1,721,026 research outputs found
Scientific excellence and promotion of the territory : the RCOST experience
No full textCanfora Gerardo. Scientific excellence and promotion of the territory : the RCOST experience. In: NETCOM : Réseaux, communication et territoires / Networks and Communication Studies, vol. 17 n°3-4, december 2003. Geocyberspace Dynamics in an Interconnected World. pp. 286-289
Un modello di supporto alle decisioni d’impresa basato sull’Approccio Sistemico Vitale (ASV)
No full textContinuous integration and delivery practices for cyber-physical systems : an interview-based study
Full text linkContinuous Integration and Delivery (CI/CD) practices have shown several benefits for software development and operations, e.g., faster release cycles and early discovery of defects. For Cyber-Physical System (CPS) development, CI/CD can help achieving required goals, such as high dependability, yet it may be challenging to apply. This paper empirically investigates challenges, barriers, and their mitigation occurring when applying CI/CD practices to develop CPSs in 10 organizations working in 8 different domains. The study has been conducted through semi-structured interviews, by applying an open card sorting procedure together with a member-checking survey within the same organizations, and by validating the results through a further survey involving 55 professional developers. The study reveals several peculiarities in the application of CI/CD to CPSs. These include the need for (i) combining continuous and periodic builds, while balancing the use of Hardware-in-the-Loop (HiL) and simulators; (ii) coping with difficulties in software deployment (iii) accounting for simulators and HiL differing in their behavior; and (vi) combining hardware/software expertise in the development team. Our findings open the road towards recommenders aimed at supporting the setting and evolution of CI/CD pipelines, as well as university curricula requiring interdisciplinarity, such as knowledge about hardware, software, and their interplay
Acquiring and analyzing app metrics for effective mobile malware detection
No full textAndroid malware is becoming very effective in evading detection techniques, and traditional malware detection techniques are demonstrating their weaknesses. Signature based detection shows at least two drawbacks: first, the detection is possible only after the malware has been identified, and the time needed to produce and distribute the signature provides attackers with window of opportunities for spreading the malware in the wild. For solving this problem, different approaches that try to characterize the malicious behavior through the invoked system and API calls emerged. Unfortunately, several evasion techniques have proven effective to evade detection based on system and API calls.
In this paper, we propose an approach for capturing the malicious behavior in terms of device resource consumption (using a thorough set of features), which is much more difficult to camouflage. We describe a procedure, and the corresponding practical setting, for extracting those features with the aim of maximizing their discriminative power. Finally, we describe the promising results we obtained experimenting on more than 2000 applications, on which our approach exhibited an accuracy greater than 99%
Detecting Android malware using sequences of system calls
No full textThe increasing diffusion of smart devices, along with the dynamism of the mobile applications ecosystem, are boosting the production of malware for the Android platform. So far, many different methods have been developed for detecting Android malware, based on either static or dynamic analysis. The main limitations of existing methods include: low accuracy, proneness to evasion techniques, and weak validation, often limited to emulators or modified kernels. We propose an Android malware detection method, based on sequences of system calls, that overcomes these limitations. The assumption is that malicious behaviors (e.g., sending high premium rate SMS, cyphering data for ransom, botnet capabilities, and so on) are implemented by specific system calls sequences: yet, no apriori knowledge is available about which sequences are associated with which malicious behaviors, in particular in the mobile applications ecosystem where new malware and non-malware applications continuously arise. Hence, we use Machine Learning to automatically learn these associations (a sort of "fingerprint" of the malware); then we exploit them to actually detect malware. Experimentation on 20000 execution traces of 2000 applications (1000 of them being malware belonging to different malware families), performed on a real device, shows promising results: we obtain a detection accuracy of 97%. Moreover, we show that the proposed method can cope with the dynamism of the mobile apps ecosystem, since it can detect unknown malware
A Framework for Measuring Business Processes based on GQM
No full textThe evolution of business processes and supporting software systems requires their analysis and assessment from both quantitative and qualitative points of view. The analysis and evaluation activities need the support of methodological and technological tools, customizable to the innovation requirements of the chosen processes and supporting software systems. This paper proposes a measurement framework based on the Goal-Question-Metric (GQM) paradigm. It is generally applicable to any business process and supporting software system after its instantiation. The collaborative software environment WebEv, Web for the Evaluation, is proposed for facilitating the collection and elaboration of the required measures. Finally, the paper describes the application of the measurement framework in a real context
Technology-driven business evolution
No full textInnovating the business processes and supporting software systems of an enterprise requires their preliminary analysis and assessment. In particular, data concerning the performance and costs of activities and processes must be gathered in order to identify candidates for innovation. A critical point is finding a suitable presentation means for the gathered data in order to effectively support decision makers. This paper presents two case studies performed by applying a strategy, named Joint Evolution of business Processes and software Systems (JEPS), for innovating business processes and their supporting systems. JEPS integrates measurement, decision-making, and critiquing techniques for analyzing business processes, identifying activities and software systems to be innovated, and mapping critiques onto specific innovation actions. JEPS is supported by a software environment, named WebEv+, for managing the assessment and evaluation tasks, and the modeling and critiquing of the business processes. The paper discusses two case studies regarding two different organizations in the Local Government domain. The analysis of the organization highlighted improvement goals and technological enhancement needs, and permitted the identification of the business processes and software systems to be evolved. © 2005 Elsevier Inc. All rights reserve
Exploiting Natural Language Structures in Software Informal Documentation
No full textCommunication means, such as issue trackers, mailing lists, QA forums, and app reviews, are premier means of collaboration among developers, and between developers and end-users. Analyzing such sources of information is crucial to build recommenders for developers, for example suggesting experts, re-documenting source code, or transforming user feedback in maintenance and evolution strategies for developers. To ease this analysis, in previous work we proposed Development Emails Content Analyzer (DECA), a tool based on Natural Language Parsing that classifies with high precision development emails' fragments according to their purpose. However, DECA has to be trained through a manual tagging of relevant patterns, which is often effort-intensive, error-prone and requires specific expertise in natural language parsing. In this paper, we first show, with an empirical study, the extent to which producing rules for identifying such patterns requires effort, depending on the nature and complexity of patterns. Then, we propose an approach, named Nlp-based softwarE dOcumentation aNalyzer (NEON), that automatically mines such rules, minimizing the manual effort. We assess the performances of NEON in the analysis and classification of mobile app reviews, developers discussions, and issues. NEON simplifies the patterns identification and rules definition processes, allowing a savings of more than 70 percent of the time otherwise spent on performing such activities manually. Results also show that NEON-generated rules are close to the manually identified ones, achieving comparable recall
Automating the Management of Software Maintenance Workflows in a Large Software Enterprise: A Case Study
No full textThis case study presents the results from a pilot project aimed at introducing workflow management technologies and a Web-based software tool in a large software enterprise. In particular, we analyzed and modeled the workflows and documents at the site of the ordinary maintenance process and implemented a prototype for the management of the process using a commercial-Web-based workflow management system. This paper reports on the experience gained from a 10-month project, which included the experimental use at a single site of the workflow prototype for 4 months in an industrial setting involving more than 800 maintenance service requests on a large software system. Copyright © 2002 John Wiley & Sons, Ltd
- …
