Distributed Sensor Logging: As Easy as a Mesh of Yoyos

This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.The Mass Gathering Data Acquisition and Analysis (MaGDAA) project involved the development of hardware and software solutions to facilitate the rapid and effective collection of autonomous and survey based data during mass gathering events. The aim of the project was the development and trial of a purpose-built Open Hardware based environment monitoring sensor prototypes using IOIO (pronounced “yoyo”) boards. Data from these sensors, and other devices, was collected using Open Source software running on Android powered mobile phones, tablets and other open hardware based platforms. Data was shared using a Wi-Fi mesh network based on an Open Source project called The Serval Project. Additional data in the form of survey based questionnaires were collected using ODK Collect, one of the applications in the Open Data Kit suite. The MaGDAA project demonstrated that it is possible for researchers (through the use of Open Source software and Open Hardware) to own, visualise, and share data without the difficulties of setting up and maintaining servers. MaGDAA proved to be an effective infrastructure independent sensor logging network that enables a broad range of data collection (demographic, predispositions, motivations, psychosocial and environmental influencers and modifiers of audience behaviour, cultural value) in the field of mass gathering research

Servicios de tiempo real en el sistema operativo Android

Debido a la gran expansión y crecimiento de Android el interés por utilizar este sistema operativo en entornos de tiempo real es cada vez mayor. En este trabajo se describen una serie de mecanismos proporcionados por el siste-ma operativo Android/Linux mediante los cuales es posible aislar uno o más núcleos de un multiprocesador simétrico para ser utilizados exclusivamente por tareas con requisitos temporales. Gracias a los mecanismos de aislamiento, la tasa de interferencias sufridas por las tareas con requisitos temporales respecto a otras tareas o aplicaciones que se ejecutan en el sistema operativo es muy baja. Un segundo aspecto en el que se mejora el comportamiento de tiempo real del sistema operativo Android está relacionado con las limitaciones para tiempo real de la librería bionic (modificación de glibc para Android). Para solventar estas limitaciones se ha utilizado la librería glibc incluida en la distribución es-tándar de Linux. Se han realizado una serie de tests que demuestran que la libre-ría tradicional funciona correctamente en Android. Asimismo se ha llevado a cabo la caracterización temporal de Android/glibc para las funciones más rele-vantes de POSIX para tiempo real observándose que la respuesta temporal del sistema es apropiada para aplicaciones de tiempo real laxo.Este trabajo ha sido financiado parcialmente por el Gobierno de España con referencia TIN2014-56158-C4-2-P (M2C2) y por el programa de becas predoctorales de la Universidad de Cantabria

An Economic Study of the Effect of Android Platform Fragmentation on Security Updates

Vendors in the Android ecosystem typically customize their devices by modifying Android Open Source Project (AOSP) code, adding in-house developed proprietary software, and pre-installing third-party applications. However, research has documented how various security problems are associated with this customization process. We develop a model of the Android ecosystem utilizing the concepts of game theory and product differentiation to capture the competition involving two vendors customizing the AOSP platform. We show how the vendors are incentivized to differentiate their products from AOSP and from each other, and how prices are shaped through this differentiation process. We also consider two types of consumers: security-conscious consumers who understand and care about security, and na\"ive consumers who lack the ability to correctly evaluate security properties of vendor-supplied Android products or simply ignore security. It is evident that vendors shirk on security investments in the latter case. Regulators such as the U.S. Federal Trade Commission have sanctioned Android vendors for underinvestment in security, but the exact effects of these sanctions are difficult to disentangle with empirical data. Here, we model the impact of a regulator-imposed fine that incentivizes vendors to match a minimum security standard. Interestingly, we show how product prices will decrease for the same cost of customization in the presence of a fine, or a higher level of regulator-imposed minimum security.Comment: 22nd International Conference on Financial Cryptography and Data Security (FC 2018

Translating Video Recordings of Mobile App Usages into Replayable Scenarios

Screen recordings of mobile applications are easy to obtain and capture a wealth of information pertinent to software developers (e.g., bugs or feature requests), making them a popular mechanism for crowdsourced app feedback. Thus, these videos are becoming a common artifact that developers must manage. In light of unique mobile development constraints, including swift release cycles and rapidly evolving platforms, automated techniques for analyzing all types of rich software artifacts provide benefit to mobile developers. Unfortunately, automatically analyzing screen recordings presents serious challenges, due to their graphical nature, compared to other types of (textual) artifacts. To address these challenges, this paper introduces V2S, a lightweight, automated approach for translating video recordings of Android app usages into replayable scenarios. V2S is based primarily on computer vision techniques and adapts recent solutions for object detection and image classification to detect and classify user actions captured in a video, and convert these into a replayable test scenario. We performed an extensive evaluation of V2S involving 175 videos depicting 3,534 GUI-based actions collected from users exercising features and reproducing bugs from over 80 popular Android apps. Our results illustrate that V2S can accurately replay scenarios from screen recordings, and is capable of reproducing $\approx$ 89% of our collected videos with minimal overhead. A case study with three industrial partners illustrates the potential usefulness of V2S from the viewpoint of developers.Comment: In proceedings of the 42nd International Conference on Software Engineering (ICSE'20), 13 page

Overcoming Language Dichotomies: Toward Effective Program Comprehension for Mobile App Development

Mobile devices and platforms have become an established target for modern software developers due to performant hardware and a large and growing user base numbering in the billions. Despite their popularity, the software development process for mobile apps comes with a set of unique, domain-specific challenges rooted in program comprehension. Many of these challenges stem from developer difficulties in reasoning about different representations of a program, a phenomenon we define as a "language dichotomy". In this paper, we reflect upon the various language dichotomies that contribute to open problems in program comprehension and development for mobile apps. Furthermore, to help guide the research community towards effective solutions for these problems, we provide a roadmap of directions for future work.Comment: Invited Keynote Paper for the 26th IEEE/ACM International Conference on Program Comprehension (ICPC'18

Continuous, Evolutionary and Large-Scale: A New Perspective for Automated Mobile App Testing

Mobile app development involves a unique set of challenges including device fragmentation and rapidly evolving platforms, making testing a difficult task. The design space for a comprehensive mobile testing strategy includes features, inputs, potential contextual app states, and large combinations of devices and underlying platforms. Therefore, automated testing is an essential activity of the development process. However, current state of the art of automated testing tools for mobile apps poses limitations that has driven a preference for manual testing in practice. As of today, there is no comprehensive automated solution for mobile testing that overcomes fundamental issues such as automated oracles, history awareness in test cases, or automated evolution of test cases. In this perspective paper we survey the current state of the art in terms of the frameworks, tools, and services available to developers to aid in mobile testing, highlighting present shortcomings. Next, we provide commentary on current key challenges that restrict the possibility of a comprehensive, effective, and practical automated testing solution. Finally, we offer our vision of a comprehensive mobile app testing framework, complete with research agenda, that is succinctly summarized along three principles: Continuous, Evolutionary and Large-scale (CEL).Comment: 12 pages, accepted to the Proceedings of 33rd IEEE International Conference on Software Maintenance and Evolution (ICSME'17