Arab Academy for Science, Technology and Acad.

Year :
Maritime Transport-College of Computing & Semester : master
Information Technology-Cairo branch Department :
No. of Pages : 2 Time Allowed :
No. Of Questions : 5 Date : 17/2/ 2021
Examiner : Dr .Ahmed Salem
Advanced software engineering (final exam) (40 Points)

Question One answer 4 questions Only

1. A train protection system automatically applies the brakes of a train if the speed limit for
a segment of track is exceeded or if the train enters a track segment that is currently
signaled with a red light (i.e., the segment should not be entered). Details are shown as
following:

 The system acquires information on the speed limit of a segment from a trackside
transmitter, which continually broadcasts the segment identifier and its speed limit. The
same transmitter also broadcasts information on the status of the signal controlling that
track segment. The time required to broadcast track segment and signal information is 50
ms.
 The train can receive information from the trackside transmitter when it is within 10 m of
a transmitter.
 The maximum train speed is 180 kph.
 Sensors on the train provide information about the current train speed (updated every
250 ms) and the train brake status (updated every 100 ms).
 If the train speed exceeds the current segment speed limit by more than 5 kph, a warning
is sounded in the driver’s cabin. If the train speed exceeds the current segment speed
limit by more than 10 kph, the train’s brakes are automatically applied until the speed
falls to the segment speed limit. Train brakes should be applied within 100 ms of the time
when the excessive train speed has been detected.
 If the train enters a track segment that is signaled with a red light, the train protection
system applies the train brakes and reduces the speed to zero. Train brakes should be
applied within 100 ms of the time when the red light signal is received.
 The system continually updates a status display in the driver’s cabin.

a. Identify the stimuli that must be processed by the on-board train control system
and the associated responses to these stimuli.

b. Suggest possible process architecture for this system.

c. If a periodic process in the on-board train protection system is used to collect

data from the trackside transmitter, how often must it be scheduled to ensure
that the system is guaranteed to collect information from the transmitter? Explain
how you arrived at your answer.
 2. Security engineering focuses on how to develop and maintain software systems that can
resist malicious attacks intended to damage a computer-based system or its data. answer
the following:

a. Explain why security is considered a more challenging problem than safety in a

system

Security: Protection of a system against deliberate external attacks and

threats.

Safety: Protection of the users of a system from unintended risks.

The key difference here is that while security is protection from external
attacks, safety is almost purely an internal affair. It is clear that security being
mostly external in nature has a broader coverage

b. Suggest how you would go about validating a password protection system for an
application that you have developed. Explain the function of any tools that you think

Validating a password protection system involves:

1. Identifying possible threats. The principal threats are

 Attacker gains access without a password

 Attacker guesses a password of an authorised user

 Attacker uses a password cracking tool to discover passwords of

authorised users

 Users make passwords available to attackers

 Attacker gains access to an unencrypted password file

2. Developing tests that cover each of these threats

 Test system for all authorized used to check that they have set a
password.

 Test system heuristically for commonly used passwords such as names of

users, festivals, other proper names.

 Check that all user passwords are not words that are in a dictionary. A
password cracking tool usually checks encrypted passwords against the
same encryptions of words in a dictionary.

 This is very hard to check. To stop users writing down passwords you
need to allow words that are in the dictionary and are hence easy to
remember.

 Check that access to the password file is very limited. Check that all
copy actions on the password file are logged.
3. Service-oriented architecture is an approach to software engineering where reusable,
standardized services are the basic building blocks for application systems , answer the
following:

a. Giving reasons for your answer, suggest two important types of application where you
would not recommend the use of service-oriented architecture
 Embedded applications in devices where a network connection cannot be guaranteed.
These are unlikely to make use of services as there is no guarantee that these services
will be available when required.
 Real-time applications with stringent deadlines, especially those with lots of user
interaction e.g. computer games. In these applications, the performance overhead in
coding and decoding XML messages is likely to be unacceptable .

B -Using an example, explain in detail why the thorough testing of services that include
com-pensation actions is difficult

Usability testing mainly focuses on the user's ease to use the application, flexibility in
handling controls and ability of the system to meet its objectives

Load testing is necessary to know that a software solution will perform under real-life loads.

Regressing testing involves testing done to make sure none of the changes made over the
course of the development process have caused new bugs. It also makes sure no old bugs
appear from the addition of new software modules over time.

Recovery testing - is done to demonstrate a software solution is reliable, trustworthy and

can successfully recoup from possible crashes.

Migration testing- is done to ensure that the software can be moved from older system
infrastructures to current system infrastructures without any issues.

Functional Testing - Also known as functional completeness testing, functional testing

involves trying to think of any possible missing functions. Testers might make a list of
additional functionalities that a product could have to improve it during functional testing.

Example
Test planning and scheduling problems often occur when there is no separate test plan,
but rather highly incomplete and superficial summaries in other planning documents. Test
plans are often ignored once they are written, and test case descriptions are often
mistaken for overall test plans. The schedule of testing is often inadequate for the amount
of testing that should be performed, especially when testing is primarily manual. Significant
testing is often postponed until too late in the development process, especially on projects
using traditional sequential development cycles.

4. Safety-critical systems are systems whose failure can lead to human injury or death, answer
the following:

a. In the insulin pump system, the user has to change the needle and insulin supply at
regular intervals and may also change the maximum single dose and the maximum
daily dose that may be administered. Suggest three user errors that might occur and
propose safety requirements that would avoid these errors resulting in an accident.
b. No Needle Unit … The delivery needle has been removed.
c. Sensor Failure… self-test of the sugar sensor has resulted in an error.
d. Insulin Reservoir Removed and Pump Failure ..pump is not working
 Solutions:
The switch on mode simulates the behaviour of the pump when the user
pushes the switch‐on
button. When the user switches on the simulator, it goes to autorun mode. It
is assumed that
the user blood sugar is at safe stage
when the simulator is loaded it goes to switch of mode.
When the insulin reservoir stops, a sound occurs, warning the patient that the
pump is not working

5 A safety-critical software system for managing roller coasters controls two main
components:
 The lock and release of the roller coaster harness which is supposed to keep riders in
place as the coaster performs sharp and sudden moves. The roller coaster could not
move with any unlocked harnesses.
 The minimum and maximum speeds of the roller coaster as it moves along the
various segments of the ride to prevent derailing, given the number of people riding
the roller coaster.

a. Identify three hazards that may arise in this system.

Passengers drowned
Causing injuries
Ship crash
b. For each hazard, suggest a defensive requirement that will reduce the probability that
these hazards will result in an accident.
When the belts are not closed, a warning sound appears, and the ship stops
c. Explain why your suggested defense is likely to reduce the risk associated with the
hazard.
When the belts are not closed, a warning sound appears and the ship will stop ..
because it will inform the ship of a danger, so stop and avoid serious dangers .