490,877 research outputs found
Semantic Similarity-Based Clustering of Findings From Security Testing Tools
Over the last years, software development in domains with high security
demands transitioned from traditional methodologies to uniting modern
approaches from software development and operations (DevOps). Key principles of
DevOps gained more importance and are now applied to security aspects of
software development, resulting in the automation of security-enhancing
activities. In particular, it is common practice to use automated security
testing tools that generate reports after inspecting a software artifact from
multiple perspectives. However, this raises the challenge of generating
duplicate security findings. To identify these duplicate findings manually, a
security expert has to invest resources like time, effort, and knowledge. A
partial automation of this process could reduce the analysis effort, encourage
DevOps principles, and diminish the chance of human error. In this study, we
investigated the potential of applying Natural Language Processing for
clustering semantically similar security findings to support the identification
of problem-specific duplicate findings. Towards this goal, we developed a web
application for annotating and assessing security testing tool reports and
published a human-annotated corpus of clustered security findings. In addition,
we performed a comparison of different semantic similarity techniques for
automatically grouping security findings. Finally, we assess the resulting
clusters using both quantitative and qualitative evaluation methods.Comment: Accepted to ICNLSP 202
Robust factor analysis in the presence of normality violations, missing data, and outliers: Empirical questions and possible solutions
Although a mainstay of psychometric methods, several reviews suggest factor analysis is often applied without testing whether data support it, and that decision-making process or guiding principles providing evidential support for FA techniques are seldom reported. Researchers often defer such decision-making to the default settings on widely-used software packages, and unaware of their limitations, might unwittingly misuse FA. This paper discusses robust analytical alternatives for answering nine important questions in exploratory factor analysis (EFA), and provides R commands for running complex analysis in the hope of encouraging and empowering substantive researchers on a journey of discovery towards more knowledgeable and judicious use of robust alternatives in FA. It aims to take solutions to problems like skewness, missing values, determining the number of factors to extract, and calculation of standard errors of loadings, and make them accessible to the general substantive researcher
An ontology of agile aspect oriented software development
Both agile methods and aspect oriented programming (AOP) have emerged in recent years as new paradigms in software development. Both promise to free the process of building software systems from some of the constraints of more traditional approaches. As a software engineering approach on the one hand, and a software development tool on the other, there is the potential for them to be used in conjunction. However, thus far, there has been little interplay between the two. Nevertheless, there is some evidence that there may be untapped synergies that may be exploited, if the appropriate approach is taken to integrating AOP with agile methods. This paper takes an ontological approach to supporting this integration, proposing ontology enabled development based on an analysis of existing ontologies of aspect oriented programming, a proposed ontology of agile methods, and a derived ontology of agile aspect oriented development
CoFeD: A visualisation framework for comparative quality evaluation
Evaluation for the purpose of selection can be a challenging task particularly when there is a plethora of choices available. Short-listing, comparisons and eventual choice(s) can be aided by visualisation techniques. In this paper we use Feature Analysis, Tabular and Tree Representations and Composite Features Diagrams (CFDs) for profiling user requirements and for top-down profiling and evaluation of items (methods, tools, techniques, processes and so on) under evaluation. The resulting framework CoFeD enables efficient visual comparison and initial short-listing. The second phase uses bottom-up quantitative evaluation which aids the elimination of the weakest items and hence the effective selection of the most appropriate item.
The versatility of the framework is illustrated by a case study comparison and evaluation of two agile methodologies. The paper concludes with limitations and indications of further work
Recommended from our members
Software development methods and usability: Perspectives from a survey in the software industry in Norway
This paper investigates the relationship between traditional software development methodologies and usability. The point of departure is the assumption that two important disciplines in software development, one of software development methods (SDMs) and one of usability work, are not integrated in industrial software projects. Building on previous research we investigate two questions; (1) Will software companies generally acknowledge the importance of usability, but not prioritise it in industrial projects? and (2) To what degree are software development methods and usability perceived by practitioners as being integrated? To this end a survey in the Norwegian IT industry was conducted. From a sample of 259 companies we received responses from 78 companies. In response to our first research question, our findings show that although there is a positive bias towards usability, the importance of usability testing is perceived to be much less than that of usability requirements. Given the strong time and cost pressures associated with the software industry, we believe that these results highlight that there is a gap between intention and reality. Regarding our second research question our survey revealed that companies perceive usability and software development methods to be integrated. This is in contrast to earlier research, which, somewhat pessimistically, has argued for the existence of two different cultures, one of software development and one of usability. The findings give hope for the future, in particular because the general use of system development methods are pragmatic and adaptable
An Investigation into Mobile Based Approach for Healthcare Activities, Occupational Therapy System
This research is to design and optimize the high quality of mobile apps, especially for iOS. The objective of this research is to develop a mobile system for Occupational therapy specialists to access and retrieval information. The investigation identifies the key points of using mobile-D agile methodology in mobile application development. It considers current applications within a different platform. It achieves new apps (OTS) for the health care activities
- âŠ