Swedish Institute of Computer Science Publications Database
Not a member yet
    2787 research outputs found

    A Multi-Case Study of Agile Requirements Engineering and the Use of Test Cases as Requirements

    No full text
    [Context] It is an enigma that agile projects can succeed "without requirements" when weak requirements engineering is a known cause for project failures. While agile development projects often manage well without extensive requirements test cases are commonly viewed as requirements and detailed requirements are documented as test cases. [Objective] We have investigated this agile practice of using test cases as requirements to understand how test cases can support the main requirements activities, and how this practice varies. [Method] We performed an iterative case study at three companies and collected data through 14 interviews and 2 focus groups. [Results] The use of test cases as requirements poses both benefits and challenges when eliciting, validating, verifying, and managing requirements, and when used as a documented agreement. We have identified five variants of the test-cases-as-requirements practice, namely de facto, behaviour-driven, story-test driven, stand-alone strict and stand-alone manual for which the application of the practice varies concerning the time frame of requirements documentation, the requirements format, the extent to which the test cases are a machine executable specification and the use of tools which provide specific support for the practice of using test cases as requirements. [Conclusions] The findings provide empirical insight into how agile development projects manage and communicate requirements. The identified variants of the practice of using test cases as requirements can be used to perform in-depth investigations into agile requirements engineering. Practitioners can use the provided recommendations as a guide in designing and improving their agile requirements practices based on project characteristics such as number of stakeholders and rate of change

    TruSDN: Bootstrapping Trust in Cloud Network Infrastructure

    No full text
    Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific pre-shared keys and propose a novel defence against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead

    Understanding Online Shopping and Offline Mobility Behavior in Urban Area from the View of Multilayer Network

    No full text
    The interactive nature of the Internet offers many opportunities to increase the efficiency of online shopping by improving availability of product information, enabling direct multi-attribute comparisons, and reducing buyer search costs. A great body of research focuses on how consumers shop online or why and how online shopping impacts urban development, but the understanding of mutual influence between online and offline behavior of consumers remains somewhat underserved. This paper bridges that gap by quantifying the relationship between consumers' online shopping and offline mobility behavior. The results of the study give insights to further understand human behavior from both a cyber and real world point of view, which may help to place location based targeted advertisements, and plan commercial & retail centers in urban areas

    Service idag och i framtiden: slutrapport för projektet Framtidens Underhållstekniker

    No full text
    Detta projekt har haft som mål att undersöka möjligheten att genomföra ett FUI-projekt som fokuserar på hur framtidens service- och underhållstekniker arbetar. Projektet har undersökt fler processindustrier för att kartlägga synergier mellan olika branscher vad gäller innovationer och förbättringar för framtidens service- och underhållstekniker. Projektet har drivits av SICS Swedish ICT i samarbete med SSAB och ABB Service. Prevas och ATM Notation har dessutom deltagit som leverantör av varor och tjänster. Projektet har stämt av deltagarnas visioner mot existerande underhållslösningar och tillgänglig teknik. Vi har också identifierat behov av ytterligare innovationer inom processer, metoder och teknik. Projektet ingår i Strategiska innovationsprogrammet Processindustriell IT och Automation, PiiA, med stöd från VINNOVA

    Experimental Evidence on Decision-Making in Availability Service Level Agreements

    No full text
    As more enterprises buy information technology services, studying their underpinning contracts becomes more important. With cloud computing and outsourcing, these service level agreements (SLAs) are now often the only link between the business and the supporting IT services. This paper presents an experimental economics investigation of decision-making with regard to availability SLAs, among enterprise IT professionals. The method and the ecologically valid subjects make the study unique to date among IT service SLA studies. The experiment consisted of pairwise choices under uncertainty, and subjects (N=46) were incentivized by payments based on one of their choices, randomly selected. The research question investigated in this paper is: Do enterprise IT professionals maximize expected value when procuring availability SLAs, as would be optimal from the business point of view? The main result is that enterprise IT professionals fail to maximize expected value. Whereas some subjects do maximize expected value, others are risk-seeking, risk-averse, or exhibit nonmonotonic preferences. The nonmonotonic behavior in particular is an interesting observation, which has no obvious explanation in the literature. For a subset of the subjects (N=29), a few further hypotheses related to associations between general attitude to risk or professional experience on the one hand, and behavior in SLAs on the other hand, were investigated. No support for these associations was found. The results should be interpreted with caution, due to the limited number of subjects. However, given the prominence of SLAs in modern IT service management, the results are interesting and call for further research, as they indicate that current professional decision-making regarding SLAs can be improved. In particular, if general attitude to risk and professional experience do not impact decision-making with regard to SLAs, more extensive use of decision-support systems might be called for in order to facilitate proper risk management

    Sprida: förstudie om metoder för att mäta spridningseffekter av störningshändelser i tågtrafiken

    No full text
    Denna förstudie fokuserar på spridningseffekterna av störningar i järnvägsnätet och hur man kan analysera, mäta och visualisera dem. I rapporten analyserar vi datatillgång och dess kvalitét ur ett kompletthetsperspektiv. Vi föreslår nya mätetal för störningsspridning, vilka kan bidra till att identifiera samband mellan störningar och punktlighet (på slutstation). Dessutom beskrivs sätt att visualisera störningar och deras spridning, vilket kan bidra till ökad förståelse och därmed förbättra förutsättningarna att bekämpa störningars spridning. Rapporten redogör också för forskningsfronten gällande modellering av störningsspridning med slutsatsen att det är ett beforskat området att resultaten behöver anpassas för specifikt svenska förhållanden

    Partial participation towards collective action: To stifle or instigate

    No full text
    In this paper we extend the Granovetter threshold model with partial participation towards a collective action. That is, agents may partake by conducting an action that is less costly than the ultimate collective action, but costly enough to signal a commitment to the cause. We show that it is not just the exact distribution of thresholds, but also the distribution of available actions that determines whether a collective action will be achieved. We suggest and prove propositions for how both an inventive “activist” and a “dictator” may strategically change the signaling value of existing actions, or introduce new ones, in order to either instigate or stifle collective action. Applying the theory to revolutions, we argue that new technology can play a role beyond that of communication and synchronization, viz. that of adding modes of partial, less arduous, participation

    Towards Preference Elicitation for Trade-Offs between Non-Functional Properties

    No full text
    In the design and evolution of software intensive systems, it is desirable to make informed decisions as early as possible in the life cycle. To do this, it is both necessary to be able to predict properties of these future systems and to know how one would like to prioritize among those properties. This paper addresses the latter problem of how to make trade-offs between non-functional properties of software intensive systems. An approach based on the elicitation of utility functions from stake-holders and subsequent checks for consistency among these functions is proposed. A sample GUI is presented, along with some examples. Limitations are discussed and several avenues for future work, including empirical validation, are proposed

    Can the Common Vulnerability Scoring System be Trusted? A Bayesian Analysis

    No full text
    The Common Vulnerability Scoring System (CVSS) is the state-of-the art system for assessing software vulnerabilities. However, it has been criticized for lack of validity and practitioner relevance. In this paper, the credibility of the CVSS scoring data found in five leading databases – NVD, X-Force, OSVDB, CERT-VN, and Cisco – is assessed. A Bayesian method is used to infer the most probable true values underlying the imperfect assessments of the databases, thus circumventing the problem that ground truth is not known. It is concluded that with the exception of a few dimensions, the CVSS is quite trustworthy. The databases are relatively consistent, but some are better than others. The expected accuracy of each database for a given dimension can be found by marginalizing confusion matrices. By this measure, NVD is the best and OSVDB is the worst of the assessed databases

    749

    full texts

    2,787

    metadata records
    Updated in last 30 days.
    Swedish Institute of Computer Science Publications Database
    Access Repository Dashboard
    Do you manage Open Research Online? Become a CORE Member to access insider analytics, issue reports and manage access to outputs from your repository in the CORE Repository Dashboard! 👇