Digitalization of Swedish Government Agencies: Detailed Census Description and Analysis

Software engineering is at the core of the digitalization of society. Ill-informed decisions can have major consequences, as made evident in the 2017 government crisis in Sweden, originating in a data breach caused by an outsourcing deal made by the Swedish Transport Agency. Many Government Agencies (GovAgs) in Sweden are rapidly undergoing a digital transition, thus it is important to overview how widespread, and mature, software development is in this part of the public sector. We present a software development census of Swedish GovAgs, complemented by document analysis and a survey. We show that 39.2% of the GovAgs develop software internally, some matching the number of developers in large companies. Our findings suggest that the development largely resembles private sector counterparts, and that established best practices are implemented. Still, we identify improvement potential in the areas of strategic sourcing, openness, collaboration across GovAgs, and quality requirements. The Swedish Government has announced the establishment of a new digitalization agency next year, and our hope is that the software engineering community will contribute its expertise with a clear voice

Towards Secure Cloud Orchestration for Multi-Cloud Deployments

Cloud orchestration frameworks are commonly used to de- ploy and operate cloud infrastructure. Their role spans both vertically (deployment on infrastructure, platform, application and microservice levels) and horizontally (deployments from many distinct cloud resource providers). However, de- spite the central role of orchestration, the popular orchestration frameworks lack mechanisms to provide security guarantees for cloud operators. In this work, we analyze the security landscape of cloud orchestration frameworks for multi- cloud infrastructure. We identify a set of attack scenarios, define security enforcement enablers and propose an architecture for a security-enabled cloud orchestration framework for multi-cloud application deployments

Component Integrity Guarantees in Software-Defined Networking Infrastructure

Operating system level virtualization containers are commonly used to deploy virtual network functions (VNFs) which access the centralized network controller in software-defined net- working (SDN) infrastructure. While this allows flexible network configuration, it also increases the attack surface, as sensitive information is transmitted between the controller and the virtual network functions. In this work we propose a mechanism for bootstrapping secure communication between the SDN controller and deployed network applications. The proposed mechanism relies on platform integrity evaluation and execution isolation mechanisms, such as Linux Integrity Measurement Architecture and Intel Software Guard Extensions. To validate the feasibility of the proposed approach, we have implemented a proof of concept which was further tested and evaluated to assess its performance. The prototype can be seen as the first step into providing users with security guarantees regarding the integrity of components in the SDN infrastructure

Characterization of trade-off preferences between non-functional properties

Efficient design and evolution of complex software intensive systems rely on the ability to make informed decisions as early as possible in the life cycle. Such informed decisions should take both the intended functional and non-functional properties into account. Especially regarding the latter, it is both necessary to be able to predict properties and to prioritize them according to well-defined criteria. In this paper we focus on the latter problem, that is to say how to make trade-offs between non-functional properties of software intensive systems. We provide an approach based on the elicitation of utility functions from stake-holders and subsequent checks for consistency among these functions. The approach is exploitable through an easy-to-use GUI, which is also presented. Moreover, we describe the setup and the outcome of our two-fold validation based on exploratory elicitations with students and practitioners

Being, Bringing, Bridging - Three Aspects of Sketching with Nature

We articulate and reflect on the use of nature as a physical sketching material. We have closely documented explorations of various organic and non-organic materials found during excursions in a local forest and how we used them as resources in sketching. This serves as an exemplar case of how sketching in interaction design can be grounded in empirical explorations of nature. We discuss three examples of sketching based on explorations and experiences with elements and objects from a forest. Processes and characteristics of phenomena in nature such falling leaves, melting and freezing of snow, and perennial growth allowed us to expand our design repertoire and sketching skills, especially as new forms of representations and interactions. Based on this we outline three aspects of how nature can be included in sketching processes: being in nature, bringing nature to the lab, and bridging nature and interaction design

Performance and overhead evaluation of OSCOAP and DTLS

In this report we compare the OSCOAP protocol to CoAP over DTLS-PSK to evaluate their performance in constrained devices

Soma-based Design Theory

Movement-based interaction design is increasingly popular, with application domains ranging from dance, sport, gaming to physical rehabilitation. In a workshop at CHI 2016, a set of prominent artists, game design-ers, and interaction designers embarked on a research journey to explore what we came to refer to as “aes-thetics in soma-based design”. In this follow-up work-shop, we would like to take the next step, shifting from discussing the philosophical underpinnings we draw upon to explain and substantiate our practice, to form our own interaction design theory and conceptualisa-tions. We propose that soma-based design theory needs practical, pragmatic as well as analytical study – otherwise the felt dimension will be missing. We will consider how such tacit knowledge can be articulated, documented and shared. To ground the discussion firm-ly in the felt experience of our own practice, the work-shop is organised as a joint practical design work ses-sion, supported by analytical study