Dependency Mapping Software for Jira, Project Management Tool

Efficiently managing a software development project is extremely important in industry and is often overlooked by the software developers on a project. Pieces of development work are identified by developers and are then handed off to project managers, who are left to organize this information. Project managers must organize this to set expectations for the client, and ensure the project stays on track and on budget. The main block in this process are dependency chains between tasks. Dependency chains can cause a project to take much longer than anticipated or result in the under utilization of developers on a project. While project managers do have access to project management tools, few have capabilities to effectively visualize dependencies. The goal of this research was to interact with a project management tool\u27s API, pull down dependency information for a project, and build out possible timelines for a set of tasks. We visualize this problem with a directed graph, where each node is a task and edges in the graph indicate dependencies. The relationships between this problem and more well-known problems in graph theory are used to inform the development of the algorithms. Two algorithms are explored to handle the problem and are then run under different conditions. Analysis of the results provide insight to what structures of dependency chains can be handled by the algorithms. The resulting software could be used to save companies both time and money when planning software development projects

Mayall:a framework for desktop JavaScript auditing and post-exploitation analysis

Writing desktop applications in JavaScript offers developers the opportunity to write cross-platform applications with cutting edge capabilities. However in doing so, they are potentially submitting their code to a number of unsanctioned modifications from malicious actors. Electron is one such JavaScript application framework which facilitates this multi-platform out-the-box paradigm and is based upon the Node.js JavaScript runtime --- an increasingly popular server-side technology. In bringing this technology to the client-side environment, previously unrealized risks are exposed to users due to the powerful system programming interface that Node.js exposes. In a concerted effort to highlight previously unexposed risks in these rapidly expanding frameworks, this paper presents the Mayall Framework, an extensible toolkit aimed at JavaScript security auditing and post-exploitation analysis. The paper also exposes fifteen highly popular Electron applications and demonstrates that two thirds of applications were found to be using known vulnerable elements with high CVSS scores. Moreover, this paper discloses a wide-reaching and overlooked vulnerability within the Electron Framework which is a direct byproduct of shipping the runtime unaltered with each application, allowing malicious actors to modify source code and inject covert malware inside verified and signed applications without restriction. Finally, a number of injection vectors are explored and appropriate remediations are proposed

Challenges Using Linux as a Real-Time Operating System

Human-in-the-loop (HITL) simulation groups at NASA and the Air Force Research Lab have been using Linux as a real-time operating system (RTOS) for over a decade. More recently, SpaceX has revealed that it is using Linux as an RTOS for its Falcon launch vehicles and Dragon capsules. As Linux makes its way from ground facilities to flight critical systems, it is necessary to recognize that the real-time capabilities in Linux are cobbled onto a kernel architecture designed for general purpose computing. The Linux kernel contain numerous design decisions that favor throughput over determinism and latency. These decisions often require workarounds in the application or customization of the kernel to restore a high probability that Linux will achieve deadlines

Security Code Smells in Android ICC

Android Inter-Component Communication (ICC) is complex, largely unconstrained, and hard for developers to understand. As a consequence, ICC is a common source of security vulnerability in Android apps. To promote secure programming practices, we have reviewed related research, and identified avoidable ICC vulnerabilities in Android-run devices and the security code smells that indicate their presence. We explain the vulnerabilities and their corresponding smells, and we discuss how they can be eliminated or mitigated during development. We present a lightweight static analysis tool on top of Android Lint that analyzes the code under development and provides just-in-time feedback within the IDE about the presence of such smells in the code. Moreover, with the help of this tool we study the prevalence of security code smells in more than 700 open-source apps, and manually inspect around 15% of the apps to assess the extent to which identifying such smells uncovers ICC security vulnerabilities.Comment: Accepted on 28 Nov 2018, Empirical Software Engineering Journal (EMSE), 201

Small businesses in the new creative industries:innovation as a people management challenge

Purpose - This paper presents findings from an SME case study situated in the computer games industry, the youngest and fastest growing of the new digital industries. The study examines changing people management practices as the case company undergoes industry-typical strategic change to embark on explorative innovation and argues that maintaining an organisational context conducive to innovatin over time risks turning into a contest between management and employees as both parties interpret organisational pressures from their different perspectives. Design/methodology/approach - A single case study design is used as the appropriate methdology to generate indepth qualitative data from multiple organisational member perspectives. Findings - Findings indicate that management and worker perspectives on innovation as strategic change and the central people management practices required to support this differ significantly, resulting in tensions and organisational strain. As the company moves to the production of IP work, the need for more effective duality management arises. Research limitations/implications - The single case study has limitations in terms of generalisability. Multiple data collection and triangulation were used to migitate against the limitations. Practical implications - The study highlights the importance of building up change management capability in the small businesses typical for this sector, an as yet neglected focus in the academic iterature concerned with the industry and in support initatives. Originality/value - Few qualitative studies have examined people management practices in the industry in the context of organisational/strategic change, and few have adopted a process perspective

Rationale in Development Chat Messages: An Exploratory Study

Chat messages of development teams play an increasingly significant role in software development, having replaced emails in some cases. Chat messages contain information about discussed issues, considered alternatives and argumentation leading to the decisions made during software development. These elements, defined as rationale, are invaluable during software evolution for documenting and reusing development knowledge. Rationale is also essential for coping with changes and for effective maintenance of the software system. However, exploiting the rationale hidden in the chat messages is challenging due to the high volume of unstructured messages covering a wide range of topics. This work presents the results of an exploratory study examining the frequency of rationale in chat messages, the completeness of the available rationale and the potential of automatic techniques for rationale extraction. For this purpose, we apply content analysis and machine learning techniques on more than 8,700 chat messages from three software development projects. Our results show that chat messages are a rich source of rationale and that machine learning is a promising technique for detecting rationale and identifying different rationale elements.Comment: 11 pages, 6 figures. The 14th International Conference on Mining Software Repositories (MSR'17

User-centered development of a Virtual Research Environment to support collaborative research events

This paper discusses the user-centred development process within the Collaborative Research Events on the Web (CREW) project, funded under the JISC Virtual Research Environments (VRE) programme. After presenting the project, its aims and the functionality of the CREW VRE, we focus on the user engagement approach, grounded in the method of co-realisation. We describe the different research settings and requirements of our three embedded user groups and the respective activities conducted so far. Finally we elaborate on the main challenges of our user engagement approach and end with the project’s next steps