Professional Documents
Culture Documents
05 June 2018
QinetiQ Businesses
Agenda
Cyber Security
Definitions
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
Definitions
Cyber Security
The Problem
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
The Problem
The Threat
Some Numbers
- Cyber Security Breaches Survey 2018 – Dept. for Digital, Culture, Media and Support
• Two in Five business (43%) identified breaches in the • Business considers the technical control is important.
last 12 months This includes
– Updating software and malware protection
• The most common were
– Securely backing up data
– Staff receiving fraudulent emails (75% of Business)
– Configuring firewalls
– Others impersonating the organisation online (28%)
– Providing guidance on the personal cyber protections
– Viruses and Malware (24%)
- Cyber Security Breaches Survey 2018 – Dept. for Digital, Culture, Media and Support
- Cyber Security Breaches Survey 2018 – Dept. for Digital, Culture, Media and Support
• Software update is key in reducing the cyber breaches. However it is not the only option to reduce
the threat
• Further in the presentation I will be discussing
– Why updates are important and
– Where does it fit in the Software maintenance cycle and
– Why just updating the software when breaches happens is not value for money strategy.
– Having a good proactive software maintenance and Software Obsolescence is key for a good
cyber hygiene discipline
– Will be identifying the key cost drivers for software maintenance and software obsolescence
Software Maintenance
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
Software Maintenance is defined as “ the process of modifying a software systems or component after delivery to
correct faults, improve performance or other attributes, or adapt to a changed environment”
-IEEE, 1990
“ Software Maintenance is the totality of activities required to provide cost-effective support to a software system.
Activities are performed during the pre-delivery stage as well as the post-delivery stage. Pre-delivery activities
include planning for post-delivery operations, supportability, and logistics determination. Post-delivery activities
includes software modification, training and operating a help desk”
-Thomas Pigoski, “Practical Software Maintenance – Best practice for managing your software Investment”
Software Maintainability
• Perfective Maintenance – Perfective maintenance is the modification of a software application, after delivery,
to improve performance or maintainability.
• Preventative Maintenance – The modification of a software application after delivery to detect and correct
latent faults in the software product before they became effective faults.
• Corrective Maintenance – The reactive modification of a software product performed after delivery to correct
discovered problems.
• Adaptive Maintenance – Enhancements necessary to accommodate changes in the environment in which a
software product must operate.
-ISBSG
Software Reliability
• It is the probability of failure free software operation for a specific time
• Software is not a function of time – so cannot be measured on the time factors
• Software reliability is an important attribute to software quality
• Software reliability is hard to achieve as Software complexity might be higher
Software Maintenance-
Key Cost Drivers
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
Why Software Maintenance is a key Cost Drivers (adapted from Bartel et al)
Software Supply
Chain
Update, Upgrade,
Copyrights patches and bug Perfective Other Hardware Test
fixes
Other key Cost Drivers to consider when estimating Software Maintenance Cost
Cost Drivers
Software and
Level of Types of Testing and Level of
Systems
Integration Platforms Requalification Modification
parameters
Software Obsolescence
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
What is Obsolescence ?
• There are various definitions for Obsolescence in use however IEC 62402:20071 defines obsolescence as
“The coordinated activities to direct and control an organisations with regard to Obsolescence”
Software Obsolescence is defined “what happens when the original and authorised third party ceases to provide
support with regular update, upgrade, fixes or due to the changes in target or operating environment, systems or
hardware which makes the software unusable”
Maintenance is the review of of the stored files to Solves unavailability of fixes, licences, permission
ensure they are still useable and upgrades
Software maintenance takes care of the current Software Obsolescence management looks forward
versions to ensure that its up and running and the industry standards and other software to
meeting the requirements continue supportability of the software
Maintenance deals with the upgrading the software Obsolescence management deals with enforced
to enhance capability changes in the environment
Software gets obsolete due to one of the following reasons (P Sandborn, et al)
Functional obsolescence: If there are changes to the hardware, system or other software in the same system.
Technological Obsolescence: his happens when vendor stops supporting the products or unavailability of the software in
market etc.
Logistical Obsolescence: This happens when the media or the hard drive for example does not support the software.
Software Obsolescence-
Key Cost Drivers
QINETIQ PROPRIETARY
QINETIQ PROPRIETARY
Summary
Next workshop
QinetiQ
Building 240
The Close
Bristol Business Park
Coldharbour Lane
Bristol BS16 1FJ
United Kingdom Thank you –Any Questions ?
Tel +44 (0)117 3172558
Mobile +44 (0)738 237 044
srajagopal@QinetiQ.com
www.QinetiQ.com
QINETIQ PROPRIETARY