A quality model for spreadsheets

In this paper we present a quality model for spreadsheets, based on the ISO/IEC 9126 standard that defines a generic quality model for software. To each of the software characteristics defined in the ISO/IEC 9126, we associate an equivalent spreadsheet characteristic. Then, we propose a set of spreadsheet specific metrics to assess the quality of a spreadsheet in each of the defined characteristics. In order to obtain the normal distribution of expected values for a spreadsheet in each of the metrics that we propose, we have executed them against all spreadsheets in the large and widely used EUSES spreadsheet corpus. Then, we quantify each characteristic of our quality model after computing the values of our metrics, and we define quality scores for the different ranges of values. Finally, to automate the atribution of a quality score to a given spreadsheet, according to our quality model, we have integrated the computation of the metrics it includes in both a batch and a web-based tool.(undefined

Empirical Notes on the Interaction Between Continuous Kernel Fuzzing and Development

Fuzzing has been studied and applied ever since the 1990s. Automated and continuous fuzzing has recently been applied also to open source software projects, including the Linux and BSD kernels. This paper concentrates on the practical aspects of continuous kernel fuzzing in four open source kernels. According to the results, there are over 800 unresolved crashes reported for the four kernels by the syzkaller/syzbot framework. Many of these have been reported relatively long ago. Interestingly, fuzzing-induced bugs have been resolved in the BSD kernels more rapidly. Furthermore, assertions and debug checks, use-after-frees, and general protection faults account for the majority of bug types in the Linux kernel. About 23% of the fixed bugs in the Linux kernel have either went through code review or additional testing. Finally, only code churn provides a weak statistical signal for explaining the associated bug fixing times in the Linux kernel.Comment: The 4th IEEE International Workshop on Reliability and Security Data Analysis (RSDA), 2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), Berlin, IEE

Software Engineering Methodologies and Life

The paradigms of design patterns and software engineering methodologies are methods that apply to areas outside the software space. As a business owner and student, I implement many software principles daily in both my work and personal life. After experiencing the power of Agile methodologies outside the scope of software engineering, I always think about how I can integrate the computer science skills that I am learning at Columbia in my life. For my study, I seek to learn about other software engineering development processes that can be useful in life. I theorize that if a model such as Agile can provide me with useful tools, then a model that the government and most of the world trusts should have paradigms I can learn with as well. The software model I will study is open source software (OSS). My research examines the lateral software standards of (OSS) and closed source software (CSS). For the scope of this paper, I will focus on research primarily on Linux as the OSS model and Agile as the CSS model. OSS has had an extraordinary impact on the software revolution [1], and CSS models have gained such popularity that its paradigms extend far beyond the software engineering space. Before delving into research, I thought the methodologies of OSS and CSS would be radically different. My study shall describe the similarities that exist between these two methodologies. In the process of my research, I was able to implement the values and paradigms that define the OSS development model to work more productively in my business. Software engineering core values and models can be used as a tool to improve our lives

EDOC2011 PhD Student Symposium Proceedings

Post-proceedings of the EDOC2011 PhD Student Symposium held in Helsinki 26.8.2011.Peer reviewe

From the Ground Truth Up: Doing AI Ethics from Practice to Principles

Recent AI ethics has focused on applying abstract principles downward to practice. This paper moves in the other direction. Ethical insights are generated from the lived experiences of AI-designers working on tangible human problems, and then cycled upward to influence theoretical debates surrounding these questions: 1) Should AI as trustworthy be sought through explainability, or accurate performance? 2) Should AI be considered trustworthy at all, or is reliability a preferable aim? 3) Should AI ethics be oriented toward establishing protections for users, or toward catalyzing innovation? Specific answers are less significant than the larger demonstration that AI ethics is currently unbalanced toward theoretical principles, and will benefit from increased exposure to grounded practices and dilemmas

The Evolution of C Programming Practices: A Study of the Unix Operating System 1973-2015

Tracking long-term progress in engineering and applied science allows us to take stock of things we have achieved, appreciate the factors that led to them, and set realistic goals for where we want to go. We formulate seven hypotheses associated with the long term evolution of C programming in the Unix operating system, and examine them by extracting, aggregating, and synthesising metrics from 66 snapshots obtained from a synthetic software configuration management repository covering a period of four decades. We found that over the years developers of the Unix operating system appear to have evolved their coding style in tandem with advancements in hardware technology, promoted modularity to tame rising complexity, adopted valuable new language features, allowed compilers to allocate registers on their behalf, and reached broad agreement regarding code formatting. The progress we have observed appears to be slowing or even reversing prompting the need for new sources of innovation to be discovered and followed

Quality model for spreadsheets: design and implementation

Dissertação de mestrado em Engenharia de InformáticaThere is a huge number of Spreadsheets developed by end-user programmers, and this number is continually increasing. Since those End-user programmers often have little or no training at programming at all, there is a huge number of spreadsheets, around 90% , which contains errors and have a poor quality. Lacking of an international standard for the evaluation of Spreadsheet quality, developers doesn’t know what objectives to aim to achieve a quality Spreadsheet, and users doesn’t know if the Spreadsheet they are using have quality. For this reason, based on the ISO\IEC9126, we worked on and define our own Quality Model for Spreadsheets. Using the metrics developed by both SSaaPP partners, SIG and Hugo Ribeiro, we analyzed the widely-used EUSES Spreadsheet corpus, obtaining the normal values expected on a Spreadsheet. With those values, we were able to quantify each Characteristic and Sub- Characteristics of our Quality Model, and to define a rating for the di erent range of values. And with the growing number of both mobile and web applications, and also of Webbased o ce suite like Google Docs, where documents can be acceded anywhere with an internet connection, opening new perspectives, we choose to create one Android Application an Android SDK, and a Web Application with Google Web Toolkit (GWT), in which any person with a Google Docs account could test the quality of his spreadsheet based on our Quality Model for Spreadsheet.Há um grande número de folhas de cálculo desenvolvidas por programadores end-user, e este número está aumentando continuamente. Uma vez que os programadores end-user muitas vezes têm pouco ou nenhum treinamento em programação de todo, há um grande número de Folhas de Calculo, cerca de 90%, que contém erros e tem uma má qualidade. A falta de uma norma internacional para a avaliação da qualidade da Folhas de Calculo, os developers não sabem os objetivos a atingir para criar uma Folha de Calculo de qualidade, e os utilizadores não sabem se a folha de cálculo que eles estão a usar têm qualidade. Por essas razões, com base na ISO IEC9126, trabalhamos e definimos o nosso próprio modelo de qualidade para folhas de cálculo. Usando as métricas desenvolvidas pelos nossos parceiros SSaaPP, SIG e HugoRibeiro, analisamos o amplamente utilizado EUSES Spreadsheet corpus, obtendo os valores normais esperados numa folha de cálculo. Com esses valores, nós fomos capazes de quantificar cada característica e sub-características do nosso modelo de qualidade, e de definir uma classificação para os diferentes intervalos de valores. E com o crescente número de aplicações móveis e web, e também de Web-based office suite como o Google Docs, onde os documentos podem ser acedidos em qualquer lugar com conexão à internet, abrindo-se novas perspetivas, optamos por criar uma aplicação Android no Android SDK, e um aplicativoWeb com o GoogleWeb Toolkit (GWT),em que qualquer pessoa com uma conta Google Docs pode testar a qualidade de sua folha de cálculo com base no nosso modelo de qualidade

Direito intelectual do programa de computador na era da informação : em busca de um novo paradigma funcional

Exame público realizado em 27 Julho 2014.Dissertação de mestrado realizada no âmbito do Mestrado em Direito.Começamos, no primeiro capítulo, por caracterizar os programas de computador e apresentar os maiores problemas da sua protecção pela propriedade intelectual. Posteriormente, analisamos a evolução legislativa internacional desta protecção ao longo dos séculos e alguma da problemática criada a nível nacional. Posteriormente, no segundo capítulo, procedemos exclusivamente a uma análise jurisprudencial, por entendermos que neste fórum podemos encontrar desenvolvimentos grandes e significativos nesta área. No terceiro e último capítulo, tentamos procurar novas soluções para a protecção intelectual dos programas de computador. Pelo caminho, abordamos alguns regimes de protecção residuais fora do escopo da propriedade intelectual, assim como as maiores críticas em relação à protecção pela patente. Acabamos por propor duas soluções para a protecção intelectual dos programas de computador: um novo direito sui generis e um sistema de três passos que envolve uma substituição progressiva da patente por um modelo de desenvolvimento open source aliado a um sistema de recompensas. Finalmente, concluímos que actualmente os programas de computador são demasiado distintos para que seja possível aplicar-lhes uma protecção uniforme. A manter-se a protecção pela patente, como nos parece que irá acontecer, deverão ser implementados outros requisitos, como uma ponderação da proporcionalidade e necessidade do exclusivo face aos custos de investigação e desenvolvimento de cada programa.Abstract: We begin, in the first chapter, by describing computer programs and briefly presenting the major issues with their intellectual property protection. Further, we analyze the international legislative evolution of this protection through the centuries and some of the problems it has caused at the national level. Afterwards, in the second chapter, we exclusively undertake a case-law analysis, due to understanding that in this forum we can find great and meaningful developments in this area. In the third and last chapter, we try to look for new solutions concerning intellectual property protection for software. In doing so, we tackle a few residual protection regimes apart from intellectual property rights as well as the biggest criticisms concerning patent protection for software. We end up proposing two solutions for the intellectual protection of software: a new sui generis right and a system comprised of three steps involving progressive patent replacement for an open source development model with rewards applied. Finally, we conclude that, today, computer programs are simply too varied to consider protecting under a single instrument. If patent protection is to be maintained, as we believe will happen, further criteria for concession should be adopted, like pondering if the exclusivity granted is proportional and necessary in light of each program’s research and development costs

Benchmark-based software product quality evaluation

Tese de doutoramento em InformáticaTwo main problems have been hindering the adoption of source code metrics for quality evaluation in industry: (i) the difficulty in doing a qualitative interpretation of measurements; and (ii) the inability of summarizing measurements into a single meaningful value that captures quality at the level of overall system. This dissertation proposes an approach based on two methods to solve these problems using thresholds derived from an industrial benchmark. The first method categorizes measurements into different risk areas using risk thresholds. These thresholds are derived by aggregating different metric distributions while preserving their statistical properties. The second method enables the assignment of ratings to systems, for a given scale, using rating thresholds. These thresholds are calibrated such that it is possible to distinguish systems based on their metric distribution. For each rating, these thresholds set the maximum amount of code that is allowed in all risk categories. Empirical and industrial studies provide evidence of the usefulness of the approach. The empirical study shows that ratings for a new test adequacy metric can be used to predict bug solving efficiency. The industrial case details the quality analysis and evaluation of two space-domain simulators.A adoção na indústria do uso de métricas de código fonte para a avaliação de qualidade tem sido dificultada por dois problemas: (i) pela dificuldade em interpretar métricas de forma qualitativa; e (ii) pela impossibilidade de agregar métricas num valor único que capture de forma fiel a qualidade do sistema como um todo. Esta dissertação propõe uma solução para estes problemas utilizando dois métodos que usam valores-limite derivados de um benchmark industrial. O primeiro método caracteriza medições em diferentes áreas de risco através de valores-limite de risco. Estes valores-limite são derivados através da agregação das distribuições de métricas preservando as suas propriedades estatísticas. O segundo método, dada uma escala, permite atribuir uma classificação a sistemas de software, usando valores-limite de classificação. Estes valores-limite são calibrados para permitir diferenciar sistemas baseada na distribuição de métricas definindo, para cada classificação, a quantidade máxima de código permissível nas categorias de risco. Dois estudos evidenciam os resultados desta abordagem. No estudo empírico mostra-se que as classificações atribuídas para uma nova métrica de teste podem ser usadas para prever a eficiência na resolução de erros. No estudo industrial detalha-se a avaliação e análise de qualidade de dois simuladores usados para missões no espaço