Reengineering legacy document information systems: Challenges and solutions
Since internet applications reached a satisfactory level of maturity, large information systems were developed to manage and facilitate access to documents. Simultaneously, there was an enormous international effort to digitise documents, enabling access via the internet. This endeavour facilitated the access of researchers to extensive document repositories and libraries, while also aiding companies in organising their documents. Two decades later, these vast databases are reasonably clean and well-organised. However, the software used to manage and feed is gradually becoming obsolete. Therefore, it is imperative to continuously reengineer the software to maintain optimal functionality. Furthermore, after the initial effort to digitise documents and create the initial metadata, it is reasonable to augment metadata information pertaining to the documents. As such, two necessities are apparent: improving support for reengineering legacy document information systems and enabling data model updates and schema evolution to accommodate new information. Our goal is to automatise the reengineering process as a whole.
Towards a User-centred Security Framework for Social Robots in Public Spaces
The use of social robots in public spaces is becoming increasingly popular due to their ability to provide personalized services to users. However, the convergence of different technologies and software applications has raised concerns regarding security requirements, standards, and regulations. Specifically, there are significant concerns about the evolving threat landscape for software applications in public settings, where social robots interact without supervision and are in direct contact with threat actors. During the development of social robots software, developers and practitioners need practical tools to continuously assess the security profiles of their products. This paper presents a preventive approach to the dynamic evolving security landscape of Social Robots in Public Spaces (SRPS) using design science research (DSR) methodology to develop a security framework. The study investigates security threats, vulnerabilities, and risks associated with SRPS and analyzes existing related frameworks to design a security framework for SRPS. The research aims to provide insights into the security aspects of SRPS software application development processes and contribute to developing effective security frameworks to mitigate evolving risks and ensure secure operation and acceptance in public spaces.
Investigating the Relation between Requirements Framing and Confirmation Bias in Testing
Requirements Engineering (RE) and Software Testing (ST) phases are essential to software development. Acknowledging the emergence of cognitive biases, systematic divergences from optimum decision-making, is crucial in software development because of the extensive human participation in various roles. How information is presented can impact decision-making, known as the framing effect—a cognitive bias. The framing effect hinders creativity in software design during the requirements phase. This cognitive effect may further lead to another bias —confirmation bias— in ST. Confirmation bias in ST is testing requirements-consistent behaviors instead of requirements-inconsistent ones. This research explores the effects of framing software requirements on the manifestation of confirmation bias during testing. Additionally, the work aims to propose mitigation strategies, referred to as debiasing, for framing and confirmation bias in the context of ST. This work employs both quantitative and qualitative empirical methods to address its aims. Hence, this research will explore the relation between the framing of requirements and the confirmation bias during ST. Furthermore, this research will also develop debiasing techniques to mitigate the negative effects of these biases to improve software quality.
Automatic Data-Driven Software Change Identification via Code Representation Learning
Changes to a software project are inevitable as the software requires continuous adaptations, improvements, and corrections throughout maintenance. Identifying the purpose and impact of changes made to the codebase is critical in software engineering. However, manually identifying and characterizing software changes can be a time-consuming and tedious process that adds to the workload of software engineers. To address this challenge, several attempts have been made to automatically identify and demystify intents of software changes based on software artifacts such as commit change logs, issue reports, change messages, source code files, and software documentation. However, these existing approaches have their limitations. These include a lack of data, limited performance, and an inability to evaluate compound changes. This paper presents a doctoral research proposal that aims to automate the process of identifying commit-level changes in software projects using software repository mining and code representation learning models. The research background, state-of-the-art, research objectives, research agenda, and threats to validity are discussed.
Software Architecture Design of a Serverless System
Context: Serverless computing allows developers to create and deploy applications without the need to manage any underlying infrastructure, making it a more efficient and effective way to bring products to market. Serverless technology is gaining widespread adoption among a large number of companies, becoming increasingly popular. However, the adoption of serverless technology brings with it a number of new challenges. Objective: To this end, we plan to gain a deep understanding of challenges and strategies, architectural issues and their causes, QAs and tactics of serverless systems, architectural patterns and antipatterns, migration towards serverless architecture, and state-of-the-art practices for vendor lock-in problems. Methodology: The research objective will be met through the use of an industrial empirical approach, including interviews, a case study, and a questionnaire survey. Possible outcomes: The expected outcomes would be (i) a multivocal literature review on design areas of serverless architecture (ii) an evidence-based framework for synthesizing serverless architectural challenges/solutions (iii) a decision-making process for migrating to serverless architecture (iv) empirical investigations on QAs and tactics for serverless systems (v) a decision-making framework for serverless architecture.
Analyzing Maintenance Activities of Software Libraries
Industrial applications heavily integrate open-source software libraries nowadays. Beyond the benefits that libraries bring, they can also impose a real threat in case a library is affected by a vulnerability but its community is not active in creating a fixing release. Therefore, I want to introduce an automatic monitoring approach for industrial applications to identify open-source dependencies that show negative signs regarding their current or future maintenance activities. Since most research in this field is limited due to lack of features, labels, and transitive links, and thus is not applicable in industry, my approach aims to close this gap by capturing the impact of direct and transitive dependencies in terms of their maintenance activities. Automatically monitoring the maintenance activities of dependencies reduces the manual effort of application maintainers and supports application security by continuously having well-maintained dependencies.
Effective Agile Contracts Framework for Software Innovation Projects
This research explores the challenges in agile contract modeling for software innovation projects, particularly for outsourced projects. Literature has presented various methods and frameworks for agile contract management, but there is still a gap in effectively establishing the best contract approach for each project based on specific conditions. This work aims to contribute with a framework definition that effectively applies practical approaches for contract deployment suitable for software innovation projects, considering the best contractual practices related to projects specific context. The study will conduct an action research at CESAR, a prominent Brazilian Science and Technology Institute (ICT) with 1300 employees and 26 years old, to establish effective agile contract models and its implementation that better support agile management and project success. The study hopes to contribute to understanding the relationship between the type of contract and project outcomes and to provide better agile contract implementation for software projects developed by outsourced companies innovation.
