Building Systems from Commercial Components

Series
Addison-Wesley
Author
Kurt Wallnau / Scott Hissam / Robert C. Seacord  
Publisher
Addison-Wesley
Cover
Softcover
Edition
1
Language
English
Total pages
432
Pub.-date
July 2001
ISBN13
9780201700640
ISBN
0201700646
Related Titles


Product detail

Title no longer available

Description

Commercial software components can dramatically reduce the cost and time required to develop complex business-critical systems. However, integrating them offers stiff challenges that are not well understood by most software practitioners, and there have been many spectacular failures. Now, a team of authors from the Software Engineering Institute draws upon the lessons presented by both the failures and the successes, offering a start-to-finish methodology for integrating commercial components successfully. The authors examine failed integration projects, identifying key lessons and early warning signs, including the failure to account for loss of control over engineering design and production. Drawing upon both successes and failures, they present proven solutions for establishing requirements, evaluating components, creating flexible system designs that incorporate commercial components; and managing multiple concurrent design options linked to external market events and feasibility proofs. They also show how to build "just-in-time" competency with commercial components and integration.

Table of Contents



Preface.

I: FUNDAMENTALS.

1. Components Everywhere.

The Software Component Revolution.

Component Space.

Process, Method & Notation Assumptions.

Terminology and Acronyms.

Summary.

2. The Unfinished Revolution.

The First Software Crisis.

The Software Factory Regime.

The Second Software Crisis.

The Market Regime.

Le Procés c'est mort! Vive le Procés!

Summary.

For Further Reading.

Discussion Questions.

3. Engineering Design & Components.

Fundamental Ideas.

Impact of Software Components.

Designing With & For Components.

Summary.

Discussion Questions.

4. Requirements & Components.

Fundamental Ideas.

Traditional Requirements Engineering.

Component-Based Requirements Engineering.

Summary.

Discussion Questions.

5. Ensembles & Blackboards.

Fundamental Ideas.

The Ensemble Metamodel.

Modeling Ensembles with Blackboards.

Summary.

Discussion Questions.

6. Model Problems.

Fundamental Ideas.

The Role of Toys.

From Toy to Model Problem.

Finding the Right Model Problems.

Repair and Contingency.

Summary.

For Further Reading.

Discussion Questions.

7. Managing the Design Space.

Fundamental Ideas.

Ensembles, Blackboards, Relations.

Ensemble Management.

Component & Ensemble Composition.

Repository Structure.

Summary.

Discussion Questions.

8. Storing Competence.

Fundamental Ideas.

Packaging With Ensemble Handbooks.

Automation.

Summary.

Discussion Questions.

9. The Multi-Attribute Utility Technique.

Fundamental Ideas.

Evaluating Components with MAUT.

Summary.

For Further Reading.

Discussion Questions.

10. Risk-Misfit.

Fundamental Ideas.

Feature and Repair Analysis.

Component Selection.

Why Risk/Misfit?

Experiences with Risk/Misfit.

Summary.

For Further Reading.

Discussion Questions.

11. Black Box Visibility.

Fundamental Ideas.

Opportunities for Visibility.

Probing.

Snooping.

Spoofing.

Static Program Analysis.

Summary.

Discussion Questions.

II: CASE STUDY.

12. The DIRS Case Study.

Sources of Complexity in DIRS.

A False Start.

Regrouping: The "DeepWeb" Approach.

Implications of DeepWeb.

Commitments.

Deceptive Simplicity.

Summary.

For Further Reading.

Discussion Questions.

13. Applet Ensemble: The Opening.

Where are We?

Risk Analysis.

Model Problem.

Model Solutions.

Evaluation.

Summary.

Discussion Questions.

14. Public Key Infrastructure.

Fundamental Ideas.

Non-Repudiation.

Confidentiality.

Integrity.

Summary.

For Further Reading.

Discussion Questions.

15. A Certificate Odyssey.

Where are We?

Exploring Certificate Space.

Sustaining the Public Key Infrastructure.

Evaluation.

Summary.

Discussion Questions.

16. Applet Ensemble: The Middlegame.

Where are We?

Repair Analysis.

Risk Analysis.

Summary.

Discussion Questions.

17. Secure Applet Ensemble.

Where are We?

Model Problem.

Model Solutions.

For Further Reading.

Summary.

Discussion Questions.

18. Instrumented Model Problem.

Where are We?

Model Problem.

Model Solutions.

Evaluation.

Summary.

Discussion Questions.

19. Sorbet: A Custom Ensemble.

Where are We?

Model Problem.

Model Solution.

Evaluation.

Summary.

Discussion Questions.

20. Hardware Components.

Where are We?

Risk Analysis.

Realize Confidentiality Model Problem.

Realize Authorization Model problem.

Repair Analysis.

Summary.

Discussion Questions.

21. Into the Black Box.

Where are We?

Define Model Problem.

Model Solution.

Evaluation.

Summary.

Discussion Questions.

22. Applet Ensemble: The Endgame.

Where are We?

Repair Analysis.

Risk Analysis.

Summary.

Discussion Questions.

23. Secure Applet Ensemble Redux.

Model Problem.

Model Solution.

Evaluation.

Summary.

Discussion Questions.

24. Conclusion & Retrospective.

Multi-Attribute Evaluation.

Conclusion.

Retrospective.

Summary.

Discussion Questions.

III: ONWARD.

25. Getting Started.

Build a Competence Center.

Define Your Infrastructure.

Build an Enterprise Design Handbook.

Certify Designers and Lead Engineers.

Summary.

26. The Prophecies.
Bibliography.
Index.

Back Cover

There is a growing gap between the theory and the practice of component-based software design. The theory largely assumes that the design task is to develop specifications for software components; in reality, however, most component-based design relies on preexisting components, which have preexisting specifications. With more and more software being developed from commercially available components, it is increasingly critical to recognize the novel challenges and unfamiliar constraints inherent in such design. Describing a number of proven techniques, this book provides much-needed guidance on how to build component-based systems in a real working environment.

Building Systems from Commercial Components is divided into three parts:

  • Part I identifies the design challenges posed by commercial components, presents specific engineering techniques that meet those challenges, and describes workflows for incorporating those techniques into an existing development process.
  • Part II features an extended case study of a project from the authors' own experience, with each chapter illustrating the challenges posed by commercial components and the techniques used to meet those challenges.
  • Part III provides advice on how to get started using the techniques described in the book, and makes some predictions about the future course of component-based development.

This book is intended for anyone who practices, or wishes to practice, component-based software development. System architects, chief engineers, project managers, chief technology officers, and front-line software engineers and programmers will each find here something of immediate value. The authors, through their work at the Software Engineering Institute, are able to share a broad and practical understanding of both the problems you will face and the solutions you will require as you design component-based systems.



0201700646B06072001

Author

Kurt C. Wallnau is a senior technical staff member at the Software Engineering Institute (SEI). He was team lead for the SEI's commercial off-the-shelf (COTS)-based systems project, and now leads the predictable assembly from certifiable components project. He designed and taught the CMU/MSE course in component-based development methods, and has over 20 years experience in research and industry.

Scott A. Hissam is a senior technical staff member at the SEI and adjunct faculty member at the University of Pittsburgh. He has over 15 years of software development experience, including project leadership positions at Lockheed Martin and Bell Atlantic.

Robert Seacord began programming (professionally) for IBM in 1982 and has been programming in C since 1985, and in C++ since 1992. Robert is currently a Senior Vulnerability Analyst with the CERT/Coordination Center at the Software Engineering Institute (SEI). He is coauthor of Building Systems from Commercial Components (Addison-Wesley, 2002) and Modernizing Legacy Systems (Addison-Wesley, 2003). The CERT/CC, among other security-related activities, regularly analyzes software vulnerability reports and assesses the risk to the Internet and other critical infrastructure.