1,341 Hits in 6.3 sec

A lightweight approach to technical risk estimation via probabilistic impact analysis

Robert J. Walker, Reid Holmes, Ian Hedgeland, Puneet Kapur, Andrew Smith
2006 Proceedings of the 2006 international workshop on Mining software repositories - MSR '06  
An evolutionary development approach is increasingly commonplace in industry but presents increased difficulties in risk management, for both technical and organizational reasons.  ...  A tool realizing this technique has been developed for the Eclipse IDE.  ...  for causality inference are at the mercy of the repository commit style applied by the developers of a given project.  ... 
doi:10.1145/1137983.1138008 dblp:conf/msr/WalkerHHKS06 fatcat:5l4ieuramre6den4x3jsphumba

How Can Quality Awareness Support Rapid Software Development? – A Research Preview [chapter]

Liliana Guzmán, Marc Oriol, Pilar Rodríguez, Xavier Franch, Andreas Jedlitschka, Markku Oivo
2017 Lecture Notes in Computer Science  
Project, development, and runtime data is aggregated into quality-related key indicators to support decision makers in steering future development cycles.  ...  Context: Rapid software development (RSD) refers to the organizational capability to develop, release, and learn from software in rapid cycles without compromising its quality.  ...  Deployment should be as easy as providing the URLs or directories for the software project repositories and a specification of the quality attributes that are of interest for the particular project in  ... 
doi:10.1007/978-3-319-54045-0_12 fatcat:ca3vz3cixjduzhcvi3krndamoa

Software Development Process Mining: Discovery, Conformance Checking and Enhancement

Joao Caldeira, Fernando Brito e Abreu
2016 2016 10th International Conference on the Quality of Information and Communications Technology (QUATIC)  
To mitigate the risks associated with such practices, software repositories are used as data sources for many different forms of analytics related to the software development processes.  ...  Incompleteness of the repositories used to assess software processes. Many studies use software repositories as data sources for software development process-related analysis.  ...  This Appendix presents the tools used to perform current research and in writing this dissertation. A.1 Companion Tools  ... 
doi:10.1109/quatic.2016.061 dblp:conf/quatic/CaldeiraA16 fatcat:acb3seoe7vh6hamsvwor2qzcou

Lightweight Software Architecture Evaluation for Industry: A Comprehensive Review

Mahdi Sahlabadi, Ravie Chandren Muniyandi, Zarina Shukur, Faizan Qamar
2022 Sensors  
Processes for evaluating software architecture (SA) help to investigate problems and potential risks in SA.  ...  The lightweight factors are acquired by studying the five most commonly used lightweight methods and the Architecture-based Tradeoff Analysis Method (ATAM), the most well-known heavyweight method.  ...  It is more suitable for agile projects due to its lightweight [62] .  ... 
doi:10.3390/s22031252 pmid:35161996 pmcid:PMC8838159 fatcat:gkjlgmvzdnckxpftwom7a3cpci

Software Mining Studies: Goals, Approaches, Artifacts, and Replicability [chapter]

Sven Amann, Stefanie Beyer, Katja Kevic, Harald Gall
2015 Lecture Notes in Computer Science  
The mining of software archives has enabled new ways for increasing the productivity in software development: Analyzing software quality, mining project evolution, investigating change patterns and evolution  ...  trends, mining models for development processes, developing methods of integrating mined data from various historical sources, or analyzing natural language artifacts in software repositories, are examples  ...  Acknowledgements This work was partially funded by the German Federal Ministry of Education and Research (BMBF) within the Software Campus projects KaVE and Eko, both grant no. 01IS12054.  ... 
doi:10.1007/978-3-319-28406-4_5 fatcat:a7ea6wry5rbannojga3xqls7f4

Design Choices in Building an MSR Tool: The Case of Kaiaulu (short paper)

Carlos V. Paradis, Rick Kazman
2021 European Conference on Software Architecture  
Results: We identified 7 major design choices among the tools: 1) Abstraction Debt, 2) the use of Project Configuration Files, 3) the choice of Batch or Interactive Mode, 4) Minimal Paths to Data, 5) Familiar  ...  Tools should encourage best practices in experiment reproducibility by leveraging self-contained and readable schemas that are used for tool automation, and reuse must be done with care to avoid depending  ...  Acknowledgments The authors wish to thank Damian Tamburri, Corne Broere, and Massimo Manca for identifying bugs, providing use cases and suggesting features for Kaiaulu.  ... 
dblp:conf/ecsa/ParadisK21 fatcat:kzkq7w5uzncpzcmryyq22tlvri

Reusing Requirements in Global Software Engineering [chapter]

Juan Manuel Carrillo de Gea, Joaquín Nicolás, José Luis Fernández Alemán, Ambrosio Toval, A. Vizcaíno, Christof Ebert
2013 Managing Requirements Knowledge  
By means of knowledge management (KM), software development organisations might obtain certain potential benefits: decrease the development time and cost of software projects, avoid mistakes and reduce  ...  A prototype of PANTALASA was developed by using Semantic MediaWiki and Facebook, and applied to a case study in the domain of hotel management.  ...  Acknowledgments This work has been funded by the PEGASO/PANGEA project (TIN2009-13718-C02-02), the ORIGIN Integrated Project (IDI-2010043 (1-5)) and the ENGLOBAS Project (PII2I09-0147-8235).  ... 
doi:10.1007/978-3-642-34419-0_8 fatcat:vxrd2eykvbbqblk6kibvbh4taa

A Survey on Common Threats in npm and PyPi Registries [article]

Berkay Kaplan, Jingyu Qian
2021 arXiv   pre-print
Software engineers regularly use JavaScript and Python for both front-end and back-end automation tasks.  ...  This project will illustrate a high-level overview of common risks associated with OS registries and the package dependency structure.  ...  However, there are lightweight tools in the literature to mitigate the risk of malware residing in the registries.  ... 
arXiv:2108.09576v1 fatcat:wp6m43grozhalmi3r67afcvvsm

Well Begun is Half Done: An Empirical Study of Exploitability Impact of Base-Image Vulnerabilities [article]

Mubin Ul Haque, M. Ali Babar
2021 arXiv   pre-print
Security vulnerabilities in the container images are a primary concern for developing containerized software.  ...  To characterize the prevalence of vulnerable base-images in real-world projects, we analysed 64,579 containerized software from GitHub.  ...  assessing the security risk of the software.  ... 
arXiv:2112.12597v1 fatcat:juqriwmauzgibavh3vato2cj24

Complex software project development: agile methods adoption

Deepti Mishra, Alok Mishra
2011 Journal of Software Maintenance and Evolution Research and Practice  
This further demonstrates how to overcome risks and barriers in each development phase of such complex inventive software projects.  ...  The objective of this paper is to analyze the agile development methodologies and management approach used in developing a complex software project.  ...  These had to be aggregated in a centralized repository where they could be viewed, prioritized and 'mined' for future iterations.  ... 
doi:10.1002/smr.528 fatcat:tmjzw55rcrgrbhe2nbpe2qd7q4

Security Code Smells in Android ICC [article]

Pascal Gadient, Mohammad Ghafari, Patrick Frischknecht, Oscar Nierstrasz
2018 arXiv   pre-print
Android Inter-Component Communication (ICC) is complex, largely unconstrained, and hard for developers to understand.  ...  We explain the vulnerabilities and their corresponding smells, and we discuss how they can be eliminated or mitigated during development.  ...  Acknowledgements We gratefully acknowledge the financial support of the Swiss National Science Foundation for the project "Agile Software Analysis" (SNSF project No. 200020-162352, Jan 1, 2016 -Dec. 30  ... 
arXiv:1811.12713v1 fatcat:iq2h2iqvy5csjcuhmubjtxl4qu

Towards a Prototype Based Explainable JavaScript Vulnerability Prediction Model

Balazs Mosolygo, Norbert Vandor, Gabor Antal, Peter Hegedus, Rudolf Ferenc
2021 2021 International Conference on Code Quality (ICCQ)  
Security has become a central and unavoidable aspect of today's software development. Practitioners and researchers have proposed many code analysis tools and techniques to mitigate security risks.  ...  The model improves the state-of-the-art in terms of explainability and prediction granularity as it gives results at the level of individual source code lines, which is fine-grained enough for developers  ...  Acknowledgments The presented work was carried out within the SETIT Project (2018-1.2.1-NKP-2018-00004) 7  ... 
doi:10.1109/iccq51190.2021.9392984 fatcat:v5wrwjy6nrhlvp2c6cduh2z34a

Cohesive and Isolated Development with Branches [chapter]

Earl T. Barr, Christian Bird, Peter C. Rigby, Abram Hindle, Daniel M. German, Premkumar Devanbu
2012 Lecture Notes in Computer Science  
Through interviews with lead developers in OSS projects and a quantitative analysis of mined data from the histories of sixty project, we find that the vast majority of the projects now using DVC continue  ...  The adoption of distributed version control (DVC), such as Git and Mercurial, in open-source software (OSS) projects has been explosive. Why is this and how are projects using DVC?  ...  In practice, we observe that for the majority of projects, this repository is indistinguishable from the upstream repository.  ... 
doi:10.1007/978-3-642-28872-2_22 fatcat:5ncwpycomnf2hfn5js4dtusypm

Security Smells in Android

Mohammad Ghafari, Pascal Gadient, Oscar Nierstrasz
2017 2017 IEEE 17th International Working Conference on Source Code Analysis and Manipulation (SCAM)  
In particular, we explain the vulnerabilities, their corresponding smells, and we discuss how they could be eliminated or mitigated during development.  ...  Moreover, we develop a lightweight static analysis tool and discuss the extent to which it successfully detects several vulnerabilities in about 46,000 apps hosted by the official Android market.  ...  We have developed a lightweight tool that statically analyzes apps for the existence of ten security smells. We applied the tool to a repository of about 46 000 apps hosted by Google.  ... 
doi:10.1109/scam.2017.24 dblp:conf/scam/GhafariGN17 fatcat:jp7ru6x4xzcjhm33w2bebl6vs4

Unveiling process insights from refactoring practices [article]

João Caldeira, Fernando Brito e Abreu, Jorge Cardoso, José Reis
2020 arXiv   pre-print
Method: We mined source code metrics from a software product after a quality improvement task was given in parallel to (117) software developers, organized in (71) teams.  ...  Results: Most teams using a plugin for refactoring (JDeodorant) reduced software complexity more effectively and with simpler processes than the ones that performed refactoring using only Eclipse native  ...  Acknowledgement This work was partially funded by the Portuguese Foundation for Science and Technology, under ISTAR-Iscte projects UIDB/04466/2020 and UIDP/04466/ 2020.  ... 
arXiv:2010.15692v1 fatcat:yxb43h3qhvb7dl7iuxqyke6lwq
« Previous Showing results 1 — 15 out of 1,341 results