In Software industry Software reuse Essay


In Software industry Software reuse is considered to be the cardinal which can unlock the package development growing in the hereafter.

The possible benefits include lessening in development cost and agenda and addition in quality. One of the chief issues in package reuse is the Security. This paper gives a clear image about the Software Reuse and security issues.Index Footings – Software Reuse, Security issues.


In today ‘s fast moving universe people try to do their things easier, faster and with low cost. This can be applied to all Fieldss that we face in our daily activities. Now-a-days in most of the technology Fieldss their merchandises are designed or developed from bing constituents, in which these constituents are been already used by some other merchandise. By making this it is easy to construct new systems expeditiously.

This recycling methodological analysis can besides be implemented package development life rhythm. With the aid of “ Software Reuse ” it is easy to accomplish better package with less clip and cost. Even though Software Reuse has many advantages, still day of the month this is non successfully implemented and still this is merely a popular treatment and argument subject in our package industry for more than 30 old ages. One of the chief issues that affect the Software Reuse is Security. In general we know that Security is one of the cardinal issues in the package development industry, so this is should be resolved in an efficient manner. This paper discusses about the Software Reuse and their Security issues.

Software Reuse and Security

Software Reuse is besides known as Code Reuse and the key thought behind this is to utilize the bing package to construct new package. This means utilizing a complete or partial codification of the bing package or computing machine plan to develop a new merchandise. By making this, a developer can bring forth a quality package by salvaging resources such as clip, cost and etc.

In general the package reuse can be achieved in different degrees, such as [ 1 ] .

  • Single/Multiple lines of codification.
  • Procedures/Functions.
  • Modules/Components.
  • Packages or
  • Stallion plans.

  • Professionals of Software Reuse

Some of the chief advantages of Software Reuse are as follows [ 1 ] .

  • Efficiency – this finally reduces the designing or cryptography clip.
  • Standardization – gives a standard feel for all the packages.
  • Debuging – since it uses the codification which is already debugged and tested the debugging will be easy and wo n’t devour clip.
  • Resource Reduction – this can cut down the package development cost and clip.

Cons of Software Reuse

Some of the disadvantages of Software Reuse are as follows [ 1 ] .

  • Mismatch – in some instance the demands or design might hold some struggles.

  • Requires time/effort to change over or fit with the demands – Even though it reduces the development clip in some instances it consumes clip if it does non fit with our demand.
  • Expense – Sometimes, some constituents might be dearly-won which in bend increases the undertaking cost or budget because this may be excessively expensive for the undertaking.
  • Security – This is one of the most of import issues that affect package reuse. We can see this in item in the undermentioned subdivision.

Software Security is considered as a compulsory component throughout the package development lifecycle. Harmonizing to the merchandise security ends, the security is considered as a portion of system design. So a proper attending must be given from the twenty-four hours one of the development procedure for each and every constituents or faculty that is to be developed because implementing security at the concluding phase of the development is extremely impossible and sometime it might even impact the characteristics of the merchandise that is developed. If the developer decided to implement the security at the terminal so this will be a clip devouring procedure and even security can non be implemented in an efficient mode. Even this could be one of the chief grounds which could impact package reuse because if security is non implemented in the single constituents or faculty so and if we tend to utilize that peculiar faculty or constituents so obliviously the freshly developed package will be given to increase the security hazards.

From this we can hold a clear image that security should be integrated for each faculties or constituents otherwise it will be hard to implement it subsequently and furthermore implementing a secure reclaimable package will go a inquiry grade for the developers. Even though the usage of constituents has many advantages, in general a constituent is considered extremely vulnerable in footings of security. This is caused chiefly by the bugs in the codification or due to some malicious codification in the constituent which may be known or unknown to the developer [ 2 ] .

Challenges in Software Reuse and Security

General Security Enforcements for Reusable Softwares

As the above subdivisions clearly describes about the reclaimable package security and their advantages we can deduce that implementing or managing security in the constituents will a good thought. So at the clip component/module design itself, the developers should believe about the security along with demands, characteristics and serviceability ‘s. To successfully implement this every developer should hold their ain guidelines for the constituents before the executions. For case a web application can hold the undermentioned security menaces [ 3 ] .

  • Validating Input onslaughts – are Cross-site scripting ( XSS ) or Buffer size flood.
  • Authentication onslaughts – are dictionary onslaughts, Key lumberman.
  • Cryptanalysis onslaughts – are hapless encoding or hapless cardinal direction.
  • Exception direction onslaughts – are unwraping information.

In order to avoid these types of security hazards or treats the developer should hold proper design program.

In general the developer or the coder might hold figure of issues but some of these issues should purely see based upon their precedence. For case to develop a web service based constituent the undermentioned issues are to be considered [ 4 ] .

  • Mandate should be given based upon their function or degree in the undertaking.
  • All the sensitive informations of the constituents should be protected.
  • The security audit should be considered as demands.
  • Provide sufficient security for the codification entree.

In general this means that the developer should seek to manage all the possible security step in the constituent or faculty that may originate in the hereafter.

Security Concerns in Component Reuse

Harmonizing to Kim. Y and Lee. S article [ 5 ] most of the constituent that are been developed uses the security API for implementing security in their constituent. These API requires the security map, where these codifications reside inside the constituents and this will cut down the reusability. To get the better of this job Kim and Lee suggested the separation theoretical account which separates the security and the nucleus constituent so that the nucleus constituents has the cardinal characteristics of the constituents and the security constituents implements the security issues.

This theoretical account besides includes a new constituent known as facet constituent which acts as an intermediate constituent for security and nucleus constituent. The chief intent of this aspect constituent is to specify the regulations for the other constituents. With the aid of this separation theoretical account it is easy for the developer to better the security strength of the constituent. The figure given below shows the Separation theoretical account [ 5 ] .As an extension to this theoretical account they modified the original 1 in order to back up extra security characteristics for the constituent reuse. This theoretical account includes a new constituent called wrapper theoretical account.

The wrapper theoretical account merely wraps the black box constituent and gives the manner for its alteration this is done to include the security map in the black box from of constituents and with the aid of this separation theoretical account this can be transformed into white box signifier of constituent. The figure given below shows the elaborate block diagram of the extension theoretical account.The package reuse is chiefly used to better the productiveness and the quality of merchandise that is developed or the package development. Since the black box does non hold or give more information, this can cut down the constituent reusability. In order to get the better of this job we have to utilize this separation theoretical account which is shown in the above figure. In this theoretical account the wrapper constituent encloses the interface for the nucleus the constituent. So the nucleus constituent calls the security constituent with the aid of this interface.

Now the Core constituent has the black box and the wrapper theoretical account encloses the white box, so the security regulations can be updated or modified harmonizing to their demand. Therefore by lodging to this separation extension model the developer can implement the security for their constituents [ 5 ] .

Reclaimable Security Requirement

Similar to other demands and constituents security demands can besides be reused by another package development. Harmonizing to D.G Firesmith [ 6 ] , by recycling security demands will besides better the quality, productiveness and security of the package development.

As an overview about all the package merchandises have the same exposures, menaces and onslaughts but in some instances this may alter harmonizing to the application. These security issues are about handled in the same manner in most of the application. Due to these grounds we can deduce that the security demands can be standardized. Similar to the other demand the security demand will besides impact the quality of the merchandise. In order to manage the security demand expeditiously a templet can be created and reused so that it will be easy for the developer to manage the security issues.

So a templet can be created for the security demand and can be reused by all the applications and its spheres. The templet should envelop the inside informations such as.

  • Requirements.

  • Its sub-factors.
  • Measures.
  • Key conditions – this is can stand in divided into the followers.
  • Asset.
  • Menaces.
  • Attackers.
  • These are the cardinal elements which is required for most the applications. In some instances the application may necessitate to manage more issues so at that clip the demands squad and the security squad should hold a treatment about their security issues.

    With the aid of this templet the security demands are received from the client and after this, these demands should be analysed by the security squad and if there is any differences with the demands that should be cleared with the clients or the demand squad [ 6 ] .From the above two subdivision ( Security Concerns in Component Reuse and Reusable Security Requirement ) we can deduce that both the writers handle security issues that the betterment in reclaimable package but in different facets. So from these, we can do an extension by uniting these together, so that the security demands need non be taken for all the constituents of the application and this will deliberately better the security and the reclaimable constituents or package.



    1. Ian Sommerville 2004, “ Software Engineering ” , 7th edition. Chapter 18.
    2. Llewellyn-Jones.

      D, Merabti. M, Askwith. B and Shi. Q, “ An Extensile Model for Practical Secure Component Composition in a Omnipresent Computing Environment, ” in International Conference on Information Technology, Las Vegas, USA, April, 2004.

    3. “ Bettering Web Application Security: Menaces and Counter Measures ” , published by Microsoft Corporation,, viewed on Oct 2nd 2009.

    4. “ Building Secure Serviced Components ” Published by Microsoft Corporation,, viewed on Oct 2nd 2009.
    5. Young-Soo Kim and Sang-Ho Lee, “ Separation of Concerns Security Model for Extension of Component Reuse ” in International Symposium on Ubiquitous Multimedia Computing, Korea, 2008.
    6. Donald G. Firesmith, “ Analyzing and Specifying Reusable Security demands ” , Software Engineering Institute, Carnegie Mellon University, Pittsburgh.