| 1. |
- Auer, Florian, et al.
(författare)
-
Controlled experimentation in continuous experimentation : Knowledge and challenges
- 2021
-
Ingår i: Information and Software Technology. - : Elsevier B.V.. - 0950-5849 .- 1873-6025. ; 134
-
Tidskriftsartikel (refereegranskat)abstract
- Context: Continuous experimentation and A/B testing is an established industry practice that has been researched for more than 10 years. Our aim is to synthesize the conducted research. Objective: We wanted to find the core constituents of a framework for continuous experimentation and the solutions that are applied within the field. Finally, we were interested in the challenges and benefits reported of continuous experimentation. Methods: We applied forward snowballing on a known set of papers and identified a total of 128 relevant papers. Based on this set of papers we performed two qualitative narrative syntheses and a thematic synthesis to answer the research questions. Results: The framework constituents for continuous experimentation include experimentation processes as well as supportive technical and organizational infrastructure. The solutions found in the literature were synthesized to nine themes, e.g. experiment design, automated experiments, or metric specification. Concerning the challenges of continuous experimentation, the analysis identified cultural, organizational, business, technical, statistical, ethical, and domain-specific challenges. Further, the study concludes that the benefits of experimentation are mostly implicit in the studies. Conclusion: The research on continuous experimentation has yielded a large body of knowledge on experimentation. The synthesis of published research presented within include recommended infrastructure and experimentation process models, guidelines to mitigate the identified challenges, and what problems the various published solutions solve. © 2021 The Authors
|
|
| 2. |
- Auer, Florian, et al.
(författare)
-
From monolithic systems to Microservices : An assessment framework
- 2021
-
Ingår i: Information and Software Technology. - : Elsevier B.V.. - 0950-5849 .- 1873-6025. ; 137
-
Tidskriftsartikel (refereegranskat)abstract
- Context: Re-architecting monolithic systems with Microservices-based architecture is a common trend. Various companies are migrating to Microservices for different reasons. However, making such an important decision like re-architecting an entire system must be based on real facts and not only on gut feelings. Objective: The goal of this work is to propose an evidence-based decision support framework for companies that need to migrate to Microservices, based on the analysis of a set of characteristics and metrics they should collect before re-architecting their monolithic system. Method: We conducted a survey done in the form of interviews with professionals to derive the assessment framework based on Grounded Theory. Results: We identified a set consisting of information and metrics that companies can use to decide whether to migrate to Microservices or not. The proposed assessment framework, based on the aforementioned metrics, could be useful for companies if they need to migrate to Microservices and do not want to run the risk of failing to consider some important information. © 2021 The Author(s)
|
|
| 3. |
- Pekaric, Irdin, et al.
(författare)
-
A taxonomy of attack mechanisms in the automotive domain
- 2021
-
Ingår i: Computer Standards & Interfaces. - : Elsevier B.V.. - 0920-5489 .- 1872-7018. ; 78
-
Tidskriftsartikel (refereegranskat)abstract
- In the last decade, the automotive industry incorporated multiple electronic components into vehicles introducing various capabilities for adversaries to generate diverse types of attacks. In comparison to older types of vehicles, where the biggest concern was physical security, modern vehicles might be targeted remotely. As a result, multiple attack vectors aiming to disrupt different vehicle components emerged. Research and practice lack a comprehensive attack taxonomy for the automotive domain. In this regard, we conduct a systematic literature study, wherein 48 different attacks were identified and classified according to the proposed taxonomy of attack mechanisms. The taxonomy can be utilized by penetration testers in the automotive domain as well as to develop more sophisticated attacks by chaining multiple attack vectors together. In addition, we classify the identified attack vectors based on the following five dimensions: (1) AUTOSAR layers, (2) attack domains, (3) information security principles, (4) attack surfaces, and (5) attacker profile. The results indicate that the most applied attack vectors identified in literature are GPS spoofing, message injection, node impersonation, sybil, and wormhole attack, which are mostly applied to application and services layers of the AUTOSAR architecture. © 2021 The Author(s)
|
|
| 4. |
- Sillaber, Christian, et al.
(författare)
-
Laying the foundation for smart contract development : an integrated engineering process model
- 2021
-
Ingår i: Information Systems and E-Business Management. - : Springer. - 1617-9846 .- 1617-9854. ; 19:3, s. 863-882
-
Tidskriftsartikel (refereegranskat)abstract
- Smart contracts are seen as the major building blocks for future autonomous blockchain- and Distributed Ledger Technology (DLT)-based applications. Engineering such contracts for trustless, append-only, and decentralized digital ledgers allows mutually distrustful parties to transform legal requirements into immutable and formalized rules. Previous experience shows this to be a challenging task due to demanding socio-technical ecosystems and the specificities of decentralized ledger technology. In this paper, we therefore develop an integrated process model for engineering DLT-based smart contracts that accounts for the specificities of DLT. This model was iteratively refined with the support of industry experts. The model explicitly accounts for the immutability of the trustless, append-only, and decentralized DLT ecosystem, and thereby overcomes certain limitations of traditional software engineering process models. More specifically, it consists of five successive and closely intertwined phases: conceptualization, implementation, approval, execution, and finalization. For each phase, the respective activities, roles, and artifacts are identified and discussed in detail. Applying such a model when engineering smart contracts will help software engineers and developers to better understand and streamline the engineering process of DLTs in general and blockchain in particular. Furthermore, this model serves as a generic framework which will support application development in all fields in which DLT can be applied. © 2020, The Author(s).
|
|
