A Common Criteria Based Approach for COTS Component Selection
نویسنده
چکیده
Component-based software engineering (CBSE) endeavors to enable software developers to develop quality software systems with less time and resources than traditional development approaches. Software components must be identified and evaluated in order to determine if they provide required functionality for systems being developed. Consideration of security requirements for component selection is of interest. This research considers how the Common Criteria (CC), an internationally recognized standard for security requirements definition and security assessment of IT systems, can be applied towards the development of component-based systems. A CC-based COTS component selection process is proposed which integrates activities of the CC for security requirements specification and evaluation. Research questions are presented for the evalua tion of the process to establish its value for COTS component selection as well as to identify areas for improvement.
منابع مشابه
Towards an Approach for Security Risk Analysis in COTS Based Development
More and more companies tend to use secure products as COTS to develop their secure systems due to resource limitations. The security concerns add more complexity as well as potential risks to COTS selection process, and it is always a great challenge for developers to make the selection decisions. In this paper, we provide a method for security risk analysis in COTS based development (CBD) bas...
متن کاملChapter 53 Applying Social - Technical Approach for Cots Selection
Selecting Commercial-Off-The-Shelf (COTS) software components to fit requirements is still a problem because of the "black box" nature of COTS components and the rapid changes in marketplace. This paper describes the problems of COTS software evaluation and reviews existing frameworks to support COTS software evaluation and selection. Although a number of initiatives have been proposed to deal ...
متن کاملUse of COTS Software Components in Safety-Critical Applications – A Defensible Approach*
Current methods for the evaluation and selection of a Commercial-Off-The-Shelf (COTS) software component fail to address emergent system safety properties. This can lead to extreme difficulties in the certification of COTS-based safety-critical system development projects. In this paper, we propose a defensible approach to supporting successful use (i.e. evaluation & selection, integration, cer...
متن کاملAGNIESZKA KONYS ONTOLOGY-BASED APPROACH TO COTS COMPONENT SELECTION AND EVALUATION PROCESSES Summary
The process of COTS system selection is difficult due to the large number of existing COTS components on the marketplace. Moreover, a high level of complexity characterizes the process of knowledge acquisition about the available COTS systems. In this paper an approach for COTS selection is proposed. The application of ontology (the ontology for methodologies supporting COTS component selection...
متن کاملCOTS Product Selection for Safety-Critical Systems
There is an increasing interest in acquiring commercial-off-the-shelf (COTS) functionality for safety-critical applications. However, the selection of COTS products for such applications is still carried out in an ad hoc manner. This creates great difficulties for realistic cost and effort estimation, integration of the selected COTS product, and the certification of final COTS-based safetycrit...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Journal of Object Technology
دوره 4 شماره
صفحات -
تاریخ انتشار 2004