Michael VanHilst

Learn More
In this paper we present a method of code implementation that works in conjunction with collaboration and responsibility based analysis modeling techniques to achieve better code reuse and resilience to change. Our approach maintains a closer mapping from responsibilities in the analysis model to entities in the implementation. In so doing, it leverages the(More)
In previous work we introduced an approach for finding security requirements based on misuse activities (actions). This method starts from the activity diagram of a use case (or a sequence of use cases). Each activity is analyzed to see how it could be subverted to produce a misuse of information. This analysis results in a set of threats. We then consider(More)
Parnas' seminal 1972 paper, "On the Criteria To Be Used in Decomposing Systems into Modules," identified simplifying change as a critical criterion for modularizing software. Successful designs are those in which a change can be accommodated by modifying a single module. There is a tacit assumption in most of the literature that once a change has been(More)
In this paper, we propose to apply artifact mining in a global development environment to support measurement based process management and improvement, such as SEI/CMMI's GQ(I)M and Six Sigma's DMAIC. CMM has its origins in managing large software projects for the government and emphasizes achieving expected outcomes. In GQM, organizational goals are(More)
This report summarizes the key goals, vision, and accomplishments of research in HP Laboratories on Assistant and Agent technology for me-centric computing. The primary focus of our work is in the architecture and implementation of intelligent assistants for mobile professionals and me-centric, peer-to-peer computing. We are investigating the possibilities(More)
It is possible to reasonably measure the security quality of individual security patterns. However, more interesting is to ask: Can we show that a system built using security patterns is secure in some sense? We discuss here some issues about evaluating the security of a system built using security patterns. We consider the use of threats and misuse(More)
—A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same(More)