A Model-Driven Approach for Business Process Management

The Business Process Management is a common mechanism recommended by a high number of standards for the management of companies and organizations. In software companies this practice is every day more accepted and companies have to assume it, if they want to be competitive. However, the effective definition of these processes and mainly their maintenance and execution are not always easy tasks. This paper presents an approach based on the Model-Driven paradigm for Business Process Management in software companies. This solution offers a suitable mechanism that was implemented successfully in different companies with a tool case named NDTQ-Framework.Ministerio de Educación y Ciencia TIN2010-20057-C03-02Junta de Andalucía TIC-578

Intangible trust requirements - how to fill the requirements trust "gap"?

Previous research efforts have been expended in terms of the capture and subsequent instantiation of "soft" trust requirements that relate to HCI usability concerns or in relation to "hard" tangible security requirements that primarily relate to security a ssurance and security protocols. Little direct focus has been paid to managing intangible trust related requirements per se. This 'gap' is perhaps most evident in the public B2C (Business to Consumer) E- Systems we all use on a daily basis. Some speculative suggestions are made as to how to fill the 'gap'. Visual card sorting is suggested as a suitable evaluative tool; whilst deontic logic trust norms and UML extended notation are the suggested (methodologically invariant) means by which software development teams can perhaps more fully capture hence visualize intangible trust requirements

A research review of quality assessment for software

Measures were recommended to assess the quality of software submitted to the AdaNet program. The quality factors that are important to software reuse are explored and methods of evaluating those factors are discussed. Quality factors important to software reuse are: correctness, reliability, verifiability, understandability, modifiability, and certifiability. Certifiability is included because the documentation of many factors about a software component such as its efficiency, portability, and development history, constitute a class for factors important to some users, not important at all to other, and impossible for AdaNet to distinguish between a priori. The quality factors may be assessed in different ways. There are a few quantitative measures which have been shown to indicate software quality. However, it is believed that there exists many factors that indicate quality and have not been empirically validated due to their subjective nature. These subjective factors are characterized by the way in which they support the software engineering principles of abstraction, information hiding, modularity, localization, confirmability, uniformity, and completeness

Research in Geant4 electromagnetic physics design, and its effects on computational performance and quality assurance

The Geant4 toolkit offers a rich variety of electromagnetic physics models; so far the evaluation of this Geant4 domain has been mostly focused on its physics functionality, while the features of its design and their impact on simulation accuracy, computational performance and facilities for verification and validation have not been the object of comparable attention yet, despite the critical role they play in many experimental applications. A new project is in progress to study the application of new design concepts and software techniques in Geant4 electromagnetic physics, and to evaluate how they can improve on the current simulation capabilities. The application of a policy-based class design is investigated as a means to achieve the objective of granular decomposition of processes; this design technique offers various advantages in terms of flexibility of configuration and computational performance. The current Geant4 physics models have been re-implemented according to the new design as a pilot project. The main features of the new design and first results of performance improvement and testing simplification are presented; they are relevant to many Geant4 applications, where computational speed and the containment of resources invested in simulation production and quality assurance play a critical role.Comment: 4 pages, 4 figures and images, to appear in proceedings of the Nuclear Science Symposium and Medical Imaging Conference 2009, Orland

A Quality Model in a Quality Evaluation Framework for MDWE methodologies

Nowadays, diverse development methodologies exist in the field of Model-Driven Web Engineering (MDWE), each of which covers different levels of abstraction on Model-Driven Architecture (MDA): CIM, PIM, PSM and Code. Given the high number of methodologies available, it is necessary to evaluate the quality of existing methodologies and provide helpful information to the developers. Furthermore, proposals are constantly appearing and the need may arise not only to evaluate the quality but also to find out how it can be improved. In this context, QuEF (Quality Evaluation Framework) can be employed to assess the quality of MDWE methodologies. This article presents the work being carried out and describes tasks to define a Quality Model component for QuEF. This component would be responsible for providing the basis for specifying quality requirements with the purpose of evaluating quality.Ministerio de Educación y Ciencia TIN2007-67843-C06-03Ministerio de Educación y Ciencia TIN2007-30391-

Studying Maintainability on Model-Driven Web Methodologies

QuEF (Quality Evaluation Framework) is an environment to evaluate, through objective measures, the quality of Model-DrivenWeb Engineering (MDWE) methodologies. In this paper, this environment is presented and is used for the evaluation of the Maintainability in terms of various characteristics on MDWE. Given the high number of methodologies available and proposed over recent years, it has become necessary to define objective evaluation tools to enable organizations to improve their methodological environment and to help designers of web methodologies design new effective and efficient tools, processes and techniques and find out how it can be improved and how the quality improvement process could be optimized in order to reduce costs. This evaluation is applied to the NDT (Navigational Development Techniques) methodology, an approach that covers the complete life cycle and it is mainly oriented to the enterprise environment.Ministerio de Educación y Ciencia TIN2007–67843-C06-03Ministerio de Educación y Ciencia TIN2010–20057-C03–0

A Model-Driven Approach for Business Process Management

The Business Process Management is a common mechanism recommended by a high number of standards for the management of companies and organizations. In software companies this practice is every day more accepted and companies have to assume it, if they want to be competitive. However, the effective definition of these processes and mainly their maintenance and execution are not always easy tasks. This paper presents an approach based on the Model-Driven paradigm for Business Process Management in software companies. This solution offers a suitable mechanism that was implemented successfully in different companies with a tool case named NDTQ-Framework.Keywords/Index Terms: Model-Driven Web Engineering, Web Engineering, Web Development Methodologies, Business Process Managemen

Measuring software security from the design of software

The vast majority of our contemporary society owns a mobile phone, which has resulted in a dramatic rise in the amount of networked computers in recent years. Security issues in the computers have followed the same trend and nearly everyone is now affected by such issues. How could the situation be improved? For software engineers, an obvious answer is to build computer software with security in mind. A problem with building software with security is how to define secure software or how to measure security. This thesis divides the problem into three research questions. First, how can we measure the security of software? Second, what types of tools are available for measuring security? And finally, what do these tools reveal about the security of software? Measuring tools of these kind are commonly called metrics. This thesis is focused on the perspective of software engineers in the software design phase. Focus on the design phase means that code level semantics or programming language specifics are not discussed in this work. Organizational policy, management issues or software development process are also out of the scope. The first two research problems were studied using a literature review while the third was studied using a case study research. The target of the case study was a Java based email server called Apache James, which had details from its changelog and security issues available and the source code was accessible. The research revealed that there is a consensus in the terminology on software security. Security verification activities are commonly divided into evaluation and assurance. The focus of this work was in assurance, which means to verify one’s own work. There are 34 metrics available for security measurements, of which five are evaluation metrics and 29 are assurance metrics. We found, however, that the general quality of these metrics was not good. Only three metrics in the design category passed the inspection criteria and could be used in the case study. The metrics claim to give quantitative information on the security of the software, but in practice they were limited to evaluating different versions of the same software. Apart from being relative, the metrics were unable to detect security issues or point out problems in the design. Furthermore, interpreting the metrics’ results was difficult. In conclusion, the general state of the software security metrics leaves a lot to be desired. The metrics studied had both theoretical and practical issues, and are not suitable for daily engineering workflows. The metrics studied provided a basis for further research, since they pointed out areas where the security metrics were necessary to improve whether verification of security from the design was desired.Siirretty Doriast