Many domains of Embedded Systems (e.g., automotive, avionics, consumer electronics, industrial automation, medical…) are rapidly evolving toward solutions that integrate hardware and software, or incorporate complete systems in a single chip. The specificities of the concepts have a complexity on data analysis and during the identification of relationship between them. The usage of an ontology for embedded systems seems to be necessary. Indeed, ontology is an important engineering artifact used in several domains, that provides uniformity to the concepts in terms of syntax and semantics, facilitates the communication in various fields and improves the understanding of requirements. This work conducted a systematic mapping, to collect evidence about the need of ontologies in embedded systems development. We focus on the identification of ontology that represents languages used for the development of embedded systems, considering the various domains of these, as well as the benefits of using an ontology for this purpose. After applying selection criteria in the mapping driving phases, 19 papers were selected and analyzed. This mapping provides evidences of real benefits in using ontologies for embedded systems.
{"title":"Use of Ontologies in Embedded Systems: A Systematic Mapping","authors":"Aêda Sousa, Tarcísio Pereira, C. Agra, F. Alencar","doi":"10.1109/QUATIC.2016.011","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.011","url":null,"abstract":"Many domains of Embedded Systems (e.g., automotive, avionics, consumer electronics, industrial automation, medical…) are rapidly evolving toward solutions that integrate hardware and software, or incorporate complete systems in a single chip. The specificities of the concepts have a complexity on data analysis and during the identification of relationship between them. The usage of an ontology for embedded systems seems to be necessary. Indeed, ontology is an important engineering artifact used in several domains, that provides uniformity to the concepts in terms of syntax and semantics, facilitates the communication in various fields and improves the understanding of requirements. This work conducted a systematic mapping, to collect evidence about the need of ontologies in embedded systems development. We focus on the identification of ontology that represents languages used for the development of embedded systems, considering the various domains of these, as well as the benefits of using an ontology for this purpose. After applying selection criteria in the mapping driving phases, 19 papers were selected and analyzed. This mapping provides evidences of real benefits in using ontologies for embedded systems.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"148 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134386885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Agile methodologies such as scrum and Extreme Programming (XP) are efficient development processes by accepting changes at any phase and delivering software quickly to customers. However, these methodologies have been criticized because of the unavailability of security as an important quality goal of software systems. Although, there are pre-existing research results on this topic, there is no established approach for identifying security challenges of agile practices. Specifically, we analyze agile practices to find the security challenges in customer-and developer activities during software development. Identifying these challenges helps the secure development of software using agile practices. Our case study based results show that a number of developer-and customer activities result in security flaws and vulnerabilities for the software.
{"title":"Towards a Secure Agile Software Development Process","authors":"S. H. Adelyar, A. Norta","doi":"10.1109/QUATIC.2016.028","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.028","url":null,"abstract":"Agile methodologies such as scrum and Extreme Programming (XP) are efficient development processes by accepting changes at any phase and delivering software quickly to customers. However, these methodologies have been criticized because of the unavailability of security as an important quality goal of software systems. Although, there are pre-existing research results on this topic, there is no established approach for identifying security challenges of agile practices. Specifically, we analyze agile practices to find the security challenges in customer-and developer activities during software development. Identifying these challenges helps the secure development of software using agile practices. Our case study based results show that a number of developer-and customer activities result in security flaws and vulnerabilities for the software.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130067943","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
During system evolution, trace links among requirements and source code could get distorted due to vocabulary mismatch problem. Nevertheless, researchers have shown that those links can be recovered by code refactoring. Moreover, it is shown that refactoring methods like rename identifier has positive impact in supporting traceability. This leads to the question that will other refactoring methods will have same impact on traceability? If yes, then which refactoring technique should be applied first? For this investigation, we used four refactoring techniques - introducing parameter object, pull up field, inline class and decompose conditional. The methods were applied on two different code bases namely iTrust and eTour. The traceability links were generated by an automated tool named TraceME. From the experiment, we observed that introducing parameter object improves requirements to code traceability. Inline class and decompose conditional show a little but positive influence. Pull up method shows no improvements in traceability. We conclude that introducing parameter object should have high priority to achieve better traceability.
{"title":"Achieving Better Requirements to Code Traceability: Which Refactoring Should Be Done First?","authors":"Farina Faiz, Rubaida Easmin, Alim Ul Gias","doi":"10.1109/QUATIC.2016.012","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.012","url":null,"abstract":"During system evolution, trace links among requirements and source code could get distorted due to vocabulary mismatch problem. Nevertheless, researchers have shown that those links can be recovered by code refactoring. Moreover, it is shown that refactoring methods like rename identifier has positive impact in supporting traceability. This leads to the question that will other refactoring methods will have same impact on traceability? If yes, then which refactoring technique should be applied first? For this investigation, we used four refactoring techniques - introducing parameter object, pull up field, inline class and decompose conditional. The methods were applied on two different code bases namely iTrust and eTour. The traceability links were generated by an automated tool named TraceME. From the experiment, we observed that introducing parameter object improves requirements to code traceability. Inline class and decompose conditional show a little but positive influence. Pull up method shows no improvements in traceability. We conclude that introducing parameter object should have high priority to achieve better traceability.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133091305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In terms of capturing software requirements, the most appropriate elicitation technique must be selected, but what does this mean? This paper makes a comparison between what researchers and software engineers see as adequate technique for capturing relevant information to meet software requirements. A systematic mapping of constructs which researchers define as good techniques is presented and compared with practitioners' opinions. The study identified 13 constructs that were finally whittled down to six. The software engineers' survey showed no significant difference between these constructs. This work demonstrates the divergence of views between researchers and practitioners about the quality of software requirement elicitation techniques. The results call for more empirical research to define a common way to measure the performance of techniques and so to support their selection.
{"title":"Comparison of Research and Practice Regarding What We Mean by \"The Right Software Requirements Elicitation Technique\"","authors":"D. Carrizo","doi":"10.1109/QUATIC.2016.022","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.022","url":null,"abstract":"In terms of capturing software requirements, the most appropriate elicitation technique must be selected, but what does this mean? This paper makes a comparison between what researchers and software engineers see as adequate technique for capturing relevant information to meet software requirements. A systematic mapping of constructs which researchers define as good techniques is presented and compared with practitioners' opinions. The study identified 13 constructs that were finally whittled down to six. The software engineers' survey showed no significant difference between these constructs. This work demonstrates the divergence of views between researchers and practitioners about the quality of software requirement elicitation techniques. The results call for more empirical research to define a common way to measure the performance of techniques and so to support their selection.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123930869","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Diego Clerissi, Maurizio Leotta, G. Reggio, F. Ricca
The difficulty of creating a test suite before developing a web application is the main barrier to the adoption of the Acceptance Test Driven Development (ATDD) paradigm. In this work, we present a general lightweight approach and a specific instantiation based on existing tools for acceptance test driven development of web applications. The idea, which is the basis of our approach, is simple: using a capture/replay tool able to generate test scripts on previously created Screen Mockups of the web application to develop. These test scripts can be later executed against the web application, and used to drive its development following the requirements in ATDD mode. The presented approach has been used to re-develop the main features of an open-source web application. Observations, limitations of the approach, and lessons learnt are outlined.
{"title":"Test Driven Development of Web Applications: A Lightweight Approach","authors":"Diego Clerissi, Maurizio Leotta, G. Reggio, F. Ricca","doi":"10.1109/QUATIC.2016.014","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.014","url":null,"abstract":"The difficulty of creating a test suite before developing a web application is the main barrier to the adoption of the Acceptance Test Driven Development (ATDD) paradigm. In this work, we present a general lightweight approach and a specific instantiation based on existing tools for acceptance test driven development of web applications. The idea, which is the basis of our approach, is simple: using a capture/replay tool able to generate test scripts on previously created Screen Mockups of the web application to develop. These test scripts can be later executed against the web application, and used to drive its development following the requirements in ATDD mode. The presented approach has been used to re-develop the main features of an open-source web application. Observations, limitations of the approach, and lessons learnt are outlined.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131471090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
L. S. P. D. Silva, Suzana Sampaio, E. Souza, R. T. Moreira, A. Vasconcelos
In order to establish the best practices to instruct the definition of processes and support organizational assessment of the maturity and capability level, quality models and standards guide several Software Process Improvement initiatives. Nonetheless, despite these initiatives, the best practices application in Brazilian public organizations is impaired by various obstacles regarding the process of Contracting IT solutions by the Federal Public Administration (APF), the main contractor of software and services in Brazil. Among these obstacles, the ones that stand out are process complexity and the continuous supervision of control bodies. In order to minimize these obstacles, the Tribunal de Contas da União (TCU), recommended the establishment of the Normative Instruction SLTI/MPOG 04/2014, containing guidelines for the acquirement of IT Solutions and a Guide for Contracting IT Solutions (GCSTI). This work aims at identifying the maturity and adherence of GCSTI relative to CMMI models. To achieve this goal, defined and carried out a method of mapping between GCSTI and CMMI models. On qualitative research, the researchers' reflections is part of the process of knowledge production. This qualitative research shows the maturity of GCSTI and adherence to CMMI models. This work is part of a PhD research that aims on identifying an approach for providing services to federal public administration in Brazil.
{"title":"Mapping between the Guide of IT Solution Contract and CMMI Models: A Qualitative Analysis","authors":"L. S. P. D. Silva, Suzana Sampaio, E. Souza, R. T. Moreira, A. Vasconcelos","doi":"10.1109/QUATIC.2016.038","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.038","url":null,"abstract":"In order to establish the best practices to instruct the definition of processes and support organizational assessment of the maturity and capability level, quality models and standards guide several Software Process Improvement initiatives. Nonetheless, despite these initiatives, the best practices application in Brazilian public organizations is impaired by various obstacles regarding the process of Contracting IT solutions by the Federal Public Administration (APF), the main contractor of software and services in Brazil. Among these obstacles, the ones that stand out are process complexity and the continuous supervision of control bodies. In order to minimize these obstacles, the Tribunal de Contas da União (TCU), recommended the establishment of the Normative Instruction SLTI/MPOG 04/2014, containing guidelines for the acquirement of IT Solutions and a Guide for Contracting IT Solutions (GCSTI). This work aims at identifying the maturity and adherence of GCSTI relative to CMMI models. To achieve this goal, defined and carried out a method of mapping between GCSTI and CMMI models. On qualitative research, the researchers' reflections is part of the process of knowledge production. This qualitative research shows the maturity of GCSTI and adherence to CMMI models. This work is part of a PhD research that aims on identifying an approach for providing services to federal public administration in Brazil.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129691015","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Manufacturers of road vehicles have to comply with the functional standard ISO 26262. This standard requires the creation of a safety case, which compiles all the work products of the life-cycle in a traceable manner. The creation of a safety case is extremely time-consuming. Its creation is needed for the purpose of self-assessment in order to manage the liability risk. To speed up such creation, semi-automatic generation represents an interesting solution. OSLC (Open Services for Lifecycle Collaboration) is a recently introduced standard aimed at enabling life cycles tools interoperability via production/consumption of resources. OSLC defines a set of domains, each of which focuses on a single and generic phase of the life-cycle. To create an ISO 26262- compliant tool chain, such domains need to be extended and or replaced. In this paper, we present the first step towards the extension of such domains. First we establish the guidelines to define an ISO 26262-compliant OSLC-based knowledge domain, aimed at enabling the production and consumption of resources related to verification work products. Then, we propose our domain and we instantiate it to represent the verification-related resources of a real system. Finally, we discuss how this domain has been validated and how it can be used for continuous self-assessment.
{"title":"Towards an ISO 26262-compliant OSLC-based Tool Chain Enabling Continuous Self-Assessment","authors":"B. Gallina, Kathyayani Padira, M. Nyberg","doi":"10.1109/QUATIC.2016.050","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.050","url":null,"abstract":"Manufacturers of road vehicles have to comply with the functional standard ISO 26262. This standard requires the creation of a safety case, which compiles all the work products of the life-cycle in a traceable manner. The creation of a safety case is extremely time-consuming. Its creation is needed for the purpose of self-assessment in order to manage the liability risk. To speed up such creation, semi-automatic generation represents an interesting solution. OSLC (Open Services for Lifecycle Collaboration) is a recently introduced standard aimed at enabling life cycles tools interoperability via production/consumption of resources. OSLC defines a set of domains, each of which focuses on a single and generic phase of the life-cycle. To create an ISO 26262- compliant tool chain, such domains need to be extended and or replaced. In this paper, we present the first step towards the extension of such domains. First we establish the guidelines to define an ISO 26262-compliant OSLC-based knowledge domain, aimed at enabling the production and consumption of resources related to verification work products. Then, we propose our domain and we instantiate it to represent the verification-related resources of a real system. Finally, we discuss how this domain has been validated and how it can be used for continuous self-assessment.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124452535","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper explores the issue of group integrity of tuple subsets regarding corporate integrity constraints in relational databases. A solution may be found by applying the finite-state machine theory to guarantee group integrity of data. We present a practical guide to coding such an automaton. After creating SQL queries to manipulate data and control its integrity for real data domains, we study the issue of query performance, determine the level of transaction isolation, and generate query plans.
{"title":"Models of Integrity Assurance in Big Relational Databases","authors":"A. Malikov, V. Voronkin, N. Shiryaev","doi":"10.1109/QUATIC.2016.046","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.046","url":null,"abstract":"This paper explores the issue of group integrity of tuple subsets regarding corporate integrity constraints in relational databases. A solution may be found by applying the finite-state machine theory to guarantee group integrity of data. We present a practical guide to coding such an automaton. After creating SQL queries to manipulate data and control its integrity for real data domains, we study the issue of query performance, determine the level of transaction isolation, and generate query plans.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126363045","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
D. D. Ruscio, D. Kolovos, Ioannis Korkontzelos, N. Matragkas, J. Vinju
The analysis and comparison of open source software can be improved by means of quality models supporting the evaluation of the software systems being compared and the final decision about which of them has to be adopted. Since software quality can mean different things in different scenarios, quality models should be flexible in order to accommodate the needs of different users. Over the years several quality models have been proposed. Even though some of them are tool supported, they are not designed to be extended or customized to better accommodate the requirements of specific business contexts. In this paper, instead of having a fixed model, we propose a workflow and a tool chain to support the specification of custom quality models, which can guide the automated analysis of open source software.
{"title":"Supporting Custom Quality Models to Analyse and Compare Open-Source Software","authors":"D. D. Ruscio, D. Kolovos, Ioannis Korkontzelos, N. Matragkas, J. Vinju","doi":"10.1109/QUATIC.2016.026","DOIUrl":"https://doi.org/10.1109/QUATIC.2016.026","url":null,"abstract":"The analysis and comparison of open source software can be improved by means of quality models supporting the evaluation of the software systems being compared and the final decision about which of them has to be adopted. Since software quality can mean different things in different scenarios, quality models should be flexible in order to accommodate the needs of different users. Over the years several quality models have been proposed. Even though some of them are tool supported, they are not designed to be extended or customized to better accommodate the requirements of specific business contexts. In this paper, instead of having a fixed model, we propose a workflow and a tool chain to support the specification of custom quality models, which can guide the automated analysis of open source software.","PeriodicalId":157671,"journal":{"name":"2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116819204","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: