Next Article in Journal
Optical Trapping, Sizing, and Probing Acoustic Modes of a Small Virus
Previous Article in Journal
Reconstruction and Measurement of Irregular Karst Caves Using BLST along the Shield Metro Line
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 10
Issue 1
10.3390/app10010393
Review Report
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

An Approach to Analyze Vulnerability of Information Flow in Software Architecture

Appl. Sci. 2020, 10(1), 393; https://doi.org/10.3390/app10010393
by Tingyang Gu 1,2, Minyan Lu 1,2, Luyi Li 3 and Qiuying Li 1,2,*
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Reviewer 3: Anonymous
Appl. Sci. 2020, 10(1), 393; https://doi.org/10.3390/app10010393
Submission received: 10 December 2019 / Revised: 29 December 2019 / Accepted: 2 January 2020 / Published: 4 January 2020
(This article belongs to the Section Computing and Artificial Intelligence)

Round 1

Reviewer 1 Report

Authors have done a commendable job on revising the paper and thoroughly addressing reviewers comments. I have the following minor comments to improve the accuracy of referencing to systems engineering literature.

Overall, it is refreshing to see the how well the authors have connected both the system and software engineering perspective on architecture, information flows and using graph theoretic models. However, following up and looking through the citations, there is some disconnect. Reference 9 is about using graph theory for system level analysis, whereas the functional physical and allocated architecture definitions are provided in “System Architecting and Design Space Characterization” Systems Engineering  21.3 (2018). (Mentioned in round 1 review 1 comments.) I would suggest replacing reference 9 with this in introduction section and moving current ref 9 to section 2.4 systems engineering discussion. Furthermore, I will refer the authors to “A System-of-Systems Perspective for Information Fusion: A network theoretic formulation” which provides complementary ideas of using graph theory for architecture and vulnerability analysis.

 

Line 107: into is redundant in the following sentence: “we will research into the”

Table 1: Remove “Based on” from the last row col 1.

Author Response

Reviewer 1

We want to thank you for your insightful suggestions on our paper. Based on your suggestions, we have revised our paper carefully. Our responses for your comments are listed below:

 

1:Reference 9 is about using graph theory for system level analysis, whereas the functional physical and allocated architecture definitions are provided in “System Architecting and Design Space Characterization” Systems Engineering 21.3 (2018). (Mentioned in round 1 review 1 comments.) I would suggest replacing reference 9 with this in introduction section and moving current ref 9 to section 2.4 systems engineering discussion.

Response: After reviewing introduction and section 2.4 of our paper, and reading reference 9 carefully as well as the paper “System Architecting and Design Space Characterization” you provided, we found that reference 9 was cited in an inappropriate section. We accept your suggestion and move reference 9 to section 2.4 on systems engineering discussion. In addition, we cited “System Architecting and Design Space Characterization” in the introduction section. Thank you for your careful review and suggestion.

 

2:Furthermore, I will refer the authors to “A System-of-Systems Perspective for Information Fusion: A network theoretic formulation” which provides complementary ideas of using graph theory for architecture and vulnerability analysis.

Response: We read “A System-of-Systems Perspective for Information Fusion: A network theoretic formulation” you suggested. This paper gives us lots of help and insights. We cited this paper in reference [38] and [39] in section 2.4, line 205.

 

3:Line 107: into is redundant in the following sentence: “we will research into the”

Response: We have deleted “into”.

 

4:Table 1: Remove “Based on” from the last row col 1.

Response: We have deleted “based on”.

 

5:English language and style are fine/minor spell check required

Response: We reexamined the whole paper about our English language and style according to your suggestions and applied English language revision service provided by MDPI. Thank you very much for your careful suggestion.

Author Response File: Author Response.docx

Reviewer 2 Report

This article is a rebsumision in which the reviewer has already participated in the review process. This paper presents an analysis approach for vulnerability of information flow in software architecture, based on confidentiality and integrity policies of information flow. The current version presents the improvements recommended in the previous review process. However, it has been detected that some changes are missing that were made in the version that I previously accepted as they are:

Why other machine learning methods in the field of computational intelligence have not been considered? See for example:

- G Beruvides et al.; Surface roughness modelling and optimization of tungsten–copper alloys in micro-milling processes; Measurement 86, 246-252

Perhaps to improve the impact, show the advantages that the contribution of the article would have on security in IoT networks in automotive applications, such as autonomous vehicles. Here you have two articles in which with your proposal the existing errors in this field would be improved:

- F Castaño et al.; Sensor Reliability in Cyber-Physical Systems Using Internet-of-Things Data: A Review and Case Study Remote Sensing 11 (19), 22522019, 15, (2), 800-811.

- F Castaño et al.; Self-tuning method for increased obstacle detection reliability based on internet of things LiDAR sensor models; Sensors 18 (5), 1508

Authors only concentrate on using ResNet deep residual, and it would be fine to see, using this scheme other soft-computing methods.

Author Response

Reviewer 2

Thank you very much for your comments on our paper. According to your suggestions, we have revised the paper carefully and accepted your suggestions. In our previous revised version, we have revised some problems you mentioned, but we forgot to highlight these revisions or point out directly where these revisions are (such as in which line) in our previous cover letter. We believe this is why you didn’t realize some of our revisions. We are sorry for your inconvenience. In this revised paper, we have highlighted these revisions and will describe them in detail in this cover letter.

 

1:Why other machine learning methods in the field of computational intelligence have not been considered? See for example:

- G Beruvides et al.; Surface roughness modelling and optimization of tungsten–copper alloys in micro-milling processes; Measurement 86, 246-252

Response: Your suggestion is very inspiring and will be considered in our future work. With the improvement of our methods and accumulation of experiment data, we are considering to introduce machine learning methods in computing intelligence into our future work. We have revised the future work chapter to reflect our future consideration and your suggestion. After carefully reading the papers your provided, we cited them in reference [65] and [66]. We have highlighted this revision as seen in line 803. There are several reasons why machine learning methods are not considered in this paper: 1. Vulnerability analysis on architecture level is a rather new area and still in starting phase. There aren’t many related researches. So data needed for machine learning are limited. 2. The focus of this paper is locating vulnerabilities in software architectures. We want to firstly propose a method that can be applied in this area to remedy the problem that there is a lack of useful methods in locating vulnerabilities in software architectures. As a result, machine learning methods are not considered in this paper.

 

2:Perhaps to improve the impact, show the advantages that the contribution of the article would have on security in IoT networks in automotive applications, such as autonomous vehicles. Here you have two articles in which with your proposal the existing errors in this field would be improved:

- F Castaño et al.; Sensor Reliability in Cyber-Physical Systems Using Internet-of-Things Data: A Review and Case Study Remote Sensing 11 (19), 22522019, 15, (2), 800-811.

- F Castaño et al.; Self-tuning method for increased obstacle detection reliability based on internet of things LiDAR sensor models; Sensors 18 (5), 1508

Response: This is an excellent suggestion. We have considered to apply our method in security area in IoT networks and in automotive applications in the future. We have read the papers you suggested, which have given us lots of inspirations for our future work. We have revised the future work chapter, and will try to apply our research into automobile area, such as autopilot. We have cited the papers you suggested as reference [67] and [68]. We have highlighted this part as seen as in line 804.

 

3:Authors only concentrate on using ResNet deep residual, and it would be fine to see, using this scheme other soft-computing methods.

Response: We didn’t use machine learning approaches in this paper because of the reasons we mentioned in Question 1. We assumed this confusion is due to our language and description. As a result, we further revised the English language of your paper and applied the English Language revision service provided by MDPI. Besides, we have read the literature on machine learning you suggested and cited them. These references are highlighted in our paper. We are considering to apply machine learning approaches in our future work.

 

4:Moderate English changes required

Response: According to your suggestions, we have used the English language revision service provided by MDPI to improve our English language.

 

5:About the conclusions supported by the results

Response: We have adjusted the structure of the case study section to be more logical and readable. In addition, we provided more detailed explanation and illustration for some details of the case study. What’ more, we enhanced the discussion subsection on experiment results to make our conclusions supported by the results better. Finally, we submitted experiment data as required by MDPI.

Author Response File: Author Response.docx

Reviewer 3 Report

Thanks to authors for addressing my comments.

Author Response

Reviewer 3

Thank you very much for reviewing our paper and giving us lots of suggestions previously. Although you didn’t provide new suggestions, we still thought about your evaluation on our paper carefully. We believe there are two problems in our paper: First, language problems. Second, you believe our paper needs to be improved from many aspects.

 

1:Moderate English changes required。

Response: We have revised our paper again on the English language, and used the English language revision service provided by MDPI. We submitted the certificate by MDPI.

 

2:Every aspect of the paper can be improved

Response: First, we have revised the abstract, introduction and related work sections thoroughly. Besides, we added more detailed description on the experiment process. In addition, we reviewed and revised our paper according to the MDPI guidelines provided by academic editor. We have highlighted these revisions. Finally, we submit experiment data as required by MDPI guidelines.

Round 2

Reviewer 2 Report

The authors have modified the paper according to the reviewer recommendations.

Back to TopTop