Irish Software Engineering Research Center

Engineering, United Kingdom

Irish Software Engineering Research Center

Engineering, United Kingdom

Time filter

Source Type

Franqueira V.N.L.,University of Twente | Tun T.T.,Open University Milton Keynes | Yu Y.,Open University Milton Keynes | Wieringa R.,University of Twente | And 2 more authors.
Proceedings of the 2011 IEEE 19th International Requirements Engineering Conference, RE 2011 | Year: 2011

When showing that a software system meets certain security requirements, it is often necessary to work with formal and informal descriptions of the system behavior, vulnerabilities, and threats from potential attackers. In earlier work, Haley et al. [1] showed structured argumentation could deal with such mixed descriptions. However, incomplete and uncertain information, and limited resources force practitioners to settle for good-enough security. To deal with these conditions of practice, we extend the method of Haley et al. with risk assessment. The proposed method, RISA (RIsk assessment in Security Argumentation), uses public catalogs of security expertise to support the risk assessment, and to guide the security argumentation in identifying rebuttals and mitigations for security requirements satisfaction. We illustrate RISA with a realistic example of PIN Entry Device. © 2011 IEEE.


Yu Y.,Open University Milton Keynes | Tun T.T.,Open University Milton Keynes | Nuseibeh B.,Open University Milton Keynes | Nuseibeh B.,Irish Software Engineering Research Center
2011 26th IEEE/ACM International Conference on Automated Software Engineering, ASE 2011, Proceedings | Year: 2011

Software developers are often interested in particular changes in programs that are relevant to their current tasks: not all changes to evolving software are equally important. However, most existing differencing tools, such as diff, notify developers of more changes than they wish to see. In this paper, we propose a technique to specify and automatically detect only those changes in programs deemed meaningful, or relevant, to a particular development task. Using four elementary annotations on the grammar of any programming language, namely Ignore, Order, Prefer and Scope, developers can specify, with limited effort, the type of change they wish to detect. Our algorithms use these annotations to transform the input programs into a normalised form, and to remove clones across different normalised programs in order to detect non-trivial and relevant differences. We evaluate our tool on a benchmark of programs to demonstrate its improved precision compared to other differencing approaches. © 2011 IEEE.


Capilla R.,Rey Juan Carlos University | Bosch J.,Chalmers University of Technology | Trinidad P.,University of Seville | Ruiz-Cortes A.,University of Seville | Hinchey M.,Irish Software Engineering Research Center
Journal of Systems and Software | Year: 2014

Over the last two decades, software product lines have been used successfully in industry for building families of systems of related products, maximizing reuse, and exploiting their variable and configurable options. In a changing world, modern software demands more and more adaptive features, many of them performed dynamically, and the requirements on the software architecture to support adaptation capabilities of systems are increasing in importance. Today, many embedded system families and application domains such as ecosystems, service-based applications, and self-adaptive systems demand runtime capabilities for flexible adaptation, reconfiguration, and post-deployment activities. However, as traditional software product line architectures fail to provide mechanisms for runtime adaptation and behavior of products, there is a shift toward designing more dynamic software architectures and building more adaptable software able to handle autonomous decision-making, according to varying conditions. Recent development approaches such as Dynamic Software Product Lines (DSPLs) attempt to face the challenges of the dynamic conditions of such systems but the state of these solution architectures is still immature. In order to provide a more comprehensive treatment of DSPL models and their solution architectures, in this research work we provide an overview of the state of the art and current techniques that, partially, attempt to face the many challenges of runtime variability mechanisms in the context of Dynamic Software Product Lines. We also provide an integrated view of the challenges and solutions that are necessary to support runtime variability mechanisms in DSPL models and software architectures. © 2014 Elsevier Inc.


Yu Y.,Open University Milton Keynes | Tun T.T.,Open University Milton Keynes | Tedeschi A.,Deep Blue | Franqueira V.N.L.,University of Twente | And 2 more authors.
Proceedings of the 2011 IEEE 19th International Requirements Engineering Conference, RE 2011 | Year: 2011

When software systems are verified against security requirements, formal and informal arguments provide a structure for organizing the software artifacts. Our recent work on the evolution of security-critical software systems demonstrates that our argumentation technique is useful in limiting the scope of change and in identifying changes to security properties. In support of this work, we have developed OpenArgue, a tool for syntax checking, visualizing, formalizing, and reasoning about incremental arguments. OpenArgue has been integrated with requirements engineering tools for Problem Frames and i*, and applied to an Air Traffic Management (ATM) case study. © 2011 IEEE.


Wang X.,Free University of Bozen Bolzano | Conboy K.,University of New South Wales | Cawley O.,Irish Software Engineering Research Center
Journal of Systems and Software | Year: 2012

In recent years there has been a noticeable shift in attention from those who use agile software development toward lean software development, often labelled as a shift "from agile to lean". However, the reality may not be as simple or linear as this label implies. To provide a better understanding of lean software development approaches and how they are applied in agile software development, we have examined 30 experience reports published in past agile software conferences in which experiences of applying lean approaches in agile software development were reported. The analysis identified six types of lean application. The results of our study show that lean can be applied in agile processes in different manners for different purposes. Lean concepts, principles and practices are most often used for continuous agile process improvement, with the most recent introduction being the kanban approach, introducing a continuous, flow-based substitute to time-boxed agile processes. © 2012 Elsevier Inc. All rights reserved.


McKeever S.,University College Dublin | Ye J.,University of St. Andrews | Coyle L.,Irish Software Engineering Research Center | Bleakley C.,University College Dublin | Dobson S.,University of St. Andrews
Journal of Ambient Intelligence and Smart Environments | Year: 2010

The ability to identify the behavior of people in a home is at the core of Smart Home functionality. Such environments are equipped with sensors that unobtrusively capture information about the occupants. Reasoning mechanisms transform the technical, frequently noisy data of sensors into meaningful interpretations of occupant activities. Time is a natural human way to reason about activities. Peoples' activities in the home often have an identifiable routine; activities take place at distinct times throughout the day and last for predicable lengths of time. However, the inclusion of temporal information is still limited in the domain of activity recognition. Evidence theory is gaining increasing interest in the field of activity recognition, and is suited to the incorporation of time related domain knowledge into the reasoning process. In this paper, an evidential reasoning framework that incorporates temporal knowledge is presented. We evaluate the effectiveness of the framework using a third party published smart home dataset. An improvement in activity recognition of 70% is achieved when time patterns and activity durations are included in activity recognition. We also compare our approach with Naïve Bayes classifier and J48 Decision Tree, with temporal evidence theory achieving higher accuracies than both classifiers. © 2010-IOS Press and the authors. All rights reserved.


Daramola O.,Norwegian University of Science and Technology | Stalhane T.,Norwegian University of Science and Technology | Sindre G.,Norwegian University of Science and Technology | Omoronyia I.,Irish Software Engineering Research Center
2011 4th International Workshop on Managing Requirements Knowledge, MaRK'11 - Part of the 19th IEEE International Requirements Engineering Conference, RE'11 | Year: 2011

The capability to identify potential system hazards and operability problems, and to recommend appropriate mitigation mechanisms is vital to the development of safety critical embedded systems. Hazard and Operability (HAZOP) analysis which is mostly used to achieve these objectives is a complex and largely human-centred process, and increased tool support could reduce costs and improve quality. This work presents a framework and tool prototype that facilitates the early identification of potential system hazards from requirements and the reuse of previous experience for conducting HAZOP. The results from the preliminary evaluation of the tool suggest its potential viability for application in real industrial context. © 2011 IEEE.


Clarke P.,Dublin City University | O'Connor R.V.,Dublin City University | O'Connor R.V.,Irish Software Engineering Research Center
Journal of software: Evolution and Process | Year: 2013

Although earlier studies revealed much about software process improvement (SPI) in software small-to medium-sized enterprises (SMEs), no earlier research set out to determine the full extent of SPI being implemented in software SMEs. Therefore, this study was designed from the outset to elicit all instances of SPI, which we term SPI events -no matter how small or informal. We make the important new discovery that SMEs initiate a considerable amount of SPI, albeit in varying quantities in different organisations. No earlier study reported that the practice of SPI was so widespread in software SMEs, and this is perhaps related to the extensive scope of the enquiry adopted in this study. Our study also finds that the significant majority of SPI in software SMEs is minor or moderate in nature, sometimes leveraging the human capital via improvements in tacit knowledge. Software development is an intrinsically human intensive activity, and it therefore follows that the maximisation of the human capital in an organisation is a source of competitive advantage. However, contemporary process maturity frameworks and quality management standards do not fully exploit the capacity of human capital and may therefore diminish rather than improve the competitive advantage of software SMEs. Copyright © 2013 John Wiley and Sons, Ltd.


Clarke P.,Dublin City University | O'Connor R.V.,Dublin City University | O'Connor R.V.,Irish Software Engineering Research Center
Journal of Systems and Software | Year: 2012

In this paper, we present the findings of a study into the relationship between software process improvement (SPI) and business success in software development small- to medium-sized companies (software SMEs). A number of earlier related studies investigated the benefits of SPI in software SMEs, particularly in terms of improvements in product quality and adherence to budgetary and schedule constraints. However, only limited or indirect research has examined the relationship between SPI and business success. In this study, we adopt the Holistic Scorecard (HSC) (Sureshchandar and Leisten, 2005) as a business success reference framework, thus examining both the financial and the non-financial aspects of business success. In addition, we utilise ISO/IEC 12207 (ISO/IEC, 2008) as a comprehensive reference framework for the investigation of SPI activity in software SMEs. Through the use of new metrics introduced in this paper, the study findings establish that there is a positive association between SPI and business success in software SMEs, highlighting the importance of SPI in successful software SMEs. This is the first time that this relationship has been demonstrated using empirical data, and therefore, the findings represent a valuable new addition to the body of knowledge. © 2012 Elsevier Inc.


Vassev E.,Irish Software Engineering Research Center | Hinchey M.,Irish Software Engineering Research Center
Computer | Year: 2012

Closely related to artificial Intelligence, awareness depends on the knowledge transferred to software-intensive systems so they can use it to exhibit intelligence. © 2012 IEEE.

Loading Irish Software Engineering Research Center collaborators
Loading Irish Software Engineering Research Center collaborators