Skip to Main Navigation Skip to Content

Prioritize, Measure and Quantify CyberSecurity Risk

Why Choose the Knowledge Discovery Metamodel?

The Knowledge Discovery Metamodel offers deep semantic integration between software development tools that deal with existing software systems. Below we will refer to this broad class of tool as software analytics tools. One common characteristic of software analytics tools is that they view software as data.

Software analytics tools are used for modernization of existing software. Software Modernization is a mature industry that supports maintenance and evolution phases of the software development lifecycle. Software Modernization is the process of understanding and evolving ”existing software assets” – mostly related to the so-called ”code bases”. In other words, Software Modernization tools and services work with ”existing software systems”. It is needless to say that there is a vast amount of highly functional, operational software, representing enormous commercial value deployed in organizations around the globe. These entrenched software systems often resist evolution because their strategic value and ability to adapt has diminished through factors not exclusively related to its functionality. Common examples of such factors are a system’s inability to be understood or maintained cost-effectively, inability to interoperate or dependence on undesired technologies or architectures.

According to IDC (http://www.idc.com): “Optimizing the value of software investments is vital for organizations responding to the overarching demand on IT to deliver greater value to the business with flat, or only slightly increased spending.””

One of the biggest concerns during the software maintenance and evolution phase of the application lifecycle is software integrity – cohesiveness of software assets for the purpose of efficient modification of the existing code base. Achieving higher level of software integrity requires software asset tracking and software asset tracking through some form of software asset inventory.

Read more about this …

There exist multiple analytics tools for software maintenance and software modernization that scan ”development assets”, and provide maintenance engineers with ”knowledge” about these assets, or even offer semi-automated transformations of existing software. Unfortunately, current ”maintenance” tools offer little interoperability. In order to obtain a cohesive view of the application, customers need to do painful point-to-point integrations between these tools.

Read more on the anatomy of a ”software analytics” tool.

Each tool that helps understand and evolve existing software has unique strengths, but also unique gaps. As mentioned in the recent comparison of static analysis tools performed at NSA: ”Organizations trying to automate the process of testing software for vulnerabilities have no choice but to deploy a multitude of tools”.

The following factors determine the need for deep semantic integration of tools in the field of software maintenance and application life cycle management.

  • Diversity of implementation languages
  • Diversity of runtime platforms for which applications are developed
  • Analysis of applications that use application frameworks, COTS components, services
  • The need to understand the ”as is” architecture of the existing software system and manage changes from architectural perspective
  • The need to combine static analysis with architecture analysis and metrics
  • The need to integrate static and dynamic analysis of systems
  • The need to correlate software development management data from various sources

Knowledge Discovery Metamodel Spec addresses the integration challenge by offering a common language-independent intermediate representation. Such intermediate representation allows logical separation of the analysis components from the parsing components and promotes a plug-and-play environment which dramatically improves the power of the analysis tools. The Knowledge Discovery Metamodel Spec is defined as the foundation for deep semantic integration of various application lifecycle management tools by providing a common extensible ontology. This allows significant reuse of the technologies and expertize at the analysis level. The common ontology determines the level at which tools can share knowledge about existing system, while any additional data may need to remain tool-specific.

Learn more about the design of the Knowledge Discovery Metamodel Spec.

Knowledge Discovery Metamodel defines the software development database format which can be used for software asset management and software asset tracking. The KDM-based repository for a given software system can be populated by multiple software development, software maintenance and application lifecycle management tools. It is important for a number of software development maintenance tasks to have coherent view of all application lifecycle data. Software maintenance tools can then analyze this information to assist software development management.

There are two levels of integration between application lifecycle management tools:

  • Service integration level
  • Ontology integration level

At the service integration level collaborating tools need to comply with the same service standard and infrastructure (for example, Web services). There is an ongoing Eclipse project Application Lifecycle Framework (ALF) in which several companies collaborate to create a common service integration framework for application lifecycle management tools.

At the ontology integration level collaborating tools need to share the same ontology related to the application. For example, when one tool generates the inventory of source files, and another tool contributes the line of code metrics to these same files, and yet another tool contributes the requirements to the features implemented by these source files, all three tool share the same ontology that involves the concept of a ”source file”. KDM provides an extensive ontology related to exsting software applications.

In order to play within the KDM ecosystem, existing application lifecycle management tools need to implement ”bridges” between their internal models and the Knowledge Discovery Metamodel. Compliance criteria are defined in the Knowledge Discovery Metamodel specification.

KDM Ecosystem is a community of tools, components and services build on the foundation of shared ontology, offering knowledge-based integration. Object Management Group (OMG) has a proven track record of providing foundations for interoperable tools – Unified Modeling Language (UML) is a successful knowledge-based tool ecosystem build around an OMG specification.