Assignment No.

02

SEMESTER Fall 2019

CS711 – Software Design

Submitted by: Ammara Mumtaz
Student id: Ms170200034
Department Bioinformatics

Due Date: December 05, 2019

Question No. 1 [Marks 30]
Consider the case study given in Assignment No. 1 (for your reference, case study is given again
at the end of this assignment)
Draw:
1) Complete Use Case diagram

2) Complete Class Diagram

Question No. 2 [Marks 20]
Read the paper titled “A Model for Provably Secure Software Design” attached with this
assignment and answer the following questions:

1) Provide a brief summary of the paper.

Answer:
Many stakeholders advocate the principle of safety Design, yet designing secure software
is a difficult task. Designers usually have to resort to their knowledge and Experience,
possibly augmented with guidance methods as a stride and informal catalog of security
solutions. A very important challenge for designers is to do it correctly right away A
security solution; Do not choose a suitable solution Significant challenge. Providing
designers with techniques that Support the chosen security in the right urgency. The
solution can obviously improve this situation. That's why we proposed a model inspired
by the data flow diagram (DFD), But consistent with security and supported by well-
defined semantics. This paper shows how this model supports precision Expressions and
arguments regarding security-relevant aspects Of a software design. We provide a formal
implementation Of our model using the Coq Proof Assistant. it enables Facilitated by
fully validating the design of the model Formal evidence that the solutions implemented
are indeed correct. Additionally, the use of a proof assistant automatically ensures The
purity of the evidence itself. Our model can as follows Supplemented with personal
expert knowledge and experience Strong, proven guarantee. In addition, we are illustrated
Our model using a realistic sized banking application and Shown how our model is
capable of proving true Security solutions implemented in relation to a security asset.

2) Provide critical analysis i.e. identify and mention strengths and weaknesses of the paper.
This model is strong because of strong infra-structure and difficult sketch so hacking of
this model is hard.
Weakness of this model is that we must have multiple ways for security and also some
ways for backup data
This model is not useful for many organization it should be user friendly.
Case Study (Taken from Assignment No. 1):
Consider an Electronic Voting System (EVS) which lets users digitally cast their votes. Mainly
the EVS is divided into two modules i.e. Admin Panel (APan) and Client Panel (CPan). Note that
each of these modules may further have sub modules. APan lets you enter all the related data e.g.
constituencies, candidate information, political party details etc. Furthermore, the EVS also
provides analytical engine that can be used to perform various types of analysis e.g. voter
turnout, current constituency polling status, party position etc.
CPan on the other hand, is installed on Electronic Voting Machines (EVMs). It lets users cast
their vote both by bio-metric (figure prints) and manually (by entering the ID Card No and other
information for old or disabled people). Once a voter selects his/her candidate and presses submit
button, the vote is casted.
As there will be large number of EVMs throughout the country, to avoid performance
bottlenecks each EVM stores the casted data in its local database. The server provides a slot to
each machine using round robin scheduling technique. At its turn each EVM submits votes from
its local database to server. For the areas where there is no internet facility, the backup of EVM
local database is taken on disk and sent to head office where it is submitted to server using APan.
On polling day, the server stores polling data at two separate servers as well which can be
restored in case of any unwanted event.