Latest Articles from JUCS - Journal of Universal Computer Science Latest 11 Articles from JUCS - Journal of Universal Computer Science https://lib.jucs.org/ Fri, 29 Mar 2024 09:39:30 +0200 Pensoft FeedCreator https://lib.jucs.org/i/logo.jpg Latest Articles from JUCS - Journal of Universal Computer Science https://lib.jucs.org/ Selecting a Software Elicitation Technique According to Layers of Knowledge and Preciseness: A Case Study https://lib.jucs.org/article/23137/ JUCS - Journal of Universal Computer Science 23(4): 385-403

DOI: 10.3217/jucs-023-04-0385

Authors: Maria-Isabel Sanchez-Segura, Fuensanta Medina-Dominguez, Diana-Marcela Vásquez-Bravo, Gustavo Illescas, Cynthya De Jesús

Abstract: This paper presents a case study analyzing a set of software engineering elicitation techniques. The aim of the case study is to demonstrate that completeness and preciseness are two criteria to be incorporated into the set of existing parameters used to classify and select which elicitation technique to apply depending on the project context variables. Completeness refers to how well each elicitation technique elicits domain, task and strategic requirements, and preciseness refers to how many requirements a software engineer is able to elicit using each technique. Based on the results, we can state that completeness and preciseness perform differently for each analyzed technique. Therefore, these two criteria are necessary in order to improve elicitation technique selection. Also, the techniques used in this case study have been ranked according to the above-mentioned criteria, that is, which technique included in this study, is best suited for which requirements layer and which technique can be expected to elicit most requirements during the knowledge externalization phase.

HTML

XML

PDF

]]>
Research Article Fri, 28 Apr 2017 00:00:00 +0300
An Empirical Investigation of Security Vulnerabilities within Web Applications https://lib.jucs.org/article/23125/ JUCS - Journal of Universal Computer Science 22(4): 537-551

DOI: 10.3217/jucs-022-04-0537

Authors: Ibrahim Abunadi, Mamdouh Alenezi

Abstract: Building secure software is challenging, time-consuming, and expensive. Software vulnerability prediction models that identify vulnerable software components are usually used to focus security efforts, with the aim of helping to reduce the time and effort needed to secure software. Existing vulnerability prediction models use process or product metrics and machine learning techniques to identify vulnerable software components. Cross-project vulnerability prediction plays a significant role in appraising the most likely vulnerable software components, specifically for new or inactive projects. Little effort has been spent to deliver clear guidelines on how to choose the training data for project vulnerability prediction. In this work, we present an empirical study aiming at clarifying how useful cross-project prediction techniques are in predicting software vulnerabilities. Our study employs the classification provided by different machine learning techniques to improve the detection of vulnerable components. We have elaborately compared the prediction performance of five well-known classifiers. The study is conducted on a publicly available dataset of several PHP open-source web applications in the context of cross-project vulnerability prediction, which represents one of the main challenges in the vulnerability prediction field.

HTML

XML

PDF

]]>
Research Article Fri, 1 Apr 2016 00:00:00 +0300
SKYWare: The Unavoidable Convergence of Software towards Runnable Knowledge https://lib.jucs.org/article/23650/ JUCS - Journal of Universal Computer Science 21(11): 1405-1424

DOI: 10.3217/jucs-021-11-1405

Authors: Iaakov Exman, Juan Llorens, Anabel Fraga, Jose Alvarez-Rodríguez

Abstract: There has been a growing awareness of deep relations between software and knowledge. Software, from an efficiency oriented way to program computing machines, gradually converged to human oriented Runnable Knowledge. Apparently this has happened unintentionally, but knowledge is not incidental to software. The basic thesis: runnable knowledge is the essence of abstract software. A knowledge distillation procedure is offered as a constructive feasibility proof of the thesis. A formal basis is given for these notions. Runnable knowledge is substantiated in the association of semantic structural models (like ontologies) with formal behavioral models (like UML statecharts). Meaning functions are defined for ontologies in terms of concept densities. Examples are provided to concretely clarify the meaning and implications of knowledge runnability. The paper concludes with the runnable knowledge convergence point: SKYWare, a new term designating the domain in which content meaning is completely independent of any underlying machine.

HTML

XML

PDF

]]>
Research Article Sun, 1 Nov 2015 00:00:00 +0200
A Competence-based View on the Global Software Development Process https://lib.jucs.org/article/23649/ JUCS - Journal of Universal Computer Science 21(11): 1385-1404

DOI: 10.3217/jucs-021-11-1385

Authors: Philipp Holtkamp, Jan Pawlowski

Abstract: The adoption of Global Software Development (GSD) models by software development companies is growing continuously. A variety of challenges such as temporal, geographical and socio-cultural distance are hindering global organizations to achieve potential benefits. As a result, organizations need support in how to overcome the challenges. The emphasis in the literature to date has typically focused on overcoming the challenges by providing tool support, management guidelines and processes. This follows the assumption that a well-established and validated process results in high quality output, not taking the actors within the process into account. While recognized as an important factor for successful GSD, actors and their competences have been addressed from an organizational perspective focusing on organizational and team capabilities rather than from an individual perspective. In this article, we present the results of a literature review on competence-related challenges and competency related research for GSD. We extend existing GSD process models with functions of competence management. The resulting competence-based view allows the management of individual competences throughout the entire GSD process.

HTML

XML

PDF

]]>
Research Article Sun, 1 Nov 2015 00:00:00 +0200
Engineering Security into Distributed Systems: A Survey of Methodologies https://lib.jucs.org/article/23985/ JUCS - Journal of Universal Computer Science 18(20): 2920-3006

DOI: 10.3217/jucs-018-20-2920

Authors: Anton Uzunov, Eduardo Fernandez, Katrina Falkner

Abstract: Rapid technological advances in recent years have precipitated a general shift towards software distribution as a central computing paradigm. This has been accompanied by a corresponding increase in the dangers of security breaches, often causing security attributes to become an inhibiting factor for use and adoption. Despite the acknowledged importance of security, especially in the context of open and collaborative environments, there is a growing gap in the survey literature relating to systematic approaches (methodologies) for engineering secure distributed systems. In this paper, we attempt to fill the aforementioned gap by surveying and critically analyzing the state-of-the-art in security methodologies based on some form of abstract modeling (i.e. model-based methodologies) for, or applicable to, distributed systems. Our detailed reviews can be seen as a step towards increasing awareness and appreciation of a range of methodologies, allowing researchers and industry stakeholders to gain a comprehensive view of the field and make informed decisions. Following the comprehensive survey we propose a number of criteria reflecting the characteristics security methodologies should possess to be adopted in real-life industry scenarios, and evaluate each methodology accordingly. Our results highlight a number of areas for improvement, help to qualify adoption risks, and indicate future research directions.

HTML

XML

PDF

]]>
Research Article Sat, 1 Dec 2012 00:00:00 +0200
Software Process Definition: a Reuse-based Approach https://lib.jucs.org/article/30021/ JUCS - Journal of Universal Computer Science 17(13): 1765-1799

DOI: 10.3217/jucs-017-13-1765

Authors: Ahilton Barreto, Leonardo Gresta Paulino Murta, Ana Rocha

Abstract: Software product development has been taking advantage of reuse techniques for some decades. Concepts like software components, architectures, and product lines have been successfully applied in several contexts to develop software products, although some difficulties are still faced. Software processes have strong similarities with software products, and some researchers argue that they are software too. Therefore, we believe that software processes may take advantage of some benefits expected by the use of existing software products reuse techniques, adapted to software processes. It is also possible that similar difficulties are faced. This paper presents a software process definition approach based on reuse techniques, which aims at making some of the benefits expected by software product reuse available to software process definition activities. Concepts such as process components, architectures, process lines and features are described and used. We describe the proposed approach, tools developed to support it, and also results of a survey on the expected benefits and difficulties on software process reuse in the point of view of experienced software process engineers.

HTML

XML

PDF

]]>
Research Article Thu, 1 Sep 2011 00:00:00 +0300
Estimating Software Projects Based On Negotiation https://lib.jucs.org/article/29442/ JUCS - Journal of Universal Computer Science 15(9): 1812-1832

DOI: 10.3217/jucs-015-09-1812

Authors: Sergio Ochoa, José Pino, Fabián Poblete

Abstract: The Software Engineering community has been trying to get fast and accurate software estimations for many years. Most of the proposed methods require historical information and/or experts’ judgment. Because of that, the current methods are not suitable for novice developers or persons who do not know the company development capability. In order to help overcome such need, this paper proposes a software estimation method named CEBON (Collaborative Estimation Based On Negotiation). The method is applicable to small/medium-size projects (1-6 months). It focuses on supporting estimation of Web information systems in scenarios where historical data is not available. The CEBON method has been used to estimate eight real projects. The obtained results were compared with the real projects execution, which were carried out by novice developers in Chile. The comparison indicates the method is able to deliver quite accurate results. In addition, a survey applied to the involved developers shows they feel comfortable using the estimation method. The article also describes a collaborative software application supporting the CEBON process and a preliminary evaluation of both the estimation method and the supporting tool.

HTML

XML

PDF

]]>
Research Article Fri, 1 May 2009 00:00:00 +0300
Fostering Knowledge Flow and Community Engagement in the Development of Interactive Entertainment https://lib.jucs.org/article/29431/ JUCS - Journal of Universal Computer Science 15(8): 1722-1734

DOI: 10.3217/jucs-015-08-1722

Authors: Steffen Lohmann, Jörg Niesenhaus, Philipp Heim, Jürgen Ziegler

Abstract: Due to an increasing professionalization, specialization, and globalization in the development of interactive entertainment new demands for comprehensive knowledge management support emerge. This article aims at sensitizing and systematizing the needs and potentials for continuous knowledge flow and community engagement in this application area. It starts with an analysis of typical development activities and involved parties that could benefit from a continuous knowledge management support. Then, a general framework architecture and implementation examples are presented that provide different levels of knowledge management support for interactive entertainment development.

HTML

XML

PDF

]]>
Research Article Tue, 28 Apr 2009 00:00:00 +0300
SDLMAS: A Scenario Modeling Framework for Multi-Agent Systems https://lib.jucs.org/article/29348/ JUCS - Journal of Universal Computer Science 15(4): 898-925

DOI: 10.3217/jucs-015-04-0898

Authors: Igor Čavrak, Armin Stranjak, Mario Žagar

Abstract: In this paper we analyze existing methods and languages for modeling agent interactions and propose a SDLMAS Framework for rapid design, development and runtime support of multi-agent systems. The framework provides a simple but expressive declarative language for modeling complex interactions among agents. Proposed language is based on scenarios, sequences of conversation actions directed towards achieving a goal. Scenario descriptions are converted into program code for a chosen target agent platform and system execution is supported by a runtime framework.

HTML

XML

PDF

]]>
Research Article Sat, 28 Feb 2009 00:00:00 +0200
Defining Atomic Composition in UML Behavioral Diagrams https://lib.jucs.org/article/28643/ JUCS - Journal of Universal Computer Science 12(7): 958-979

DOI: 10.3217/jucs-012-07-0958

Authors: Júlio Machado, Paulo Menezes

Abstract: UML may be used to describe both the structure and behavior of objectoriented systems using a combination of notations. For the modeling of the dynamic behavior, a number of different models are offered such as interaction, state and activity diagrams. Although compositional techniques for modeling computational processes demand means of composing elements both in non-atomic or atomic ways, UML seems to lack compositional constructs for defining atomic composites. We discuss proper extensions for diagrams that are able to cope with the concept of atomic composition as the basic element for describing transactions (in our settings the term "transaction" denotes a certain operation of a system that might be atomically composed by many, possibly concurrent, operations). Atomic compositions are then formally defined through a special morphism between automata in a domain called Nonsequential Automata.

HTML

XML

PDF

]]>
Research Article Fri, 28 Jul 2006 00:00:00 +0300
Managing Organizational Risk Knowledge https://lib.jucs.org/article/28063/ JUCS - Journal of Universal Computer Science 9(7): 670-681

DOI: 10.3217/jucs-009-07-0670

Authors: Luciana Farias, Guilherme Travassos, Ana Rocha

Abstract: Risk planning requires an organization global view, as it is strongly centered in the experience and knowledge acquired in former projects. The larger the experience of the project manager the better will be his ability in identifying risks, estimating their occurrence likelihood and impact, and defining the mitigation and contingency plans. However, project manager risk knowledge cannot stay in an individual level, but it must be made available to the organization. This paper describes an approach to risk planning in software projects based on the organizational risk knowledge reuse. A risk management process focused on the capture and utilization of organizational knowledge together with a support case tool make part of this approach. An experimental study of the relations between risk-causing facts and risks of software projects was accomplished and its results used to define such a tool.

HTML

XML

PDF

]]>
Research Article Mon, 28 Jul 2003 00:00:00 +0300