Skip to content
GitLab

Technical Debt Toolbox Description · Changes

Page history
Create Technical Debt Toolbox Description authored by George Digkas's avatar George Digkas
Hide whitespace changes
Inline Side-by-side
Technical-Debt-Toolbox-Description.md 0 → 100644
View page @ e2c84d6b
# Dependability Toolbox - Description
## Overall Structure
The Dependability Toolbox is responsible for assessing and optimizing the dependability (i.e., Security and Reliability) of software applications written in Java, C, and C++ programming languages. The toolbox consists of three individual web services, which are merged into a single Docker Container. These services are listed below:
* **Quantitative Security Assessment:** This web service is responsible for evaluating the internal security level of a given software application
* **Vulnerability Prediction:** This web service is responsible for identifying security hotspots, i.e., parts of a given software product (e.g., classes and source code files) that are likely to contain vulnerabilities
* **Optimum Checkpoint Interval Recommendation:** This web service is responsible for suggesting the optimum checkpoint interval for programs with loops
The overall structure of the Dependability Toolbox is depicted in the figure below:
![dep-tool](uploads/8cb1ced12cb6f27e48cd50761dfe0d8b/dep-tool.png)
As can be seen by this figure, the Dependability Toolbox back-end is actually a Microservice, which consists of the three aforementioned web services, i.e., Quantitative Security Assessment, Vulnerability Prediction, and Optimum Checkpoint Interval Recommendation. This microservice has been implemented as an individual Docker Image, which is deployed as an individual Docker Container. An independent MongDB database has been implemented, for storing the results of the three web services that the Dependability Toolbox provides. Although the database has been developed as a standalone Docker Container, access is only feasible through dedicated APIs that are provided by the Dependability Toolbox back-end. Finally, as can be seen by the figure above, the SDK4ED Dashboard communicates with the Dependability Toolbox back-end for invoking its services and visualizing their results in an intuitive and easy-to-understand manner.
## External References
For more information about the Dependability Toolbox we highly recommend the reader to have a look at the following resources:
- **Deliverable 3.3:** This deliverable contains information about the research work related to the Security services of the SDK4ED Dependability Toolbox [link](https://redmine.microlab.ntua.gr/dmsf/files/1035/view)
- **Deliverable 4.3:** This deliverable contains information about the research work related to the Optimum Checkpoint Interval Recommendation service of the SDK4ED Dependability Toolbox [link](https://redmine.microlab.ntua.gr/dmsf/files/1350/view)
- **Deliverable 5.7:** This deliverable contains information about the technical details of the SDK4ED Dependability Toolbox [link](https://redmine.microlab.ntua.gr/dmsf/files/1577/view)
- **Installation Tutorial:** A video showing how the Dependability Toolbox docker container can be installed locally [link]()
- **Demo Video:** A video showing how the SDK4ED Dashboard is linked to the Dependability Toolbox, and what is executed behind the scenes when the services are invoked [link](https://www.youtube.com/watch?v=7s5mbDhK3as)
## Relevant Papers
The Dependability Toolbox is the outcome of the research work conducted for the purposes of the [SDK4ED]() project, which is funded by the European Union Horizon 2020 program, under Grant Agreement number 780572. Some of the research outcomes that are related to this toolbox have been published in scientific journals and conference proceedings. An indicative list of the most notable publications can be found below:
1. Siavvas M., Gelenbe E., “Optimum Checkpoints for Programs with Loops”, Simulation Modelling Practice and Theory, Elsevier, vol. 97, 2019.
2. Siavvas M., Gelenbe E., Kehagias D., Tzovaras D., Static analysis-based approaches for secure software development. Security in Computer and Information Sciences. Euro-CYBERSEC 2018. Communications in Computer and Information Science, Springer, Cham, 2018.
3. Siavvas M., Jankovic M., Kehagias D., and Tzovaras D., Is Popularity an Indicator of Software Security?,” IEEE 9th International Conference on Intelligent Systems (IS), IEEE, 2018.
4. Siavvas M., Gelenbe E., “Optimum Interval for Application-level Checkpoints”, 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud), IEEE, 2019.
Please make sure to cite those publications in case you are using the Dependability Toolbox for research purposes.