Mining Architectural Information: A Systematic Mapping Study

Context: Mining Software Repositories (MSR) has become an essential activity in software development. Mining architectural information to support architecting activities, such as architecture understanding and recovery, has received a significant attention in recent years. However, there is an absence of a comprehensive understanding of the state of research on mining architectural information. Objective: This work aims to identify, analyze, and synthesize the literature on mining architectural information in software repositories in terms of architectural information and sources mined, architecting activities supported, approaches and tools used, and challenges faced. Method: A Systematic Mapping Study (SMS) has been conducted on the literature published between January 2006 and November 2021. Results: Of the 79 primary studies finally selected, 8 categories of architectural information have been mined, among which architectural description is the most mined architectural information; 12 architecting activities can be supported by the mined architectural information, among which architecture understanding is the most supported activity; 81 approaches and 52 tools were proposed and employed in mining architectural information; and 4 types of challenges in mining architectural information were identified. Conclusions: This SMS provides researchers with promising future directions and help practitioners be aware of what approaches and tools can be used to mine what architectural information from what sources to support various architecting activities.Comment: 68 pages, 5 images, 15 tables, Manuscript submitted to a Journal (2022

Kano-sarnase mudeli kasutamine avatud innovatsiooni saavutamiseks nõuete analüüsi protsessis

Kui viiakse läbi nõuete analüüsi (inglise k Requirements Engineering, lühend RE), siis sageli järjestatakse nõuded nende olulisuse alusel (inglise k requirements prioritization), et saada selgust, milliste välja pakutud nõuetega funktsioon peaks tarkvaral olemas olema, seega sõltub tarkvara analüüsist tarkvara majandusliku väärtuse suurendamisega seotud otsuste tegemine. Tänapäeval arenevad tooted väga kiiresti ning ka nõuete olulisuse alusel järjestamine (inglise k requirements prioritization) on muutunud kiiremaks. Ettevõtted sooviksid saada kasutajatelt kiiret tagasisidet selle kohta, mis peaks olema järgmises mudelis olemas. Üks häid lahendusi sellele on Kano mudel (inglise k Kano model). Kano mudel selgitab välja kasutajate rahulolu ja toodete tunnuste vahelise suhte. See meetod liigitab kasutajate eelistused nende tähtsuse järjekorras, seega toetab see ka nõuete olulisuse järjekorra moodustamist. Aga Kano mudeli rakendamine on kallis ja aeganõudev ning seda ei saa kiiresti korrata. Veelgi enam – see mudel on keeruline väikeste ettevõtete jaoks, sest neil ei tarvitse olla piisavalt rahalisi jm vahendeid, et kasutajatega ühendust võtta ja neid intervjueerida. See omakorda paneb väikesed ettevõtted, eriti just idufirmad, ebavõrdsesse olukorda suurte ettevõtetega. Et sellele probleemile lahendust leida ja Kano mudeli kasutuselevõttu lihtsamaks ning odavamaks teha, arvame, et Kano mudelit tuleks arendada kahel viisil. Esiteks tuleks kasutada tasuta võrgus leiduvaid kirjalikke andmeid, mida saaks asendada intervjueeritavatelt kogutud vastustega. Teiseks – selleks, et hakkama saada võrgust kogutud kirjalike andmete suure mahuga, ning et kaasa aidata korrapärastele analüüsidele, peaks andmete analüüsimine olema automaatne. Selle uurimuse eesmärk on välja pakkuda meetodeid, et kasutajate avamusi, mis on võrgus saadavatest vabadest allikatest kogutud, (semi-)automaatselt liigitada, ja seda selleks, et aidata otsustajatel otsustada, millised tarkvara nõuded järgmises mudelis kindlasti olemas peaksid olema. Et seda uurimuse eesmärki saavutada, pakume me välja avatud innovatsiooni nõuete analüüsi (OIRE) meetodi, mille abil saavad tarkvarafirmad parema ülevaate kasutajate vajadustest ja sellest, kuivõrd rahul on nad olemasolevate toodetega.When Requirements Engineering (RE) is applied, requirements analysis is often used to determine which candidate requirements of a feature should be included in a software release. This plays a crucial role in the decisions made to increase the economic value of software. Nowadays, products evolve fast, and the process of requirements prioritization is becoming shorter as well. Companies benefit from receiving quick feedback from end users about what should be included in subsequent releases. One effective approach supporting requirements prioritization is the Kano model. The Kano model defines the relationship between user satisfaction and product features. It is a method used to classify user preferences according to their importance, and in doing so, supports requirements prioritization. However, implementing the Kano model is costly and time-consuming, and the application of the Kano model cannot be repeated quickly. Moreover, this is even more difficult for small companies because they might not have sufficient funds and resources to contact end users and conduct interviews. This puts small businesses, especially start-ups, at an unfair disadvantage in competing with big companies. To address this problem and make the application of the Kano model simpler, faster, and cheaper, we propose evolving the Kano model in two aspects. First, free online text data should be used to replace responses collected from interviewees. Second, in order to handle the higher amount of data that can be collected from free online text data and in order to facilitate frequent analyses, the data analysis process should be automated. The goal of this research is to propose methods for (semi-)automatically classifying user opinions collected from online open sources (e.g., from online reviews) to help decision-makers decide which software requirements to include in subsequent product versions. To achieve this research goal, we propose the Open Innovation in Requirements Engineering (OIRE) method to help software organizations gain a better understanding of user needs and satisfaction with existing products. A key element of the OIRE method is its Kano-like model. This Kano-like model mimics the traditional Kano model, except that it uses data from online reviews instead of interviews conducted with select focus groups.https://www.ester.ee/record=b527385

Large Language Models for Software Engineering: A Systematic Literature Review

Large Language Models (LLMs) have significantly impacted numerous domains, notably including Software Engineering (SE). Nevertheless, a well-rounded understanding of the application, effects, and possible limitations of LLMs within SE is still in its early stages. To bridge this gap, our systematic literature review takes a deep dive into the intersection of LLMs and SE, with a particular focus on understanding how LLMs can be exploited in SE to optimize processes and outcomes. Through a comprehensive review approach, we collect and analyze a total of 229 research papers from 2017 to 2023 to answer four key research questions (RQs). In RQ1, we categorize and provide a comparative analysis of different LLMs that have been employed in SE tasks, laying out their distinctive features and uses. For RQ2, we detail the methods involved in data collection, preprocessing, and application in this realm, shedding light on the critical role of robust, well-curated datasets for successful LLM implementation. RQ3 allows us to examine the specific SE tasks where LLMs have shown remarkable success, illuminating their practical contributions to the field. Finally, RQ4 investigates the strategies employed to optimize and evaluate the performance of LLMs in SE, as well as the common techniques related to prompt optimization. Armed with insights drawn from addressing the aforementioned RQs, we sketch a picture of the current state-of-the-art, pinpointing trends, identifying gaps in existing research, and flagging promising areas for future study

Clemson University - Library Master Plan Study

This is a feasibility study for the Clemson University’s Cooper Library, produced in conjunction with library leadership and the Office of University Planning and Design. The purpose of this study is to develop a strategy for the improvement of the Library’s physical environment that reinforces it’s mission and optimizes its ability to service the Library’s users evolving learning and research needs

Sifu - a cybersecurity awareness platform with challenge assessment and intelligent coach

Software vulnerabilities, when actively exploited by malicious parties, can lead to catastrophic consequences. Proper handling of software vulnerabilities is essential in the industrial context, particularly when the software is deployed in critical infrastructures. Therefore, several industrial standards mandate secure coding guidelines and industrial software developers’ training, as software quality is a significant contributor to secure software. CyberSecurity Challenges (CSC) form a method that combines serious game techniques with cybersecurity and secure coding guidelines to raise secure coding awareness of software developers in the industry. These cybersecurity awareness events have been used with success in industrial environments. However, until now, these coached events took place on-site. In the present work, we briefly introduce cybersecurity challenges and propose a novel platform that allows these events to take place online. The introduced cybersecurity awareness platform, which the authors call Sifu, performs automatic assessment of challenges in compliance to secure coding guidelines, and uses an artificial intelligence method to provide players with solution-guiding hints. Furthermore, due to its characteristics, the Sifu platform allows for remote (online) learning, in times of social distancing. The CyberSecurity Challenges events based on the Sifu platform were evaluated during four online real-life CSC events. We report on three surveys showing that the Sifu platform’s CSC events are adequate to raise industry software developers awareness on secure coding.info:eu-repo/semantics/publishedVersio

Raising Security Awareness using Cybersecurity Challenges in Embedded Programming Courses

Security bugs are errors in code that, when exploited, can lead to serious software vulnerabilities. These bugs could allow an attacker to take over an application and steal information. One of the ways to address this issue is by means of awareness training. The Sifu platform was developed in the industry, for the industry, with the aim to raise software developers' awareness of secure coding. This paper extends the Sifu platform with three challenges that specifically address embedded programming courses, and describes how to implement these challenges, while also evaluating the usefulness of these challenges to raise security awareness in an academic setting. Our work presents technical details on the detection mechanisms for software vulnerabilities and gives practical advice on how to implement them. The evaluation of the challenges is performed through two trial runs with a total of 16 participants. Our preliminary results show that the challenges are suitable for academia, and can even potentially be included in official teaching curricula. One major finding is an indicator of the lack of awareness of secure coding by undergraduates. Finally, we compare our results with previous work done in the industry and extract advice for practitioners.Comment: Preprint accepted for publication at the First International Conference on Code Quality (ICCQ 2021

Technology applications

A summary of NASA Technology Utilization programs for the period of 1 December 1971 through 31 May 1972 is presented. An abbreviated description of the overall Technology Utilization Applications Program is provided as a background for the specific applications examples. Subjects discussed are in the broad headings of: (1) cancer, (2) cardiovascular disease, (2) medical instrumentation, (4) urinary system disorders, (5) rehabilitation medicine, (6) air and water pollution, (7) housing and urban construction, (8) fire safety, (9) law enforcement and criminalistics, (10) transportation, and (11) mine safety