A conceptual modeling approach for supply chain event management (SCEM)

The management of supply chains is a very comprehensive task. Predictability and response to incidents in process executions are challenging. With Supply Chain Event Management (SCEM), researchers propose an approach for overcoming these problems through proactive monitoring and notification of crucial process activities across the supply chain. The identification and definition of such crucial activities and information needs are necessary to handle possible abnormalities although they are challenging task which have not been solved in SCEM research so far. Hence, we propose a modeling approach which allows the conceptual specification of an adequate information exchange along the supply chain. With our approach we focus on the specification of relevant logistical objects, the definition of possible events, and the design of notifications for decision makers in the supply chain

Security by design: an interdisciplinary systematic review and conceptual framework

Background: Security by design is the approach to designing digital technologies that are foundationally secure. This approach has materialized in several software design methodologies. However, a close examination of these methodologies shows that digital technologies security is designed as a technical feature, with no concern for their interaction with human, social, and organizational factors. This research argues that, in order to produce a design methodology for developing secure software systems that integrates non-technical factors in their design, an interdisciplinary and integrative review of the ‘security by design’ concept is needed. Objectives: The present protocol details the work plan for a systematic scoping review on security by design and related concepts. This review seeks to (1) synthesize current definitions of ‘security by design’, (2) elaborate a conceptual map that shows how ‘security by design’ connects to other related concepts, and (3) identify the key principles of the ‘security by design’ approach. Design: This systematic review follows the PRISMA extension for scoping review. Six databases are searched for thematically relevant studies published in English. Studies included peer-reviewed publications, government or company documents, technical reports, or a doctoral theses. After the initial search, three researchers will screen the title and abstracts following a screening tool. The consistency of researchers’ classification will be measured by calculating the inter-rater reliability. The reading of full texts will determine the final eligibility. Finally, data will be extracted from the final sample of documents. NWONWA.1215.18.008Security and Global Affair

Adopting Free/Libre/Open Source Software Practices, Techniques and Methods for Industrial Use

Today’s software companies face the challenges of highly distributed development projects and constantly changing requirements. This paper proposes the adoption of relevant Free/Libre/Open Source Software (FLOSS) practices in order to improve software development projects in industry. Many FLOSS projects have proven to be very successful, producing high quality products with steady and frequent releases. This study aims to identify FLOSS practices that can be adapted for the corporate environment. To achieve this goal, a framework to compare FLOSS and industrial development methodologies was created. Three successful FLOSS projects were selected as study targets (the Linux Kernel, the FreeBSD operating system, and the JBoss application server), as well as two projects from Ericsson, a large telecommunications company. Based on an analysis of these projects, FLOSS best practices were tailored to fit industrial development environments. The final results consisted of a set of key adoption opportunities that aimed to improve software quality and overall development productivity by importing best practices from the FLOSS environment. The adoption opportunities were then validated at three large corporations

A generic model for representing software development methods.

This thesis has adopted the premise that the use of a method offers a valuable contribution to the software development process. Many methods have not been adequately defined. This thesis is based on the hypothesis that it is possible to represent software development methods using a Generic Method Representation (GMR). This GMR includes the three basic components of the method, which are the product model, the process model and the heuristic model. The elements and interrelationships of these models are investigated. In addition to a graphical representation, a method specification language (MSL) is derived, to enhance the expressive and executable power of GMR. A three-stage knowledge acquisition model, known as IFV (inspection, fabrication and verification), is also introduced to elicit method semantics from the available acquisition media. Moreover, the key benefits of meta modelling, such as method comparison, fragment dissection, method evaluation and selection (or customisation) of a method, are highlighted. An application of GMR, that is the mapping to a practical metaCASE tool model, is also illustrated comprehensively to demonstrate the applicability of the approach