14,213 research outputs found
Safety-Critical Systems and Agile Development: A Mapping Study
In the last decades, agile methods had a huge impact on how software is
developed. In many cases, this has led to significant benefits, such as quality
and speed of software deliveries to customers. However, safety-critical systems
have widely been dismissed from benefiting from agile methods. Products that
include safety critical aspects are therefore faced with a situation in which
the development of safety-critical parts can significantly limit the potential
speed-up through agile methods, for the full product, but also in the
non-safety critical parts. For such products, the ability to develop
safety-critical software in an agile way will generate a competitive advantage.
In order to enable future research in this important area, we present in this
paper a mapping of the current state of practice based on {a mixed method
approach}. Starting from a workshop with experts from six large Swedish product
development companies we develop a lens for our analysis. We then present a
systematic mapping study on safety-critical systems and agile development
through this lens in order to map potential benefits, challenges, and solution
candidates for guiding future research.Comment: Accepted at Euromicro Conf. on Software Engineering and Advanced
Applications 2018, Prague, Czech Republi
Large-scale Complex IT Systems
This paper explores the issues around the construction of large-scale complex
systems which are built as 'systems of systems' and suggests that there are
fundamental reasons, derived from the inherent complexity in these systems, why
our current software engineering methods and techniques cannot be scaled up to
cope with the engineering challenges of constructing such systems. It then goes
on to propose a research and education agenda for software engineering that
identifies the major challenges and issues in the development of large-scale
complex, software-intensive systems. Central to this is the notion that we
cannot separate software from the socio-technical environment in which it is
used.Comment: 12 pages, 2 figure
Rethinking Security Incident Response: The Integration of Agile Principles
In today's globally networked environment, information security incidents can
inflict staggering financial losses on organizations. Industry reports indicate
that fundamental problems exist with the application of current linear
plan-driven security incident response approaches being applied in many
organizations. Researchers argue that traditional approaches value containment
and eradication over incident learning. While previous security incident
response research focused on best practice development, linear plan-driven
approaches and the technical aspects of security incident response, very little
research investigates the integration of agile principles and practices into
the security incident response process. This paper proposes that the
integration of disciplined agile principles and practices into the security
incident response process is a practical solution to strengthening an
organization's security incident response posture.Comment: Paper presented at the 20th Americas Conference on Information
Systems (AMCIS 2014), Savannah, Georgi
SensorCloud: Towards the Interdisciplinary Development of a Trustworthy Platform for Globally Interconnected Sensors and Actuators
Although Cloud Computing promises to lower IT costs and increase users'
productivity in everyday life, the unattractive aspect of this new technology
is that the user no longer owns all the devices which process personal data. To
lower scepticism, the project SensorCloud investigates techniques to understand
and compensate these adoption barriers in a scenario consisting of cloud
applications that utilize sensors and actuators placed in private places. This
work provides an interdisciplinary overview of the social and technical core
research challenges for the trustworthy integration of sensor and actuator
devices with the Cloud Computing paradigm. Most importantly, these challenges
include i) ease of development, ii) security and privacy, and iii) social
dimensions of a cloud-based system which integrates into private life. When
these challenges are tackled in the development of future cloud systems, the
attractiveness of new use cases in a sensor-enabled world will considerably be
increased for users who currently do not trust the Cloud.Comment: 14 pages, 3 figures, published as technical report of the Department
of Computer Science of RWTH Aachen Universit
Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems
We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment
aimed at fostering the collaboration between system designers and security
experts at all methodological stages of the development of an embedded system.
A central issue in the design of an embedded system is the definition of the
hardware/software partitioning of the architecture of the system, which should
take place as early as possible. SysML-Sec aims to extend the relevance of this
analysis through the integration of security requirements and threats. In
particular, we propose an agile methodology whose aim is to assess early on the
impact of the security requirements and of the security mechanisms designed to
satisfy them over the safety of the system. Security concerns are captured in a
component-centric manner through existing SysML diagrams with only minimal
extensions. After the requirements captured are derived into security and
cryptographic mechanisms, security properties can be formally verified over
this design. To perform the latter, model transformation techniques are
implemented in the SysML-Sec toolchain in order to derive a ProVerif
specification from the SysML models. An automotive firmware flashing procedure
serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Quality assurance in agile safety-critical systems development
© 2016 IEEE. In this position paper we examine how safety could be assured when increasingly complex systems are developed using agile software development methods. We first discuss the source and nature of complexity in software systems and how a probe - sense - learn approach recommended by the Cynefin Framework is appropriate for designing complex systems and a sense - analyse - learn approach is appropriate for developing a complicated system whose design has been determined. We then examine how quality assurance is incorporated into agile software development before pointing out that those characteristics of a self-managed team that produce so many benefits for software development of complex systems whose solution evolves with problem understanding, are also vulnerable to confirmation bias. This suggests that for safety critical system development, software systems developed by agile teams will need verification and validation by independent parties. We review current quality management practices for medical device software development before discussing how our earlier findings could be adopted into safety critical software quality management
Scrum for product innovation : a longitudinal embedded case study
This article describes the innovation processes used in a partnership between Add Latent Ltd., an asset integrity and maintenance management consulting services provider in the energy sector and University of Salford. The challenge faced by the company is to make their in-house expertise more readily available to a worldwide audience. A longitudinal embedded case study has been used to investigate how installable desktop software applications have been redesigned to create a new set of cloud hosted software services.
The innovation team adapted an agile scrum process to include exploratory prototyping and manage the geographical distribution of the team members. A minimum viable product was developed that integrated functional elements of previous software tools into an end-to-end data collection, analysis and visualisation product called AimHi which uses a cloud-hosted web services approach. Field trials were conducted using the software at the Uniper, Isle of Grain power station in Kent, UK. Enhancements were made to the AimHi product which was adopted for use at the Uniper site. The product emerged from a Knwledge Transfer Partnership whci was evaluated on cmplettion by InnovateUK and awarded the highest possible âoutstandingâ grade.
The article illustrates how the scrum software development method was tailored for a product innovation context. Extended periods of evaluation and reflection, prototyping and requirement refinement were combined with periods of incremental feature development using sprints. The AimHi product emerged from a technology transfer and innovation project that has successfully reconciled conflicting demands from customers, universities, partner companies and project staff members
- âŠ