The impact of situational context on software process: a case study of a very small-sized company in the online advertising domain

A primary concern of software development is selecting a suitable methodology to implement a software project. However, this selection is affected by many factors, with evidence suggesting that a specific set of factors defines a specific situational context for a project. This situational context leads to a project-specific software process. In this paper, we report on our analysis of a very small-sized company’s current software process based on a reference framework that identifies the factors of a situational context. The outcome of our case study confirms the earlier findings that a software process is highly dependent on situational factors. The company has a suitable situational context (such as very small-sized, experienced, skilled, cohesive team with low turnover) to apply agile practices and its software process is more close to an agile rather than plan-driven approach. Moreover, the company is continuously adopting its software process to the situational factors changing from project to project and over time

Met-Independent Hepatocyte Growth Factor-mediated regulation of cell adhesion in human prostate cancer cells

BACKGROUND: Prostate cancer cells communicate reciprocally with the stromal cells surrounding them, inside the prostate, and after metastasis, within the bone. Each tissue secretes factors for interpretation by the other. One stromally-derived factor, Hepatocyte Growth Factor (HGF), was found twenty years ago to regulate invasion and growth of carcinoma cells. Working with the LNCaP prostate cancer progression model, we found that these cells could respond to HGF stimulation, even in the absence of Met, the only known HGF receptor. The new HGF binding partner we find on the cell surface may help to clarify conflicts in the past literature about Met expression and HGF response in cancer cells. METHODS: We searched for Met or any HGF binding partner on the cells of the PC3 and LNCaP prostate cancer cell models, using HGF immobilized on agarose beads. By using mass spectrometry analyses and sequencing we have identified nucleolin protein as a novel HGF binding partner. Antibodies against nucleolin (or HGF) were able to ameliorate the stimulatory effects of HGF on met-negative prostate cancer cells. Western blots, RT-PCR, and immunohistochemistry were used to assess nucleolin levels during prostate cancer progression in both LNCaP and PC3 models. RESULTS: We have identified HGF as a major signaling component of prostate stromal-conditioned media (SCM) and have implicated the protein nucleolin in HGF signal reception by the LNCaP model prostate cancer cells. Antibodies that silence either HGF (in SCM) or nucleolin (on the cell surfaces) eliminate the adhesion-stimulatory effects of the SCM. Likewise, addition of purified HGF to control media mimics the action of SCM. C4-2, an LNCaP lineage-derived, androgen-independent human prostate cancer cell line, responds to HGF in a concentration-dependent manner by increasing its adhesion and reducing its migration on laminin substratum. These HGF effects are not due to shifts in the expression levels of laminin-binding integrins, nor can they be linked to expression of the known HGF receptor Met, as neither LNCaP nor clonally-derived C4-2 sub-line contain any detectable Met protein. Even in the absence of Met, small GTPases are activated, linking HGF stimulation to membrane protrusion and integrin activation. Membrane-localized nucelolin levels increase during cancer progression, as modeled by both the PC3 and LNCaP prostate cancer progression cell lines. CONCLUSION: We propose that cell surface localized nucleolin protein may function in these cells as a novel HGF receptor. Membrane localized nucleolin binds heparin-bound growth factors (including HGF) and appears upregulated during prostate cancer progression. Antibodies against nucleolin are able to ameliorate the stimulatory effects of HGF on met-negative prostate cancer cells. HGF-nucleolin interactions could be partially responsible for the complexity of HGF responses and met expression reported in the literature

Standards-based metamodel for the management of goals, risks and evidences in critical systems development

© 2016 Elsevier B.V. All rights reserved. Safety critical system development includes a wide set of techniques, methods and tools for assuring system safety. The concept of evidence is one of the key notions used to provide safety confidence to stakeholders. Safety goals must be identified during safety analysis. In addition, risks should also be considered and managed, and linked to the achievement of safety goals. This paper proposes an extension of the ISO/IEC 24744 metamodel for development methodologies in order to integrate the management of goals, risks and evidence into system development lifecycles in an ISO/IEC 15026-compliant manner that is related to the approach of assurance cases. The proposed extension is illustrated through a real-life scenario in the automotive domain where the system being developed must comply with ISO 26262, a standard in this domain. By using the proposed approach, the management of goals, risks and evidence in critical systems development is formalized and harmonized with different ISO/IEC standards, resulting in a more robust and systematic treatment of these crucial aspects

Security and Privacy Service Level Agreement composition for Internet of Things systems on top of standard controls

The growing markets of Cloud services and IoT platforms have dramatically raised system flexibility and deployment options. However, increasing complexity and dependency on third-party providers make it difficult to assess the security and privacy levels that distributed systems can offer to their users. In the last years, machine-readable Service Level Agreements (SLAs) have been studied as an optimal method for copying with security and privacy policies. Still, the computation of the SLAs of applications distributed in diverse infrastructures remains a challenging task. This paper presents a methodology to compose security SLAs (SecSLAs) and privacy SLAs (PLAs) of Cloud-based IoT applications on top of standard controls. The composition considers individual components’ SLAs and the control delegation relationships between the components with respect to different types of controls (common, system-specific or hybrid controls). Furthermore, we propose a technique to calculate the Service Level Objectives (SLO) of the controls declared in the composite SLA based on the SLOs granted by individual components. Finally, the paper presents the validation of the methodology carried out to create the SecSLAs and PLAs of a real multiCloud-based IoT application in the eHealth domain

Using the SPEM 2.0 kind-based extension mechanism to define the SPEM4MDE metamodel

The objective 1 of the OMG's standard SPEM is to propose shared concepts for describing software and even systems processes. The SPEM 2.0 metamodel proposes concepts that are quite generic to describe model-driven development processes. Indeed, the artifacts of those processes are essentially models and relationships between them are numerous (e.g. impact, matching, overlap and so on). We notice that is difficult to have a process modeling language that is suitable to define any kind of process including MDE ones. To overcome this lack, we propose in this paper an extension of SPEM4MDE based on the SPEM 2.0 kind-based extension mechanism. It allows process designer to refine SPEM concepts in order to define the model-driven processes. To illustrate our approach, the MDE-based VUML process for models composition has been used

Safety and Security Interference Analysis in the Design Stage

Safety and security engineering have been traditionally separated disciplines (e.g., different required knowledge and skills, terminology, standards and life-cycles) and operated in quasi-silos of knowledge and practices. However, the co-engineering of these two critical qualities of a system is being largely investigated as it promises the removal of redundant work and the detection of trade-offs in early stages of the product development life-cycle. In this work, we enrich an existing safety-security co-analysis method in the design stage providing capabilities for interference analysis. Reports on interference analyses are crucial to trigger co-engineering meetings leading to the trade-offs analyses and system refinements. We detail our automatic approach for this interference analysis, performed through fault trees generated from safety and security local analyses. We evaluate and discuss our approach from the perspective of two industrial case studies on the space and medical domains.The research leading to this paper has received funding from the AQUAS project (H2020-ECSEL grant agreement 737475). The ECSEL Joint Undertaking receives support from the European Union’s Horizon 2020 research and innovation programme

On the role of software quality management in software process improvement

Software Process Improvement (SPI) programs have been implemented, inter alia, to improve quality and speed of software development. SPI addresses many aspects ranging from individual developer skills to entire organizations. It comprises, for instance, the optimization of specific activities in the software lifecycle as well as the creation of organizational awareness and project culture. In the course of conducting a systematic mapping study on the state-of-the-art in SPI from a general perspective, we observed Software Quality Management (SQM) being of certain relevance in SPI programs. In this paper, we provide a detailed investigation of those papers from the overall systematic mapping study that were classified as addressing SPI in the context of SQM (including testing). From the main study’s result set, 92 papers were selected for an in-depth systematic review to study the contributions and to develop an initial picture of how these topics are addressed in SPI. Our findings show a fairly pragmatic contribution set in which different solutions are proposed, discussed, and evaluated. Among others, our findings indicate a certain reluctance towards standard quality or (test) maturity models and a strong focus on custom review, testing, and documentation techniques, whereas a set of five selected improvement measures is almost equally addressed

A multi-case study analysis of software process improvement in very small companies using ISO/IEC 29110

The ISO/IEC 29110 Lifecycle profiles for Very Small Entities is a relatively new standard aimed at addressing the particular development needs of very small companies. Due to its relative youth in the standards domain there is a lack of detailed case studies surrounding its actual deployment in industrial settings. The purpose of this paper is to disseminate the early success stories from pilot trials of this new and emerging standard. The lessons learnt from these case studies should assist the adoption of this new standard in an industrial settin