Reducing complexity in developing wireless sensor network systems using model-driven development

Wireless Sensor Network (WSN) is a collection of small and low-powered gadgets called sensor nodes (motes), which are capable of sensing the environment, collecting and processing the sensed data, and communicating with each other to accomplish a specific task. Moreover, all sensed and processed data are finally handed over to a central gathering point called a base station (sink), where all collected data are stored and can be reviewed by the user. Most of the current methods concerning WSN development are application or platform-dependent; hence it is not a trivial task to reuse developed applications in another environment. Therefore, WSN application development is a challenging and complex task because of the low-level technical details and programming complexity. Furthermore, most WSN development projects are managed by software engineers, not application field experts or WSN end users. Consequently, WSN solutions are considered expensive, due to the amount of effort that has to be put into these projects. This research project aims to reduce the complexity in developing WSN applications, by abstracting the low-level technical and programming details for average developers and domain experts. In this research, we argue that reducing complexity can be achieved by defining a new Domain-Specific Language (DSL) as a new application development and programming abstraction, which supports multi-levels modelling (i.e. network, group, and node-level). The outcome of this work is the definition of a new language called SenNet, which is an open source DSL programming abstraction that enables application developers to concentrate on the high-level application logic rather than the low-level complex details. SenNet was developed using the principles of Model-Driven Development (MDD) and macro-programming. Developers can use SenNet as a high-level programming abstraction to auto-generate a ready-to-deploy single node nesC code for all sensor nodes that comprise the SenNet application. SenNet gives developers the flexibility they need by offering them a broad range of predefined monitoring tasks and activities, enabling developers to develop different application types such as Sense-Forward (SF), and Event-Triggered (ET); besides providing a set of node-level and in-network data processing tasks. The current SenNet version is configured to generate nesC code, yet SenNet can be set up to produce and generate any programming language such as Java, or C++, by reconfiguring the code generator to produce the new language format, without changing the language design and produced semantics. Various tests and user study have been used to evaluate SenNet’s usability and functional suitability. Evaluation results found that SenNet could save 88.45% of the LOC required to be programmed by a developer, and 87.14% of the required vocabularies. Furthermore, results showed that SenNet could save 92.86% and 96.47% of the program length and volume respectively. Most of the user study participants (96%) found SenNet to be usable and helps to achieve the required WSN application with reduced development effort. Moreover, 82% of the participants believe that SenNet is functionally suitable for WSN application development. Two real-world business case studies developed were used to assess SenNet’s appropriateness to develop WSN real applications, and how it can be used to develop applications related to data processing tasks. Based on the final evaluation results, it can be concluded that our research has been successful in introducing SenNet as a new abstraction to reduce complexity in the WSN application development process

INFORMATION SECURITY IN AGILE SOFTWARE DEVELOPMENT PROJECTS: A CRITICAL SUCCESS FACTOR PERSPECTIVE

The importance of information security in software development projects is long recognised, with many comprehensive standards and procedures in use to provide assurance of information security. The agile development paradigm conflicts with traditional security assurance by emphasising the delivery of functional requirements and a reduction in structured and linear development styles. Through a series of thirteen qualitative interviews, this study identifies practices that address this problem which have been successfully adopted by agile practitioners. The findings present four categories of practices – organisational, team, project, and technical – and twelve critical success factors that should be explicitly considered by practitioners to assure agile security. The critical success factors provide a foundation for practitioners to strategically identify and develop best practices to embed information security in agile development projects. The identified categories also highlight the importance of agile security practices centring around individuals and culture and contributes to the literature by providing a representation of agile security practices that encompasses a broad range of focal areas

Modelo de privacidad digital en inteligencia ambiental basado en sistemas multiagente

El gran desarrollo de las Tecnologías de la Información y la Comunicación utilizadas en los dominios de aplicación de la Inteligencia Ambiental (AmI), ocurrido en la última década, nos sitúa inmersos en los llamados entornos inteligentes, rodeados de una extensa variedad de dispositivos y tecnologías con capacidad de adquirir, almacenar y transmitir nuestra información personal. La complejidad y volumen de los sistemas involucrados en las aplicaciones desarrolladas en Inteligencia Ambiental hacen que seamos incapaces de conocer y controlar toda la información que estos sistemas son capaces de adquirir y transmitir, tanto si esta información ha sido proporcionada por nosotros directamente, como si ha sido adquirida de forma indirecta por otros sistemas sin nuestro conocimiento; lo que pone en riesgo la protección de nuestro derecho a la privacidad. Considerando que, el principal objetivo de la Inteligencia Ambiental es el de ofrecernos diferentes tipos de servicios personalizados en cualquier lugar y en todo momento, facilitándonos así la realización de nuestras actividades cotidianas, se ha llevado a cabo un estudio sobre las aplicaciones desarrolladas en AmI, que ha revelado la necesidad de incluir las cuestiones de tipo social y ético en el diseño del AmI, destacando entre ellas la privacidad por ser uno de los derechos fundamentales de las personas, como así queda reflejado en la Declaración Universal de los Derechos Humanos (Artículo 12). Por ello, para el verdadero desarrollo y aceptación de la Inteligencia Ambiental deberá considerarse no solo los aspectos tecnológicos, sino que, resulta fundamental tener en cuenta las implicaciones sociales y éticas. Esta es la idea del concepto “Design by Privacy” que se ha utilizado en la investigación realizada. En base a este concepto, se han establecido las políticas de privacidad del usuario según los dominios de aplicación del AmI. Partiendo de la base de que sean las propias técnicas utilizadas en AmI las que ayuden a proteger nuestra información personal, se han utilizado los agentes de los modelos de confianza como herramienta para determinar los derechos de privacidad que deben cumplir los agentes en sus comunicaciones, y que ha servido para decidir con quién compartimos nuestras opiniones privadas, minimizando de esta forma los riesgos de la privacidad de nuestra información al interaccionar con los servicios ofrecidos por las aplicaciones del AmI. Así pues, el motivo de investigación de esta tesis es el de presentar un Modelo de Privacidad Digital basado en Sistemas Multiagente, que nos ayudará a decidir en quién confiar a la hora de compartir nuestras opiniones privadas. Este modelo ha sido implementado para su validación en el entorno de experimentación del ART testbed (Agent Reputation and Trust), en el que el dominio de aplicación del AmI es el relacionado con la tasación de cuadros o pinturas de arte. Una vez implementada la manera de decidir con quién compartimos nuestra información privada, y con el fin de controlar el cumplimiento de los derechos de privacidad que se han establecido en las comunicaciones entre los agentes, se han formalizado las posibles infracciones sobre los derechos de privacidad utilizando la Institución Electrónica “Islander” como herramienta de especificación de las normas y sanciones correspondientes que deben cumplir los agentes en sus comunicaciones.The great development of Information and Communication Technologies used in the domains of application of Ambient Intelligence, which has taken place in the last decade, places us immersed in intelligent environments surrounded by a wide variety of devices and Technologies with the ability to acquire, store and transmit our personal information. The complexity and volume of the systems involved in the applications developed in Environmental Intelligence mean that we are unable to know and control all the information that these systems are able to acquire and transmit, whether this information has been provided by us directly, or whether it has Been acquired indirectly by other systems without our knowledge; Which puts at risk the protection of our right to privacy. Considering that the main objective of Environmental Intelligence is to offer different types of personalized services in any place and at all times, facilitating us to carry out our daily activities, a study has been carried out on the applications developed in AmI, which has revealed the need to take into account social and ethical issues in the design of the AmI, highlighting among them the privacy as one of the fundamental rights of the people, as reflected in the Universal Declaration of Human Rights (Article 12). For that reason, for the true development and acceptance of Ambient Intelligence, not only the technological aspects must be taken into account, but it is fundamental to consider the social and ethical implications. This is the idea of the concept "Design by Privacy" that has been used on the research carried out. Based on this concept, user privacy policies have been established and should be taken into account in the AmI application domains. Based on the idea that the techniques used in AmI are those that help protect our personal information, the agents with a trust model have been used as a tool to determine the privacy rights that agents must comply with in their communications, and that has served to decide with whom we share our private opinions, thus minimizing the risks of privacy of our information when interacting with the services offered by AmI applications. Therefore, the aim of the research of this thesis is to present a Digital Privacy Model based on Multi-Agent Systems, which will help us to decide who to trust when sharing our private opinions. This model has been implemented for validation in the experimental environment of the ART testbed (Agent Reputation and Trust), in which the domain of the AmI application, is the one related with the evaluation of art pictures. Once the way to decide with whom we share our private information has been implemented, and in order to control the compliance with the privacy rights established in the communications between the agents, possible violations of privacy rights have been formalized using the Electronic Institution "Islander" as a tool for specifying the standards and corresponding sanctions that agents must comply with in their communications.Programa Oficial de Doctorado en Ciencia y Tecnología InformáticaPresidente: Jesús García Herrero.- Secretario: Clara Benac Earle.- Vocal: Ana María Bernardos Barboll