing) Predictability of large Government ICT Projects - Koos Veefkind
(Increasing) Predictability of large Government ICT Projects - Koos Veefkind
CEBoK for Software Past Present Future - Megan Jones
CEBoK for Software Past Present Future - Megan Jones
Agile Development and Agile Cost Estimation - A return to basic principles - ...
Agile Development and Agile Cost Estimation - A return to basic principles - ...
Resolving Cost Management and Key Pitfalls of Agile Software Development - Da...
Resolving Cost Management and Key Pitfalls of Agile Software Development - Da...
Project Succes is a Choice - Joop Schefferlie
Project Succes is a Choice - Joop Schefferlie
Afrekenen met functiepunten
Afrekenen met functiepunten
Agile teams get a grip - martijn groenewegen
Agile teams get a grip - martijn groenewegen
Software sizing the cornerstone for iceaa's scebok - Carol Dekkers
Software sizing the cornerstone for iceaa's scebok - Carol Dekkers
Software estimation challenge diederik wortman - metri
Software estimation challenge diederik wortman - metri
Estimation of a micro services based estimation application bhawna thakur -...
Estimation of a micro services based estimation application bhawna thakur -...
2. garansys loves estimates for agile projects alexander vermeulen
2. garansys loves estimates for agile projects alexander vermeulen
Recently uploaded
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
kellynguyen01
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
ICS
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Christina Lin
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
Jhone kinadey
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
JheuzeDellosa
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
Wave PLM
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
shikhaohhpro
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
kaushalgiri8080
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
OPEN KNOWLEDGE GmbH
DNT_Corporate presentation know about us
DNT_Corporate presentation know about us
Dynamic Netsoft
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
OnePlan Solutions
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
ThousandEyes
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
OnePlan Solutions
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
harshavardhanraghave
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
ABDERRAOUF MEHENNI
Software Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
Arshad QA
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
aagamshah0812
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
Evangelist Apps https://twitter.com/EvangelistSW/
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
kalichargn70th171
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
SolGuruz
Recently uploaded
(20)
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
DNT_Corporate presentation know about us
DNT_Corporate presentation know about us
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
Software Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
Ac2017 8. metrics forprivacysafety-notes
1.
Thomas Fehlmann, Eberhard
Kranich Euro Project Office, Zürich & Duisburg NESMA Autumn Meeting, Soestduinen, 7th November 2017 17:25 – 17:50 Metrics for Privacy & Safety in Software Contracts, Thomas Fehlmann (Euro Project Office) A software contract must include measurable and resilient clauses about how well the new software shall be hardened against attacks. This presentation outlines how to define such attributes and how to count them in a model, be it the COSMIC data movement map – suitable for communication among things – or an IFPUG-‐like transaction map, ideal for web portals. Page 1 Thursday, 9 November 2917 © Euro Project Office AG, 2017 Dr. Thomas Fehlmann
2.
Speaker & Authors Thomas
Fehlmann, Zurich, Vice-president ISBSG, Member of swissICT, NESMA, UKSMA, GUFPI-ISMA, DASMA Eberhard Kranich, Duisburg, Member of swissICT, NESMA, DASMA Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 2
3.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 3
4.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts Test Metrics | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 4
5.
Bad Mathematics in
Software Testing ▪ What is the Size of Software? ▪ Lines of (undocumented?) Code? ▪ What is a Software Defect? ▪ An entry in a bug tracking system?? ▪ What is a Defect Density? ▪ Number of bug entries per line of code in a bug tracking repository???? What Defect Density has this Google Car’s Software? Compared to Nissan’s Software? | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Today’s practice in software and system testing is simply a mess. People count entries in bug inventories and mistake this for the number of defects. Even worse, they look at lines of code and define one defect if they have to fix this line – notwithstanding that code can contain many more defects than just one per line, and functionality often can be implemented by hundreds of lines of code, containing dozens of defects, or simply by one concise statement providing the same functionality – without defects or bugs. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 5
6.
Testing refers to
Functionality not Code ▪ Code is not the object of testing of software or systems ▪ Test metrics refer to functionality ▪ Test metrics cannot refer to code ▪ Most code is open source ▪ Well code-tested by Daily Builds & JUnit’s Green Bar | METRICS FOR PRIVACY & SAFETY IN CONTRACTS 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 #include "mbed.h" DigitalIn button1( SW2 ); // Right Button on ARM Board DigitalOut led( LED1 ); int main() { led = 1; // red (RGB LED use inverse logic // 1 = OFF, 0 = ON) while ( true ) { if ( button1 == 0 ) // Button pressed led = 0; else led = 1; } } Common testing techniques still refer to code – however, code is most often not available if we test our software, and definitely not for systems. Functionality is there and can be assessed and modelled. Code is subject to the programming language, programming environment, and sometimes not even open. Scala today is the language of choice for functional programming; Java, C++ or C# tend to be verbose, even when used within a object-oriented programming paradigm. Lines of codes are not comparable, not even within one programming language. Maybe, it’s useful as a personal measure. An automatic count from a functional programming language is easy for the COSMIC model; the IFPUG model is considerably harder to build. The effort is comparable to building a compiler. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 6
7.
Software Models ▪ Modeling
Software by ▪ ISO/IEC 20926 IFPUG ▪ ISO/IEC 19761 COSMIC ▪ Others…. ▪ Sizing Software according ▪ Functionality & Test Intensity ▪ Non-functional Characteristics ▪ Privacy ▪ Safety ▪ Other constraints | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Sizing software takes two distinct steps: • Creating a model for the software, based on elementary functional components (IFPUG) or movements of data groups (COSMIC). This step is called Mapping. • Counting the number of model elements identified according counting rules. Best-known counting rules are those assigning Function Points according IFPUG, depending on complexity criteria such as Data Elements Types, Record Element Types and File Type Referenced. Simplest ones are those of COSMIC – one data movement is one Function Point. Newly added are the rules of the Software Non- functional Assessment Process (SNAP). More sizing assessment counting rules for these models create metrics for software privacy or software safety. All you need is agree on a set of unambiguous and repeatable counting rules that are validated in practice. This workshop introduces the audience to this new view on software metrics. It evolved during the IWSM 2015 conference in Kraków, driven by attempts to automate functional sizing. The Visual Excel tool has been enhanced to model according IFPUG and COSMIC, adding SNAP and future assessment models. For instance, you can take your COSMIC count and SNAP it. Or model software according IFPUG and size its security vulnerability. The Excel model is public domain under a GNU license and runs under Office 2010 or newer. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 7
8.
The IFPUG Model
of Software (ISO/IEC 20926) ▪ Transactions ▪ EI: Elementary Input ▪ EO: Elementary Output ▪ EQ: Elementary Query ▪ Data Elements ▪ ILF: Internal Logical Files ▪ EIF: External Logic Files Software Boundary ILF User (Person or application) EIF EI EO EQ | METRICS FOR PRIVACY & SAFETY IN CONTRACTS The IFP count needs two distinct steps: • Count the data function types: ILF, which are logical data groups maintained within the application boundary, and EIF, used for reference by the application; • Count the transactional function types El, which are data entry processes and controlled inputs; EO, (e.g., reports with calculations) and EQ, (e.g., retrieval of stored data by inquiries from one or more ILF/EIF). ISO/IEC 20926 provides several simple matrices to determine whether a function is Low, Average or High, based on Data Element Types, (DET; user recognizable, non–repeated data fields), Record Element Types (RET; subsets of user recognizable data), and File Types Referenced, (FTR; number of logical data groupings, (i.e., ILF and EIF), required to complete a process). Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 8
9.
The IFPUG Model
of the Employee Database ▪ Transaction Map ▪ 4 EI, 1 EO, 1 EQ ▪ 2, 12 and 13 DET ▪ 9 FTR ▪ 1 ILF, 1 EIF ▪ 3 and 12 DET ▪ For Test Size, we need sizing parts ▪ IFPUG Counting Rules are not compliant to the VIM and the GUM | METRICS FOR PRIVACY & SAFETY IN CONTRACTS T001 T003 T005 T006 T002 T004 D002 D001 BoundaryIFP=33 ILF 12 / 1 Employee Data EIF 3 / 1 Active Directory EI 13 / 1 Add Employee EQ 12 / 2 View Employees EI 13 / 1 Merge Employees EO 12 / 2 Weekly Report EI 13 / 1 Update Employee EI 2 / 2 Terminate Employee • The VIM: ISO/IEC Guide 99:2007, 2007. International Vocabulary of Metrology – Basic and general concepts and associated terms (VIM). • The GUM: ISO/IEC CD Guide 98-3, 2015. Evaluation of measurement data - Part 3: Guide to Uncertainty in Measurement (GUM) Page 9 Thursday, 9 November 2917 © Euro Project Office AG, 2017 Dr. Thomas Fehlmann
10.
The COSMIC Model
of Software (ISO/IEC 19761) ▪ Functional Processes ▪ Devices & Applications ▪ Entry and eXit ▪ Persistent Data ▪ Read and Write ▪ Data Movement ▪ Moves Data Groups ▪ Trigger triggers a functional process Software Boundary Functional Process Persistent Data Trigger Entry Entry eXit eXit Write Read Device User Application User | METRICS FOR PRIVACY & SAFETY IN CONTRACTS ISO/IEC 19761 COSMIC describes a significantly more complicated model. The principles behind COSMIC are: • The Functional User Requirements (FUR) generate Functional Processes. A functional process is “an elementary component of a set of FUR comprising a unique cohesive and independently executable set of data movements. It is triggered by one or more triggering events… it is complete when it has executed all that is required to be done in response to the triggering event” (COSMIC Measurement Practices Committee, 2014). Triggering events occur outside the software boundary. • Software manipulates pieces of information, designated as data groups, which consist of data attributes. Figure 6-6 depicts the data group flow. • Functional processes involve sub-processes, concerned with movement – Entries (E), eXits (X), Reads (R), and Writes (W) – and transformations of data groups. • The functional size of a functional process is directly proportional to its number of data movements. • The functional size of an application is the sum of the sizes of its functional processes. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 10
11.
The COSMIC Model
– Data Movement Map ▪ Data Movement Map ▪ One object per functional process ▪ It has six Functional Processes ▪ Add Employee ▪ Update Employee ▪ Merge Employees ▪ View Employee ▪ Weekly Report ▪ Terminate Employee ▪ 31 Data Movements yields 29 CFP ▪ Some data movements move identical data groups | METRICS FOR PRIVACY & SAFETY IN CONTRACTS 9 Entry (E) + 11 eXit (X) + 5 Read (R) + 4 Write (W) = 29 CFP HR User Add New Employee Update Employee Merge Employees View Employee Weekly Report Terminate Employee Employee Database Active Directory 1.// Add Employee Add 2.// Get Employee ID 3.// Write Employee Data 4.// Show Employee ID 5.// Confirm Transaction 6.// Update Employee Update 7.// Read Employee Data 8.// Write Employee Data 9.// Confirm Update 10.// Select Employee 1 Merge 11.// Read Data for Employee 1 12.// Select Employee 2 13.// Read Data for Employee 2 14.// Show Data for Merge 15.// Select Data to Merge 16.// Consolidate Merge 17.// Confirm Merge 18.// Request Employee Data View 19.// Get Employee Data 20.// Read Access Rights 21.// Show Employee Data 22.// Confirm Data Retrieval 23.// End of Week End of Week 24.// Get Data for Weekly Report 25.// Read Access Rights 26.// Weekly Report 27.// Confirm Report 28.// Terminate Employee Terminate 29.// Block IT Access 30.// Terminate Employment 31.// Confirm Termination A Data Movement Map resembles an UML Sequence Diagram – and almost is one. Missing are • Option combination fragments (combined fragments in UML 2.0) • Optional return messages (if data is moved, they aren’t optional in COSMIC) • Sending messages to itself – used in UML sequence diagrams to draw attention to the fact that the object’s life line is a functional process indeed. In fact, an UML sequence diagram isn’t quite a COSMIC count in itself – functional processes need being identified among the UML objects, and persistent stores and devices as well. However, data movement maps are sufficiently close for allowing a rapid COSMIC count even without all the details needed for validating the count. A data movement map depicts the objects and classes involved in the UML scenario and the sequence of messages exchanged between the objects needed to carry out the functionality of the scenario. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 11
12.
Visualizing Software Testing ▪
Tester sees selected sequences in the Data Movement Map ▪ Tester can “walk” the data movements when planning or executing tests ▪ Makes functionality visible to the development team ▪ Localizes defects that impact functionality ▪ Supports communication between testers, users, and developers Functional Process Other Application Some Device 8.// Move some data 9.// Move some data 10.// Move some data 11.// Move some data Other Device | METRICS FOR PRIVACY & SAFETY IN CONTRACTS The basic interface is the Data Movement Map. Although Data Movement Maps can become large, you should use a tool that allows focusing on a selection of data movements only. Here only four objects of interest are displayed and only four out of 23 data movements. The tester should be able to step through an App by halting execution when “visiting” an object of interest, e.g., before executing a functional process. This can be achieved by test stubs inserted in the code and connected to the sequence diagram shown on the SharePoint site. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 12
13.
Functionality, Defect Size,
and Defect Density ▪ What happens if data movements don’t work as expected, have defects instead? ▪ Testers mark and count data movements where defects have been detected ▪ One Size Metric: ▪ ISO/IEC 19761 COSMIC Functional Process Other Application Some Device 8.// Move some data Move some data 10.// Move some data 11.// Move some data Other Device Test Size = 4 Defect Count = 1 | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Functional Size Number of Data Movements needed to implement required functionality Test Story Collection of Test Cases aiming at certain functionality Test Size Number of Data Movements executed in Tests Defect Count Number of Data Movements affected by some defect detected in a Test Story When a defect has been identified, the respective data movement can be visually marked, e.g., by being blocked by a bug. However, such a defect might exist only under defined test data conditions. If test management confirms the existence of such a defect, it is possible to block that data movement for this particular test data or environment. Now we can define Test Size and Defect Density based on the ISO/IEC 19761 COSMIC international standard, now available in version 4.0.2 Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 13
14.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 14
15.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts Privacy Metrics | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 15
16.
Current Approach in
Assessing Security ▪ The Center for Internet Security (CIS) presents the CIS Controls for Effective Cyber Defense Version 6.0, a recommended set of actions that provide specific and actionable ways to stop today's most pervasive and dangerous cyber attacks ▪ The CIS Security Benchmarks program provides well-defined, un-biased and consensus-based industry best practices to help organizations assess and improve their security ▪ https://www.cisecurity.org | METRICS FOR PRIVACY & SAFETY IN CONTRACTS For security, today’s most popular approaches still protect the system as a whole – trying to block access to the system rather than protecting its components. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 16
17.
Critique at Current
Approaches to Security ▪ This is not software security but system security ▪ Assessment concerns a system as a whole ▪ Cyber defense must start at the component level ▪ Where is the system as a whole in the Web of Things? ▪ The Web of Things changes equally fast as requirements in agile software development The Traditional Approach | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Security today must look at components and data movements – for instance, to recognize patterns in data access. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 17
18.
How to Measure
Privacy for Software? ▪ Privacy Value ▪ Value = 0: No privacy. It’s public. ▪ Value = 1: Disclosure is inconvenient ▪ Value = 2: Disclosure can be harmful ▪ Value = 3: Disclosure costs money ▪ Value = 4: Disclosure makes guilty ▪ Value = 5: Disclosure threatens lives ▪ Public Exposure ▪ Value = 0: No encryption. It’s public. ▪ Value = 1: Weak encryption ▪ Value = 2: Strong encryption ▪ Value = 3: Two-way encryption ▪ Value = 4: Data never leaves system ▪ Value = 5: Computer-internal data ▪ The principle for Each Model Element is Privacy Protection = Privacy Value * Public Exposure | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Measuring Privacy is basically the product of privacy value for the user times the degree of public exposure. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 18
19.
𝑃𝑟𝑖𝑣𝑎𝑐𝑦 𝐼𝑛𝑑𝑒𝑥 = 𝑃𝑟𝑖𝑣𝑎𝑐𝑦
∗ 𝐸𝑥𝑝𝑜𝑠𝑢𝑟𝑒 + 1 − 1 26 − 1 ∗ 5 The Privacy Index ▪ The product Privacy Value * Public Exposure is in the range 0 to 25 ▪ Privacy Index is range 0 ⋯ 5 ▪ Five 5 is the index for maximum privacy ▪ Zero 0 privacy means public data ▪ The Privacy Index range is on a polynomial scale between zero and five Zero = No Privacy All is open Five = Full Privacy Protection 0 . . . . 5 | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Full privacy means that the system does not communicate with the exterior. Zero privacy is fully open. Ranges above a privacy index of 1 typically deal with confidential data. Puuh! A complicated formula, not very useful in contracts… go next slide, fast! Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 19
20.
The Privacy Index ▪
For contract purposes, use a graphical representation | METRICS FOR PRIVACY & SAFETY IN CONTRACTS 4 3 2 1 0 5 Privacy Protection ImpactonPrivacy Data Movement Low Privacy Index Medium Privacy Index High Privacy Index Major Privacy Index No Privacy Needed 1235 4 0 0.9 Index 0.9: W004Terminate Employment Index 1.2: X009 Confirm Report Index 1.5: R001 Get Employee ID, +8 Index 1.8: X011 Confirm Termination, +1 Index 2.0: X007 Confirm Data Retrieval 1.5 1.21.5 4.4 2.0 Index 2.4: E001 Add Employee , +11 Index 3.2: X005 Confirm Merge Index 4.4: R002 Read Employee Data, +12.43.2 Use a graphical notation to explain the privacy index to managers. Low privacy indices, in red, are positioned in the upper right (where the high risks are in FMEA), then the data movements move down the scale yellow – blue – green. You can use this privacy index representation to get agreement on privacy level with your customer, and use it in the contract. The overall software has a “High Privacy Index” of 2.4. This is mean of all privacy indices for data movements. Major privacy would possibly be reserved for financial privacy protection. Here, termination of an employee is something that cannot kept totally private, as not only family members, but also tax authorities and probably banks must know. If both impact on privacy and privacy protection are zero, then there is no privacy needed and thus no graphical representation. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 20
21.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 21
22.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts Safety Metrics | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 22
23.
Safety for Software ▪
Software impacts physical world ▪ Level 1: Low – break ▪ Level 3: Medium ▪ Level 5: High – crash ▪ Probability Levels ▪ Less likely on motorways ▪ Highly probably in villages and urban areas | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Safety is another upcoming concern for software measurement. As more and more things communicate and act together, safety hazards no longer depend from hardware failure. Software failure is already more important. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 23
24.
Measure Safety Risk ▪
Impact through actuators ▪ Steering Wheel in Autonomous Cars ▪ Closed Door at Smart Homes ▪ Indicated by an index 1 ⋯ 5 ▪ Other classical software risks remain: ▪ Causing losses for business The principle for Each Model Element is Safety = Probability * Impact 0 . . . . 5 | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Zero = All Safe! Highly unlikely Five = Danger! Safe Our Souls! The principles for measuring safety is known from risk management – although impact is no longer financial impact only. It still is, but other kind of impact might also play a role. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 24
25.
What means Safety
for Software? ▪ Impact Levels ▪ Level 1: Low ▪ Level 3: Medium ▪ Level 5: High ▪ Probability Levels ▪ By percentages 1 2 3 4 5 Probability ImpactonSafety Data Movement Major Safety Risk High Safety Risk Medium Safety Risk Low Safety Risk Risk Incurred/ Feature 100%80%60%20% 40%0% 3.2 Index 3.2: E010 Terminate Employee 2.0 Index.2.0: X010 Block IT Access Index 1.2: W004Terminate Employment 0.6 Index 0.8: X011 Confirm Termination Index 0.6: X008 Weekly Report, +24 | METRICS FOR PRIVACY & SAFETY IN CONTRACTS 0.8 1.2 Representing Privacy Impacts looks similar to classical risk assessment and mitigation methods, but addresses now different things and – most important – it is not constrained to a closed software system. You can also blow up bubbles if two or more data movements produce identical safety risks. Total safety index for this employee database is again the mean risk exposure of 0.2; maximum risk is 3.2, in case an employee reacts upon termination with panic. The risk representation is taken from classical risk management, for instance used in automotive when assessing an FMEA. If probability is 100%, the risk incurred is no longer a risk but a feature. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 25
26.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 26
27.
Agenda Test Metrics Privacy Metrics Safety
Metrics Metrics in Contracts Metrics in Contracts | METRICS FOR PRIVACY & SAFETY IN CONTRACTS • The Vision • Testing the IoT • Truck Platooning • Real-Time Testing Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 27
28.
Privacy of Data
Movements ▪ How private is a Data Movement? ▪ Can it be intercepted? ▪ Not really if machine-internal ▪ Quite easy if HTTPS ▪ Less easy with two-way authentication ▪ Most difficult with private key encryption ▪ ISO/IEC 19761 COSMIC provides a model for measuring privacy that is well suited for distributed systems such as an IoT Concert, Embedded Systems, or Mobile Apps Software Boundary Functional Process Persistent Data Trigger Entry Entry eXit eXit Write Read Device User Application User | METRICS FOR PRIVACY & SAFETY IN CONTRACTS It makes sense and is relatively easy to measure security components-wise in a software model. Both models are utterly useful but measure different aspects of safety and privacy. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 28
29.
Name Label Data
Movement Sub-Process Description 1) E001 Add Employee Enter new employee data 2) R001 Get Employee ID Unique ID for employee identification 3) W001 Write Employee Data Store in database 4) X001 Show Employee ID Confirm new employee added 5) X002 Confirm Transaction Confirmation or error message Data Movements 23) E008 End of Week Timing Signal 24) R006 Get Data for Weekly Report Select employee data that changed during past week 25) E009 Read Access Rights Get external IT access rights 26) X008 Weekly Report All data including termination records 27) X009 Confirm Report Weekly report done 28) E010 Terminate Employee Enter termination control flag 29) X010 Block IT Access Block access to IT 30) W004 Terminate Employment Update an employee record 31) X011 Confirm Termination Confirmation or error message Add Row Ins Row Del Row Validate Extract SNAP 1.22 Effectwhen PrivateDatais Disclosed Privacy Protection Level Privacy Probability Impacton Safety Safety 4: Makes guilty 2: Strong 2.4 10% 2: Little 0.2 4: Makes guilty 1: Weak 1.5 5% 2: Little 0.1 4: Makes guilty 2: Strong 2.4 10% 2: Little 0.2 4: Makes guilty 1: Weak 1.5 5% 2: Little 0.1 4: Makes guilty 2: Strong 2.4 10% 2: Little 0.2 4: Makes guilty 1: Weak 1.5 10% 2: Little 0.2 4: Makes guilty 1: Weak 1.5 20% 2: Little 0.4 4: Makes guilty 1: Weak 1.5 5% 4: Quite 0.2 2: Harmful 3: Two-way 2.0 20% 3: Medium 0.6 1: Inconvenient 3: Two-way 1.2 10% 3: Medium 0.3 1: Inconvenient 4: Enclosed 1.5 80% 4: Quite 3.2 1: Inconvenient 5: Internal 1.8 50% 4: Quite 2.0 1: Inconvenient 2: Strong 0.9 30% 4: Quite 1.2 1: Inconvenient 5: Internal 1.8 40% 2: Little 0.8 2.4 0.2 0.9 3.2 Safety Index: Minimum Privacy: Maximum Risk: Privacy Index: Assessing Privacy & Safety | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Assessing Implementation Assessing the Model This is the detail view on a COSMIC model, showing the degree of privacy protection for each data movement. Note that the left side of the privacy and of the security assessment refer to the model; the right side refers to implementation. Page 29 Thursday, 9 November 2917 © Euro Project Office AG, 2017 Dr. Thomas Fehlmann
30.
Privacy of Data
Functions & Transactions ▪ How private is Data / are Transactions? ▪ Can it be accessed? ▪ Not really if machine-internal ▪ Quite easy with password ▪ Less easy with two-way authentication ▪ Most difficult with private key encryption ▪ ISO/IEC 20926 IFPUG provides a model for measuring privacy that is well suited for web pages and transactional systems | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Software Boundary ILF User EIF EI EO EQ It makes sense and is relatively easy to measure security components-wise in a software model. Both models are utterly useful but measure different aspects of safety and privacy. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 30
31.
Assessing Privacy &
Safety | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Name Label Description of Elementary Data Function ILF EIF Type 1) D001 Employee Data A persistent logical entity maintained by the application 1) ILF 2) D002 Active Directory The active directory provides the unique username and the account list where he or she has access1) EIF 1 EIF: 1 Elementary Data Functions ILF:Add Row Ins Row Del Row Validate Extract SNAP 1.22 Effectwhen PrivateDatais Disclosed Exposureto Privacy Violation Privacy Probability Impacton Safety Safety 4: Makes guilty 2: Strong 2.4 3: Costs money 3: Two-way 2.6 5% 1: Low 0.1 SNAP 2.4 0.2 0.9 3.2 Privacy Index: Safety Index: Minimum Privacy: Maximum Risk: Name Label Description of Elementary Transaction Type 1) T001 Add Employee Primary intent is to maintain data in the ILF EI 2) T002 View Employees Primary intent is to present data to the user, data is retrieved both from an ILF and an EIF, and there are none of the following involved: calculations, derived data, ILF update or alteration of systemEQ 3) T003 Merge Employees Primary intent is to maintain data in the ILF EI 4) T004 Weekly Report Show total employment status with liabilities by the salaries EO 5) T005 Update Employee Primary intent is to maintain data in the ILF EI 6) T006 Terminate Employee Stops access to the IT and terminates employment EI EI: 4 EO: 1 EQ: 1 Elementary Transactions Add Row Ins Row Del Row More FTR Validate Extract SNAP 1.22 Effectwhen PrivateDatais Disclosed Exposureto Privacy Violation Privacy Probability Impacton Safety Safety 4: Makes guilty 2: Strong 2.4 10% 2: Little 0.2 4: Makes guilty 4: Enclosed 3.8 10% 3: Medium 0.3 4: Makes guilty 2: Strong 2.4 20% 1: Low 0.2 4: Makes guilty 3: Two-way 3.2 10% 4: Quite 0.4 4: Makes guilty 2: Strong 2.4 10% 2: Little 0.2 1: Inconvenient 2: Strong 0.9 80% 4: Quite 3.2 2.4 0.2 0.9 3.2 21 Maximum Risk: Privacy Index: Minimum Privacy: Safety Index: This is the detail view on an IFPUG model, showing the degree of privacy protection for each data function, and each transaction identified in the model. Note again that the left side of the privacy and of the security assessment refer to the model; the right side refers to implementation. Page 31 Thursday, 9 November 2917 © Euro Project Office AG, 2017 Dr. Thomas Fehlmann
32.
Metrics for Software
Contracts ▪ Functional Size ▪ COSMIC ▪ IFPUG, NESMA ▪ … ▪ Test Size ▪ Test Intensity ▪ Acceptable Defect Density ▪ Privacy Index & Minimum Privacy ▪ For Data Movements ▪ For Data Functions & Transactions ▪ Security Index & Maximum Risk ▪ For Data Movements ▪ For Data Functions & Transactions | METRICS FOR PRIVACY & SAFETY IN CONTRACTS The recommended way is always to agree on both data movement protection and elementary data functions and transaction protection. However, you can select what is more relevant. Since the COSMIC model is easy to build automatically from code, test size should also be specified and thresholds agreed. Older software contracts might not belong to the 21st century. Page 32 Thursday, 9 November 2917 © Euro Project Office AG, 2017 Dr. Thomas Fehlmann
33.
Metrics for System
Contracts ▪ Hardware Vulnerability ▪ Software might destroy itself when Hardware is compromised ▪ Functional Size ▪ COSMIC ▪ IFPUG, NESMA ▪ Test Size ▪ Test Intensity ▪ Acceptable Defect Density ▪ Privacy Index & Minimum Privacy ▪ For Data Movements ▪ For Data Functions & Transactions ▪ Security Index & Maximum Risk ▪ For Data Movements ▪ For Data Functions & Transactions | METRICS FOR PRIVACY & SAFETY IN CONTRACTS System contracts must specify additionally how to protect physically parts of the system, especially those containing or presenting confidential data. Page 33 Thursday, 9 November 2917 © Euro Project Office AG, 2017 Dr. Thomas Fehlmann
34.
Conclusions ▪ Contracts for
safety-critical software must specify how well we protect privacy and how safe the software behaves ▪ Based on a functional size model ▪ Contracts without specifying test metrics are dangerous and bound to later arbitration ▪ Currently, test metrics work with ISO/IEC 19761 COSMIC only ▪ Make ISO/IEC 20926 & 24570 compliant with the VIM and the GUM ▪ Consumers need such test metrics, privacy and safety metrics when purchasing software or autonomous systems | METRICS FOR PRIVACY & SAFETY IN CONTRACTS Software Metrics for Privacy and Safety are the future of Software Metrics organizations – it’s high time to agree on an international standard and promote it through consumer protection channels. IFPUG and NESMA must make their counting rules compliant to the VIM and the GUM. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 34
35.
Logos Press Berlin 2016 Questions? |
METRICS FOR PRIVACY & SAFETY IN CONTRACTS The speaker has published quite a bit on the subject together with Eberhard Kranich in Duisburg – e.g., in QFD symposia, at SW metrics conferences like IWSM / Mensura; also at Lean Six Sigma Conference in Glasgow, Strathclyde and Zurich. Managing Complexity appeared 2016 in Logos Press, Berlin: http://www.logos-Verlag.de/cgi-bin/buch?isbn=4406 Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 35
36.
| METRICS FOR
PRIVACY & SAFETY IN CONTRACTS New Book on Six Sigma Transfer Functions The rise of Information and Communication Technology (ICT) in the second half of the 20th century became the dominant force in economics. Its rise accelerates in the first 15 years of this century at an astonishing speed. The world of ICT right now is in the process of cosmic inflation. In the early universe, quantum fluctuations in a microscopic inflationary agile region became the seed for growing structures in the universe of galactic nebula, galaxies and stars, making the universe transparent. This phenomenon, familiar to physicist and cosmologists, happens right now to ICT. The current observation is that “things” of the physical world become intelligent, receive IP addresses and connect to the Internet. The possibilities to create new ICT-based products seem unlimited; however, sponsors must fuel the inflation. Complexity was already an issue when developing software in the early days of ICT. Software development is often done in projects that turn out to be exploratory in the sense that they aim at translating human voices, uttering requirements, into a machine- readable language. Requirements for the software to be build are usually not known at the beginning; the project must uncover them. Developing software without knowing the outcome in advance is a complex undertaking. Predicting the outcome of software projects by proven methods of civil engineering did not work out well. Now, new levels of complexity arise with ICT. Agile approaches are appropriate for software development; however, predicting the outcome of projects still is difficult. New techniques must manage the growing levels of complexity within ICT. Fortunately, mathematics has provided these new techniques. They rely on transfer functions and Eigenwert theory. Its usefulness already has been proven in major search engines of this century. However, this is not the end of the story. This book makes the mathematics of Lean Six Sigma transfer functions available to ICT practitioners. It provides the basic theory, explained with many examples, and even more suggestions, how Six Sigma Transfer Functions help with complex problems. Dr. Thomas Fehlmann Thursday, 9 November 2917 © Euro Project Office AG, 2017 Page 36
Download now