23,078 research outputs found
Introducing Energy Efficiency into SQALE
Energy Efficiency is becoming a key factor in software development, given the sharp growth of IT systems and their impact on worldwide energy consumption. We do believe that a quality process infrastructure should be able to consider the Energy Efficiency of a system since its early development: for this reason we propose to introduce Energy Efficiency into the existing quality models. We selected the SQALE model and we tailored it inserting Energy Efficiency as a sub-characteristic of efficiency. We also propose a set of six source code specific requirements for the Java language starting from guidelines currently suggested in the literature. We experienced two major challenges: the identification of measurable, automatically detectable requirements, and the lack of empirical validation on the guidelines currently present in the literature and in the industrial state of the practice as well. We describe an experiment plan to validate the six requirements and evaluate the impact of their violation on Energy Efficiency, which has been partially proved by preliminary results on C code. Having Energy Efficiency in a quality model and well verified code requirements to measure it, will enable a quality process that precisely assesses and monitors the impact of software on energy consumptio
Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study
Passwords are still a mainstay of various security systems, as well as the
cause of many usability issues. For end-users, many of these issues have been
studied extensively, highlighting problems and informing design decisions for
better policies and motivating research into alternatives. However, end-users
are not the only ones who have usability problems with passwords! Developers
who are tasked with writing the code by which passwords are stored must do so
securely. Yet history has shown that this complex task often fails due to human
error with catastrophic results. While an end-user who selects a bad password
can have dire consequences, the consequences of a developer who forgets to hash
and salt a password database can lead to far larger problems. In this paper we
present a first qualitative usability study with 20 computer science students
to discover how developers deal with password storage and to inform research
into aiding developers in the creation of secure password systems
NLSC: Unrestricted Natural Language-based Service Composition through Sentence Embeddings
Current approaches for service composition (assemblies of atomic services)
require developers to use: (a) domain-specific semantics to formalize services
that restrict the vocabulary for their descriptions, and (b) translation
mechanisms for service retrieval to convert unstructured user requests to
strongly-typed semantic representations. In our work, we argue that effort to
developing service descriptions, request translations, and matching mechanisms
could be reduced using unrestricted natural language; allowing both: (1)
end-users to intuitively express their needs using natural language, and (2)
service developers to develop services without relying on syntactic/semantic
description languages. Although there are some natural language-based service
composition approaches, they restrict service retrieval to syntactic/semantic
matching. With recent developments in Machine learning and Natural Language
Processing, we motivate the use of Sentence Embeddings by leveraging richer
semantic representations of sentences for service description, matching and
retrieval. Experimental results show that service composition development
effort may be reduced by more than 44\% while keeping a high precision/recall
when matching high-level user requests with low-level service method
invocations.Comment: This paper will appear on SCC'19 (IEEE International Conference on
Services Computing) on July 1
Higher-Order Process Modeling: Product-Lining, Variability Modeling and Beyond
We present a graphical and dynamic framework for binding and execution of
business) process models. It is tailored to integrate 1) ad hoc processes
modeled graphically, 2) third party services discovered in the (Inter)net, and
3) (dynamically) synthesized process chains that solve situation-specific
tasks, with the synthesis taking place not only at design time, but also at
runtime. Key to our approach is the introduction of type-safe stacked
second-order execution contexts that allow for higher-order process modeling.
Tamed by our underlying strict service-oriented notion of abstraction, this
approach is tailored also to be used by application experts with little
technical knowledge: users can select, modify, construct and then pass
(component) processes during process execution as if they were data. We
illustrate the impact and essence of our framework along a concrete, realistic
(business) process modeling scenario: the development of Springer's
browser-based Online Conference Service (OCS). The most advanced feature of our
new framework allows one to combine online synthesis with the integration of
the synthesized process into the running application. This ability leads to a
particularly flexible way of implementing self-adaption, and to a particularly
concise and powerful way of achieving variability not only at design time, but
also at runtime.Comment: In Proceedings Festschrift for Dave Schmidt, arXiv:1309.455
- …