E-Book, Englisch, 125 Seiten
Eloff / Bihina Bella Software Failure Investigation
1. Auflage 2018
ISBN: 978-3-319-61334-5
Verlag: Springer Nature Switzerland
Format: PDF
Kopierschutz: 1 - PDF Watermark
A Near-Miss Analysis Approach
E-Book, Englisch, 125 Seiten
ISBN: 978-3-319-61334-5
Verlag: Springer Nature Switzerland
Format: PDF
Kopierschutz: 1 - PDF Watermark
This book reviews existing operational software failure analysis techniques and proposes near-miss analysis as a novel, and new technique for investigating and preventing software failures. The authors provide details on how near-miss analysis techniques focus on the time-window before the software failure actually unfolds, so as to detect the high-risk conditions that can lead to a major failure. They detail how by alerting system users of an upcoming software failure, the detection of near misses provides an opportunity to collect at runtime failure-related data that is complete and relevant. They present a near-miss management systems (NMS) for detecting upcoming software failures, which can contribute significantly to the improvement of the accuracy of the software failure analysis. A prototype of the NMS is implemented and is discussed in the book. The authors give a practical hands-on approach towards doing software failure investigations by means of near-miss analysis that is of use to industry and academia
Professor Jan Eloff graduated in 1985 with a PhD in Computer Science. Up to June 2015 he was appointed as the Research Director for SAP Research in Africa and is currently appointed as Deputy Dean Research & Postgraduate studies: Faculty of Eng., Built Environment and IT (EBIT) and as a full professor in computer science at the University of Pretoria. From 2007 he is an associate-editor of the Computers & Security journal and an editorial member for the international Computer Fraud & Security bulletin published by Elsevier. He is an internationally recognised researcher and has published 113 peer reviewed papers with 3537 citations.
Dr. Madeleine Bihina Bella has over 10 years of industry experience with expertise in IT security and business analysis working in leading roles in a number of multinationals across various industries. She is also a part-time computer science lecturer. In 2015 she graduated with a PhD in Computer Science from the University of Pretoria specializing in the field of digital forensics. Her research focused on near-miss analysis as a novel technique to improve the forensic investigation of software failures. '. She received a number of awards for her doctoral research including the South African Women in Science Award, the Google Women Techmakers sholarship and the L'Oréal/UNESCO Regional Fellowship for Women in Science in Sub-Saharan Africa. She has published a number of journal and conference papers.
Autoren/Hrsg.
Weitere Infos & Material
1;Contents;6
2;Chapter 1: Introduction;9
2.1;1.1 Introduction: Software Failures and the Investigation Thereof;9
2.2;1.2 Objectives, Scope and Context of This Book;12
2.3;1.3 Main Terminology Used in This Book: Definitions;13
2.4;1.4 Layout of This Book: How to Use the Rest of the Book;13
3;Chapter 2: Software Failures: An Overview;15
3.1;2.1 Introduction;15
3.2;2.2 Overview of Software Failures;15
3.3;2.3 Overview of Major Software Failures;17
3.4;2.4 Software Failures According to Industry;27
3.5;2.5 Requirements for Accurate Software Failure Investigation;30
3.6;2.6 Conclusion;32
4;Chapter 3: Near-Miss Analysis: An Overview;33
4.1;3.1 Introduction;33
4.2;3.2 Background and Review on Near-Miss Analysis;35
4.3;3.3 Tools and Techniques Used in Near-Miss Analysis;36
4.4;3.4 Benefits of Near Miss-Analysis Over Failure Analysis;38
4.5;3.5 Benefits of Analysing Near Misses Instead of Earlier Precursors;39
4.6;3.6 Near-Miss Analysis Success Stories;40
4.7;3.7 Challenges to Near-Miss Analysis in the Software Industry;40
4.8;3.8 A Structured Approach Towards Applying Near-Miss Analysis for Software Failure Investigations;41
4.9;3.9 Conclusion;45
5;Chapter 4: A Methodology for Investigating Software Failures Using Digital Forensics and Near-Miss Analysis;46
5.1;4.1 Introduction;46
5.2;4.2 Overview of Digital Forensics;46
5.3;4.3 Motivation for Using Digital Forensics for Software Failure Investigations;48
5.4;4.4 Digital Forensic Building Blocks;52
5.4.1;4.4.1 Overview of Best Practices in Digital Forensics;56
5.5;4.5 The Adapted Digital Forensic Process Model for Software Failure Investigations Incorporating the Use of Near-Miss Analysis;57
5.5.1;4.5.1 Phase 1: Evidence Collection;58
5.5.2;4.5.2 Phase 2: System Restoration;59
5.5.3;4.5.3 Phase 3: Root-Cause Analysis;59
5.5.4;4.5.4 Phase 4: Countermeasures Specifications;61
5.6;4.6 Interfacing the Proposed “Adapted Digital Forensic Process Model for Software Failure Investigations” with Existing IT Governance Frameworks such as ITIL;63
5.7;4.7 Conclusion;63
6;Chapter 5: A Well-Defined Model for Near-Miss Detection and Prioritisation;64
6.1;5.1 Introduction;64
6.2;5.2 Formal Definition of a Near Miss for Software Systems;64
6.3;5.3 Overview of Reliability Theory and Failure Probability Formula for IT Systems;67
6.4;5.4 The Reliability Theory of Redundant Hardware Components;68
6.5;5.5 Failure Probability Formula for Hardware Components;69
6.6;5.6 Proposed Failure Probability Formula for Software Components;69
6.7;5.7 Mathematical Modelling for Near-Miss Failure Probability;70
6.8;5.8 Prioritisation of Near Misses and the Near-Miss Prioritisation Formula;73
6.9;5.9 Conclusion;75
7;Chapter 6: An Architecture for a Near-Miss Management System (NMS);76
7.1;6.1 Introduction;76
7.2;6.2 The NMS Architecture;76
7.3;6.3 The Near-Miss Monitor;77
7.4;6.4 The Near-Miss Classifier;79
7.5;6.5 The Near-Miss Data Collector;79
7.6;6.6 The Failure Prevention;79
7.7;6.7 The Event Investigation;79
7.8;6.8 Conclusion;80
8;Chapter 7: Practical Demonstration of Conducting a Near-Miss Analysis Investigation for Software Failures;82
8.1;7.1 Introduction;82
8.2;7.2 The Aims of the Prototype;82
8.3;7.3 Setting Up the Lab Environment;83
8.3.1;7.3.1 The Logs of a Software Failure on the Application Layer;84
8.3.2;7.3.2 System Logs;85
8.3.3;7.3.3 The Investigation Tools;87
8.4;7.4 Near-Miss Indicators;89
8.4.1;7.4.1 Formulate Hypothesis;90
8.4.2;7.4.2 Predict Evidence for the Hypothesis;90
8.4.3;7.4.3 Test Hypothesis with Experiment;90
8.4.4;7.4.4 Technical Set-Up;90
8.4.5;7.4.5 Results;91
8.4.6;7.4.6 SOM Analysis of Latency: Result;93
8.4.7;7.4.7 Technical Set-Up;93
8.4.8;7.4.8 Result;94
8.4.9;7.4.9 Technical Set-Up;95
8.4.10;7.4.10 Result;95
8.4.11;7.4.11 Technical Set-Up;98
8.4.12;7.4.12 Result;98
8.5;7.5 Near-Miss Formula;101
8.6;7.6 Conclusion;107
9;Appendix: Technical Details of the SOM Analysis;108
9.1;SOM Map Creation Process;108
9.2; How to Read Viscovery SOMine Output Maps: Example of First 1000 Records;108
9.3; Adding the Number of Running Processes to the C++ Program;110
10;Bibliography;111
11;Index;123
