Towards Automated Translation between Generations of GUI-based Tests for Mobile Devices

Market demands for faster delivery and higher software quality are progressively becoming more stringent. A key hindrance for software companies to meet such demands is how to test the software due to to the intrinsic costs of development, maintenance and evolution of testware. Especially since testware should be defined, and aligned, with all layers of system under test (SUT), including all graphical user interface (GUI) abstraction levels. These levels can be tested with different generations of GUI-based test approaches, where 2nd generation, or Layout-based, tests leverage GUI properties and 3rd generation, or Visual, tests make use of image recognition. The two approaches provide different benefits and drawbacks and are seldom used together because of the aforementioned costs, despite growing academic evidence of the complementary benefits. In this work we propose the proof of concept of a novel two-step translation approach for Android GUI testing, where a translator first creates a technology independent script with actions and elements of the GUI, and then translates it to a script with the syntax chosen by the user. The approach enables users to translate Layout-based to Visual scripts and vice versa, to gain the benefits (e.g. robustness, speed and ability to emulate the user) of both generations, whilst minimizing the drawbacks (e.g. development and maintenance costs). We outline our approach from a technical perspective, discuss some of the key challenges with the realization of our approach, evaluate the feasibility and the advantages provided by our approach on an open-source Android application, and discuss the potential industrial impact of this work

Bringing the globe into globalization: Models of capacity building and technology transfer

Legal policy on the global stage has combined with history, nature and economics to create an inherently unequal playing field for states seeking to undertake industrial development or agricultural reform at this point in time. The reasons for this are manifold and complex, for example, developing nations may not find it easy to lobby or assertthemselves in international fora, historical colonial relationships may have inhibited their economic and industrial development, and current trade relationships may make adherence to certain international agreements a matter of necessity rather than choice.Policy makers are aware of this problem and have tried to lessen this inequality by instituting mechanisms to transfer technology to least developed nations.Using the digital divide as a case-study this paper looks at the efficacy of this model and argues that this approach as instituted is fundamentally flawed for a number of reasons.1. The definition of technology transfer and capacity building promulgated by international law only addresses a limited range of the factors which cause technology gaps and in some cases the response exacerbates them.2. The reason for this poorly formulated policy is that it is founded upon flawed economic principles and assumptions about the effect of free market economics in developing nations.The central argument of this paper is that in order to bridge the developmental divide it is not sufficient to simply improve infrastructure and access to technology but one must also empower people to use technology in a way which addresses their own self-identified social, environmental and developmental needs. The author believes that the Open Source movement offers not only practical means of doing this but also a model for rethinking the economic and social assumptions behind our current capacity building model.The reasons for adopting this perspective are manifold. The movement is already designed to draw us away from corporate to community based modes of thought; it is essentially a grassroots protest movement against the ethos of standard copyright allowing creators to set their own licensing criteria on their works to ensure that they remain withinthe creative commons. By safeguarding this openness the movement facilitates both technology and knowledge transfer (unlike proprietary systems which usually facilitate onlyone of these). This is because open source systems recognize the concept of communal use as well as tailored ideas of attribution and moral rights suitable for the various contexts of use. Thus, the growth and development of the open source systems takes account of systems with lower technical capacities without precluding or discouraging the possibility of systemic advancement.Finally, unlike other development related knowledge protections, open source is of global application and is not in that sense targeted or imposed upon least developed parties and therefore allows self-directed development by permitting them to choose if they wish to adopt it and to set the level of protection they find most beneficial. Thus, this paper hopes to take an established alternative to IP law and reveal new perspectives on how to facilitate effective technology transfer

Threat modeling in web applications

Todays competitive and profit-driven online environment needs a web application to be much secure as it is going to be tested in all possible ways by the attackers for any sign of vulnerability which can be converted into a big success for him to gain control to the maximum of the software. In order to produce a secure application, it has to be securely built right from the design phase throughout the software development life cycle. The most effective methodology of implementing this is threat modeling. There have been a lot of improvements and researches on the process of threat modeling and its approaches. Following these, Some tools are developed by some Enterprises to support the process of systematic threat modeling. In this thesis, the most widely accepted process of threat modeling, that has been proposed by Microsoft, is explained along with other approaches for it. Two industrial projects, with the support of Microsoft SDL tool for Threat modeling have been threat modeled and discussed. Towards the end, some modifications to the hybrid approach of threat modeling have been proposed and have been implemented on the open source workbench supporting that approach

Selection of third party software in Off-The-Shelf-based software development: an interview study with industrial practitioners

The success of software development using third party components highly depends on the ability to select a suitable component for the intended application. The evidence shows that there is limited knowledge about current industrial OTS selection practices. As a result, there is often a gap between theory and practice, and the proposed methods for supporting selection are rarely adopted in the industrial practice. This paper's goal is to investigate the actual industrial practice of component selection in order to provide an initial empirical basis that allows the reconciliation of research and industrial endeavors. The study consisted of semi-structured interviews with 23 employees from 20 different software-intensive companies that mostly develop web information system applications. It provides qualitative information that help to further understand these practices, and emphasize some aspects that have been overlooked by researchers. For instance, although the literature claims that component repositories are important for locating reusable components; these are hardly used in industrial practice. Instead, other resources that have not received considerable attention are used with this aim. Practices and potential market niches for software-intensive companies have been also identified. The results are valuable from both the research and the industrial perspectives as they provide a basis for formulating well-substantiated hypotheses and more effective improvement strategies.Peer ReviewedPostprint (author's final draft

Vulnerable Open Source Dependencies: Counting Those That Matter

BACKGROUND: Vulnerable dependencies are a known problem in today's open-source software ecosystems because OSS libraries are highly interconnected and developers do not always update their dependencies. AIMS: In this paper we aim to present a precise methodology, that combines the code-based analysis of patches with information on build, test, update dates, and group extracted from the very code repository, and therefore, caters to the needs of industrial practice for correct allocation of development and audit resources. METHOD: To understand the industrial impact of the proposed methodology, we considered the 200 most popular OSS Java libraries used by SAP in its own software. Our analysis included 10905 distinct GAVs (group, artifact, version) when considering all the library versions. RESULTS: We found that about 20% of the dependencies affected by a known vulnerability are not deployed, and therefore, they do not represent a danger to the analyzed library because they cannot be exploited in practice. Developers of the analyzed libraries are able to fix (and actually responsible for) 82% of the deployed vulnerable dependencies. The vast majority (81%) of vulnerable dependencies may be fixed by simply updating to a new version, while 1% of the vulnerable dependencies in our sample are halted, and therefore, potentially require a costly mitigation strategy. CONCLUSIONS: Our case study shows that the correct counting allows software development companies to receive actionable information about their library dependencies, and therefore, correctly allocate costly development and audit resources, which is spent inefficiently in case of distorted measurements.Comment: This is a pre-print of the paper that appears, with the same title, in the proceedings of the 12th International Symposium on Empirical Software Engineering and Measurement, 201

Designing an Open Virtual Factory of Small and Medium-sized Enterprises for Industrial Engineering Education

Curriculum of Industrial Engineering program must accomplish the requirement that graduates have the ability to design, develop, implement, and improve integrated system that include people, materials, equipment and energy. However, it is not easy to implement a curriculum that fosters such competencies. One of the strategies to achieve that is using an innovative learning media, so that the problem-based learning (PBL) can be accustomed. In this paper, we design a web-based enterprise resources planning. It is aimed to capture the real problem of small and medium-sized enterprises (SMEs) in bottled drinking water industries. The integrated system can be illustrated as ERP application that designed by using free open source software (FOSS). This research aimed to utilize the application to improve teaching methods in IE education. The result of the research can be used to improve the competencies of IE students, especially the abilities to identify, formulate, and solve the activities of the business process improvement in SMEs. Keywords Industrial engineering education, FOSS, innovative learning media, problem-based learnin

Model-Driven Development of Control Applications: On Modeling Tools, Simulations and Safety

Control systems are required in various industrial applications varying from individual machines to manufacturing plants and enterprises. Software applications have an important role as an implementation technology in such systems, which can be based on Distributed Control System (DCS) or Programmable Control System (PLC) platforms, for example. Control applications are computer programs that, with control system hardware, perform control tasks. Control applications are efficient and flexible by nature; however, their development is a complex task that requires the collaboration of experts and information from various domains of expertise.This thesis studies the use of Model-Driven Development (MDD) techniques in control application development. MDD is a software development methodology in which models are used as primary engineering artefacts and processed with both manual work and automated model transformations. The objective of the thesis is to explore whether or not control application development can benefit from MDD and selected technologies enabled by it. The research methodology followed in the thesis is the constructive approach of design science.To answer the research questions, tools are developed for modeling and developing control applications using UML Automation Profile (UML AP) in a model-driven development process. The modeling approach is developed based on open source tools on Eclipse platform. In the approach, modeling concepts are kept extendable. Models can be processed with model transformation techniques that plug in to the tool. The approach takes into account domain requirements related to, for example, re-use of design. According to assessment of industrial applicability of the approach and tools as part of it, they could be used for developing industrial DCS based control applications.Simulation approaches that can be used in conjunction to model-driven development of control applications are presented and compared. Development of a model-in-the-loop simulation support is rationalized to enable the use of simulations early while taking into account the special characteristics of the domain. A simulator integration is developed that transforms UML AP control application models to Modelica Modeling Language (ModelicaML) models, thus enabling closed-loop simulations with ModelicaML models of plants to be controlled. The simulation approach is applied successfully in simulations of machinery applications and process industry processes.Model-driven development of safety applications, which are parts of safety systems, would require taking into account safety standard requirements related to modeling techniques and documentation, for example. Related to this aspect, the thesis focuses on extending the information content of models with aspects that are required for safety applications. The modeling of hazards and their associated risks is supported with fault tree notation. The risk and hazard information is integrated into the development process in order to improve traceability. Automated functions enable generating documentation and performing consistency checks related to the use of standard solutions, for example. When applicable, techniques and notations, such as logic diagrams, have been chosen so that they are intuitive to developers but also comply with recommendations of safety standards

Dynamic Learning Media to Improve the Pedagogic Experience in Conveying of SCM Course

Abstract This paper presents the application of free/open source software (FOSS) for developing educational in Supply Chain Management (SCM) course. There were abundant educational tools based F applications. However, lecturer still faces problems to implement such an learning media for impro the pedagogic experience i.e. customizing of software function, developing of a specific educat media, and illustrating of a SCM course content. The purpose of this research is to design dyn learning media for increasing efficiency in conveying subject matter of SCM course. We combin mobile and/or web devices with FOSS of web service to design dynamic learning media. It has a mo of real distribution problem in commodity paddy was captured. We design an interactive Web-based Mobile-based application by using WSDL, PHP and My SQL, and SOAP. The result of the resea Mobile & Web SCM application as dynamic learning media- will be able to improve the pedag experience to students. Keywords: Educational tool, FOSS, dynamic learning media, SCM course, the pedagogic approach