| 1. |
- Ehatisham-ul-Haq, Muhammad, et al.
(author)
-
Identifying smartphone users based on their activity patterns via mobile sensing
- 2017
-
In: Procedia Computer Science. - : Elsevier. - 1877-0509. ; 113, s. 202-209
-
Journal article (peer-reviewed)abstract
- Smartphones are ubiquitous devices that enable users to perform many of their routine tasks anytime and anywhere. With the advancement in information technology, smartphones are now equipped with sensing and networking capabilities that provide context-awareness for a wide range of applications. Due to ease of use and access, many users are using smartphones to store their private data, such as personal identifiers and bank account details. This type of sensitive data can be vulnerable if the device gets lost or stolen. The existing methods for securing mobile devices, including passwords, PINs and pattern locks are susceptible to many bouts such as smudge attacks. This paper proposes a novel framework to protect sensitive data on smartphones by identifying smartphone users based on their behavioral traits using smartphone embedded sensors. A series of experiments have been conducted for validating the proposed framework, which demonstrate its effectiveness.
|
|
| 2. |
- Usman, Muhammad, 1978-, et al.
(author)
-
Compliance Requirements in Large-Scale Software Development : An Industrial Case Study
- 2020
-
In: Lecture Notes in Computer Science. - Cham : Springer-Verlag Tokyo Inc.. - 9783030641474 ; , s. 385-401
-
Conference paper (peer-reviewed)abstract
- Regulatory compliance is a well-studied area, including research on how to model, check, analyse, enact, and verify compliance of software. However, while the theoretical body of knowledge is vast, empirical evidence on challenges with regulatory compliance, as faced by industrial practitioners particularly in the Software Engineering domain, is still lacking. In this paper, we report on an industrial case study which aims at providing insights into common practices and challenges with checking and analysing regulatory compliance, and we discuss our insights in direct relation to the state of reported evidence. Our study is performed at Ericsson AB, a large telecommunications company, which must comply to both locally and internationally governing regulatory entities and standards such as GDPR. The main contributions of this work are empirical evidence on challenges experienced by Ericsson that complement the existing body of knowledge on regulatory compliance. © 2020, Springer Nature Switzerland AG.
|
|
| 3. |
- Aftab, Muhammad Usman, et al.
(author)
-
Towards A Distributed Ledger Based Verifiable Trusted Protocol for VANET
- 2021
-
In: 2021 International Conference on Digital Futures and Transformative Technologies, ICoDT2 2021. - : Institute of Electrical and Electronics Engineers Inc.. - 9781665412858
-
Conference paper (peer-reviewed)abstract
- To ensure traffic safety and proper operation of vehicular networks, safety messages or beacons are periodically broadcasted in Vehicular Adhoc Networks (VANETs) to neighboring nodes and road side units (RSU). Thus, authenticity and integrity of received messages along with the trust in source nodes is crucial and highly required in applications where a failure can result in life-threatening situations. Several digital signature based approaches have been described in literature to achieve the authenticity of these messages. In these schemes, scenarios having high level of vehicle density are handled by RSU where aggregated signature verification is done. However, most of these schemes are centralized and PKI based where our goal is to develop a decentralized dynamic system. Along with authenticity and integrity, trust management plays an important role in VANETs which enables ways for secure and verified communication. A number of trust management models have been proposed but it is still an ongoing matter of interest, similarly authentication which is a vital security service to have during communication is not mostly present in the literature work related to trust management systems. This paper proposes a secure and publicly verifiable communication scheme for VANET which achieves source authentication, message authentication, non repudiation, integrity and public verifiability. All of these are achieved through digital signatures, Hash Message Authentication Code (HMAC) technique and logging mechanism which is aided by blockchain technology.
|
|
| 4. |
- Badampudi, Deepika, 1984-, et al.
(author)
-
Large scale reuse of microservices using DevOps andInnerSource practices - A longitudinal case study
-
Other publication (other academic/artistic)abstract
- Contemporary practices such as InnerSource and DevOps promote software reuse. This study investigates the implications of using contemporary practices on software reuse. In particular, we investigate the costs, benefits, challenges, and potential improvements in contemporary reuse at Ericsson. We performed the study in two phases: a) the initial data collection based on a combination of data collection methods (e.g., interviews, discussions, company portals), and b) a follow-up group discussion after a year to understand the status of the challenges and improvements identified in the first phase. Our results indicate that developing reusable assets resulted in upfront costs, such as additional effort in ensuring compliance. Furthermore, development with reuse also resulted in additional effort, for example, in integrating and understanding reusable assets. Ericsson perceived the additional effort as an investment resulting in long-term benefits such as improved quality, productivity, customer experience, and way of working. Ericsson's main challenge was increased pressure on the producers of reusable assets, which was mitigated by scaling the InnerSource adoption. InnerSource success is evident from the increase in the contributions to reusable assets. In addition, Ericsson implemented measures such as automating the compliance check, which enhanced the maturity of reusable assets and resulted in increased reuse.
|
|
| 5. |
- Badampudi, Deepika, 1984-, et al.
(author)
-
Reporting Consent, Anonymity and Confidentiality Procedures Adopted in Empirical Studies Using Human Participants
- 2022
-
In: e-Informatica Software Engineering Journal. - : Wroclaw University of Technology. - 1897-7979 .- 2084-4840. ; 16:1
-
Journal article (peer-reviewed)abstract
- Background: Empirical studies involving human participants need to follow procedures to avoid causing harm to the subjects. However, it is not always clear how researchers should report these procedures. Aim: This study investigates how researchers report ethical issues in the software engineering journal publications, particularly informed consent, confidentiality, and anonymity. Method: We conducted a literature review to understand the reporting of ethical issues in software engineering journals. In addition, in a workshop, we discussed the importance of reporting the different ethical issues. Results: The results indicate that 49 out of 95 studies reported some ethical issues. Only six studies discussed all three ethical issues. The subjects were mainly informed about the study purpose and procedure. There are limited discussions on how the subjects were informed about the risks involved in the study. Studies reported on how authors ensured confidentiality have also discussed anonymity in most cases. The results of the workshop discussion indicate that reporting ethical issues is important to improve the reliability of the research results. We propose a checklist based on the literature review, which we validated through a workshop. Conclusion: The checklist proposed in this paper is a step towards enhancing ethical reporting in software engineering research.
|
|
| 6. |
- Chen, Xingru
(author)
-
Improving Internal Software Reuse in the Context of Contemporary Software Engineering Practices
- 2023
-
Licentiate thesis (other academic/artistic)abstract
- Context: Companies adopt many software reuse practices, such as software product line, reuse verbatim, and systematic reuse, to improve their internal software development and maximize the benefits. Contemporary software engineering (SE) practices, such as microservices and InnerSource, influence internal software reuse.Objective: In this thesis, we aim to improve internal software reuse in the context of contemporary SE practices. To do that, we want to 1) understand the state-of-the-art and the state-of-the-practice of software reuse costs and benefits and the challenges that companies are currently facing and 2) identify interventions to improve internal software reuse. Methods: We conducted a systematic literature review to understand the state-of-the-art of software reuse costs and benefits. We performed two exploratory case studies to understand the state-of-the-practice of software reuse costs and benefits, challenges, and improvement areas in the context of contemporary SE practices. We performed another follow-up improving case study to investigate the medium-sized case company's readiness of adopting InnerSource for software reuse.Results: Existing literature reported more software reuse benefits than costs. The most reported software reuse benefits are better product quality and improved productivity. Verbatim reuse and systematic reuse result in more reuse benefits. Most of the included primary studies are of moderate quality, with only four having high quality. Practitioners think that software reuse costs in developing reusable assets will be paid off when developers start to reuse them. Challenges in software reuse in the context of contemporary SE practices differ between medium-sized and large-sized companies. Both of the companies perceive that InnerSource can help improve internal software reuse. Asking practitioners about both current and desired InnerSource reuse status helps identify the needed InnerSource improvements, thus helping companies succeed in adopting InnerSource for reuse. Conclusion: Both existing literature and our two case studies investigating software reuse in the context of contemporary SE practices showed that software reuse improves quality and productivity and has costs in developing and integrating reusable assets. However, the overall benefits outweigh the costs. Both case companies faced challenges in improving their internal reuse, where the most common challenges were about developing and maintaining reusable assets. The results showed that InnerSource helps develop and maintain reusable assets and further improves internal software reuse.
|
|
| 7. |
- Chen, Xingru, et al.
(author)
-
Reuse in Contemporary Software Engineering Practices - An Exploratory Case Study in A Medium-sized Company
- 2022
-
In: e-Informatica Software Engineering Journal. - : Wroclaw University of Technology. - 1897-7979 .- 2084-4840. ; 16:1
-
Journal article (peer-reviewed)abstract
- Background: Software practice is evolving with changing technologies and practices such as InnerSource, DevOps, and microservices. It is important to investigate the impact of contemporary software engineering (SE) practices on software reuse.Aim: This study aims to characterize software reuse in contemporary SE practices and investigate its implications in terms of costs, benefits, challenges, and potential improvements in a medium-sized company.Method: We performed an exploratory case study by conducting interviews, group discussions, and reviewing company documentation to investigate software reuse in the context of contemporary SE practices in the case company.Results: The results indicate that the development for reuse in contemporary SE practices incurs additional coordination, among other costs. Development with reuse led to relatively fewer additional costs and resulted in several benefits such as better product quality and less development and delivery time. Ownership of reusable assets is challenging in contemporary SE practice. InnerSource practices may help mitigate the top perceived challenges: discoverability and ownership of the reusable assets, knowledge sharing and reuse measurement.Conclusion: Reuse in contemporary SE practices is not without additional costs and challenges. However, the practitioners perceive costs as investments that benefit the company in the long run.
|
|
| 8. |
- Chen, Xingru, et al.
(author)
-
Understanding and Evaluating Software Reuse Costs and Benefits from Industrial Cases - A Systematic Literature Review
-
Other publication (other academic/artistic)abstract
- Companies adopt various software reuse practices to achieve more benefits. Existing secondary studies aggregated primary evidence on software reuse benefits more than the costs. It is important to know how the software reuse costs and benefits are measured and the strength of the evidence. This study aims to conduct a systematic literature review to identify the observed software reuse costs and benefits from industrial cases and investigate how the identified software reuse costs and benefits are measured. In addition, we also assess the quality of the included primary studies to understand the strength of evidence behind the identified software reuse costs and benefits. We included 30 primary studies on software reuse costs and benefits in industrial cases using a mixed search strategy - automated search and snowballing. We identified nine software reuse benefits, six software reuse costs, and the metrics used to measure them. Better quality and improved productivity are the most investigated software reuse benefits, and most primary studies that report these two benefits are of good or moderate quality. Few primary studies reported software reuse costs, and most of them are of low quality. Generally, the quality of primary studies reporting software reuse benefits is better than those reporting software reuse costs.
|
|
| 9. |
- Chen, Xingru, et al.
(author)
-
Understanding and evaluating software reuse costs and benefits from industrial cases—A systematic literature review
- 2024
-
In: Information and Software Technology. - : Elsevier. - 0950-5849 .- 1873-6025. ; 171
-
Research review (peer-reviewed)abstract
- Context: Software reuse costs and benefits have been investigated in several primary studies, which have been aggregated in multiple secondary studies as well. However, existing secondary studies on software reuse have not critically appraised the evidence in primary studies. Moreover, there has been relatively less focus on how software reuse costs and benefits were measured in the primary studies, and the aggregated evidence focuses more on software reuse benefits than reuse costs. Objective: This study aims to cover the gaps mentioned in the context above by synthesizing and critically appraising the evidence reported on software reuse costs and benefits from industrial cases. Method: We used a systematic literature review (SLR) to conduct this study. The results of this SLR are based on a final set of 30 primary studies. Results: We identified nine software reuse benefits and six software reuse costs, in which better quality and improved productivity were investigated the most. The primary studies mostly used defect-based and development time-based metrics to measure reuse benefits and costs. Regarding the reuse practices, the results show that software product lines, verbatim reuse, and systematic reuse were the top investigated ones, contributing to more reuse benefits. The quality assessment of the primary studies showed that most of them are either of low (20%) or moderate (67%) quality. Conclusion: Based on the number and quality of the studies, we conclude that the strength of evidence for better quality and improved productivity as reuse benefits is high. There is a need to conduct more high quality studies to investigate, not only other reuse costs and benefits, but also how relatively new reuse-related practices, such as InnerSource and microservices architecture, impact software reuse. © 2024 The Author(s)
|
|
| 10. |
- Chen, Xingru, et al.
(author)
-
Using InnerSource for Improving Internal Reuse : An Industrial Case Study
- 2023
-
In: ACM International Conference Proceeding Series. - : Association for Computing Machinery (ACM). - 9798400700446 ; , s. 348-357
-
Conference paper (peer-reviewed)abstract
- Background: InnerSource consists of the use of open source development techniques within the corporation. It helps improve software reuse through increased transparency and inter-team collaboration. Companies need to understand their context and specific needs before deciding to adopt any specific InnerSource practices since they cannot apply all InnerSource practices at once. Aim: This study aims to support the case company in assessing its readiness for adopting InnerSource practices to improve its internal reuse, identify and prioritize the improvement areas, and identify suitable solutions. Method: We performed a case study using a questionnaire and a workshop to check the current and desired status of adopting InnerSource practices and collect potential solutions. Results: The study participants identified that the company needs to prioritize the improvements related to the discoverability, communication channels, and ownership of the reusable assets. In addition, they identified certain InnerSource practices as solutions for the prioritized improvement areas, such as better structured repositories for storing and searching the reusable assets and standardized documentation of the reusable assets. Conclusion: The questionnaire instrument aids the case company in identifying the improvement areas related to InnerSource and reuse practices. InnerSource practices could improve the development and maintenance of reusable assets. Keywords: InnerSource, software reuse, readiness © 2023 Owner/Author.
|
|
