Misplaced Pages

Architecture tradeoff analysis method

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

In software engineering , Architecture Tradeoff Analysis Method ( ATAM ) is a risk-mitigation process used early in the software development life cycle .

#124875

35-565: ATAM was developed by the Software Engineering Institute at the Carnegie Mellon University . Its purpose is to help choose a suitable architecture for a software system by discovering trade-offs and sensitivity points. ATAM is most beneficial when done early in the software development life-cycle when the cost of changing architectures is minimal. The following are some of the benefits of

70-524: A general and powerful tool for understanding and then improving general business process performance. Watts Humphrey's Capability Maturity Model (CMM) was published in 1988 and as a book in 1989, in Managing the Software Process . Organizations were originally assessed using a process maturity questionnaire and a Software Capability Evaluation method devised by Humphrey and his colleagues at

105-549: A general model of the maturity of process (e.g., IT service management processes) in IS/IT (and other) organizations. A maturity model can be viewed as a set of structured levels that describe how well the behaviors, practices and processes of an organization can reliably and sustainably produce required outcomes. A maturity model can be used as a benchmark for comparison and as an aid to understanding - for example, for comparative assessment of different organizations where there

140-443: Is Free". Humphrey's approach differed because of his unique insight that organizations mature their processes in stages based on solving process problems in a specific order. Humphrey based his approach on the staged evolution of a system of software development practices within an organization, rather than measuring the maturity of each separate development process independently. The CMMI has thus been used by different organizations as

175-568: Is a federally funded research and development center headquartered on the campus of Carnegie Mellon University in Pittsburgh , Pennsylvania , United States . The SEI also has offices in Washington, DC ; Arlington County, Virginia ; and Los Angeles , California. The SEI operates with major funding from the U.S. Department of Defense . The SEI also works with industry and academia through research collaborations. On November 14, 1984,

210-644: Is a capability model for operational resilience management. Version 1.0 of the Resilience Management Model was released in May 2010. SEI work in engineering practices increases the ability of software engineers to analyze, predict, and control selected functional and non-functional properties of software systems. Key SEI tools and methods include the SEI Architecture Tradeoff Analysis Method (ATAM) method,

245-524: Is something in common that can be used as a basis for comparison. In the case of the CMM, for example, the basis for comparison would be the organizations' software development processes. The model involves five aspects: There are five levels defined along the continuum of the model and, according to the SEI: "Predictability, effectiveness, and control of an organization's software processes are believed to improve as

280-687: Is working with US-CERT to produce the Build Security In (BSI) website, which provides guidelines for building security into every phase of the software development lifecycle . The SEI has also conducted research on insider threats and computer forensics . Results of this research and other information now populate the CERT Virtual Training Environment. The SEI Partner Network helps the SEI disseminate software engineering best practices. Organizations and individuals in

315-402: The U.S. Department of Defense , who funded the research. The term "maturity" relates to the degree of formality and optimization of processes, from ad hoc practices, to formally defined steps, to managed result metrics, to active optimization of the processes. The model's aim is to improve existing software development processes, but it can also be applied to other processes. In 2006,

350-506: The stages of growth model for IT organizations. Watts Humphrey began developing his process maturity concepts during the later stages of his 27-year career at IBM. Active development of the model by the US Department of Defense Software Engineering Institute (SEI) began in 1986 when Humphrey joined the Software Engineering Institute located at Carnegie Mellon University in Pittsburgh, Pennsylvania after retiring from IBM. At

385-407: The 1980s, the use of computers grew more widespread, more flexible and less costly. Organizations began to adopt computerized information systems, and the demand for software development grew significantly. Many processes for software development were in their infancy, with few standard or " best practice " approaches defined. As a result, the growth was accompanied by growing pains: project failure

SECTION 10

#1732790123125

420-584: The ATAM process: The ATAM process consists of gathering stakeholders together to analyze business drivers (system functionality, goals, constraints, desired non-functional properties ) and from these drivers extract quality attributes that are used to create scenarios. These scenarios are then used in conjunction with architectural approaches and architectural decisions to create an analysis of trade-offs, sensitivity points, and risks (or non-risks). This analysis can be converted to risk themes and their impacts whereupon

455-594: The CMMI Product Suite included the release of CMMI for Development. CMMI for Development was the first of three constellations defined in Version 1.2: the others include CMMI for Acquisition and CMMI for Services. The CMMI for Services constellation was released in February 2009. Another management practice developed by CERT, which is part of the SEI, is the Resilience Management Model (CERT-RMM). The CERT-RMM

490-514: The Department of Defense and subpoenaed by the FBI. SEI has been an occasional site of anti-war movement and peace movement protests, many of which have been organized by Pittsburgh's Thomas Merton Center . Capability Maturity Model The Capability Maturity Model ( CMM ) is a development model created in 1986 after a study of data collected from organizations that contracted with

525-474: The SEI Affiliate Program, organizations place technical experts with the SEI for periods ranging from 12 months to four years. Affiliates currently are working on projects with the SEI to identify, develop, and demonstrate improved software engineering practices. In order to recognize outstanding achievements in improving an organization's ability to create and evolve software-dependent systems,

560-725: The SEI Framework for Software Product Line Practice, and the SEI Service Migration and Reuse Technique (SMART). The SEI is also the home of the CERT/CC (CERT Coordination Center), a federally funded computer security organization. The SEI CERT Program's primary goals are to ensure that appropriate technology and systems-management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of successful attacks, accidents, or failures. The SEI CERT program

595-652: The SEI Partner Network are selected, trained, and licensed by the SEI to deliver authentic SEI services, which include courses, consulting methods, and management processes. The network currently consists of nearly 250 partner organizations worldwide. The SEI sponsors national and international conferences, workshops, and user-group meetings. Other events cover subjects including the acquisition of software-intensive systems, commercial off-the-shelf (COTS)-based systems, network security and survivability, software process research, software product lines , CMMI, and

630-604: The SEI Team Software Process. SEI courses are currently offered at the SEI's locations in the United States and Europe. In addition, using licensed course materials, SEI Partners train individuals. The SEI Membership Program helps the software engineering community to network. SEI Members include small business owners, software and systems programmers, CEOs, directors, and managers from both Fortune 500 companies and government organizations. Through

665-717: The SEI and IEEE Computer Society created the Software Process Achievement Award program. In addition to rewarding excellence, the purpose of this award is to foster continuous advancement in the practice of software engineering and to disseminate insights, experiences, and proven practices throughout the relevant research and practitioner communities. The SEI publishes reports that offer new technical information about software engineering topics, whether theoretical or applied. The SEI also publishes books on software engineering for industry, government and military applications and practices. In addition,

700-661: The SEI offers public courses, workshops, and conferences in process improvement, software architecture and product lines, and security. On November 11, 2015, Roger Dingledine from the Tor Project accused the Software Engineering Institute of aiding the Federal Bureau of Investigation in uncovering the identities of users of the Tor network . Later prosecution showed the hack was paid for by

735-500: The Software Engineering Institute at Carnegie Mellon University developed the Capability Maturity Model Integration , which has largely superseded the CMM and addresses some of its drawbacks. The Capability Maturity Model was originally developed as a tool for objectively assessing the ability of government contractors' processes to implement a contracted software project. The model is based on

SECTION 20

#1732790123125

770-812: The Software Engineering Institute. The full representation of the Capability Maturity Model as a set of defined process areas and practices at each of the five maturity levels was initiated in 1991, with Version 1.1 being published in July 1993. The CMM was published as a book in 1994 by the same authors Mark C. Paulk, Charles V. Weber, Bill Curtis , and Mary Beth Chrissis. The CMMI model's application in software development has sometimes been problematic. Applying multiple models that are not integrated within and across an organization could be costly in training, appraisals, and improvement activities. The Capability Maturity Model Integration (CMMI) project

805-660: The U.S. Department of Defense elected Carnegie Mellon University as the host site of the Software Engineering Institute. The institute was founded with an initial allocation of $ 6 million, with another $ 97 million to be allocated in the subsequent five years. The SEI's contract with the Department of Defense is subject to review and renewal every five years. SEI focuses on several technical directions: software engineering , cybersecurity , assurance , and DoD critical component capabilities . The SEI defines specific initiatives aimed at improving organizations' software engineering capabilities. Organizations need to effectively manage

840-553: The acquisition, development, and evolution (ADE) of software-intensive systems. Success in software engineering management practices helps organizations predict and control quality, schedule, cost, cycle time, and productivity. The best-known example of SEI in management practices is the SEI's Capability Maturity Model (CMM) for Software (now Capability Maturity Model Integration (CMMI) ). The CMMI approach consists of models, appraisal methods, and training courses that have been proven to improve process performance. In 2006, Version 1.2 of

875-729: The institute is now sponsored by the United States Department of Defense and the Office of the Under Secretary of Defense for Research and Engineering , and administrated by Carnegie Mellon University . The activities of the institute cover cybersecurity , software assurance , software engineering and acquisition, and component capabilities critical to the United States Department of Defense. The Carnegie Mellon Software Engineering Institute

910-441: The organization moves up these five levels. While not rigorous, the empirical evidence to date supports this belief". Within each of these maturity levels are Key Process Areas which characterise that level, and for each such area there are five factors: goals, commitment, ability, measurement, and verification. These are not necessarily unique to CMMI, representing — as they do — the stages that organizations must go through on

945-439: The process can be repeated. With every analysis cycle, the analysis process proceeds from the more general to the more specific, examining the questions that have been discovered in the previous cycle, until the architecture has been fine-tuned and the risk themes have been addressed. ATAM formally consists of nine steps, outlined below: These steps are separated into two phases: Phase 1 consists of steps 1-6 and after this phase,

980-542: The process maturity framework first described in IEEE Software and, later, in the 1989 book Managing the Software Process by Watts Humphrey . It was later published as an article in 1993 and as a book by the same authors in 1994. Though the model comes from the field of software development , it is also used as a model to aid in business processes generally, and has also been used extensively worldwide in government offices, commerce, and industry. In

1015-553: The request of the U.S. Air Force he began formalizing his Process Maturity Framework to aid the U.S. Department of Defense in evaluating the capability of software contractors as part of awarding contracts. The result of the Air Force study was a model for the military to use as an objective evaluation of software subcontractors' process capability maturity. Humphrey based this framework on the earlier Quality Management Maturity Grid developed by Philip B. Crosby in his book "Quality

1050-535: The software-development processes. In the 1980s, several US military projects involving software subcontractors ran over-budget and were completed far later than planned, if at all. In an effort to determine why this was occurring, the United States Air Force funded a study at the Software Engineering Institute (SEI). The first application of a staged maturity model to IT was not by CMU/SEI, but rather by Richard L. Nolan , who, in 1973 published

1085-402: The state and context of the project, the driving architectural requirements and the state of the architectural documentation are known. Phase 2 consists of steps 7-9 and finishes the evaluation Software Engineering Institute Software Engineering Institute ( SEI ) is a federally funded research and development center in Pittsburgh , Pennsylvania , United States. Founded in 1984,

Architecture tradeoff analysis method - Misplaced Pages Continue

1120-525: The way to becoming mature. The model provides a theoretical continuum along which process maturity can be developed incrementally from one level to the next. Skipping levels is not allowed/feasible. Between 2008 and 2019, about 12% of appraisals given were at maturity levels 4 and 5. The model was originally intended to evaluate the ability of government contractors to perform a software project. It has been used for and may be suited to that purpose, but critics pointed out that process maturity according to

1155-415: Was common, the field of computer science was still in its early years, and the ambitions for project scale and complexity exceeded the market capability to deliver adequate products within a planned budget. Individuals such as Edward Yourdon , Larry Constantine , Gerald Weinberg , Tom DeMarco , and David Parnas began to publish articles and books with research results in an attempt to professionalize

1190-563: Was formed to sort out the problem of using multiple models for software development processes, thus the CMMI model has superseded the CMMI model, though the CMMI model continues to be a general theoretical process capability model used in the public domain. In 2016, the responsibility for CMMI was transferred to the Information Systems Audit and Control Association (ISACA). ISACA subsequently released CMMI v2.0 in 2021. It

1225-460: Was upgraded again to CMMI v3.0 in 2023. CMMI now places a greater emphasis on the process architecture which is typically realized as a process diagram. Copies of CMMI are available now only by subscription. The CMMI was originally intended as a tool to evaluate the ability of government contractors to perform a contracted software project. Though it comes from the area of software development, it can be, has been, and continues to be widely applied as

#124875