Logo

MEDUSAS: Improvement and Evaluation of Software Maintainability, Usability and Security

MEDUSAS logo

ALARCOS QUALITY CENTER leads the project MEDUSAS, an environment (methodological and instrumental) that provides companies that contract their software development and development departments and factories with independent software quality control and assurance services.

Project Justification

Activities related to software quality are becoming more and more importance due to:

  • The software outsourcing growth. It is worth noting that Spain is becoming one of the preferred nearshoring centers worldwide, with a high number of software factories set up. It causes that, on one hand, organizations that work in "factory mode" have to invest resources to "assure" the quality of the software they make; while, on the other hand, clients must "control" the quality of the software supplied by factories.
  • The growing importance of certifications based on models such as CMMI (Capability Maturity Model Integration), ISO 15504, etc., which stress the quality assurance activities among the key areas in the maturity of an organization that develops or maintains software.

For these reasons, there is a big need for controlling and assuring que quality of information system developments, both by clients and by software factories and other development companies.

Project Description

The goal of the project MEDUSAS is building an environment that makes software quality control and assurance possible. This environment is based on the new family of standards ISO 25000, known as SQuaRE (Software Quality Requirements and Evaluation), which will replace the current standards ISO 9126, and ISO 14598. By the end of 2007, the first standards from this family were approve, and the remaining standards are expected to be approved officially this year.

The project MEDUSAS enables the assessment of not only the quality of software code, but also the quality of analysis and design models, making it possible to control the quality of the development projects from the first stages of the lifecycle. Among all the software quality characteristics that ISO 25000 includes, this project will concentrate on the evaluation of software maintainability, security and usability.

The next figure sums up the components of the project MEDUSAS, stressing clearly its different components: the methodological component, the technological component, and the management and dissmination component.

The project MEDUSAS consists of 3 components: the methodological component, the technological component, and the management and dissmination component. All the results originated from these components are stored in a central repository.
  • Methodological environment: it consists of the following components:
    • Quality assurance methodology: it defines the activities, roles, inputs, and outputs needed to carry out the software quality assurance process. The main software assessment standards will be taken into account.
    • Quality models: three different models will be developed considering the three quality characteristics that this project deals with (maintainability, security, and usability), basing them on a set of metrics, heuristics, and checklists
  • Technological environment: it gives support to everything defined in the methodological environment, and it consists of two components:
    • Methodological support: it represents the technological environment that gives support to the mothodology and the quality models, enabling its practical application in projects.
    • Environment for quality measurement and assurance: it represents the set of automatic tools (and its configuration) that enable to carry out the process of measurement according to the metrics defined in the methodological environment.
  • Management and dissemination environment: it consists of a set of tools that enable to plan, control and improve the project, as well as to disseminate and present the obtained results.
  • Central project repository: the results and developments of the three previous enviroments will be stored in a central repository that enables communication between the four participating companies and configuration management.

Project Participants

The MEDUSAS project is being carried out by a consortium of companies from Castilla-La Mancha, along with the University of Castilla-La Mancha.

Participating Companies:

AQC logo
Audisec logo
SICAMAN NUEVAS TECNOLOGIAS logo

Public Research Organization:

UCLM logo

Links and References

News:

Papers and presentations:

  • MEDUSAS kick-off presentation pdf icon
  • Blanco, C., Fernández-Medina, E., Trujillo, J. (2009). Reingeniería sobre Almacenes de Datos Seguros aplicando ADM. XIV Jornadas de Ingeniería del Software y Bases de Datos – JISBD 2009.
  • Torre, D., Blasco, B., Genero, M. y Piattini, M. (2009). CQA-ENV: An Integrated Enviroment for the Continuous Quality Assessment of Software Artifacts. The 8th International Conference on Software Methodologies, Tools and Techniques (SoMeT).
  • Rodriguez, A., Caro, A., Fernández-Medina, E. (2009). Towards Framework Definition to Obtain Secure Business Process from Legacy Information systems. Conference on Information and Knowledge Management; Co-Located Workshops (CIKM 2009).
  • Reynoso, L., Rolón, E., García, F., Ruiz, F., Piattini, M. (2009). Formal Definition of Measures for BPMN Models. Software Process and Product Measurement (MENSURA 2009).
  • Mora, B., García, F., Ruiz, F., Piattini, M. (2009). Model-Driven Software Measurement Framework: a case Study. 9Th International Conference on Quatilty Software.
  • Blanco, C., Fernández-Medina, E., Trujillo, J. (2009). Reingeniería sobre Almacenes de Datos Seguros aplicando ADM. Revista Novática (extensión del JISBD 09).
  • Reynoso, L., Rolón, E., Genero, M., Ruiz, F., García, F., Piattini, M. (2009). Formal Definition of Measures for BPMN Models. Software Process and Product Measurement (WSM/Mesura 2009). Lecture Notes in Computer Science 5891: 285-306.
  • García, D., Fernández-Medina, E., López, J. (2010). A Study of security approaches for the development of mobile grid systems. 5th International Conference on Software and Data Technologies (ICSOFT-2010).
  • Fornaris, A., Fernández-Medina, E.(2010). Hacia la Armonización de Modelos de Requisitos de Seguridad 39 Jornadas Argentinas de Informática (JAIIO-2010).
  • Mellado, D., Fernández-Medina, E. (2010). Comparativa de Métricas de Seguridad de Diseño software. 39 Jornadas Argentinas de Informática (JAIIO-2010).
  • Sánchez, L., Santos, A., Fernández-Medina, E., Piattini, M. (2010). Características deseables para un SGSI orientado a PYMES. 39 Jornadas Argentinas de Informática (JAIIO-2010).
  • García, D., Blanco, C., Sánchez, L., Fernández-Medina, E., Piattini, M. (2010). Software Security. An indispensable subject for a software engineer. International Technology, Education and Development Conference (INTED 2010).
  • Blanco, C., Sánchez, L., Fernández-Medina, E., Piattini, M., García, D. (2010). Orientation of Security in the acm Curricula. International Technology, Education and Development Conference (INTED 2010).
  • Sánchez, L., Ruiz, C., Fernández-Medina, E., Piattini, M. (2010). Managing The asset risk of SMEs. International Conference on Availability, Reliability and Security (ARES 2010).
  • García, D., Blanco, C., Sánchez, L., Fernández-Medina, E., Piattini, M. (2010). La Seguridad como una asignatura indispensable para un Ingeniero de Software. XVI Jornadas de Enseñanza Universitaria de la Informática (JENUI-2010).
  • Sánchez, L., Santos-Olmo, A., Fernández-Medina, E., Piattini, M. (2010). Building ISMS through the Reuse of Knowledge. Trust, Privacy and Security in Digital Business (TrusBus 2010).
  • Mellado, D., Fernández-Medina, E., Piattini, M. (2010). A Comparison of Software Design Security Metrics. 4th European Conference on Software Architecture (ECSA 2010).
  • Mellado, D., Rodríguez, M., Verdugo, J., Piattini, M., Fernández-Medina, E. (2010). Evaluación de la calidad y seguridad en productos software. XI Jornadas sobre Tecnologías de la Info. para la Modernización de las Adm. Públicas (TECNIMAP 2010).
  • Sánchez, L., Santos-Olmo, A., Fernández-Medina, E., Piattini, M. (2010). Gestionando el riesgo de los activos de las PYMES. XI Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2010).
  • Fornaris, A., Sánchez, L., Fernández-Medina, E. (2010). Modelo de Calidad para la Seguridad en Productos Software. XI Reunión Española sobre Criptología y Seguridad de la Información (RECSI 2010).
  • Blanco, C., Fernández-Medina, E., Trujillo, J., Jurjens, J. (2010). Toward the Secure Modelling of OLAP Users´Behaviour. 36th International Conference on Very Large Data Bases (VDLB 2010).
  • Fernández, A., Genero, M., Chaudon, M. (2010). Investigating the benefits of UML on software maintenance: A research proposal. 9th Workshop BElgian-NEtherlands software eVOLution seminar (BENEVOL 2010).
  • Mellado, D., Blanco, C., Sanchez, L.E., y Fernández-Medina, E. (2010). A Systematic Review of Security Requirements Engineering.Lecture Notes in Computer Standard and Interfaces.
  • Sánchez, L., García, D., Blanco, C., Fernández-Medina, E., Piattini, M. (2010). Papel de las certificaciones profesionales en la enseñanza universitaria de ingeniería de software en España. Lectura Notes in Revista Española de Innovación, Calidad e Ingeniería del software (REICIS): 6-24.
  • Blanco, C., Fernández-Medina, E., Trujillo, J. (2010). Reingeniería sobre Almacenes de Datos seguros aplicando ADM. Lecture Notes in Revista de la Asociación de Técnicos de Informática (NOVATICA): 44-50.
  • Mellado, Fernández-Medina, E. y Piattini, M. (2010). Security requirements engineering framework for software product lines. Lecture Notes in Information and Software Technology: 1094-1110.
  • Blanco, C., Garcia-Rodriguez, I., Fernandez-Medina, E., Trujillo, J., Piattini, M. (2010). Defining and transforming security rules in an MDA approach for DWs. Lecture Notes in International Journal of Business Intelligence and Data Mining (IJBIDM): 116-132.
  • Rodríguez, A., García-Rodríguez, I., Fernández-Medina, I., Piattini, M. (2010). Semi-formal transformation of secure business processes into analysis class and use case models: An MDA approach. Lecture Notes in Information and Software Technology: 945-971.
  • Reynoso, L., Genero, M., Piattini, M. (2010). Refinement and Extension of SMDM, a Method for Defining Valid Measures. Lecture Notes in Journal of Universal Computer Science: 3210-3244.
  • Fernández-Saez, A., Genero, M., Nelson, J., Poels, G., Piattini, M. (2010). A Systematic Literature Review on the Quality of UML Models. Lecture Notes in Journal of Database Management.
  • Sánchez, L., Santos-Olmo, A., Fernández-Medina, E., Piattini, M. (2010). Building ISMS through the Reuse of Knowledge. Lecture Notes in Computer Science: 190-201.
  • Pérez, R., Weber, B., Pinggera, J., Zugal, S., García, I., Piattini, M. (2011). Generating event logs from non-process-aware systems enabling business process mining, Enterprise Information Systems: 301 -335.
  • García, D., Fernández-Medina, E., López, J., Piattini, M. (2011). Systematic design of secure Mobile Grid Systems, Journal of Network and Computer Applications: 1168-1183.
  • Martínez, T., García, F., Piattini, M., Münch, J. (2011). Modelling software process variability: an amperical Study, IET Software: 172-187.
  • De Castro, V., Genero, M., Marcos, E., Piattini, M. (2011). Empirical study to assess whether the use of routes facilitates the navigability of web information systems, IET Software: 1-15.
  • García, D., Fernández-Medina, E., López, J. (2011). Towards a UML Extensión of Reusable Secure Use Cases for Mobile Grid Systems, IEICE Transactions on Informationan d Systems: 243-254.
  • Cruz, J., Genero, M., Caivano, D., Abrahao, S., Insfrán, E., Carsí, J. (2011). Assessing the influence of stereotype on the comprehension of UML sequence diagrmas: a family of experiements, Information and Software Technology: 1391-1403.
  • Caro, M., Calero, C., Moraga, C. (2011) Are Web Visibility and Data Quality Related Comcepts?, IEEE Internet Computing: 43- 49.
  • Genero, M., Fernández, A., James, H., Poels, G., Piattini, M. (2011). A Systematic Literature Review on the Quality of UML Models. J. Database Manag: 46-70.
  • Abrahão, S., Insfrán, E., Carsí, J.A., Genero, M. (2011). Evaluating requirements modeling methods based on user perceptions: A family of experiments. Inf. Sci.: 3356 -3378.
  • Gallego, Á., Santos-Olmo, A., Sánchez, L., Fernández-Medina, E. (2011). Automated Security Metrics in ISMSs to Discover the Level Of Security of OSs an DBMSs. 8th International Workshop on Security in Information Systems (WOSIS 2011).
  • Santos-Olmo, A., Sánchez, L., Fernández-Medina, E., Piattini, M. (2011). Desirable Characteristics for an ISMS Oriented to SMEs. 8th International Workshop on Security in Information Systems (WOSIS 2011).
  • Rebollo, O., Mellado, D., Fernández-Medina, E. (2011) A Comparative Review of Cloud Security Proposals with ISO/IEC 27002. 8th International Workshop on Security in Information Systems (WOSIS 2011).
  • Rebollo, O., Mellado, D., Sánchez, L., Fernández-Medina, E. (2011). Comparative Analysis of Information Security Governance Frameworks: A Public Sector Approach. The Proceedings of the 11th European Conference on eGovernment (ECEG 2011).
  • Moraga, C., Moraga, M., Genero, M., Piattini, M. (2011). A Systematic literature review on software product line quality. 6 th International Conference on Software and Data Technologies (ICSOFT 2011).
  • Martínez, T., García, F., Piattini, M. (2011). Managing Process Diversity by Applying Rationale Managemement in Variant Rich Processes. Product-Focused Software Process Improvement (PROFES 2011).
  • Morales, M., Oktaba, H., Pino , F., Orozco, M. (2011). Applying Agile and Lean Practices in a Software Development Project into a CMMI Organization. Product-Focused Software Process Improvement (PROFES 2011).
  • Fernández, A., Genero, M., Chaudron, M. (2011). Empirical investigation on the benefits of using UML in software maintenance. Conference on Product Focused Software Development and Process Improvement (PROFES 2011).
  • Blasco, B., Genero, M., Piattini, M. (2011). ALIGNMENT OF MEASUREMENT AND BUSINESS GOALS: A Systematic Literature Review. 6 th International Conference on Software and Data Technologies (ICSOFT 2011).
  • Genero, M., Piattini, M., Fernández, A. (2011). Revisión sistemática sobre el aseguramiento de la calidad de requisitos. 40 Jornadas Argentina de Informática JAIIO 2011 (ASSE 2011).
  • Martínez, T., García, F., Piattini, M., Münch, J. (2011). Applying AOSE Concepts to Model Crosscutting Variability in Variant-Rich Processes. 37th EUROMICRO Conference on Software engineering and Advanced Applications (EUROMICRO 2011).
  • Fernández, A., Genero, M., Chaudron, M. (2011). A research plan for gathering empirical evidence of the benefits of using UML in software maintenance. XVI Jornadas de Ingeniería del software y Bases de Datos.
  • Pérez, R., Weber, B., García, I., Piattini, M. (2011). Modernización Software mediante Descubrimiento de Vistas de Procesos de Negocios. XVI Jornadas de Ingeniería del software y Bases de Datos.
  • García, D., Fernández-Medina, E., López, J., Piattini, M. (2011). Identifying Secure Mobile Grid Use Cases. Cloud, Grid and High Performanace Computing Emerging Applications: 180- 207. Information Science Reference.
  • Blanco, C., García, D., Gutierrez, C., Rodriguez, A., Mellado, D., Fernández-Medina, E., Trujillo, J., Piattini, M. (2011). Security Over the Information systems Development Cycle. Software Engineering for Secure Systems: 113-154. Information Science Reference.
  • García, D., Fernández-Medina, E., López, J. (2011). Security in the Development Process of Mobili Grid Systems. Advances in Grid Computing: 174-198. Intech Open.

Contact

tel.: +34 926 295480

fax: +34 926 295354

info@alarcosqualitycenter.com

Request Information

Request information about the services of AQC without obligation

Request information

Follow us on:

LinkedIn Alarcos Quality Center Twitter Alarcos Quality Center SlideShare Alarcos Quality Center

This website uses own and third-party cookies to enhance your experience. If you continue to browse this website we will consider you accept their use. You can get more information by reading our Cookies Policy.