Web development evolution: the assimilation of web engineering security

In today’s e-commerce environment, information is an incredibly valuable asset. Surveys indicate that companies are suffering staggering financial losses due to web security issues. Analyzing the underlying causes of these security breaches shows that a significant proportion of them are caused by straightforward design errors in systems and not by failures in security mechanisms. There is significant research into security mechanisms but there is little research into the integration of these into software design processes, even those processes specifically designed for Web Engineering. Security should be designed into the application development process upfront through an independent flexible methodology that contains customizable components

Web development evolution: the assimilation of web engineering security

In today’s e-commerce environment, information is an incredibly valuable asset. Surveys indicate that companies are suffering staggering financial losses due to web security issues. Analyzing the underlying causes of these security breaches shows that a significant proportion of them are caused by straightforward design errors in systems and not by failures in security mechanisms. There is significant research into security mechanisms but there is little research into the integration of these into software design processes, even those processes specifically designed for Web Engineering. Security should be designed into the application development process upfront through an independent flexible methodology that contains customizable components

A Framework to Evaluate Software Developer’s Productivity The VALORTIA Project

Currently, there is a lack in companies developing software in relation to assessing their staff’s productivity before executing software projects, with the aim of improving effectiveness and efficiency. QuEF (Quality Evaluation Framework) is a framework that allows defining quality management tasks based on a model. The main purpose of this framework is twofold: improve an entity’s continuous quality, and given a context, decide between a set of entity’s instances on the most appropriate one. Thus, the aim of this paper is to make this framework available to evaluate productivity of professionals along software development and select the most appropriate experts to implement the suggested project. For this goal, Valortia platform, capable of carrying out this task by following the QuEF framework guidelines, is designed. Valortia is a platform to certify users' knowledge on a specific area and centralize all certification management in its model by means of providing protocols and methods for a suitable management, improving efficiency and effectiveness, reducing cost and ensuring continuous quality.Ministerio de Ciencia e Innovación TIN2013-46928-C3-3-

Report on the Third Workshop on Sustainable Software for Science: Practice and Experiences (WSSSPE3)

This report records and discusses the Third Workshop on Sustainable Software for Science: Practice and Experiences (WSSSPE3). The report includes a description of the keynote presentation of the workshop, which served as an overview of sustainable scientific software. It also summarizes a set of lightning talks in which speakers highlighted to-the-point lessons and challenges pertaining to sustaining scientific software. The final and main contribution of the report is a summary of the discussions, future steps, and future organization for a set of self-organized working groups on topics including developing pathways to funding scientific software; constructing useful common metrics for crediting software stakeholders; identifying principles for sustainable software engineering design; reaching out to research software organizations around the world; and building communities for software sustainability. For each group, we include a point of contact and a landing page that can be used by those who want to join that group's future activities. The main challenge left by the workshop is to see if the groups will execute these activities that they have scheduled, and how the WSSSPE community can encourage this to happen

Towards guidelines for building a business case and gathering evidence of software reference architectures in industry

Background: Software reference architectures are becoming widely adopted by organizations that need to support the design and maintenance of software applications of a shared domain. For organizations that plan to adopt this architecture-centric approach, it becomes fundamental to know the return on investment and to understand how software reference architectures are designed, maintained, and used. Unfortunately, there is little evidence-based support to help organizations with these challenges. Methods: We have conducted action research in an industry-academia collaboration between the GESSI research group and everis, a multinational IT consulting firm based in Spain. Results: The results from such collaboration are being packaged in order to create guidelines that could be used in similar contexts as the one of everis. The main result of this paper is the construction of empirically-grounded guidelines that support organizations to decide on the adoption of software reference architectures and to gather evidence to improve RA-related practices. Conclusions: The created guidelines could be used by other organizations outside of our industry-academia collaboration. With this goal in mind, we describe the guidelines in detail for their use.Peer ReviewedPostprint (published version