Modelo de gestión de la planificación del desarrollo de software como un proceso estocástico

La simulación nos permite modelar, entender y visualizar procesos que son complejos y no lineales. Los procesos involucrados en el desarrollo de software cumplen con ambas características y son en esencia procesos estocásticos. En la ingeniería de software se busca gestionar los procesos de desarrollo de software, pero se hace muy difícil poder llegar a planes y estimaciones con precisión. Por este motivo surgen los modelos incrementales de desarrollo de software, los ciclos de vida y la ingeniería de software en general. En el presente trabajo se presenta un modelo y una solución que aplica simulación a la ingeniería de software en base a la información histórica asociada a la gestión de proyectos. Es decir que se busca una solución considerando el proceso de planificación de desarrollo de software como un proceso estocástico, con el propósito de planificar nuevos proyectos utilizando simulación.Sociedad Argentina de Informática e Investigación Operativ

Requirements Engineering that Balances Agility of Teams and System-level Information Needs at Scale

Context: Motivated by their success in software development, large-scale systems development companies are increasingly adopting agile methods and their practices. Such companies need to accommodate different development cycles of hardware and software and are usually subject to regulation and safety concerns. Also, for such companies, requirements engineering is an essential activity that involves upfront and detailed analysis which can be at odds with agile development methods. Objective: The overall aim of this thesis is to investigate the challenges and solution candidates of performing effective requirements engineering in an agile environment, based on empirical evidence. Illustrated with studies on safety and system-level information needs, we explore RE challenges and solutions in large-scale agile development, both in general and from the teams’ perspectives. Method: To meet our aim, we performed a secondary study and a series of empirical studies based on case studies. We collected qualitative data using interviews, focus groups and workshops to derive challenges and potential solutions from industry. Findings: Our findings show that there are numerous challenges of conducting requirements engineering in agile development especially where systems development is concerned. The challenges discovered sprout from an integration problem of working with agile methods while relying on established plan-driven processes for the overall system. We highlight the communication challenge of crossing the boundary of agile methods and system-level (or plan-driven) development, which also proves the coexistence of both methods. Conclusions: Our results highlight the painful areas of requirements engineering in agile development and propose solutions that can be explored further. This thesis contributes to future research, by establishing a holistic map of challenges and candidate solutions that can be further developed to make RE more efficient within agile environments

Revisión sistemática de la integración de modelos de desarrollo de software dirigido por modelos y metodologías ágiles

Currently, in some instances of the software development industry are carried out by means of manual activities and/or robust methodologies which can be often heavy and inefficient. This situation brings several issues related to the difficulty to produce software in a timely manner, agile, at low cost and with a high quality level. A way to improve this situation is to incorporate in the software development process the formalism and abstraction needed to automate and optimize the most critical tasks defined from methodologies used in software companies and starting from an agile approach. This would add value to the business and would improve significantly the process of software. In this sense, in order to publicize the benefits of agile approaches and programming environments driven models, a systematic review of the literature has been conducted so as to the projects where these approaches have been integrated globally. Besides, it has been possible to identify some benefits, which have been reported by different studies.Actualmente, en algunas instancias, la industria de desarrollo de software se lleva a cabo por medio de actividades manuales y/o metodologías robustas que pueden llegar a ser en muchos casos pesadas e ineficientes. Esta situación trae consigo algunos problemas relacionados con la dificultad para producir software de manera oportuna, ágil, a bajo costo y con un alto nivel de calidad. Una manera de mejorar esta situación está en añadir al proceso de desarrollo de software el formalismo y la abstracción necesaria que permita automatizar y optimizar las tareas más críticas definidas, a partir de las metodologías utilizadas en las empresas de software, y desde una perspectiva ágil. Esto añadiría valor agregado a los negocios y mejoraría el proceso de software considerablemente. En este sentido, con el objetivo de conocer las bondades de los enfoques ágiles y los entornos de programación dirigidos por modelos, se llevó a cabo una revisión sistemática de la literatura en relación con los proyectos donde se integran estos enfoques a nivel mundial, así como la identificació

“Won’t we fix this issue?” : qualitative characterization and automated identification of wontfix issues on GitHub

Context: Addressing user requests in the form of bug reports and Github issues represents a crucial task of any successful software project. However, user-submitted issue reports tend to widely differ in their quality, and developers spend a considerable amount of time handling them. Objective: By collecting a dataset of around 6,000 issues of 279 GitHub projects, we observe that developers take significant time (i.e., about five months, on average) before labeling an issue as a wontfix. For this reason, in this paper, we empirically investigate the nature of wontfix issues and methods to facilitate issue management process. Method: We first manually analyze a sample of 667 wontfix issues, extracted from heterogeneous projects, investigating the common reasons behind a “wontfix decision”, the main characteristics of wontfix issues and the potential factors that could be connected with the time to close them. Furthermore, we experiment with approaches enabling the prediction of wontfix issues by analyzing the titles and descriptions of reported issues when submitted. Results and conclusion: Our investigation sheds some light on the wontfix issues’ characteristics, as well as the potential factors that may affect the time required to make a “wontfix decision”. Our results also demonstrate that it is possible to perform prediction of wontfix issues with high average values of precision, recall, and F-measure (90%-93%)

Automated identification and qualitative characterization of safety concerns reported in UAV software platforms

Unmanned Aerial Vehicles (UAVs) are nowadays used in a variety of applications. Given the cyber-physical nature of UAVs, software defects in these systems can cause issues with safety-critical implications. An important aspect of the lifecycle of UAV software is to minimize the possibility of harming humans or damaging properties through a continuous process of hazard identification and safety risk management. Specifically, safety-related concerns typically emerge during the operation of UAV systems, reported by end-users and developers in the form of issue reports and pull requests. However, popular UAV systems daily receive tens or hundreds of reports of varying types and quality. To help developers timely identifying and triaging safety-critical UAV issues, we (i) experiment with automated approaches (previously used for issue classification) for detecting the safety-related matters appearing in the titles and descriptions of issues and pull requests reported in UAV platforms, and (ii) propose a categorization of the main hazards and accidents discussed in such issues. Our results (i) show that shallow machine learning-based approaches can identify safety-related sentences with precision, recall, and F-measure values of about 80\%; and (ii) provide a categorization and description of the relationships between safety issue hazards and accidents

Software development process mining: discovery, conformance checking and enhancement

Context. Modern software projects require the proper allocation of human, technical and financial resources. Very often, project managers make decisions supported only by their personal experience, intuition or simply by mirroring activities performed by others in similar contexts. Most attempts to avoid such practices use models based on lines of code, cyclomatic complexity or effort estimators, thus commonly supported by software repositories which are known to contain several flaws. Objective. Demonstrate the usefulness of process data and mining methods to enhance the software development practices, by assessing efficiency and unveil unknown process insights, thus contributing to the creation of novel models within the software development analytics realm. Method. We mined the development process fragments of multiple developers in three different scenarios by collecting Integrated Development Environment (IDE) events during their development sessions. Furthermore, we used process and text mining to discovery developers’ workflows and their fingerprints, respectively. Results. We discovered and modeled with good quality developers’ processes during programming sessions based on events extracted from their IDEs. We unveiled insights from coding practices in distinct refactoring tasks, built accurate software complexity forecast models based only on process metrics and setup a method for characterizing coherently developers’ behaviors. The latter may ultimately lead to the creation of a catalog of software development process smells. Conclusions. Our approach is agnostic to programming languages, geographic location or development practices, making it suitable for challenging contexts such as in modern global software development projects using either traditional IDEs or sophisticated low/no code platforms.Contexto. Projetos de software modernos requerem a correta alocação de recursos humanos, técnicos e financeiros. Frequentemente, os gestores de projeto tomam decisões suportadas apenas na sua própria experiência, intuição ou simplesmente espelhando atividades executadas por terceiros em contextos similares. As tentativas para evitar tais práticas baseiam-se em modelos que usam linhas de código, a complexidade ciclomática ou em estimativas de esforço, sendo estes tradicionalmente suportados por repositórios de software conhecidos por conterem várias limitações. Objetivo. Demonstrar a utilidade dos dados de processo e respetivos métodos de análise na melhoria das práticas de desenvolvimento de software, colocando o foco na análise da eficiência e revelando aspetos dos processos até então desconhecidos, contribuindo para a criação de novos modelos no contexto de análises avançadas para o desenvolvimento de software. Método. Explorámos os fragmentos de processo de vários programadores em três cenários diferentes, recolhendo eventos durante as suas sessões de desenvolvimento no IDE. Adicionalmente, usámos métodos de descoberta e análise de processos e texto no sentido de modelar o fluxo de trabalho dos programadores e as suas características individuais, respetivamente. Resultados. Descobrimos e modelámos com boa qualidade os processos dos programadores durante as suas sessões de trabalho, usando eventos provenientes dos seus IDEs. Revelámos factos desconhecidos sobre práticas de refabricação, construímos modelos de previsão da complexidade ciclomática usando apenas métricas de processo e criámos um método para caracterizar coerentemente os comportamentos dos programadores. Este último, pode levar à criação de um catálogo de boas/más práticas no processo de desenvolvimento de software. Conclusões. A nossa abordagem é agnóstica em termos de linguagens de programação, localização geográfica ou prática de desenvolvimento, tornando-a aplicável em contextos complexos tal como em projetos modernos de desenvolvimento global que utilizam tanto os IDEs tradicionais como as atuais e sofisticadas plataformas "low/no code"

50 Years Geophysical Institute Karlsruhe, 1964 to 2014 - Expectations and Surprises

Die Festschrift anlässlich des 50. Geburtstags des Geophysikalischen Instituts in 2014 wurde hauptsächlich von Herrn Dr. Claus Prodehl zusammengestellt. Die einzelnen Beiträge stammen von ehemaligen und aktuellen GPI-Mitarbeitern und Mitarbeiterinnen

Consistency-by-Construction Techniques for Software Models and Model Transformations

A model is consistent with given specifications (specs) if and only if all the specifications are held on the model, i.e., all the specs are true (correct) for the model. Constructing consistent models (e.g., programs or artifacts) is vital during software development, especially in Model-Driven Engineering (MDE), where models are employed throughout the life cycle of software development phases (analysis, design, implementation, and testing). Models are usually written using domain-specific modeling languages (DSMLs) and specified to describe a domain problem or a system from different perspectives and at several levels of abstraction. If a model conforms to the definition of its DSML (denoted usually by a meta-model and integrity constraints), the model is consistent. Model transformations are an essential technology for manipulating models, including, e.g., refactoring and code generation in a (semi)automated way. They are often supposed to have a well-defined behavior in the sense that their resulting models are consistent with regard to a set of constraints. Inconsistent models may affect their applicability and thus the automation becomes untrustworthy and error-prone. The consistency of the models and model transformation results contribute to the quality of the overall modeled system. Although MDE has significantly progressed and become an accepted best practice in many application domains such as automotive and aerospace, there are still several significant challenges that have to be tackled to realize the MDE vision in the industry. Challenges such as handling and resolving inconsistent models (e.g., incomplete models), enabling and enforcing model consistency/correctness during the construction, fostering the trust in and use of model transformations (e.g., by ensuring the resulting models are consistent), developing efficient (automated, standardized and reliable) domain-specific modeling tools, and dealing with large models are continually making the need for more research evident. In this thesis, we contribute four automated interactive techniques for ensuring the consistency of models and model transformation results during the construction process. The first two contributions construct consistent models of a given DSML in an automated and interactive way. The construction can start at a seed model being potentially inconsistent. Since enhancing a set of transformations to satisfy a set of constraints is a tedious and error-prone task and requires high skills related to the theoretical foundation, we present the other contributions. They ensure model consistency by enhancing the behavior of model transformations through automatically constructing application conditions. The resulting application conditions control the applicability of the transformations to respect a set of constraints. Moreover, we provide several optimizing strategies. Specifically, we present the following: First, we present a model repair technique for repairing models in an automated and interactive way. Our approach guides the modeler to repair the whole model by resolving all the cardinalities violations and thereby yields a desired, consistent model. Second, we introduce a model generation technique to efficiently generate large, consistent, and diverse models. Both techniques are DSML-agnostic, i.e., they can deal with any meta-models. We present meta-techniques to instantiate both approaches to a given DSML; namely, we develop meta-tools to generate the corresponding DSML tools (model repair and generation) for a given meta-model automatically. We present the soundness of our techniques and evaluate and discuss their features such as scalability. Third, we develop a tool based on a correct-by-construction technique for translating OCL constraints into semantically equivalent graph constraints and integrating them as guaranteeing application conditions into a transformation rule in a fully automated way. A constraint-guaranteeing application condition ensures that a rule applies successfully to a model if and only if the resulting model after the rule application satisfies the constraint. Fourth, we propose an optimizing-by-construction technique for application conditions for transformation rules that need to be constraint-preserving. A constraint-preserving application condition ensures that a rule applies successfully to a consistent model (w.r.t. the constraint) if and only if the resulting model after the rule application still satisfies the constraint. We show the soundness of our techniques, develop them as ready-to-use tools, evaluate the efficiency (complexity and performance) of both works, and assess the overall approach in general as well. All our four techniques are compliant with the Eclipse Modeling Framework (EMF), which is the realization of the OMG standard specification in practice. Thus, the interoperability and the interchangeability of the techniques are ensured. Our techniques not only improve the quality of the modeled system but also increase software productivity by providing meta-tools for generating the DSML tool supports and automating the tasks

Du génie logiciel pour déployer, gérer et reconfigurer les logiciels

As a discipline, software engineering embraces various schools of thought, yet remains consistent with respect to its objective. It aims at providing means for effective and inexpensive production of software by contributing mathematical frameworks, methods and tools. Consequently, we witness some automation in software production process that, as of today, allows producing astronomical amounts of lines of code daily. This rapidly and massively produced software is required for all computer equipment that has invaded our daily life in various forms of other devices (PC, tablet, phone, refrigerator, car, etc.). In this world of large software consumption, it is somewhat surprising that the management of software, after its production, remains dominated by manual practices like searching in lists, downloading units and manual installations. In this context, I organized my research activities such that they aim at providing mathematical frameworks, methods and tools to deploy, distribute or update massive amounts of software since 2001, the year of my PhD defense. These research activities were mainly conducted in Brest at the CS department of Telecom Bretagne as part of the PASS team of IRISA. This document puts into perspective my various scientific contributions, undertaken projects, endeavors in training research students and efforts invested as a teacher. My scientific contributions can be divided into five parts: mathematical models and algorithms for dependency management in software deployment; software component models; processes and tools for massive software deployment; dynamic update of programs at runtime; languages for the design and implementation of software development processes. All these works complement each other, thus making it possible to imagine the proposition of methods and tools for large-scale software deployment.Le génie logiciel est une discipline constituée de nombreux courants mais cohérente par l'objectif affiché. Il s'agit d'aider à la production, de manière efficace et peu coûteuse, de logiciels en offrant des cadres mathématiques, des méthodes et des outils. Ainsi, on a pu assister à une certaine industrialisation du processus de production de logiciel qui permet aujourd'hui de produire, chaque jour, des quantités astronomiques de logiciel. Ce logiciel produit rapidement et en grande quantité est nécessaire pour tous les équipements informatiques qui ont envahi notre quotidien (ordinateur, tablette, téléphone, réfrigérateur, voiture, ...). Dans ce monde de grande consommation du logiciel, il est cependant surprenant de constater que la gestion des logiciels après leur production est resté dominé par des pratiques manuelles de recherche dans des listes, de téléchargement unitaire et d'installation manuelle. C'est dans ce cadre que j'ai développé une activité de recherche visant à fournir des cadres mathématiques, des méthodes et des outils pour déployer, diffuser ou mettre à jour massivement les logiciels depuis 2001 année de ma soutenance de thèse. Ces activités de recherche ont été conduites principalement à Brest au sein du département informatique de Télécom Bretagne dans le cadre de l'équipe PASS de l'IRISA. Mon Habilitation à Diriger des Recherches est l'occasion de remettre en perspective mes différentes contributions scientifiques, les étudiants formés à la recherche, les projets réalisés ainsi que mon investissement en tant qu'enseignant. Les contributions scientifiques peuvent être classées en cinq parties : - des modèles mathématiques et les algorithmes associés pour la gestion des dépendances de logiciels lors de leur déploiement ; - les modèles de composants logiciels ; - les processus et outils pour le déploiement de logiciel massif ; - la mise à jour de programmes sans interrompre leur exécution ; - des langages pour la conception et la réalisation de processus de développement logiciel. Tous ces travaux qui se nourrissent et se complètent permettent d'imaginer la proposition de méthodes et outils pour passer à l'échelle dans la gestion du déploiement des logiciels

Cyber Threats and NATO 2030: Horizon Scanning and Analysis

The book includes 13 chapters that look ahead to how NATO can best address the cyber threats, as well as opportunities and challenges from emerging and disruptive technologies in the cyber domain over the next decade. The present volume addresses these conceptual and practical requirements and contributes constructively to the NATO 2030 discussions. The book is arranged in five short parts...All the chapters in this book have undergone double-blind peer review by at least two external experts.https://scholarworks.wm.edu/asbook/1038/thumbnail.jp