Helping End-User Programmers “Engineer” Dependable Software

Not long ago, most software was written by professional programmers, who could be presumed to have an interest in software engineering methodologies and in tools and techniques for improving software dependability. Today, however, a great deal of software is written not by professionals but by end-users, who create applications such as multimedia simulations, dynamic web pages, and spreadsheets. Applications such as these are often used to guide important decisions or aid in important tasks, and it is important that they be sufficiently dependable, but evidence shows that they frequently are not. For example, studies have shown that a large percentage of the spreadsheets created by end-users contain faults, and stories abound of spreadsheet faults that have led to multi-million dollar losses. Despite such evidence, until recently, relatively little research had been done to help end-users create more dependable software

Challenging Software Developers:Dialectic as a Foundation for Security Assurance Techniques

Development teams are increasingly expected to deliver secure code, but how can they best achieve this? Traditional security practice, which emphasises 'telling developers what to do' using checklists, processes and errors to avoid, has proved difficult to introduce. From analysis of industry interviews with a dozen experts in app development security, we find that secure development requires dialectic: a challenging dialog between the developers and a range of counterparties, continued throughout the development cycle. Analysing a further survey of sixteen industry developer security advocates, we identify the six assurance techniques that are most effective at achieving this dialectic in existing development teams, and conclude that the introduction of these techniques is best driven by the developers themselves. Concentrating on these six assurance techniques, and the dialectical interactions they involve, has the potential to increase the security of development activities and thus improve software security for everyone

I'd Like to Have an Argument, Please:Using Dialectic for Effective App Security

The lack of good secure development practice for app developers threatens everyone who uses mobile software. Current practice emphasizes checklists of processes and security errors to avoid, and has not proved effective in the application development domain. Based on analysis of interviews with relevant security experts, we suggest that secure app development requires 'dialectic': challenging dialog with a range of counterparties, continued throughout the development cycle. By further studying the different dialectic techniques possible in programmers' communications, we shall be able to empower app developers to produce the secure software that we need

Transformative Effects of ChatGPT on Modern Education: Emerging Era of AI Chatbots

ChatGPT, an AI-based chatbot, was released to provide coherent and useful replies based on analysis of large volumes of data. In this article, leading scientists, researchers and engineers discuss the transformative effects of ChatGPT on modern education. This research seeks to improve our knowledge of ChatGPT capabilities and its use in the education sector, identifying potential concerns and challenges. Our preliminary evaluation concludes that ChatGPT performed differently in each subject area including finance, coding and maths. While ChatGPT has the ability to help educators by creating instructional content, offering suggestions and acting as an online educator to learners by answering questions and promoting group work, there are clear drawbacks in its use, such as the possibility of producing inaccurate or false data and circumventing duplicate content (plagiarism) detectors where originality is essential. The often reported hallucinations within Generative AI in general, and also relevant for ChatGPT, can render its use of limited benefit where accuracy is essential. What ChatGPT lacks is a stochastic measure to help provide sincere and sensitive communication with its users. Academic regulations and evaluation practices used in educational institutions need to be updated, should ChatGPT be used as a tool in education. To address the transformative effects of ChatGPT on the learning environment, educating teachers and students alike about its capabilities and limitations will be crucial.Comment: Preprint submitted to IoTCPS Elsevier (2023

Construct by Contract: Construct by Contract: An Approach for Developing Reliable Software

This research introduces “Construct by Contract” as a proposal for a general methodology to develop dependable software systems. It describes an ideal process to construct systems by propagating requirements as contracts from the client’s desires to the correctness proof in verification stage, especially in everyday-used software like web applications, mobile applications and desktop application. Such methodology can be converted in a single integrated workspace as standalone tool to develop software. To achieve the already mentioned goal, this methodology puts together a collection of software engineering tools and techniques used throughout the software’s lifecycle, from requirements gathering to the testing phase, in order to ensure a contract-based flow. Construct by Contract is inclusive, regarding the roles of the people involved in the software construction process, including for instance customers, users, project managers, designers, developers and testers, all of them interacting in one common software development environment, sharing information in an understandable presentation according to each stage. It is worth to mention that we focus on the verification phase, as the key to achieve the reliability sought. Although at this point, we only completed the definition and the specification of this methodology, we evaluate the implementation by analysing, measuring and comparing different existing tools that could fit at any of the stages of software’s lifecycle, and that could be applied into a piece of commercial software. These insights are provided in a proof of concept case study, involving a productive Java Web application using struts framework

Методичні вказівки та завдання до практичних занять з англійської мови

Усі тексти базуються на автентичних джерелах, підібрані згідно з професійними та загальними інтересами молоді та ставлять за мету не лише розвиток навичок усіх видів читання текстів з першоджерел, але й залучення студентів до дискусій та створення діалогів та монологів за темами, що обговорюються у текстах, тобто сприяють формуванню та розвитку комунікативної компетенції студентів. Виконання післятекстових завдань (imitation exercises, transformatiоn exercises, substitution and creative exercises) дає можливість розвивати комунікативні та граматичні навички, навчитися висловлювати власну думку як в усній, так і в письмовій формах

Reducing number entry errors: solving a widespread, serious problem

Number entry is ubiquitous: it is required in many fields including science, healthcare, education, government, mathematics and finance. People entering numbers are to be expected to make errors, but shockingly few systems make any effort to detect, block or otherwise manage errors. Worse, errors may be ignored but processed in arbitrary ways, with unintended results. A standard class of error (defined in the paper) is an ‘out by 10 error’, which is easily made by miskeying a decimal point or a zero. In safety-critical domains, such as drug delivery, out by 10 errors generally have adverse consequences. Here, we expose the extent of the problem of numeric errors in a very wide range of systems. An analysis of better error management is presented: under reasonable assumptions, we show that the probability of out by 10 errors can be halved by better user interface design. We provide a demonstration user interface to show that the approach is practical. To kill an error is as good a service as, and sometimes even better than, the establishing of a new truth or fact.(Charles Darwin 1879 [2008], p. 229

Formal Verification of Cyberphysical Systems

17 USC 105 interim-entered record; under review.Computer hosts a virtual roundtable with seven experts to discuss the formal specification and verification of cyberphysical systems.http://hdl.handle.net/10945/6944

Toward a Dependability Case Language and Workflow for a Radiation Therapy System

We present a near-future research agenda for bringing a suite of modern programming-languages verification tools - specifically interactive theorem proving, solver-aided languages, and formally defined domain-specific languages - to the development of a specific safety-critical system, a radiotherapy medical device. We sketch how we believe recent programming-languages research advances can merge with existing best practices for safety-critical systems to increase system assurance and developer productivity. We motivate hypotheses central to our agenda: That we should start with a single specific system and that we need to integrate a variety of complementary verification and synthesis tools into system development