Software Engineering - Old Questions

12. Write short notes on (any two):

    a) Security assessment

    b) Expert judgment

    c) System and their environment

a) Security assessment

• Security assessment is a measurement of the security posture of a system or organization. The security posture is the way information security is implemented.
• Security assessments are risk-based assessments, due to their focus on vulnerabilities and impact.
• The assessment of system security is increasingly important as more and more critical systems are Internet-enabled and so can be accessed by anyone with a network connection.
• The verification and validation processes for web-based systems must focus on security assessment, where the ability of the system to resist different types of attack is tested.

 b) Expert judgment

It is a software cost estimation technique. In expert judgement technique, one or more experts in both software development and the application domain use their experience to estimate the software cost. The estimation process iterates until an agreed estimate is reached.

Advantages:

• Relatively cheap estimation method.
• Can be accurate if experts have direct experience of similar system.

Disadvantages:

• Very inaccurate if there are no experts.

c) System and their environment

A group of components which are interconnected and interact to fulfill certain objective is called a system. A system mainly consists of input, process, output and feedback.

        Fig: Block diagram of system

A system boundary is a line that separates the system from the system environment. A change occuring outside the system may affect the performance of the system. Such changes are said to occur in the system environment. Therefore the system environment means anything outside the system boundary that may affect the system.