An mHealth App-Based Self-management Intervention for Family Members of Pediatric Transplant Recipients (myFAMI): Framework Design and Development Study

Background Solid-organ transplantation is the treatment of choice for children with end-stage organ failure. Ongoing recovery and medical management at home after transplant are important for recovery and transition to daily life. Smartphones are widely used and hold the potential for aiding in the establishment of mobile health (mHealth) protocols. Health care providers, nurses, and computer scientists collaboratively designed and developed mHealth family self-management intervention (myFAMI), a smartphone-based intervention app to promote a family self-management intervention for pediatric transplant patients’ families. Objective This paper presents outcomes of the design stages and development actions of the myFAMI app framework, along with key challenges, limitations, and strengths. Methods The myFAMI app framework is built upon a theory-based intervention for pediatric transplant patients, with aid from the action research (AR) methodology. Based on initially defined design motivation, the team of researchers collaboratively explored 4 research stages (research discussions, feedback and motivations, alpha testing, and deployment and release improvements) and developed features required for successful inauguration of the app in the real-world setting. Results Deriving from app users and their functionalities, the myFAMI app framework is built with 2 primary components: the web app (for nurses’ and superadmin usage) and the smartphone app (for participant/family member usage). The web app stores survey responses and triggers alerts to nurses, when required, based on the family members’ response. The smartphone app presents the notifications sent from the server to the participants and captures survey responses. Both the web app and the smartphone app were built upon industry-standard software development frameworks and demonstrate great performance when deployed and used by study participants. Conclusions The paper summarizes a successful and efficient mHealth app-building process using a theory-based intervention in nursing and the AR methodology in computer science. Focusing on factors to improve efficiency enabled easy navigation of the app and collection of data. This work lays the foundation for researchers to carefully integrate necessary information (from the literature or experienced clinicians) to provide a robust and efficient solution and evaluate the acceptability, utility, and usability for similar studies in the future

Legal skills: Ensuring ‘appy students

Law has been a little slow off the mark in the UK when it comes to the world of mobile applications (apps). In an environment where students spend more time using mobile applications than they do browsing the internet, the authors were keen to take their Learnmore website to the next stage by developing an app for law students. The Learnmore website (part of the Lawbore suite of resources from City University) has received much attention for its quirky visuals, multimedia learning tools and winning marriage of librarian and student generated content. With an ultimate aim of easing the transition between A-levels and degree and making the ‘building blocks’ of legal skills more interesting. Emily and Sanmeet secured substantial funding from JISC after a call for universities to create mobile apps from existing content, teaming up with a colleague in City University's Human Computer Interaction and Design department. The app was to be designed to help students learn essential legal skills in an innovative way, employing more interaction than was possible via the web. The emphasis on video content meant an early decision to fix on iPad rather than iPhone as the tool for mobile learning. The JISC funding paid for the services of a developer to help bring their ideas to life. This paper looks at the transformation from standard wiki to mobile application; focusing on the process of developing the concept for the app and the major milestones, as well as providing an insight into the expected challenges along the way. These included: working in a multidisciplinary team, communication of ideas, recognising the differences required in design for an app as opposed to a website and managing conflicting visions. The team motto was that creating an app cannot be simply a re-skinning process; but a re-working of content to to ensure a truly effective learning resource

FraudDroid: Automated Ad Fraud Detection for Android Apps

Although mobile ad frauds have been widespread, state-of-the-art approaches in the literature have mainly focused on detecting the so-called static placement frauds, where only a single UI state is involved and can be identified based on static information such as the size or location of ad views. Other types of fraud exist that involve multiple UI states and are performed dynamically while users interact with the app. Such dynamic interaction frauds, although now widely spread in apps, have not yet been explored nor addressed in the literature. In this work, we investigate a wide range of mobile ad frauds to provide a comprehensive taxonomy to the research community. We then propose, FraudDroid, a novel hybrid approach to detect ad frauds in mobile Android apps. FraudDroid analyses apps dynamically to build UI state transition graphs and collects their associated runtime network traffics, which are then leveraged to check against a set of heuristic-based rules for identifying ad fraudulent behaviours. We show empirically that FraudDroid detects ad frauds with a high precision (93%) and recall (92%). Experimental results further show that FraudDroid is capable of detecting ad frauds across the spectrum of fraud types. By analysing 12,000 ad-supported Android apps, FraudDroid identified 335 cases of fraud associated with 20 ad networks that are further confirmed to be true positive results and are shared with our fellow researchers to promote advanced ad fraud detectionComment: 12 pages, 10 figure

IoTSan: Fortifying the Safety of IoT Systems

Today's IoT systems include event-driven smart applications (apps) that interact with sensors and actuators. A problem specific to IoT systems is that buggy apps, unforeseen bad app interactions, or device/communication failures, can cause unsafe and dangerous physical states. Detecting flaws that lead to such states, requires a holistic view of installed apps, component devices, their configurations, and more importantly, how they interact. In this paper, we design IoTSan, a novel practical system that uses model checking as a building block to reveal "interaction-level" flaws by identifying events that can lead the system to unsafe states. In building IoTSan, we design novel techniques tailored to IoT systems, to alleviate the state explosion associated with model checking. IoTSan also automatically translates IoT apps into a format amenable to model checking. Finally, to understand the root cause of a detected vulnerability, we design an attribution mechanism to identify problematic and potentially malicious apps. We evaluate IoTSan on the Samsung SmartThings platform. From 76 manually configured systems, IoTSan detects 147 vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a previous effort. IoTSan detects the potential safety violations and also effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201

CAMEO Stakeholders Report

Computer-Aided Management of Emergency Operations (CAMEO) is a suite of software applications used to plan for and respond to chemical emergencies. CAMEO was first released in 1986, and was jointly developed by the U.S. Environmental Protection Agency (US EPA) and the National Oceanic and Atmospheric Administration (NOAA) to assist front-line chemical emergency planners and responders. It has since undergone numerous modification and upgrades, and is a critical tool used today for chemical spills, other hazards, and emergency management. The CAMEO system integrates a chemical database and a method to manage the data, an air dispersion model, and a mapping capability. All modules work interactively to share and display critical information in a timely fashion. As a result of fatal chemical accidents in recent years, Executive Order (EO) 13650 (Improving Chemical Facility Safety and Security) was signed on August 1, 2013 for: Improving Operational Coordination with State, Local and Tribal partners Enhancing Federal Coordination Enhancing Information Collection and Sharing Modernizing Regulations, Guidance, Policy and Standards Identifying Best Practices. The CAMEO team has been working to address these EO requirements and the areas of action in a manner that will best meet the needs of CAMEO users and stakeholders

SeMA: A Design Methodology for Building Secure Android Apps

UX (user experience) designers visually capture the UX of an app via storyboards. This method is also used in Android app development to conceptualize and design apps. Recently, security has become an integral part of Android app UX because mobile apps are used to perform critical activities such as banking, communication, and health. Therefore, securing user information is imperative in mobile apps. In this context, storyboarding tools offer limited capabilities to capture and reason about security requirements of an app. Consequently, security cannot be baked into the app at design time. Hence, vulnerabilities stemming from design flaws can often occur in apps. To address this concern, in this paper, we propose a storyboard based design methodology to enable the specification and verification of security properties of an Android app at design time.Comment: Updates based on AMobile 2019 review

Verifying Policy Enforcers

Policy enforcers are sophisticated runtime components that can prevent failures by enforcing the correct behavior of the software. While a single enforcer can be easily designed focusing only on the behavior of the application that must be monitored, the effect of multiple enforcers that enforce different policies might be hard to predict. So far, mechanisms to resolve interferences between enforcers have been based on priority mechanisms and heuristics. Although these methods provide a mechanism to take decisions when multiple enforcers try to affect the execution at a same time, they do not guarantee the lack of interference on the global behavior of the system. In this paper we present a verification strategy that can be exploited to discover interferences between sets of enforcers and thus safely identify a-priori the enforcers that can co-exist at run-time. In our evaluation, we experimented our verification method with several policy enforcers for Android and discovered some incompatibilities.Comment: Oliviero Riganelli, Daniela Micucci, Leonardo Mariani, and Yli\`es Falcone. Verifying Policy Enforcers. Proceedings of 17th International Conference on Runtime Verification (RV), 2017. (to appear