A systematic review on software code smells

This paper provides a systematic review of code smell detection studies published from 2001 to 2023, addressing their significance in identifying underlying issues in software systems. Through stringent inclusion criteria, 116 primary studies were analyzed, focusing on various aspects such as publication venue, code smell categories, subject systems, supported programming languages, evaluation criteria, and detection techniques. The analysis reveals that 50% of the papers were conference proceedings, with 80% utilizing Java-supported techniques and commonly used subject systems like Apache Xerces, GanttProject, and ArgoUML. Metrics-based methods (33%) and search-based approaches (32%) were predominantly employed, with machine learning emerging in 20% and rule-based methods in 15% of the studies. Notably, recent studies have shown an increased adoption of machine learning techniques. The identified code smells include god class, feature envy, long method, and data class, with precision and recall being the most commonly used evaluation metrics. This review aims to inform future research directions and aid the software engineering community in developing novel detection techniques to enhance code quality and system reliability

ConfIs: a tool for privacy and security analysis and conflict resolution for supporting GDPR compliance through privacy-by-design.

Privacy and security requirements, and their potential conflicts, are increasingly having more and more importance. It is becoming a necessary part to be considered, starting from the very early stages of requirements engineering, and in the entire software engineering cycle, for the design of any software system. In the last few years, this has been even more emphasized and required by the law. A relevant example is the case of the General Data Protection Regulation (GDPR), which requires organizations, and their software engineers, to enforce and guarantee privacy-by-design to make their platforms compliant with the regulation. In this context, complex activities related to privacy and security requirements elicitation, analysis, mapping and identification of potential conflicts, and the individuation of their resolution, become crucial. In the literature, there is not available a comprehensive requirement engineering oriented tool for supporting the requirements analyst. In this paper, we propose ConfIs, a tool for supporting the analyst in performing a process covering these phases in a systematic and interactive way. We present ConfIs and its process with a realistic example from DEFeND, an EU project aiming at supporting organizations in achieving GDPR compliance. In this context, we evaluated ConfIs by involving privacy/security requirements experts, which recognized our tool and method as supportive, concerning these complex activities

A Data Scope Management Service to Support Privacy by Design and GDPR Compliance

In order to empower user data protection and user rights, the European General Data Protection Regulation (GDPR) has been enforced. On the positive side, the user is obtaining advantages from GDPR. However, organisations are facing many difficulties in interpreting GDPR, and to properly applying it, and, in the meanwhile, due to their lack of compliance, many organisations are receiving huge fines from authorities. An important challenge is compliance with the Privacy by Design and by default (PbD) principles, which require that data protection is integrated into processing activities and business practices from the design stage. Recently, the European Data Protection Board (EDPB) released an official document with PbD guidelines, and there are various efforts to provide approaches to support these. However, organizations are still facing difficulties in identifying a flow for executing, in a coherent, linear and effective way, these activities, and a complete toolkit for supporting this. In this paper, we propose the design of such flow, and our comprehensive supporting toolkit, as part of the DEFeND EU Project platform. Within DEFeND, we identified candidate tools, fulfilling specific GDPR aspects, and integrated them in a comprehensive toolkit: the DEFeND Data Scope Management service (DSM). The aim of DSM is to support organizations for continuous GDPR compliance through model-based Privacy by Design analysis. Here, we present DSM, its design, flow, and a preliminary case study and evaluation performed with pilots from the healthcare, banking, public administration and energy sectors

DEFeND architecture: a privacy by design platform for GDPR compliance.

The advent of the European General Data Protection Regulation (GDPR) imposes organizations to cope with radical changes concerning user data protection paradigms. GDPR, by promoting a Privacy by Design approach, obliges organizations to drastically change their methods regarding user data acquisition, management, processing, as well as data breaches monitoring, notification and preparation of prevention plans. This enforces data subjects (e.g., citizens, customers) rights by enabling them to have more information regarding usage of their data, and to take decisions (e.g., revoking usage permissions). Moreover, organizations are required to trace precisely their activities on user data, enabling authorities to monitor and sanction more easily. Indeed, since GDPR has been introduced, authorities have heavily sanctioned companies found as not GDPR compliant. GDPR is difficult to apply also for its length, complexity, covering many aspects, and not providing details concerning technical and organizational security measures to apply. This calls for tools and methods able to support organizations in achieving GDPR compliance. From the industry and the literature, there are many tools and prototypes fulfilling specific/isolated GDPR aspects, however there is not a comprehensive platform able to support organizations in being compliant regarding all GDPR requirements. In this paper, we propose the design of an architecture for such a platform, able to reuse and integrate peculiarities of those heterogeneous tools, and to support organizations in achieving GDPR compliance. We describe the architecture, designed within the DEFeND EU project, and discuss challenges and preliminary benefits in applying it to the healthcare and energy domains

The development and validation of a scoring tool to predict the operative duration of elective laparoscopic cholecystectomy.

Peer reviewe

A framework for privacy and security requirements analysis and conflict resolution for supporting GDPR compliance through privacy-by-design.

Requirements elicitation, analysis, and, above all, early detection of conflicts and resolution, are among the most important, strategic, complex and crucial activities for preventing software system failures, and reducing costs related to reengineering/fixing actions. This is especially important when critical Requirements Classes are involved, such as Privacy and Security Requirements. Recently, organisations have been heavily fined for lack of compliance with data protection regulations, such as the EU General Data Protection Regulation (GDPR). GDPR requires organisations to enforce privacy-by-design activities from the early stages and for the entire software engineering cycle. Accordingly, requirements engineers need methods and tools for systematically identifying privacy and security requirements, detecting and solving related conflicts. Existing techniques support requirements identification without detecting or mitigating conflicts. The framework and tool we propose in this paper, called ConfIs, fills this gap by supporting engineers and organisations in these complex activities, with its systematic and interactive process. We applied ConfIs to a realistic GDPR example from the DEFeND EU Project, and evaluated its supportiveness, with positive results, by involving privacy and security requirements experts (This research is an extension of the study conducted by ALKUBAISY, D., PIRAS, L., AL-OBEIDALLAH, M.G., COX, K. and MOURATIDIS, H. 2021. ConfIs: a tool for privacy and security analysis and conflict resolution for supporting GDPR compliance through privacy-by-design [https://doi.org/10.5220/0010406100800091])

Exploring students’ perceptions of the design and use of the Moodle learning management system

Universities have been utilizing various synchronous and asynchronous methods embedded in digital learning tools to continue the teaching-learning process. Among these tools, known as learning management systems (LMSs), Moodle holds a distinct position due to its scalability, user-friendliness, and ease of use. However, despite its widespread adoption, there is a lack of focused research evaluating factors that influence Moodle adoption and usage in university environments, particularly in developed countries. This lack of investigation is critical because even minor usability shortcomings can lead to reduced student engagement, lower satisfaction, and hindered educational outcomes. Therefore, there is a pressing need to explore students' experiences and feedback regarding Moodle's design, layout, and overall usability to enhance its effectiveness and better align with contemporary educational demands. In this study, we collected students' insights regarding the design and layout features of the Moodle system and whether these features play a decisive role in the adoption or discontinuation of the Moodle LMS. An open-ended questionnaire was used to collect the opinions of 103 university students who were enrolled in several courses conducted online using Moodle as the primary LMS. Qualitative data analysis was conducted and seven major themes related to the factors influencing the success of the Moodle LMS were identified. Key findings reveal that usability issues, such as system features and content design quality, significantly hinder student experiences, while positive aspects, such as overall satisfaction and usefulness, highlight areas of strength. The implications for educators, system administrators, and policymakers are discussed, along with limitations and future research directions. This study not only addresses a critical gap in the literature but also offers practical insights for enhancing LMS effectiveness in e-learning environments

A Data Scope Management Service to Support Privacy by Design and GDPR Compliance

In order to empower user data protection and user rights, the European General Data Protection Regulation (GDPR) has been enforced. On the positive side, the user is obtaining advantages from GDPR. However, organisations are facing many difficulties in interpreting GDPR, and to properly applying it, and, in the meanwhile, due to their lack of compliance, many organisations are receiving huge fines from authorities. An important challenge is compliance with the Privacy by Design and by default (PbD) principles, which require that data protection is integrated into processing activities and business practices from the design stage. Recently, the European Data Protection Board (EDPB) released an official document with PbD guidelines, and there are various efforts to provide approaches to support these. However, organizations are still facing difficulties in identifying a flow for executing, in a coherent, linear and effective way, these activities, and a complete toolkit for supporting this. In this paper, we propose the design of such flow, and our comprehensive supporting toolkit, as part of the DEFeND EU Project platform. Within DEFeND, we identified candidate tools, fulfilling specific GDPR aspects, and integrated them in a comprehensive toolkit: the DEFeND Data Scope Management service (DSM). The aim of DSM is to support organizations for continuous GDPR compliance through model-based Privacy by Design analysis. Here, we present DSM, its design, flow, and a preliminary case study and evaluation performed with pilots from the healthcare, banking, public administration and energy sectors.</jats:p