Measuring software reliability under the influence of an infected patch

Authors

  • Jasmine Kaur Department of Operational Research, University of Delhi, Delhi, India
  • Adarsh Anand Department of Operational Research, University of Delhi, Delhi, India
  • Ompal Singh Department of Operational Research, University of Delhi, Delhi, India
  • Vijay Kumar Department of Mathematics, Amity Institute of Applied Sciences, Amity University Uttar Pradesh, Noida, India

DOI:

https://doi.org/10.2298/YJOR200117005K

Keywords:

infected patch, patching, software reliability

Abstract

Patching service provides software firms an option to deal with the leftover bugs and is thereby helping them to keep a track of their product. More and more software firms are making use of this concept of prolonged testing. But this framework of releasing unprepared software in market involves a huge risk. The hastiness of vendors in releasing software patch at times can be dangerous as there are chances that firms release an infected patch. The infected patch (es) might lead to a hike in bug occurrence and error count and might make the software more vulnerable. The current work presents an understanding of such situation through mathematical modeling framework; wherein, the distinct behavior of testers (during in-house testing and field testing) and users is described. The proposed model has been validated on two software failure data sets of Tandem Computers and Brazilian Electronic Switching System, TROPICO R-1500.

References

Anand, A., Agarwal, M., Tamura, Y., and Yamada, S. "Economic impact of software patching and optimal release scheduling". Quality and Reliability Engineering International, 33 (1) (2017) 149–157.

Anand, A., and Bansal, G. "Interpretive structural modelling for attributes of software quality". Journal of Advances in Management Research, 14 (3) (2017) 256-269.

Anand, A., Bhatt, N., and Aggrawal, D. "Modeling Software Patch Management Based on Vulnerabilities Discovered". International Journal of Reliability, Quality and Safety Engineering, 27(2) (2019) 2040003.

Anand, A., Das, S., and Singh, O. "Modeling software failures and reliability growth based on pre & post release testing". 5th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions)(ICRITO), Delhi, India, (2016) 139–144.

Anand, A., Das, S., Aggrawal, D., and Kapur, P. K. "Reliability analysis for upgraded software with updates". Quality, IT and business operations, Springer Natur, Singapore, (2018) 323–333.

Anand, A., Gupta, P., Klochkov, Y., and Yadavalli, V. S. S. "Modeling Software Fault Removal and Vulnerability Detection and Related Patch Release Policy". System Reliability Management: Solutions and Technologies, CRC Press, Boca Raton, Florida, (2018) 19-34.

Anand, A., and Ram, M. "System Reliability Management: Solutions and Technologies". CRC Press, Boca Raton, Florida, (2018).

Anand, A., and Ram, M. "Recent Advancements in Software Reliability Assurance". CRC Press, Boca Raton, Florida, (2019).

Arora, A., Caulkins, J. P., and Telang, R. "Research note—Sell first, fix later: Impact of patching on software quality". Management Science, 52 (3) (2006) 465–471.

Babcock, C. "What’s The Greatest Software Ever Written?" Retrieved from https://www.informationweek.com/whats-the-greatest-software-ever-written/d/d-id/1046033.

Bateman, D. "Cairns Hospital suffers software ‘catastrophe’ with patient data". Retrieved from https://www.cairnspost.com.au/news/cairns-hospital-suffers-software-catastrophe-with-possible-loss-of-patient-data/news-story/c828de3f4a0f73132ec3d19284cbae88.

Beattie, S., Arnold, S., Cowan, C., Wagle, P., Wright, C., and Shostack, A. "Timing the Application of Security Patches for Optimal Uptime". LISA, 2 (2002) 233-242.

Bittanti, S., Bolzern, P., Pedrotti, E., Pozzi, M., and Scattolini, R. "A flexible modelling approach for software reliability growth". In *Software Reliability Modelling and Identification* (pp. 101–140). Lecture Notes in Computer Science, Springer, Berlin, Heidelberg.

Das, S., Anand, A., Singh, O., and Singh, J. "Influence of Patching on Optimal Planning for Software Release and Testing Time". Communications in Dependability and Quality Management - An International Journal, 18 (4) (2015) 81–92.

Deepika, Anand, A., Singh, N., and Dutt, P. "Software reliability modeling based on in-house and field testing". Communications in Dependability and Quality Management - An International Journal, 19 (1) (2016) 74–84.

Goel, A. L., and Okumoto, K. "Time-dependent error-detection rate model for software reliability and other performance measures". IEEE Transactions on Reliability, 28 (3) (1979) 206–211.

Jelinski, Z., and Moranda, P. "Software reliability research". In *Statistical Computer Performance Evaluation* (pp. 465–484). Academic Press, New York, United States.

Jiang, Z., and Sarkar, S. "Optimal software release time with patching considered". In *Proc. 13th Annual Workshop Information Technologies and Systems* (pp. 61–66). Seattle, Washington.

Kanoun, K., de Bastos Martini, M. R., and de Souza, J. M. "A method for software reliability analysis and prediction application to the TROPICO-R switching system". IEEE Transactions on Software Engineering, 17 (4) (1991) 334–344.

Kansal, Y., Singh, G., Kumar, U., and Kapur, P. K. "Optimal release and patching time of software with warranty". International Journal of System Assurance Engineering and Management, 7 (4) (2016) 462–468.

Kapur, P. K., and Garg, R. B. "A software reliability growth model for an error-removal phenomenon". Software Engineering Journal, 7 (4) (1992) 291–294.

Kapur, P. K., Pham, H., Gupta, A., and Jha, P. C. "Software reliability assessment with OR applications". London: Springer, (2011).

Kapur, P. K., Pham, H., Chanda, U., and Kumar, V. "Optimal allocation of testing effort during testing and debugging phases: a control theoretic approach". International Journal of Systems Science, 44 (9) (2013) 1639-1650.

Kumar, V., Singh, V. B., Dhamija, A., and Srivastav, S. "Cost-reliability-optimal release time of software with patching considered". International Journal of Reliability, Quality and Safety Engineering, 25 (4) (2018) 1850018.

Kumar, V., Khatri, S. K., Dua, H., Sharma, M., and Mathur, P. "An assessment of testing cost with effort-dependent fdp and fcp under learning effect: a genetic algorithm approach". International Journal of Reliability, Quality and Safety Engineering, 21 (6) (2014) 1450027.

Kumar, V., Kapur, P. K., Taneja, N., and Sahni, R. "On allocation of resources during testing phase incorporating flexible software reliability growth model with testing effort under dynamic environment". International Journal of Operational Research, 30 (4) (2017) 523-539.

Kumar, V., and Sahni, R. "An effort allocation model considering different budgetary constraint on fault detection process and fault correction process". Decision Science Letters, 5 (1) (2016) 143-156.

Musa, J. D. "A theory of software reliability and its application". IEEE Transactions on Software Engineering, 13 (1975) 312-327.

Ohba, M. "Inflection S-shaped software reliability growth model". In Stochastic Models in Reliability Theory (1984) 144-162.

Rouse, M. "Patch Tuesday". Retrieved from https://searchsecurity.techtarget.com/definition/PatchTuesday.

"SAS/ETS 9.1 User’s Guide". SAS Institute, (2004) 37–45.

Schneier, B. "The Next Ransomware Attack Will Be Worse than WannaCry". Retrieved from https://www.schneier.com/essays/archives/2017/05/the_next_ransomware_.html.

Singh, O., Anand, A., Aggrawal, D., and Agarwal, M. "Utility based assessment of attributes for software quality". Proceedings of 5th International DQM Conference on Life Cycle Engineering and Management (ICDQM-2014), Cacak, Serbia, (2014) 95-110.

Tickoo, A., Kapur, P. K., Shrivastava, A. K., and Khatri, S. K. "Testing effort based modeling to determine optimal release and patching time of software". International Journal of System Assurance Engineering and Management, 7 (4) (2016) 427-434.

Wood, A. "Predicting software reliability". Computer, 29 (11) (1996) 69-77.

Yamada, S., Ohba, M., and Osaki, S. "S-shaped reliability growth modeling for software error detection". IEEE Transactions on Reliability, 32 (5) (1983) 475-484.

GFI Software. "50% of Businesses Have Suffered IT Failures Due to Bad Software Updates". Retrieved from https://www.gfi.com/company/press/press-releases/2011/06/50-of-businesses-have-suffered-it-failures-due-to-bad-software-updates.

Downloads

Published

2021-05-01

Issue

Vol. 31 No. 2 (2021)

Section

Research Articles

License

Copyright (c) 2021 YUJOR

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.