2,164 research outputs found
Automated Data for DevSecOps Programs
Excerpt from the Proceedings of the Nineteenth Annual Acquisition Research SymposiumAutomation in DevSecOps (DSO) transforms the practice of building, deploying, and managing software intensive programs. Although this automation supports continuous delivery and rapid builds, the persistent manual collection of information delays (by weeks) the release of program status metrics and the decisions they are intended to inform. Emerging DSO metrics (e.g., deployment rates, lead times) provide insight into how software development is progressing but fall short of replacing program control metrics for assessing progress (e.g., burn rates against spend targets, integration capability tar-get dates, and schedule for the minimum viable capability release). By instrumenting the (potentially in-teracting) DSO pipelines and supporting environments, the continuous measurement of status, identifica-tion of emerging risks, and probabilistic projections are possible and practical. In this paper, we discuss our research on the information modeling, measurement, metrics, and indicators necessary to establish a continuous program control capability that can keep pace with DSO management needs. We discuss the importance of interactive visualization dashboards for addressing program information needs. We also identify and address the gaps and barriers in the current state of the practice. Finally, we recommend future research needs based on our initial findings.Approved for public release; distribution is unlimited
Automated Data for DevSecOps Programs
Excerpt from the Proceedings of the Nineteenth Annual Acquisition Research SymposiumAutomation in DevSecOps (DSO) transforms the practice of building, deploying, and managing software intensive programs. Although this automation supports continuous delivery and rapid builds, the persistent manual collection of information delays (by weeks) the release of program status metrics and the decisions they are intended to inform. Emerging DSO metrics (e.g., deployment rates, lead times) provide insight into how software development is progressing but fall short of replacing program control metrics for assessing progress (e.g., burn rates against spend targets, integration capability tar-get dates, and schedule for the minimum viable capability release). By instrumenting the (potentially in-teracting) DSO pipelines and supporting environments, the continuous measurement of status, identifica-tion of emerging risks, and probabilistic projections are possible and practical. In this paper, we discuss our research on the information modeling, measurement, metrics, and indicators necessary to establish a continuous program control capability that can keep pace with DSO management needs. We discuss the importance of interactive visualization dashboards for addressing program information needs. We also identify and address the gaps and barriers in the current state of the practice. Finally, we recommend future research needs based on our initial findings.Approved for public release; distribution is unlimited
Implementation of Business Intelligence on Banking, Retail, and Educational Industry
Information technology is useful to automate business process involving considerable data transaction in the daily basis. Currently, companies have to tackle large data transaction which is difficult to be handled manually. It is very difficult for a person to manually extract useful information from a large data set despite of the fact that the information may be useful in decision-making process. This article studied and explored the implementation of business intelligence in banking, retail, and educational industries. The article begins with the exposition of business intelligence role in the industries; is followed by an illustration of business intelligence in the industries and finalized with the implication of business intelligence implementation
A Situational Awareness Dashboard for a Security Operations Center
As a result of this dissertation, a solution was developed which would provide visibility
into an institution’s security posture and its exposure to risk. Achieving this required
the development of a Situational Awareness Dashboard in a cybersecurity context. This
Dashboard provides a unified point of view where workers ranging from analysts to
members of the executive board can consult and interact with a visual interface that
aggregates a set of strategically picked metrics. These metrics provide insight regarding
two main topics, the performance and risk of the organization’s Security Operations
Center (SOC).
The development of the dashboard was performed while working with the multinational
enterprise entitled EY. During this time frame, two dashboards were developed
one for each of two of EY’s clients inserted in the financial sector. Even though the first
solution did not enter production, hence not leaving testing, the dashboard that was developed
for the second client successfully was delivered fulfilling the set of objectives
that were proposed initially.
One of those objectives was enabling the solution to be as autonomous and selfsustained
as possible, through its system architecture. Despite having different architectural
components, both solutions were based on the same three-layered model. Whereas
the first component runs all data ingestion, parsing and transformation operations, the
second is in charge of the storage of said information into a database. Finally, the last
component, possibly the most important one, is the visualization software tasked with
displaying the previous information into actionable intelligence through the power of
data visualization.
All in all, the key points listed above converged into the development of a Situational
Awareness Dashboard which ultimately allows organizations to have visibility into the
SOC’s activities, as well as a perception of the performance and associated risks it faces.Como resultado desta dissertação, foi desenvolvida uma solução que proporcionaria visibilidade
sobre a postura de segurança de uma instituição e sua exposição ao risco. Para
tal foi necessário o desenvolvimento de um Situational Awareness Dashboard num contexto
de cibersegurança. Este Dashboard pretende fornecer um ponto de vista unificado
onde os trabalhadores, desde analistas a membros do conselho executivo, podem consultar
e interagir com uma interface visual que agrega um conjunto de métricas escolhidas
estrategicamente. Essas métricas fornecem informações sobre dois tópicos principais, o
desempenho e o risco do Security Operations Center (SOC) da organização.
O desenvolvimento do Dashboard foi realizado em parceria com a empresa multinacional
EY. Nesse perĂodo, foram desenvolvidos dois dashboards, um para cada um dos dois
clientes da EY inseridos no setor financeiro. Apesar de a primeira solução não ter entrado
em produção, não saindo de teste, o painel que foi desenvolvido para o segundo cliente
foi entregue com sucesso cumprindo o conjunto de objetivos inicialmente proposto.
Umdesses objetivos era permitir que a solução fosse o mais autónoma e auto-sustentável
possĂvel, atravĂ©s da sua arquitetura de sistema. Apesar de terem diferentes componentes
arquiteturais, ambas as soluções foram baseadas no mesmo modelo de três camadas.
Enquanto a primeiro componente executa todas as operações de ingestão, análise e transformação
de dados, a segundo é responsável pelo armazenamento dessas informações
numa base de dados. Finalmente, o Ăşltimo componente, possivelmente o mais importante,
é o software de visualização encarregue em exibir as informações anteriores em
inteligência acionável através do poder da visualização de dados.
Em suma, os pontos-chave listados acima convergiram no desenvolvimento de um
Situational Awareness Dashboard que, em última análise, permite que as organizações
tenham visibilidade das atividades do SOC, bem como uma percepção do desempenho e
dos riscos que esta enfrenta
Knowledge visualizations: a tool to achieve optimized operational decision making and data integration
The overabundance of data created by modern information systems (IS) has led to a breakdown in cognitive decision-making. Without authoritative source data, commanders’ decision-making processes are hindered as they attempt to paint an accurate shared operational picture (SOP). Further impeding the decision-making process is the lack of proper interface interaction to provide a visualization that aids in the extraction of the most relevant and accurate data. Utilizing the DSS to present visualizations based on OLAP cube integrated data allow decision-makers to rapidly glean information and build their situation awareness (SA). This yields a competitive advantage to the organization while in garrison or in combat. Additionally, OLAP cube data integration enables analysis to be performed on an organization’s data-flows. This analysis is used to identify the critical path of data throughout the organization. Linking a decision-maker to the authoritative data along this critical path eliminates the many decision layers in a hierarchal command structure that can introduce latency or error into the decision-making process. Furthermore, the organization has an integrated SOP from which to rapidly build SA, and make effective and efficient decisions.http://archive.org/details/knowledgevisuali1094545877Outstanding ThesisOutstanding ThesisMajor, United States Marine CorpsCaptain, United States Marine CorpsApproved for public release; distribution is unlimited
INSPIRE Newsletter Spring 2022
https://scholarsmine.mst.edu/inspire-newsletters/1010/thumbnail.jp
Designing Malleable Cyberinfastructure to Breach the Golden Barrier
Design research perspectives may have a great deal of insights to offer emergency response researchers. We consider man-made and natural disasters as events that often require rapid change to existing institutionalized technical, social, and cultural support structure—a fundamental problem for static systems. Built infrastructure such as electric power and telecommunications or emergency response systems such as fire, police, and National Guard all have static information systems that are tailored to their specific needs. These specialized systems are typical of those developed as a result of applying traditional information systems design theory. They are designed to control domain specific variables and mitigate a specific class of constraints derived from a wellarticulated environment with firm application boundaries. Therefore, typical mission-critical Information and Communication Infrastructure (ICTI) technologies empower knowledge workers with the ability to change current environmental events to ensure safety and security. Disasters create situations that are challenging for typical designs because a disaster erodes control and raises unexpected constraints during an emerging set of circumstances. The unpredictable circumstances of disasters demonstrate that current emergency response ICTI systems are ill equipped to rapidly evolve in concert to address the full scale and scope of such complex problems. A phenomenon found in the treatment of trauma victims, the Golden Trauma Time Interval, is generalized in this paper to all emergencies in order to inform designers of the next generation ICTI. This future ICTI or “Cyberinfrastructure” can provide the essential foundation necessary to dynamically adapt conventional ICTI into a configuration suitable for use during disasters. However, Cyberinfrastructure will suffice only if it can be sufficiently evolved as an Integrated Information Infrastructure (I3 ) that addresses the common sociotechnical factors in these domains. This paper describes fundamental design concepts derived from interdisciplinary theoretical constructs used to inform the creation of a framework to model “complex adaptive systems” (CAS) of which emergency response infrastructural systems and I3 are instances. In previous work, CAS was synthesized with software architecture concepts to arrive at a design approach for the electric power grid’s I3. We will present some of the foundational concepts of CAS that are useful for the future design and development of a Cyberinfrastructure. The ICTI may exist today in a raw form to accomplish the task, but further ICTI design research is required to pinpoint critical inhibitors to its evolution. Also, social, organizational, and institutional issues pertaining to this research will be highlighted as emergency response system design factors needing further consideration. For example, this discussion infers a resolution to the basic tradeoff between personal privacy rights and public safety
Empirical evaluation of a process to increase consensus in group architectural decision making
CONTEXT : Many software architectural decisions are group decisions rather than decisions made by individuals. Consensus in a group of decision makers increases the acceptance of a decision among decision makers and their confidence in that decision. Furthermore, going through the process of reaching consensus means that decision makers understand better the decision (including the decision topic, decision options, rationales, and potential outcomes). Little guidance exists on how to increase consensus in group architectural decision making.
OBJECTIVE : We evaluate how a newly proposed process (named GADGET) helps architects increase consensus when making group architectural decisions. Specifically, we investigate how well GADGET increases consensus in group architectural decision making, by understanding its practical applicability, and by comparing GADGET against group architectural decision making without using any prescribed approach.
METHOD : We conducted two empirical studies. First, we conducted an exploratory case study to understand the practical applicability of GADGET in industry. We investigated whether there is a need to increase consensus, the effort and benefits of GADGET, and potential improvements for GADGET. Second, we conducted an experiment with 113 students from three universities to compare GADGET against group architectural decision making without using any prescribed approach.
RESULTS : GADGET helps decision makers increase their consensus, captures knowledge on architectural decisions, clarifies the different points of view of different decision makers on the decision, and increases the focus of the group discussions about a decision. From the experiment, we obtained causal evidence that GADGET increases consensus better than group architectural decision making without using any prescribed approach.
CONCLUSIONS : There is a need to increase consensus in group architectural decisions. GADGET helps inexperienced architects increase consensus in group architectural decision making, and provides additional benefits, such as capturing rationale of decisions. Future work is needed to understand and improve other aspects of group architectural decision making.http://www.elsevier.com/locate/infsof2017-04-30hb2016Computer Scienc
- …