defect

Tool Details

Tool Name:	DEFECT – Dependability focused inspection tool
Tool Title Phrase:	Guided inspection support tool
Current Version:	1.0.0
Description:	The tool aims at supporting the inspection process by directing the inspecting software practitioner through the defect detection phase of an inspection. The needed instructions are provided by security models (that serve as reading support) from the SVRS. Depending on the used model, the tool generates an inspection report as result of the model application that can be used in the inspection meeting.
Architecture:	The tool is developed as Eclipse Plugin and uses therefore the Eclipse Framework. The modular designed system consists of three main components. First, there is an artefact handler, which is responsible for a suitable presentation of the software artefacts to be checked (i.e., source code, design documents, etc.). The artefact handler will be able to process multiple input file types (e.g., plain text file, pdf document, etc.). The second main module is the model handler. This component ensures an adequate presentation and navigation through the model (i.e., Security Goal Indicator Tree, Vulnerability Inspection Diagram or Guided Checklist). The third main module is the history file handler. This component ensures the traceability of the entire defect detection phase in an inspection process and provides on the one hand the history for stepwise navigation (undo step / repeat step) and on the other hand allows replaying the defect detection phase. Figure 1 shows the general architecture and the connection to Eclipse. Figure 1: Architecture
List of Features:	Supporting multiple reading support: Security Goal Indicator Tree (SGIT) Vulnerability Inspection Diagram (VID) Guided Checklist (GC) Supporting multiple software artefacts: Source Code PDF Documents Open Office Documents (unstable) Word Documents (planned)
Web site:	http://tools.iese.fraunhofer.de/DEFECT/
Download:	de.fhg.iese.defect_1.2.3.RC1.jar
Contact information:	Christian Jung, Fraunhofer IESE, Department Security and Safety Christian.Jung@iese.fraunhofer.de
Other information:	On request, source code can be made available for non-commercial use. Please, use the provided contact information. The Eclipse Plugin is free for use.