187 research outputs found

    From Collective Knowledge to Intelligence:Pre-Requirements Analysis of Large and Complex Systems

    Get PDF

    Consistency-Preserving Evolution Planning on Feature Models

    Get PDF
    A software product line (SPL) enables large-scale reuse in a family of related software systems through configurable features. SPLs represent a long-term investment so that their ongoing evolution becomes paramount and requires careful planning. While existing approaches enable to create an evolution plan for an SPL on feature-model (FM) level, they assume the plan to be rigid and do not support retroactive changes. In this paper, we present a method that enables to create and retroactively adapt an FM evolution plan while preventing undesired impacts on its structural and logical consistency. This method is founded in structural operational semantics and linear temporal logic. We implement our method using rewriting logic, integrate it within an FM tool suite and perform an evaluation using a collection of existing FM evolution scenarios

    A Method for Recommending Computer-Security Training for Software Developers

    Get PDF
    Vulnerable code may cause security breaches in software systems resulting in financial and reputation losses for the organizations in addition to loss of their customers’ confidential data. Delivering proper software security training to software developers is key to prevent such breaches. Conventional training methods do not take the code written by the developers over time into account, which makes these training sessions less effective. We propose a method for recommending computer–security training to help identify focused and narrow areas in which developers need training. The proposed method leverages the power of static analysis techniques, by using the flagged vulnerabilities in the source code as basis, to suggest the most appropriate training topics to different software developers. Moreover, it utilizes public vulnerability repositories as its knowledgebase to suggest community accepted solutions to different security problems. Such mitigation strategies are platform independent, giving further strength to the utility of the system. This research discussed the proposed architecture of the recommender system, case studies to validate the system architecture, tailored algorithms to improve the performance of the system, and human subject evaluation conducted to determine the usefulness of the system. Our evaluation suggests that the proposed system successfully retrieves relevant training articles from the public vulnerability repository. The human subjects found these articles to be suitable for training. The human subjects also found the proposed recommender system as effective as a commercial tool

    A Method for Recommending Computer-Security Training for Software Developers

    Get PDF
    Vulnerable code may cause security breaches in software systems resulting in financial and reputation losses for the organizations in addition to loss of their customers’ confidential data. Delivering proper software security training to software developers is key to prevent such breaches. Conventional training methods do not take the code written by the developers over time into account, which makes these training sessions less effective. We propose a method for recommending computer–security training to help identify focused and narrow areas in which developers need training. The proposed method leverages the power of static analysis techniques, by using the flagged vulnerabilities in the source code as basis, to suggest the most appropriate training topics to different software developers. Moreover, it utilizes public vulnerability repositories as its knowledgebase to suggest community accepted solutions to different security problems. Such mitigation strategies are platform independent, giving further strength to the utility of the system. This research discussed the proposed architecture of the recommender system, case studies to validate the system architecture, tailored algorithms to improve the performance of the system, and human subject evaluation conducted to determine the usefulness of the system. Our evaluation suggests that the proposed system successfully retrieves relevant training articles from the public vulnerability repository. The human subjects found these articles to be suitable for training. The human subjects also found the proposed recommender system as effective as a commercial tool

    SME and NPO readiness for adopting software-as-a-service in developing countries

    Get PDF
    Includes abstract.Includes bibliographical references.This research aims to study [Software-as-a-Service] SaaS readiness and adoption in South Africa. South Africa is an emerging economy, but it has the qualities of both an emerging and a developing country. The telecommunications infrastructure in particular has the qualities of a developing country. This study focuses on small to medium sized organisations, comprising both enterprises and non-profit organisations. Molla and Licker's (2005a) Perceived E-Readiness Model (PERM) is adapted and used to study SaaS readiness and adoption. Important SaaS multi-theoretical factors were added to the PERM to increase the rigorousness of the model

    Detection and analysis of near-miss clone genealogies

    Get PDF
    It is believed that identical or similar code fragments in source code, also known as code clones, have an impact on software maintenance. A clone genealogy shows how a group of clone fragments evolve with the evolution of the associated software system, and thus may provide important insights on the maintenance implications of those clone fragments. Considering the importance of studying the evolution of code clones, many studies have been conducted on this topic. However, after a decade of active research, there has been a marked lack of progress in understanding the evolution of near-miss software clones, especially where statements have been added, deleted, or modified in the copied fragments. Given that there are a significant amount of near-miss clones in the software systems, we believe that without studying the evolution of near-miss clones, one cannot have a complete picture of the clone evolution. In this thesis, we have advanced the state-of-the-art in the evolution of clone research in the context of both exact and near-miss software clones. First, we performed a large-scale empirical study to extend the existing knowledge about the evolution of exact and renamed clones where identifiers have been modified in the copied fragments. Second, we have developed a framework, gCad that can automatically extract both exact and near-miss clone genealogies across multiple versions of a program and identify their change patterns reasonably fast while maintaining high precision and recall. Third, in order to gain a broader perspective of clone evolution, we extended gCad to calculate various evolutionary metrics, and performed an in-depth empirical study on the evolution of both exact and near-miss clones in six open source software systems of two different programming languages with respect to five research questions. We discovered several interesting evolutionary phenomena of near-miss clones which either contradict with previous findings or are new. Finally, we further improved gCad, and investigated a wide range of attributes and metrics derived from both the clones themselves and their evolution histories to identify certain attributes, which developers often use to remove clones in the real world. We believe that our new insights in the evolution of near-miss clones, and about how developers approach and remove duplication, will play an important role in understanding the maintenance implications of clones and will help design better clone management systems

    Factors impacting on tacit knowledge transfer within Scrum software development teams

    Get PDF
    Over time, there has been a high failure rate of information systems development (ISD) projects, although Agile development has brought recent improvements. Knowledge management is also known to be one of the critical factors to Agile and project success; however, there are some knowledge transfer studies in Agile development. Therefore, the purpose of this research is to present a theoretical model examining what makes individuals successful at transferring knowledge in teams using Scrum, Agile’s most popular methodology. Twelve semi-structured interviews were conducted at two Scrum companies in Cape Town. Participants interviewed ranged from project managers and Scrum masters to software developers, business analyst and testers. The interviews were all transcribed, then analysed using thematic analysis. The findings produced new relationships between characteristics already well known to impact knowledge transfer as well as newly defined characteristics impacting knowledge transfer in Scrum teams: empathy and articulation skills of the source. The results have shown that the recipient should perceive the person wanting to transfer knowledge as having these characteristics to enable successful knowledge transfer: empathy, motivation, capability, credibility, articulate and ability to communicate enough. The contribution of this study to practice is a list of attributes for HR managers to help improve the knowledge transfer of Scrum team members. The contribution to Scrum research is a new theoretical model that suggests which characteristics a person needs to transfer knowledge successfully in Scrum teams, adapted from Joshi, Sarker and Sarker’s (2007) knowledge transfer model. This model can also be extended in the future by looking more deeply into the new relationships between constructs, such as how motivation together with capability of the source affect knowledge transfer in Scrum teams

    Applications of Multi-view Learning Approaches for Software Comprehension

    Full text link
    Program comprehension concerns the ability of an individual to make an understanding of an existing software system to extend or transform it. Software systems comprise of data that are noisy and missing, which makes program understanding even more difficult. A software system consists of various views including the module dependency graph, execution logs, evolutionary information and the vocabulary used in the source code, that collectively defines the software system. Each of these views contain unique and complementary information; together which can more accurately describe the data. In this paper, we investigate various techniques for combining different sources of information to improve the performance of a program comprehension task. We employ state-of-the-art techniques from learning to 1) find a suitable similarity function for each view, and 2) compare different multi-view learning techniques to decompose a software system into high-level units and give component-level recommendations for refactoring of the system, as well as cross-view source code search. The experiments conducted on 10 relatively large Java software systems show that by fusing knowledge from different views, we can guarantee a lower bound on the quality of the modularization and even improve upon it. We proceed by integrating different sources of information to give a set of high-level recommendations as to how to refactor the software system. Furthermore, we demonstrate how learning a joint subspace allows for performing cross-modal retrieval across views, yielding results that are more aligned with what the user intends by the query. The multi-view approaches outlined in this paper can be employed for addressing problems in software engineering that can be encoded in terms of a learning problem, such as software bug prediction and feature location
    • 

    corecore