


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Material Type: Exam; Class: Software Engineering; Subject: Computer Science; University: University of Maryland; Term: Spring 2005;
Typology: Exams
1 / 4
This page cannot be seen from the preview
Don't miss anything!



Answer all questions in the space following each question.
1 [7]. Security a. What are the CIA attributes of security?
Confidentiality, Integrity, Availability
b. The 4 properties to ensure security are authentication, authorization, data integrity and privacy. Define the role of each.
Authentication – You are who you say you are.
Authorization – You have the rights to do what you want to do
Data integrity- Data cannot be changed without your knowledge
Privacy- Data cannot be seen by others without your knowledge.
2 [10]. For each statement below, tell whether it is a good requirement or not and why.
a. The system shall be easy to use.
No - What is “easy?”
b. The system shall respond in less than 2 seconds with the answer.
Yes – Explicit requirement which can be tested.
c. The system may handle files of up to 2 MB in size.
No – “May” is optional so not really a requirement.
d. The system shall conform to all requirements of IEEE standard 854.
Yes – Assuming IEEE 854 is an explicit set of requirements.
e. The system shall operate on all web browsers.
No – “All” is too vague here.
a. (High, Low) High cohesion is preferred. Why?
Want operations in a module to be interrelated.
b. (High, Low) ____Low___ coupling is preferred. Why?
Minimize interactions between modules allows for easy changes.
c. What is glue code?
Code to allow premade packages (e.g., COTS tools) to be embedded within another system.
d. RMA attributes are sometimes used as the name for dependability. What does RMA stand for?
Reliability, Maintainability, Availability.
e. Why is dependability considered a non-functional requirement?
It’s a property of a system, not an explicit function, such as safety, security, reliability.
f. Give another dependability attribute, besides the RMA ones, and why is it also non-functional?
Security – No explicit in-out relationship. System has to implement the CIA attributes of question 1. Also safety, usability, almost any other”…ililty.”
g. Eclipse is a (framework, reference model, architecture) framework and why?
It is a system that runs that allows other tools to be plugged into it.
h. The ECMA “toaster” model is a (framework, reference model, architecture) _reference model and why?
It defines the areas where standards are needed to define the interfaces between tools and the environment framework.
i. The Rayleigh curve is a theoretical curve useful to model what attribute of a project?
Cost (or effort) on a project as a function of time.
j. What are the differences between an error, a fault, and a failure?
Failure – Observed misbehavior of a system. Fault – Place in code that causes failure. Error – Place in code that is incorrect. (Not necessarily the fault.)
Risk – Cost is low grade and probability is between 0 and 100 that you may fail, but not guaranteed. You may remember enough to pass.
No risk. You will get wet.
No risk. Loss in minimal.
Risk – Probability of not arriving on time and getting a low grade is between 0 and 100 per cent.
a. What are the significant differences between a spiral life cycle and a waterfall life cycle?
Waterfall is artifact based. Do requirements document, then move on to design, … Spiral model is really similar but emphasizes risk assessment and evaluation at each stage, not just the completion of a document or a review.
b. How does the V process model differ from the waterfall model?
Only in display. Both have the same stages, only the V model matches coding with design as its validation, integration testing with specification, and acceptance testing with requirements.
c. Give an example of both an upstream and a downstream process.
Upstream – pre-code: requirements, specification, design Downstream – code, testing, or any specific type of process such as code inspections.
d. What are the differences between the specification process and the requirements process?
Requirements are what the user wants and is a contract between the user and the development. Specifications are what the computer will do and are a “contract” between the developers and the computer.
6 [5]. What would be the implications if the application program interface (API) in Microsoft’s Windows XP operating system were converted into an IEEE standard? (Write as much or as little as you think necessary to answer this.)
7 [12]. You want to develop a web-based application. The user types in name and email address and a word into a local client, and the server application looks up the word in a database and sends the contents of that database entry as an email message back to the user.
Model the client, server, and database application as a message sequence chart. Include as many error conditions as you can.
(Explain any other requirements you have to assume if they are not explained here.)