| 1. |
- Alves, Gustavo R., et al.
(författare)
-
International Cooperation for Remote Laboratory Use
- 2018
-
Ingår i: Contributions to Higher Engineering Education. - Singapore : Springer. - 9789811089176 ; , s. 1-31
-
Bokkapitel (refereegranskat)abstract
- Experimenting is fundamental to the training process of all scientists and engineers. While experiments have been traditionally done inside laboratories, the emergence of Information and Communication Technologies added two alternatives accessible anytime, anywhere. These two alternatives are known as virtual and remote laboratories and are sometimes indistinguishably referred as online laboratories. Similarly to other instructional technologies, virtual and remote laboratories require some effort from teachers in integrating them into curricula, taking into consideration several factors that affect their adoption (i.e., cost) and their educational effectiveness (i.e., benefit). This chapter analyzes these two dimensions and sustains the case where only through international cooperation it is possible to serve the large number of teachers and students involved in engineering education. It presents an example in the area of electrical and electronics engineering, based on a remote laboratory named Virtual Instruments System in Reality, and it then describes how a number of European and Latin American institutions have been cooperating under the scope of an Erasmus+ project, for spreading its use in Brazil and Argentina.
|
|
| 2. |
- Avritzer, Alberto, et al.
(författare)
-
Extending Survivability Models for Global Software Development with Media Synchronicity Theory
- 2015
-
Ingår i: Proceeding of the IEEE 10th International Conference on Global Software Engineering. - : IEEE Communications Society. - 9781479984091 ; , s. 23-32
-
Konferensbidrag (refereegranskat)abstract
- In this paper we propose a new framework to assess survivability of software projects accounting for media capability details as introduced in Media Synchronicity Theory (MST). Specifically, we add to our global engineering framework the assessment of the impact of inadequate conveyance and convergence available in the communication infrastructure selected to be used by the project, on the system ability to recover from project disasters. We propose an analytical model to assess how the project recovers from project disasters related to process and communication failures. Our model is based on media synchronicity theory to account for how information exchange impacts recovery. Then, using the proposed model we evaluate how different interventions impact communication effectiveness. Finally, we parameterize and instantiate the proposed survivability model based on a data gathering campaign comprising thirty surveys collected from senior global software development experts at ICGSE'2014 and GSD'2015.
|
|
| 3. |
- Gasiba, Tiago Espinha, et al.
(författare)
-
Awareness of secure coding guidelines in the industry - A first data analysis
- 2020
-
Ingår i: Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020. - : Institute of Electrical and Electronics Engineers Inc.. - 9780738143804 ; , s. 345-352
-
Konferensbidrag (refereegranskat)abstract
- Software needs to be secure, in particular, when deployed to critical infrastructures. Secure coding guidelines capture practices in industrial software engineering to ensure the security of code. This study aims to assess the level of awareness of secure coding in industrial software engineering, the skills of software developers to spot weaknesses in software code, avoid them, and the organizational support to adhere to coding guidelines. The approach draws on well-established theories of policy compliance, neutralization theory, and security-related stress and the authors' many years of experience in industrial software engineering and on lessons identified from training secure coding in the industry. The paper presents the questionnaire design for the online survey and the first analysis of data from the pilot study. © 2020 IEEE.
|
|
| 4. |
- Gasiba, Tiago Espinha, et al.
(författare)
-
Is Secure Coding Education in the Industry Needed? : An Investigation Through a Large Scale Survey
- 2021
-
Ingår i: 2021 IEEE/ACM 43RD INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING. - : IEEE COMPUTER SOC. - 9780738133201 ; , s. 241-252
-
Konferensbidrag (refereegranskat)abstract
- The Department of Homeland Security in the United States estimates that 90% of software vulnerabilities can be traced back to defects in design and software coding. The financial impact of these vulnerabilities has been shown to exceed 380 million USD in industrial control systems alone. Since software developers write software, they also introduce these vulnerabilities into the source code. However, secure coding guidelines exist to prevent software developers from writing vulnerable code. This study focuses on the human factor, the software developer, and secure coding, in particular secure coding guidelines. We want to understand the software developersi awareness and compliance to secure coding guidelines and why, if at all, they arenit compliant or aware. We base our results on a large-scale survey on secure coding guidelines, with more than 190 industrial software developers. Our workis main contribution motivates the need to educate industrial software developers on secure coding guidelines, and it gives a list of fifteen actionable items to be used by practitioners in the industry. We also make our raw data openly available for further research.
|
|
| 5. |
- Moyón, Fabiola, et al.
(författare)
-
Integration of Security Standards in DevOps Pipelines : An Industry Case Study
- 2020
-
Ingår i: Lecture Notes in Computer Science. - Cham : Springer Science+Business Media B.V.. - 9783030641474 ; , s. 434-452
-
Konferensbidrag (refereegranskat)abstract
- In the last decade, companies adopted DevOps as a fast path to deliver software products according to customer expectations, with well aligned teams and in continuous cycles. As a basic practice, DevOps relies on pipelines that simulate factory swim-lanes. The more automation in the pipeline, the shorter a lead time is supposed to be. However, applying DevOps is challenging, particularly for industrial control systems (ICS) that support critical infrastructures and that must obey to rigorous requirements from security regulations and standards. Current research on security compliant DevOps presents open gaps for this particular domain and in general for systematic application of security standards. In this paper, we present a systematic approach to integrate standard-based security activities into DevOps pipelines and highlight their automation potential. Our intention is to share our experiences and help practitioners to overcome the trade-off between adding security activities into the development process and keeping a short lead time. We conducted an evaluation of our approach at a large industrial company considering the IEC 62443-4-1 security standard that regulates ICS. The results strengthen our confidence in the usefulness of our approach and artefacts, and in that they can support practitioners to achieve security compliance while preserving agility including short lead times. © 2020, Springer Nature Switzerland AG.
|
|
| 6. |
- Stray, Viktoria, et al.
(författare)
-
Theories in Agile Software Development : Past, Present, and Future Introduction to the XP 2020 Special Section
- 2022
-
Ingår i: Information and Software Technology. - : Elsevier. - 0950-5849 .- 1873-6025. ; 152
-
Tidskriftsartikel (refereegranskat)abstract
- Over the last two decades, agile software development has gained popularity among software engineering researchers and practitioners. However, the development and use of theories in agile research remain relatively low. While analyzing publications on agile software development in the Scopus database from the last decade, we found that only 7% of the papers used or developed a theory. This trend seems stable. However, it is promising that most theory-centric studies use or propose theories to address cognitive and behavioral aspects of people working in agile development. We argue that these aspects build fundamental pillars in agile software development. In this special section, we introduce extended versions of four papers selected from the XP2020 Conference. These papers make valuable contributions to aspects of learning and behavior in agile software development. We encourage researchers to be more theory-centric in their future empirical studies of agile methods and practices by familiarizing themselves with existing theories and applying and developing theories. This way, they can contribute to a reliable, evidence-based body of knowledge in our community. © 2022
|
|
