| 1. |
- Usman, Muhammad, 1978-, et al.
(författare)
-
Compliance Requirements in Large-Scale Software Development : An Industrial Case Study
- 2020
-
Ingår i: Lecture Notes in Computer Science. - Cham : Springer-Verlag Tokyo Inc.. - 9783030641474 ; , s. 385-401
-
Konferensbidrag (refereegranskat)abstract
- Regulatory compliance is a well-studied area, including research on how to model, check, analyse, enact, and verify compliance of software. However, while the theoretical body of knowledge is vast, empirical evidence on challenges with regulatory compliance, as faced by industrial practitioners particularly in the Software Engineering domain, is still lacking. In this paper, we report on an industrial case study which aims at providing insights into common practices and challenges with checking and analysing regulatory compliance, and we discuss our insights in direct relation to the state of reported evidence. Our study is performed at Ericsson AB, a large telecommunications company, which must comply to both locally and internationally governing regulatory entities and standards such as GDPR. The main contributions of this work are empirical evidence on challenges experienced by Ericsson that complement the existing body of knowledge on regulatory compliance. © 2020, Springer Nature Switzerland AG.
|
|
| 2. |
- Fagerholm, F., et al.
(författare)
-
Cognition in Software Engineering: A Taxonomy and Survey of a Half-Century of Research
- 2022
-
Ingår i: Acm Computing Surveys. - : Association for Computing Machinery (ACM). - 0360-0300 .- 1557-7341. ; 54:11
-
Tidskriftsartikel (refereegranskat)abstract
- Cognition plays a fundamental role in most software engineering activities. This article provides a taxonomy of cognitive concepts and a survey of the literature since the beginning of the Software Engineering discipline. The taxonomy comprises the top-level concepts of perception, attention, memory, cognitive load, reasoning, cognitive biases, knowledge, social cognition, cognitive control, and errors, and procedures to assess them both qualitatively and quantitatively. The taxonomy provides a useful tool to filter existing studies, classify new studies, and support researchers in getting familiar with a (sub) area. In the literature survey, we systematically collected and analysed 311 scientific papers spanning five decades and classified them using the cognitive concepts from the taxonomy. Our analysis shows that the most developed areas of research correspond to the four life-cycle stages, software requirements, design, construction, and maintenance. Most research is quantitative and focuses on knowledge, cognitive load, memory, and reasoning. Overall, the state of the art appears fragmented when viewed from the perspective of cognition. There is a lack of use of cognitive concepts that would represent a coherent picture of the cognitive processes active in specific tasks. Accordingly, we discuss the research gap in each cognitive concept and provide recommendations for future research.
|
|
| 3. |
- Adigun, Jubril Gbolahan, et al.
(författare)
-
Collaborative Artificial Intelligence Needs Stronger Assurances Driven by Risks
- 2022
-
Ingår i: Computer. - : IEEE Computer Society. - 0018-9162 .- 1558-0814. ; 55:3, s. 52-63
-
Tidskriftsartikel (refereegranskat)abstract
- Collaborative artificial intelligence systems (CAISs) aim to work with humans in a shared space to achieve a common goal, but this can pose hazards that could harm human beings. We identify emerging problems in this context and report our vision of and progress toward a risk-driven assurance process for CAISs.
|
|
| 4. |
- Auer, Florian, et al.
(författare)
-
Controlled experimentation in continuous experimentation : Knowledge and challenges
- 2021
-
Ingår i: Information and Software Technology. - : Elsevier B.V.. - 0950-5849 .- 1873-6025. ; 134
-
Tidskriftsartikel (refereegranskat)abstract
- Context: Continuous experimentation and A/B testing is an established industry practice that has been researched for more than 10 years. Our aim is to synthesize the conducted research. Objective: We wanted to find the core constituents of a framework for continuous experimentation and the solutions that are applied within the field. Finally, we were interested in the challenges and benefits reported of continuous experimentation. Methods: We applied forward snowballing on a known set of papers and identified a total of 128 relevant papers. Based on this set of papers we performed two qualitative narrative syntheses and a thematic synthesis to answer the research questions. Results: The framework constituents for continuous experimentation include experimentation processes as well as supportive technical and organizational infrastructure. The solutions found in the literature were synthesized to nine themes, e.g. experiment design, automated experiments, or metric specification. Concerning the challenges of continuous experimentation, the analysis identified cultural, organizational, business, technical, statistical, ethical, and domain-specific challenges. Further, the study concludes that the benefits of experimentation are mostly implicit in the studies. Conclusion: The research on continuous experimentation has yielded a large body of knowledge on experimentation. The synthesis of published research presented within include recommended infrastructure and experimentation process models, guidelines to mitigate the identified challenges, and what problems the various published solutions solve. © 2021 The Authors
|
|
| 5. |
- Auer, Florian, et al.
(författare)
-
From monolithic systems to Microservices : An assessment framework
- 2021
-
Ingår i: Information and Software Technology. - : Elsevier B.V.. - 0950-5849 .- 1873-6025. ; 137
-
Tidskriftsartikel (refereegranskat)abstract
- Context: Re-architecting monolithic systems with Microservices-based architecture is a common trend. Various companies are migrating to Microservices for different reasons. However, making such an important decision like re-architecting an entire system must be based on real facts and not only on gut feelings. Objective: The goal of this work is to propose an evidence-based decision support framework for companies that need to migrate to Microservices, based on the analysis of a set of characteristics and metrics they should collect before re-architecting their monolithic system. Method: We conducted a survey done in the form of interviews with professionals to derive the assessment framework based on Grounded Theory. Results: We identified a set consisting of information and metrics that companies can use to decide whether to migrate to Microservices or not. The proposed assessment framework, based on the aforementioned metrics, could be useful for companies if they need to migrate to Microservices and do not want to run the risk of failing to consider some important information. © 2021 The Author(s)
|
|
| 6. |
- Auer, Florian, et al.
(författare)
-
Towards defining a microservice migration framework
- 2018
-
Ingår i: ACM International Conference Proceeding Series. - New York, NY, USA : Association for Computing Machinery.
-
Konferensbidrag (refereegranskat)abstract
- Microservices are more and more popular. As a result, some companies started to believe that microservices are the solution to all of their problems and rush to adopt microservices without sufficient knowledge about the impacts. Most of the time they expect to decrease their maintenance effort or to ease the deployment process. However, re-architecting a system to microservices is not always beneficial. In this work we propose a work-plan to identify a decision framework that supports practitioners in the understanding of possible migration based benefits and issues. This will lead to more reasoned decisions and mitigate the risk of migration. © 2018 Copyright held by the owner/author(s).
|
|
| 7. |
- Beer, Armin, et al.
(författare)
-
Measuring and improving testability of system requirements in an industrial context by applying the goal question metric approach
- 2018
-
Ingår i: Proceedings - International Conference on Software Engineering. - New York, NY, USA : IEEE Computer Society. - 9781450357494 ; , s. 25-32
-
Konferensbidrag (refereegranskat)abstract
- Testing is subject to two basic constraints, namely cost and quality. The cost depends on the efficiency of the testing activities as well as their quality and testability. The author's practical experience in large-scale systems shows that if the requirements are adapted iteratively or the architecture is altered, testability decreases. However, what is often lacking is a root cause analysis of the testability degradations and the introduction of improvement measures during software development. In order to introduce agile practices in the rigid strategy of the V-model, good testability of software artifacts is vital. So testability is also the bridgehead towards agility. In this paper, we report on a case study in which we measure and improve testability on the basis of the Goal Question Metric Approach. © 2018 ACM.
|
|
| 8. |
- Bendler, Daniel, et al.
(författare)
-
Competency Models for Information Security and Cybersecurity Professionals : Analysis of Existing Work and a New Model
- 2023
-
Ingår i: ACM Transactions on Computing Education. - : Association for Computing Machinery (ACM). - 1946-6226. ; 23:2
-
Tidskriftsartikel (refereegranskat)abstract
- Competency models are widely adopted frameworks that are used to improve human resource functions and education. However, the characteristics of competency models related to the information security and cybersecurity domains are not well understood. To bridge this gap, this study investigates the current state of competency models related to the security domain through qualitative content analysis. Additionally, based on the competency model analysis, an evidence-based competency model is proposed. Examining the content of 27 models, we found that the models can benefit target groups in many different ways, ranging from policymaking to performance management. Owing to their many uses, competency models can arguably help to narrow the skills gap from which the profession is suffering. Nonetheless, the models have their shortcomings. First, the models do not cover all of the topics specified by the Cybersecurity Body of Knowledge ( i.e., no model is complete). Second, by omitting social, personal, and methodological competencies, many models reduce the competency profile of a security expert to professional competencies. Addressing the limitations of previous work, the proposed competency model provides a holistic view of the competencies required by security professionals for job achievement and can potentially benefit both the education system and the labor market. To conclude, the implications of the competency model analysis and use cases of the proposed model are discussed.
|
|
| 9. |
- Doležel, Michal, et al.
(författare)
-
Organizational patterns between developers and testers : Investigating testers' autonomy and role identity
- 2018
-
Ingår i: ICEIS 2018 - Proceedings of the 20th International Conference on Enterprise Information Systems. - : SciTePress. - 9789897582981 ; , s. 336-344
-
Konferensbidrag (refereegranskat)abstract
- This paper deals with organizational patterns (configurations, set-ups) between developers/programmers and testers. We firstly discuss the key differences between these two Information Systems Development (ISD) occupations. Highlighting the origin of inevitable disagreements between them, we reflect on the nature of the software testing field that currently undergoes an essential change under the increasing influence of agile ISD approaches and methods. We also deal with the ongoing professionalization of software testing. More specifically, we propose that the concept of role identity anchored in (social) identity theory can be applied to the profession of software testers, and their activities studied accordingly. Furthermore, we conceptualize three organizational patterns (i.e. isolated testers, embedded testers, and eradicated testers) based on our selective literature review of research and practice sources in Information Systems (IS) and Software Engineering (SE) disciplines. After summarizing the key industrial challenges of these patterns, we conclude the paper by calling for more research evidence that would demonstrate the viability of the recently introduced novel organizational models. We also argue that especially the organizational model of "combined software engineering", where the roles of programmers and testers are reunited into a single role of "software engineer", deserves a closer attention of IS and SE researchers in the future. © 2018 by SCITEPRESS - Science and Technology Publications, Lda.
|
|
| 10. |
- Felderer, Michael, 1978-, et al.
(författare)
-
A testability analysis framework for non-functional properties
- 2018
-
Ingår i: 2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW). - : Institute of Electrical and Electronics Engineers Inc.. - 9781538663523 ; , s. 54-58
-
Konferensbidrag (refereegranskat)abstract
- This paper presents background, the basic steps and an example for a testability analysis framework for non-functional properties.
|
|
