| 1. |
- Alahyari, Hiva, 1979, et al.
(författare)
-
A study of value in agile software development organizations
- 2017
-
Ingår i: Journal of Systems and Software. - : Elsevier BV. - 0164-1212 .- 1873-1228. ; 125, s. 271-288
-
Tidskriftsartikel (refereegranskat)abstract
- The Agile manifesto focuses on the delivery of valuable software. In Lean, the principles emphasise value, where every activity that does not add value is seen as waste. Despite the strong focus on value, and that the primary critical success factor for software intensive product development lies in the value domain, no empirical study has investigated specifically what value is. This paper presents an empirical study that investigates how value is interpreted and prioritised, and how value is assured and measured. Data was collected through semi-structured interviews with 23 participants from 14 agile software development organisations. The contribution of this study is fourfold. First, it examines how value is perceived amongst agile software development organisations. Second, it compares the perceptions and priorities of the perceived values by domains and roles. Third, it includes an examination of what practices are used to achieve value in industry, and what hinders the achievement of value. Fourth, it characterises what measurements are used to assure, and evaluate value-creation activities. (C) 2016 Elsevier Inc. All rights reserved.
|
|
| 2. |
- Berntsson Svensson, Richard, et al.
(författare)
-
Prioritization of quality requirements : State of practice in eleven companies
- 2011
-
Ingår i: 2011 IEEE 19th International Requirements Engineering Conference, RE 2011; Trento; 29 August 2011 through 2 September 2011. - Trento : IEEE. - 9781457709234 ; , s. 69-78, s. 69-78
-
Konferensbidrag (refereegranskat)abstract
- Requirements prioritization is recognized as an important but challenging activity in software product development. For a product to be successful, it is crucial to find the right balance among competing quality requirements. Although literature offers many methods for requirements prioritization, the research on prioritization of quality requirements is limited. This study identifies how quality requirements are prioritized in practice at 11 successful companies developing software intensive systems. We found that ad-hoc prioritization and priority grouping of requirements are the dominant methods for prioritizing quality requirements. The results also show that it is common to use customer input as criteria for prioritization but absence of any criteria was also common. The results suggests that quality requirements by default have a lower priority than functional requirements, and that they only get attention in the prioritizing process if decision-makers are dedicated to invest specific time and resources on QR prioritization. The results of this study may help future research on quality requirements to focus investigations on industry-relevant issues.
|
|
| 3. |
- Hatamian, Majid, et al.
(författare)
-
A privacy and security analysis of early-deployed COVID-19 contact tracing Android apps
- 2021
-
Ingår i: Empirical Software Engineering. - : Springer Nature. - 1382-3256 .- 1573-7616. ; 26:3
-
Tidskriftsartikel (refereegranskat)abstract
- As this article is being drafted, the SARS-CoV-2/COVID-19 pandemic is causing harm and disruption across the world. Many countries aimed at supporting their contact tracers with the use of digital contact tracing apps in order to manage and control the spread of the virus. Their idea is the automatic registration of meetings between smartphone owners for the quicker processing of infection chains. To date, there are many contact tracing apps that have already been launched and used in 2020. There has been a lot of speculations about the privacy and security aspects of these apps and their potential violation of data protection principles. Therefore, the developers of these apps are constantly criticized because of undermining users’ privacy, neglecting essential privacy and security requirements, and developing apps under time pressure without considering privacy- and security-by-design. In this study, we analyze the privacy and security performance of 28 contact tracing apps available on Android platform from various perspectives, including their code’s privileges, promises made in their privacy policies, and static and dynamic performances. Our methodology is based on the collection of various types of data concerning these 28 apps, namely permission requests, privacy policy texts, run-time resource accesses, and existing security vulnerabilities. Based on the analysis of these data, we quantify and assess the impact of these apps on users’ privacy. We aimed at providing a quick and systematic inspection of the earliest contact tracing apps that have been deployed on multiple continents. Our findings have revealed that the developers of these apps need to take more cautionary steps to ensure code quality and to address security and privacy vulnerabilities. They should more consciously follow legal requirements with respect to apps’ permission declarations, privacy principles, and privacy policy contents.
|
|
| 4. |
- Magnusson, Peter S., et al.
(författare)
-
SimICS/sun4m : A virtual workstation
- 2019
-
Ingår i: USENIX 1998 Annual Technical Conference. - New Orleans, LA, USA : USENIX Association.
-
Konferensbidrag (refereegranskat)abstract
- System level simulators allow computer architects and system software designers to recreate an accurate and complete replica of the program behavior of a target system, regardless of the availability, existence, or instrumentation support of such a system. Applications include evaluation of architectural design alternatives as well as software engineering tasks such as traditional debugging and performance tuning. We present an implementation of a simulator acting as a virtual workstation fully compatible with the sun4m architecture from Sun Microsystems. Built using the system-level SPARC V8 simulator SimICS, SimICS/sun4m models one or more SPARC V8 processors, supports user-developed modules for data cache and instruction cache simulation and execution profiling of all code, and provides a symbolic and performance debugging environment for operating systems. SimICS/sun4m can boot unmodified operating systems, including Linux 2.0.30 and Solaris 2.6, directly from snapshots of disk partitions. To support essentially arbitrary code, we implemented binary-compatible simulators for several devices, including SCSI, console, interrupt, timers, EEPROM, and Ethernet. The Ethernet simulation hooks into the host and allows the virtual workstation to appear on the local network with full services available (NFS, NIS, rsh, etc). Ethernet and console traffic can be recorded for future playback. The performance of SimICS/sun4m is sufficient to run realistic workloads, such as the database benchmark TPC-D, scaling factor 1/100, or an interactive network application such as Mozilla. The slowdown in relation to native hardware is in the range of 25 to 75 (measured using SPECint95). We also demonstrate some applications, including modeling an 8-processor sun4m version (which does not exist), modeling future memory hierarchies, and debugging an operating system.
|
|
| 5. |
- Nass, Michel, 1968-, et al.
(författare)
-
Improving Web Element Localization by Using a Large Language Model
- 2024
-
Ingår i: Software testing, verification & reliability. - : John Wiley & Sons. - 0960-0833 .- 1099-1689.
-
Tidskriftsartikel (refereegranskat)abstract
- Web-based test automation heavily relies on accurately finding web elements. Traditional methods compare attributes but don't grasp the context and meaning of elements and words. The emergence of Large Language Models (LLMs) like GPT-4, which can show human-like reasoning abilities on some tasks, offers new opportunities for software engineering and web element localization. This paper introduces and evaluates VON Similo LLM, an enhanced web element localization approach. Using an LLM, it selects the most likely web element from the top-ranked ones identified by the existing VON Similo method, ideally aiming to get closer to human-like selection accuracy. An experimental study was conducted using 804 web element pairs from 48 real-world web applications. We measured the number of correctly identified elements as well as the execution times, comparing the effectiveness and efficiency of VON Similo LLM against the baseline algorithm. In addition, motivations from the LLM were recorded and analyzed for all instances where the original approach failed to find the right web element. VON Similo LLM demonstrated improved performance, reducing failed localizations from 70 to 39 (out of 804), a 44 percent reduction. Despite its slower execution time and additional costs of using the GPT-4 model, the LLMs human-like reasoning showed promise in enhancing web element localization. LLM technology can enhance web element identification in GUI test automation, reducing false positives and potentially lowering maintenance costs. However, further research is necessary to fully understand LLMs capabilities, limitations, and practical use in GUI testing.
|
|
| 6. |
- Kim, Jinhan, et al.
(författare)
-
Guiding Deep Learning System Testing Using Surprise Adequacy
- 2019
-
Ingår i: Proceedings - International Conference on Software Engineering. - : IEEE. - 0270-5257. ; 2019-May, s. 1039-1049, s. 1039-1049
-
Konferensbidrag (refereegranskat)abstract
- Deep Learning (DL) systems are rapidly being adopted in safety and security critical domains, urgently calling for ways to test their correctness and robustness. Testing of DL systems has traditionally relied on manual collection and labelling of data. Recently, a number of coverage criteria based on neuron activation values have been proposed. These criteria essentially count the number of neurons whose activation during the execution of a DL system satisfied certain properties, such as being above predefined thresholds. However, existing coverage criteria are not sufficiently fine grained to capture subtle behaviours exhibited by DL systems. Moreover, evaluations have focused on showing correlation between adversarial examples and proposed criteria rather than evaluating and guiding their use for actual testing of DL systems. We propose a novel test adequacy criterion for testing of DL systems, called Surprise Adequacy for Deep Learning Systems (SADL), which is based on the behaviour of DL systems with respect to their training data. We measure the surprise of an input as the difference in DL system's behaviour between the input and the training data (i.e., what was learnt during training), and subsequently develop this as an adequacy criterion: a good test input should be sufficiently but not overtly surprising compared to training data. Empirical evaluation using a range of DL systems from simple image classifiers to autonomous driving car platforms shows that systematic sampling of inputs based on their surprise can improve classification accuracy of DL systems against adversarial examples by up to 77.5% via retraining.
|
|
| 7. |
- Briand, Lionel, et al.
(författare)
-
JF Welcome: ICSE 2021
- 2021
-
Ingår i: Proceedings - International Conference on Software Engineering. - : IEEE Computer Society. - 0270-5257. ; May 2021, s. xxxiii-
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)
|
|
| 8. |
- Ding, Jianguo
(författare)
-
Intrusion Detection, Prevention, and Response System (IDPRS) for Cyber-Physical Systems (CPSs)
- 2015
-
Ingår i: Securing Cyber Physical Systems. - Boca Raton, US : Taylor & Francis Group. - 9781498700986 - 9781498700993 - 9780429091049 ; , s. 371-392
-
Bokkapitel (refereegranskat)abstract
- Cyber-physical systems (CPSs) are integrated physical, engineered, andsocial systems whose operations are monitored, coordinated, controlled, and integratedby a computing and communication core. Due to the dynamic structure ofCPSs, the security measurements are often complex. Given this fact, the objectiveof this chapter is to present the intrusion detection, prevention, and response system(IDPRS) for such a dynamic environment.
|
|
| 9. |
- Jusufi, Ilir, 1983-, et al.
(författare)
-
TapVis : A Data Visualization Approach for Assessment of Alternating Tapping Performance in Patients with Parkinson's Disease
- 2018
-
Ingår i: EuroVis 2018 - Short Papers. - : Eurographics - European Association for Computer Graphics. - 9783038680604 ; , s. 55-59
-
Konferensbidrag (refereegranskat)abstract
- Advancements in telemedicine have been helpful for frequent monitoring of patients with Parkinson's disease (PD) from remote locations and assessment of their individual symptoms and treatment-related complications. These data can be useful for helping clinicians to interpret symptom states and individually tailor the treatments by visualizing the physiological information collected by sensor-based systems. In this paper we present a visualization metaphor that represents symptom information of PD patients during tapping tests performed with a smartphone. The metaphor has been developed and evaluated with a clinician. It enabled the clinician to observe fine motor impairments and identify motor fluctuations regarding several movement aspects of patients that perform the tests from their homes.
|
|
| 10. |
- Witschard, Daniel, et al.
(författare)
-
SimBaTex : Similarity-based Text Exploration
- 2021
-
Ingår i: Posters of the 23rd EG/VGTC Conference on Visualization (EuroVis '21). - : Eurographics - European Association for Computer Graphics. - 9783038681441 ; , s. 5-7
-
Konferensbidrag (refereegranskat)abstract
- Natural language processing in combination with visualization can provide efficient ways to discover latent patterns of similarity which can be useful for exploring large sets of text documents. In this poster abstract, we describe the ongoing work on a visual analytics application, called SimBaTex, which is based on embedding technology, dynamic specification of similarity criteria, and a novel approach for similarity-based clustering. The goal of SimBaTex is to provide search-and-explore functionality to enable the user to identify items of interest in a large set of text documents by interactive assessment of both high-level similarity patterns and pairwise similarity of chosen texts.
|
|
