Securely extending and running low-code applications with C#

Low-code development platforms provide an accessible infrastructure for the creation of software by domain experts, also called "citizen developers", without the need for formal programming education. Development is facilitated through graphical user interfaces, although traditional programming can still be used to extend low-code applications, for example when external services or complex business logic needs to be implemented that cannot be realized with the features available on a platform. Since citizen developers are usually not specifically trained in software development, they require additional support when writing code, particularly with regard to security and advanced techniques like debugging or versioning. In this thesis, several options to assist developers of low-code applications are investigated and implemented. A framework to quickly build code editor extensions is developed, and an approach to leverage the Roslyn compiler platform to implement custom static code analysis rules for low-code development platforms using the .NET platform is demonstrated. Furthermore, a sample application showing how Roslyn can be used to build a simple, integrated debugging tool, as well as an abstraction of the version control system Git for easier usage by citizen developers, is implemented. Security is a critical aspect when low-code applications are deployed. To provide an overview over possible options to ensure the secure and isolated execution of low-code applications, a threat model is developed and used as the basis for a comparison between OS-level virtualization, sandboxing, and runtime code security implementations

Utility of behavioural science in landscape architecture: investigating the application of environment-behaviour theory and its research methods to fit the spatial agenda of design

This thesis attempts to address the behavioural science /design `applicability gap' problem currently concerning professional academics and researchers in landscape architecture and related disciplines. Building on research carried out by others, it attempts to gain further insight into the nature of the problem, how the gap specifically relates to landscape design, how it manifests itself in the design process, and how the problem might realistically be addressed. It is argued that in order to address the gap problem in landscape architecture, it is also necessary to address the wider problem of the lack of communication and understanding between research and design spheres. Therefore, the study is conducted from a combined research/design perspective. A critical review of the literature combined with project driven reflection -in- action analysis establishes a lack of compatibility of environment- behaviour theory, and its research methods, with the landscape designer's spatial approach. It is argued that there is a need for theory- building to facilitate the practical application of integrated spatial -behaviour analysis. As a result, a framework of spatial/behavioural compatible theories and concepts, and a set of practical tools and techniques, are conceptualised, and their application explored, for site survey analysis. The utility of the approach is demonstrated for embodying user needs evaluation within the design process and for providing a method for contextualising research. Finally, a shift in thinking is envisaged in which research and design approaches are reconciled

Towards the Humanisation of Programming Tool Interactions

Program analysis tools, from simple static semantic analysis by a compiler, to complex dynamic analyses of data flow and security, have become commonplace in modern day programming. Many of the simpler analyses, such as the afore- mentioned compiler checking or linters designed to enforce code style, may even go unnoticed or unconsidered by most users, ubiquitous as they are. Despite this, and despite the obvious utility that such programming tools can provide, many warnings provided by them go unheeded by programmers most of the time.There are several reasons for this phenomenon: the propensity to produce false positives undermines confidence in the validity of warnings, the tools do not in- tegrate well into the normal workflow of the developer, sometimes the warning message is simply too esoteric for most users to understand, and so on. A com- mon theme can be drawn from these reasons for ignoring the often-times very useful information given by a programming tool: the tool itself is difficult to use.In this thesis, we consider ways in which we can bridge this gap between users and tools. To do this, we draw from observations about the way in which we interact with each other in the most basic human-to-human context. Applying these lessons to a human-tool interaction allow us to examine ways in which tools may be deficient, and investigate methods for making the interaction more natural and human-like.We explore this issue by framing the interaction as a "conversation" between a human and their development environment. We then present a new programming tool, Progger, built using design principles driven by the "conversational lens" which we use to look at these interactions. After this, we present a user study using a novel low-cost methodology, aimed at evaluating the efficacy of the Progger tool. From the results of this user study, we present a new, more streamlined version of Progger, and finally investigate the way in which it can be used to direct the users attention when conducting a code comprehension exercise

Chatbots for Modelling, Modelling of Chatbots

Tesis Doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Ingeniería Informática. Fecha de Lectura: 28-03-202