Course Content

Other Courses

Tribhuvan university > CSIT - 2065 Syllabus > Software Engineering > Old Questions > 2068

Software Engineering - Old Questions

Syllabus Notes Old Questions Unit Wise Questions Question Bank

12. Write short notes on (any two):

        a. Data Flow Models

        b. COCOMO model

        c. Security assessment

6 marks | Asked in 2068

a. Data Flow Models

A data flow model is diagramatic representation of the flow and exchange of information within a system. Data flow models are used to graphically represent the flow of data in an information system by describing the processes involved in transferring data from input to file storage and reports generation. A data flow model may also be known as a data flow diagram (DFD).

Data flow modeling can be used to identify a variety of different things, such as:

  • Information that is received from or sent to other individuals, organizations, or other computer systems.
  • Areas within a system where information is stored and the flows of information within the system are being modeled.
  • The processes of a system that act upon information received and produce the resulting outputs.

b. COCOMO model

The COCOMO (Constructive Cost Model) is one of the most popularly used software cost estimation models i.e. it estimates or predicts the effort required for the project, total project cost and scheduled time for the project. This model depends on the number of lines of code for software product development. COCOMO model has three types:

1. The Basic COCOMO

2. The Intermediate COCOMO

3. The Detailed COCOMO


c. Security assessment

Security assessment is a measurement of the security posture of a system or organization. The security posture is the way information security is implemented. Security assessments are risk-based assessments, due to their focus on vulnerabilities and impact.

The assessment of system security is increasingly important as more and more critical systems are Internet-enabled and so can be accessed by anyone with a network connection. There are daily stories of attacks on web-based systems, and viruses and worms are regularly distributed using Internet protocols. The verification and validation processes for web-based systems must focus on security assessment, where the ability of the system to resist different types of attack is tested.