Understanding factors and practices of software security and performance verification

Detalhes bibliográficos
Autor(a) principal: Ribeiro, Victor Vidigal
Data de Publicação: 2019
Tipo de documento: Tese
Idioma: eng
Título da fonte: Repositório Institucional da UFRJ
Texto Completo: http://hdl.handle.net/11422/14050
Resumo: [EN] Software systems strongly support the daily activities of society. Thus, software failures can bring huge losses. Therefore, verification activities are essential and should evaluate not only the functionality of the software but also its properties represented by the non-functional requirements. Thus, this work proposes a body of knowledge containing the characterization of the most relevant non-functional requirements for software systems. Besides, the body of knowledge includes the testing approaches that can be used to verify these requirements. In particular, the work goes more in-depth into characterizing security and performance verification practices used by software development organizations and the factors that support decision-making related to these practices. Additionally, moderating factors of security and performance verification activities are presented, as well as actions to their promotion. The organization of this body of knowledge made use of structured literature reviews, case studies, rapid reviews, and surveys. Such investigation strategies enabled the generation of evidence-based results, which can support the software practitioners to improve their non-functional requirement verification practices and software researchers to identify research challenges in the area.
id UFRJ_bc86c316e11772dadde06dddd1a34bc2
oai_identifier_str oai:pantheon.ufrj.br:11422/14050
network_acronym_str UFRJ
network_name_str Repositório Institucional da UFRJ
repository_id_str
spelling Understanding factors and practices of software security and performance verificationCompreendendo práticas e fatores relacionados à verificação de segurança e performance de softwareVerificação de softwareVerificação de segurançaVerificação de desempenhoCNPQ::ENGENHARIAS[EN] Software systems strongly support the daily activities of society. Thus, software failures can bring huge losses. Therefore, verification activities are essential and should evaluate not only the functionality of the software but also its properties represented by the non-functional requirements. Thus, this work proposes a body of knowledge containing the characterization of the most relevant non-functional requirements for software systems. Besides, the body of knowledge includes the testing approaches that can be used to verify these requirements. In particular, the work goes more in-depth into characterizing security and performance verification practices used by software development organizations and the factors that support decision-making related to these practices. Additionally, moderating factors of security and performance verification activities are presented, as well as actions to their promotion. The organization of this body of knowledge made use of structured literature reviews, case studies, rapid reviews, and surveys. Such investigation strategies enabled the generation of evidence-based results, which can support the software practitioners to improve their non-functional requirement verification practices and software researchers to identify research challenges in the area.[PT] As atividades diárias da sociedade são fortemente apoiadas por sistemas de software. Assim, falhas de software podem trazer grandes perdas. Por isso, as atividades de verificação são essenciais e devem avaliar as funcionalidades do software e também as propriedades representadas pelos requisitos não-funcionais. Desta forma, esse trabalho torna disponível um corpo de conhecimento contendo a caracterização dos requisitos não-funcionais mais relevantes para os sistemas de software e as abordagens de teste que podem ser utilizadas para avaliar esses requisitos. Particularmente, o trabalho aprofunda-se na caracterização das práticas de verificação de segurança e desempenho utilizadas por organizações de desenvolvimento de software e os fatores que apoiam as tomadas de decisão relacionadas à essas práticas. Adicionalmente, são apresentados fatores moderadores das atividades de verificação de segurança e desempenho bem como ações que podem ser realizadas para promovê-los. A organização desse corpo de conhecimento fez uso de revisões estruturadas da literatura, estudos de caso, rapid reviews e survey, os quais permitiram gerar resultados baseados em evidência que podem ser utilizados com mais confiança pela indústria para aprimorar suas práticas de verificação de requisitos não-funcionais e pela academia para identificação de desafios de pesquisas na área.Universidade Federal do Rio de JaneiroBrasilInstituto Alberto Luiz Coimbra de Pós-Graduação e Pesquisa de EngenhariaPrograma de Pós-Graduação em Engenharia de Sistemas e ComputaçãoUFRJTravassos, Guilherme Hortahttp://lattes.cnpq.br/7541486051032916http://lattes.cnpq.br/5208608664907557Cruzes, Daniela SoaresWerner, Claudia Maria LimaOliveira, Toacy Cavalcante deKalinowski, MarcosMachado, Raphael Carlos SantosRibeiro, Victor Vidigal2021-04-05T02:23:08Z2023-12-21T03:07:33Z2019-09info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/doctoralThesishttp://hdl.handle.net/11422/14050enginfo:eu-repo/semantics/openAccessreponame:Repositório Institucional da UFRJinstname:Universidade Federal do Rio de Janeiro (UFRJ)instacron:UFRJ2023-12-21T03:07:33Zoai:pantheon.ufrj.br:11422/14050Repositório InstitucionalPUBhttp://www.pantheon.ufrj.br/oai/requestpantheon@sibi.ufrj.bropendoar:2023-12-21T03:07:33Repositório Institucional da UFRJ - Universidade Federal do Rio de Janeiro (UFRJ)false
dc.title.none.fl_str_mv Understanding factors and practices of software security and performance verification
Compreendendo práticas e fatores relacionados à verificação de segurança e performance de software
title Understanding factors and practices of software security and performance verification
spellingShingle Understanding factors and practices of software security and performance verification
Ribeiro, Victor Vidigal
Verificação de software
Verificação de segurança
Verificação de desempenho
CNPQ::ENGENHARIAS
title_short Understanding factors and practices of software security and performance verification
title_full Understanding factors and practices of software security and performance verification
title_fullStr Understanding factors and practices of software security and performance verification
title_full_unstemmed Understanding factors and practices of software security and performance verification
title_sort Understanding factors and practices of software security and performance verification
author Ribeiro, Victor Vidigal
author_facet Ribeiro, Victor Vidigal
author_role author
dc.contributor.none.fl_str_mv Travassos, Guilherme Horta
http://lattes.cnpq.br/7541486051032916
http://lattes.cnpq.br/5208608664907557
Cruzes, Daniela Soares
Werner, Claudia Maria Lima
Oliveira, Toacy Cavalcante de
Kalinowski, Marcos
Machado, Raphael Carlos Santos
dc.contributor.author.fl_str_mv Ribeiro, Victor Vidigal
dc.subject.por.fl_str_mv Verificação de software
Verificação de segurança
Verificação de desempenho
CNPQ::ENGENHARIAS
topic Verificação de software
Verificação de segurança
Verificação de desempenho
CNPQ::ENGENHARIAS
description [EN] Software systems strongly support the daily activities of society. Thus, software failures can bring huge losses. Therefore, verification activities are essential and should evaluate not only the functionality of the software but also its properties represented by the non-functional requirements. Thus, this work proposes a body of knowledge containing the characterization of the most relevant non-functional requirements for software systems. Besides, the body of knowledge includes the testing approaches that can be used to verify these requirements. In particular, the work goes more in-depth into characterizing security and performance verification practices used by software development organizations and the factors that support decision-making related to these practices. Additionally, moderating factors of security and performance verification activities are presented, as well as actions to their promotion. The organization of this body of knowledge made use of structured literature reviews, case studies, rapid reviews, and surveys. Such investigation strategies enabled the generation of evidence-based results, which can support the software practitioners to improve their non-functional requirement verification practices and software researchers to identify research challenges in the area.
publishDate 2019
dc.date.none.fl_str_mv 2019-09
2021-04-05T02:23:08Z
2023-12-21T03:07:33Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/doctoralThesis
format doctoralThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/11422/14050
url http://hdl.handle.net/11422/14050
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.publisher.none.fl_str_mv Universidade Federal do Rio de Janeiro
Brasil
Instituto Alberto Luiz Coimbra de Pós-Graduação e Pesquisa de Engenharia
Programa de Pós-Graduação em Engenharia de Sistemas e Computação
UFRJ
publisher.none.fl_str_mv Universidade Federal do Rio de Janeiro
Brasil
Instituto Alberto Luiz Coimbra de Pós-Graduação e Pesquisa de Engenharia
Programa de Pós-Graduação em Engenharia de Sistemas e Computação
UFRJ
dc.source.none.fl_str_mv reponame:Repositório Institucional da UFRJ
instname:Universidade Federal do Rio de Janeiro (UFRJ)
instacron:UFRJ
instname_str Universidade Federal do Rio de Janeiro (UFRJ)
instacron_str UFRJ
institution UFRJ
reponame_str Repositório Institucional da UFRJ
collection Repositório Institucional da UFRJ
repository.name.fl_str_mv Repositório Institucional da UFRJ - Universidade Federal do Rio de Janeiro (UFRJ)
repository.mail.fl_str_mv pantheon@sibi.ufrj.br
_version_ 1815456013978959872

Registros relacionados