Swedish Institute of Computer Science Publications Database
Not a member yet
2787 research outputs found
Sort by
Bootstrapping trust in software defined networks
Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific pre- shared keys and propose a novel defense against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead
Soma-based Design Theory
Movement-based interaction design is increasingly popular, with application domains ranging from dance, sport, gaming to physical rehabilitation. In a workshop at CHI 2016, a set of prominent artists, game design-ers, and interaction designers embarked on a research journey to explore what we came to refer to as “aes-thetics in soma-based design”. In this follow-up work-shop, we would like to take the next step, shifting from discussing the philosophical underpinnings we draw upon to explain and substantiate our practice, to form our own interaction design theory and conceptualisa-tions. We propose that soma-based design theory needs practical, pragmatic as well as analytical study – otherwise the felt dimension will be missing. We will consider how such tacit knowledge can be articulated, documented and shared. To ground the discussion firm-ly in the felt experience of our own practice, the work-shop is organised as a joint practical design work ses-sion, supported by analytical study
Supporting Change Impact Analysis Using a Recommendation System: An Industrial Case Study in a Safety-Critical Context
Change Impact Analysis (CIA) during software evolution of safety-critical systems is a labor-intensive task. Several authors have proposed tool support for CIA, but very few tools were evaluated in industry. We present a case study on ImpRec, a recommendation System for Software Engineering (RSSE), tailored for CIA at a process automation company. ImpRec builds on assisted tracing, using information retrieval solutions and mining software repositories to recommend development artifacts, potentially impacted when resolving incoming issue reports. In contrast to the majority of tools for automated CIA, ImpRec explicitly targets development artifacts that are not source code. We evaluate ImpRec in a two-phase study. First, we measure the correctness of ImpRec's recommendations by a simulation based on 12 years' worth of issue reports in the company. Second, we assess the utility of working with ImpRec by deploying the RSSE in two development teams on different continents. The results suggest that ImpRec presents about 40% of the true impact among the top-10 recommendations. Furthermore, user log analysis indicates that ImpRec can support CIA in industry, and developers acknowledge the value of ImpRec in interviews. In conclusion, our findings show the potential of reusing traceability associated with developers' past activities in an RSSE
Software Engineers' Information Seeking Behavior in Change Impact Analysis: An Interview Study
Software engineers working in large projects must navigate complex information landscapes. Change Impact Analysis (CIA) is a task that relies on engineers' successful information seeking in databases storing, e.g., source code, requirements, design descriptions, and test case specifications. Several previous approaches to support information seeking are task-specific, thus understanding engineers' seeking behavior in specific tasks is fundamental. We present an industrial case study on how engineers seek information in CIA, with a particular focus on traceability and development artifacts that are not source code. We show that engineers have different information seeking behavior, and that some do not consider traceability particularly useful when conducting CIA. Furthermore, we observe a tendency for engineers to prefer less rigid types of support rather than formal approaches, i.e., engineers value support that allows flexibility in how to practically conduct CIA. Finally, due to diverse information seeking behavior, we argue that future CIA support should embrace individual preferences to identify change impact by empowering several seeking alternatives, including searching, browsing, and tracing
Uncovered capacity in Incremental Allocation
This paper summarizes the work to estimate the value of uncovered capacity when using Incremental Allocation, including how it was calculated. The estimation was performed as part of the commercial valuation of Incremental Allocation. This valuation was made within the PENG framework. The aim is to estimate the value of new traffic that can be served by the uncovered capacity. The calculations are based on the UIC406 standard, but instead of analysing the traffic executed on a typical day the planned train paths are analysed. More precisely, the input data is a snapshot from planning tool TrainPlan from 2011-04-08, including AdHoc train paths. The results show that a large portion of the available capacity is hidden from use by the current planning methods and scheduling rules
An investigation of effort distribution among development phases: A four-stage progressive software cost estimation model
Software cost estimation is a key process in project management. Estimations in the initial project phases are made with a lot of uncertainty that influences estimation accuracy which typically increases as the project progresses in time. Project data collected during the various project phases can be used in a progressive time-dependent fashion to train software cost estimation models. Our motivation is to reduce uncertainty and increase confidence based on the understanding of patterns of effort distributions in development phases of real-world projects. In this work, we study effort distributions and suggest a four-stage progressive software cost estimation model, adjusting the initial effort estimates during the development life-cycle based on newly available data. Initial estimates are reviewed on the basis of the experience gained as development progresses and as new information becomes available. The proposed model provides an early, a post-planning, a post-specifications, and a post-design estimate, while it uses industrial data from the ISBSG (R10) dataset. The results reveal emerging patterns of effort distributions and indicate that the model provides effective estimations and exhibits high explanatory value. Contributions in lessons learned and practical implications are also provided