Requirements model driven adaption and evolution of Internetware

Today’s software systems need to support complex business operations and processes. The development of the web-based software systems has been pushing up the limits of traditional software engineering methodologies and technologies as they are required to be used and updated almost real-time, so that users can interact and share the same applications over the internet as needed. These applications have to adapt quickly to the diversified and dynamic changing requirements in the physical, technological, economical and social environments. As a consequence, we are expecting a major paradigm shift in software engineering to reflect such changes in computing environment in order to better address the fundamental needs of organisations in this new era. Existing software technologies, such as model driven development, business process engineering, online (re-)configuration, composition and adaptation of managerial functionalities are being repurposed to reduce the time taken for software development by reusing software codes. The ability to dynamically combine contents from numerous web sites and local resources, and the ability to instantly publish services worldwide have opened up entirely new possibilities for software development. In retrospect to the ten years applied research on Internetware, we have witnessed such a paradigm shift, which brings about many changes to the developmental experience of conventional web applications. Several related technologies, such as cloud computing, service computing, cyber-physical systems and social computing, have converged to address this emerging issue with emphasis on different aspects. In this paper, we first outline the requirements that the Internetware software paradigm should meet to excel at web application adaptation; we then propose a requirement model driven method for adaptive and evolutionary applications; and we report our experiences and case studies of applying it to an enterprise information system. Our goal is to provide high-level guidelines to researchers and practitioners to meet the challenges of building adaptive industrial-strength applications with the spectrum of processes, techniques and facilities provided within the Internetware paradigm

A Systematic Mapping Study of Empirical Studies on Software Cloud Testing Methods

Context: Software has become more complicated, dynamic, and asynchronous than ever, making testing more challenging. With the increasing interest in the development of cloud computing, and increasing demand for cloud-based services, it has become essential to systematically review the research in the area of software testing in the context of cloud environments. Objective: The purpose of this systematic mapping study is to provide an overview of the empirical research in the area of software cloud-based testing, in order to build a classification scheme. We investigate functional and non-functional testing methods, the application of these methods, and the purpose of testing using these methods. Method: We searched for electronically available papers in order to find relevant literature and to extract and analyze data about the methods used. Result: We identified 69 primary studies reported in 75 research papers published in academic journals, conferences, and edited books. Conclusion: We found that only a minority of the studies combine rigorous statistical analysis with quantitative results. The majority of the considered studies present early results, using a single experiment to evaluate their proposed solution

Monitoring interactions across multi business processes with token carried data

The rapid development of web service provides many opportunities for companies to migrate their business processes to the Internet for wider accessibility and higher collaboration efficiency. However, the open, dynamic and ever-changing Internet also brings challenges in protecting these business processes. There are certain process monitoring methods and the recently proposed ones are based on state changes of process artifacts or places, however, they do not mention defending process interactions from outer tampering, where events could not be detected by process systems, or saving fault-handling time. In this paper, we propose a novel Token-based Interaction Monitoring framework based on token carried data to safeguard process collaboration and reduce problem solving time. Token is a more common data entity in processes than process artifacts and they cover all tasks’ executions. Comparing to detecting places’ state change, we set security checking points at both when tokens are just produced and to be consumed. This will ensure that even if data is tampered after being created it would be detected before being used

Project Final Report Use and Dissemination of Foreground

This document is the final report on use and dissemination of foreground, part of the CONNECT final report. The document provides the lists of: publications, dissemination activities, and exploitable foregroun

Securing the Cloud: A Critical Appraisal of Data Security Strategies

Cloud computing, a paradigm shift in the evolution of the internet, has garnered significant attention. However, security remains a primary concern, hindering its widespread adoption. Cloud computing essentially transfers user data and applications to remote data centers, where users relinquish control, and data management practices may not always adhere to the highest security standards. This unique characteristic of cloud computing raises a multitude of security concerns that warrant careful consideration and understanding. One of the most crucial and prevalent security concerns is the potential exposure of user data and applications stored on service provider premises. In this article, an attempt is made to review the literature in this area of research

Infrastructure as a service: exploring network access control challenges

Cloud Computing Infrastructure as a Service (IaaS) is a great model for outsourcing IT infrastructure. It is built to offer fascinating features to support business development, such as elasticity, multi-tenancy, configurability and dynamicity. However, IaaS faces security challenges on account of its flexible nature. For this article, we studied the IaaS characteristics and investigated their related security challenges. We then elaborated these security challenges by exploring the security threats on live virtual machine migration as it is one of the main IaaS operations. We found that proper access control techniques and models are a critical element in enhancing IaaS and mitigating the identified security threats. Therefore, we investigated and contrasted the implemented and the proposed firewall architectures in IaaS as a firewall is a basic security appliance that enforces access control. We also explored and contrasted the proposed access control models in the IaaS. It was found that the traditional firewalls and access control models were not sufficient for IaaS. Therefore, there is a need to develop a proper access control model and enforcement techniques to mitigate IaaS security threats. Based on the security research trend and the results obtained in this articles exploration, we endorse an IaaS access control system built on a computational intelligent approach

Given Enough Eyeballs, all Bugs are Shallow - A Literature Review for the Use of Crowdsourcing in Software Testing

Over the last years, the use of crowdsourcing has gained a lot of attention in the domain of software engineering. One key aspect of software development is the testing of software. Literature suggests that crowdsourced software testing (CST) is a reliable and feasible tool for manifold kinds of testing. Research in CST made great strides; however, it is mostly unstructured and not linked to traditional software testing practice and terminology. By conducting a literature review of traditional and crowdsourced software testing literature, this paper delivers two major contributions. First, it synthesizes the fields of crowdsourcing research and traditional software testing. Second, the paper gives a comprehensive overview over findings in CST-research and provides a classification into different software testing types

Modeling 4.0: Conceptual Modeling in a Digital Era

Digitization provides entirely new affordances for our economies and societies. This leads to previously unseen design opportunities and complexities as systems and their boundaries are re-defined, creating a demand for appropriate methods to support design that caters to these new demands. Conceptual modeling is an established means for this, but it needs to be advanced to adequately depict the requirements of digitization. However, unlike the actual deployment of digital technologies in various industries, the domain of conceptual modeling itself has not yet undergone a comprehensive renewal in light of digitization. Therefore, inspired by the notion of Industry 4.0, an overarching concept for digital manufacturing, in this commentary paper, we propose Modeling 4.0 as the notion for conceptual modeling mechanisms in a digital environment. In total, 12 mechanisms of conceptual modeling are distinguished, providing ample guidance for academics and professionals interested in ensuring that modeling techniques and methods continue to fit contemporary and emerging requirements

Self-tuning of software systems through goal-based feedback control loop

Quality requirements of a software system cannot be optimally met, especially when it is running in an uncertain and changing environment. In principle, a controller at runtime can monitor the change impact on quality requirements of the system, update the expectations and priorities from the environment, and take reasonable actions to improve the overall satisfaction. In practice, however, existing controllers are mostly designed for tuning low- level performance indicators rather than high-level requirements. By maintaining a live goal model to represent the runtime requirements and linking the overall satisfaction to an earned business value indicator as feedback, we propose a control-theoretic self-tuning method that can dynamically tune the preferences of different quality requirements, and can autonomously make the tradeoff decisions among different quality requirements through our preference-based goal reasoning. The reasoning result is involved to reconfigure the variation points of the goal model, and accordingly mapped to the system architecture reconfiguration. The effectiveness of our self-tuning method is evaluated by comparing the earned business value with the static and ad-hoc methods and analysing the self-tuning process