The Chinese software industry has had a late start. Although it has been developing fast, it is still at its initial stage. 1. Industry Scale At present, there are more than 1,800 software enterprises, with employees ...The Chinese software industry has had a late start. Although it has been developing fast, it is still at its initial stage. 1. Industry Scale At present, there are more than 1,800 software enterprises, with employees numbering 100,000. Enterprises of a certain scale include the Founder Group Corporation, Chinese Software Corporation,Software Group Corporation of Northeast University, Shandong Zhongchuan Software Engineering Corporation, Yongyou Software Group Corporation, Beijing Hope Group Corporation, Stone Lifang Company,展开更多
Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniq...Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.展开更多
The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Indu...The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Industry 4.0 ecosystems.This qualitative study employs a hermeneutic phenomenological approach to explore the lived experiences of Information Technology(IT)professionals as they navigate a dynamic technological landscape marked by intelligent automation,shifting professional identities,and emerging ethical concerns.Findings indicate that developers are actively adapting to AI-augmented environments by engaging in continuous upskilling,prompt engineering,interdisciplinary collaboration,and heightened ethical awareness.However,participants also voiced growing concerns about the reliability and security of AI-generated code,noting that these tools can introduce hidden vulnerabilities and reduce critical engagement due to automation bias.Many described instances of flawed logic,insecure patterns,or syntactically correct but contextually inappropriate suggestions,underscoring the need for rigorous human oversight.Additionally,the study reveals anxieties around job displacement and the gradual erosion of fundamental coding skills,particularly in environments where AI tools dominate routine development tasks.These findings highlight an urgent need for educational reforms,industry standards,and organizational policies that prioritize both technical robustness and the preservation of human expertise.As AI becomes increasingly embedded in software engineering workflows,this research offers timely insights into how developers and organizations can responsibly integrate intelligent systems to promote accountability,resilience,and innovation across the software development lifecycle.展开更多
In order to assure quality and control process in the development of the aircraft collaborative design software, a maturity assessment model is proposed. The requirements designing—house of quality is designed to eva...In order to assure quality and control process in the development of the aircraft collaborative design software, a maturity assessment model is proposed. The requirements designing—house of quality is designed to evaluate the maturity degree of the solution, and the evaluation results can help to manage and control the development process. Furthermore, a fuzzy evaluation method based on the minimum deviation is proposed to deal with the fuzzy information. The quantitative evaluation result of the maturity degree can be calculated by optimizing the semantic discount factor aim for the minimum deviation. Finally, this model is illustrated and analyzed by an example study of the aircraft collaborative design software.展开更多
Based on the fact that the software development cost is an important factorto control the whole project,we discuss the relationship between the software development cost andsoftware reliability according to the empiri...Based on the fact that the software development cost is an important factorto control the whole project,we discuss the relationship between the software development cost andsoftware reliability according to the empirieal data collected from the development process.Byevolutionary modeling we get an empirical model of the relationship between cost and softwarereliability,and validate the estimate results with the empirical data.展开更多
Software crowdsourcing(SW CS)is an evolving software development paradigm,in which crowds of people are asked to solve various problems through an open call(with the encouragement of prizes for the top solutions).Beca...Software crowdsourcing(SW CS)is an evolving software development paradigm,in which crowds of people are asked to solve various problems through an open call(with the encouragement of prizes for the top solutions).Because of its dynamic nature,SW CS has been progressively accepted and adopted in the software industry.However,issues pertinent to the understanding of requirements among crowds of people and requirements engineers are yet to be clarified and explained.If the requirements are not clear to the development team,it has a significant effect on the quality of the software product.This study aims to identify the potential challenges faced by requirements engineers when conducting the SW–CS based requirements engineering(RE)process.Moreover,solutions to overcome these challenges are also identified.Qualitative data analysis is performed on the interview data collected from software industry professionals.Consequently,20 SW–CS based RE challenges and their subsequent proposed solutions are devised,which are further grouped under seven categories.This study is beneficial for academicians,researchers and practitioners by providing detailed SW–CS based RE challenges and subsequent solutions that could eventually guide them to understand and effectively implement RE in SW CS.展开更多
Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).T...Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.展开更多
Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is d...Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is developed based on .Net platform, with VB.Net, C# language and OpenGL graphic technique. With parameterized modeling method, finite element model of this kind of bridge can be built quickly and accurately, and multi-type element modeling with uniform parameters is realized. With advanced graphic technique, three-dimensional model graph can be real-timely previewed for intuitive data check. With an example of practice project, the accuracy and feasibility of this modeling method and practicality of this software are verified.展开更多
Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace id...Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace identification,peak-picking,and frequency domain decomposition method in modal analysis based on ambient excitation,and the effectiveness of these three methods is verified through finite element calculation and numerical simulation,Then the damage element is added to the finite element model to simulate the crack,and the curvature mode difference and the curvature mode area difference square ratio are calculated by using the stochastic subspace identification results to verify their ability of damage identification and location.Finally,the above modal and damage identification techniques are integrated to develop a bridge modal and damage identification software platform.The final results show that all three modal identification methods can accurately identify the vibration frequency and mode shape,both damage identification methods can accurately identify and locate the damage,and the developed software platform is simple and efficient.展开更多
In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increa...In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increase with the growth of such projects product size. Thus this is diseconomies of scale that occur in them. The significance of this phenomenon results from the fact that it is commonly considered to be one of the fundamental objective causes of their low effectiveness. This is of particular significance with regard to Business Software Systems (BSS) D&EP characterized by exceptionally low effectiveness comparing to other software D&EP. Thus the paper aims at answering the following two questions: (1) Do economies of scale really not occur in BSS D&EP? (2) If economies of scale may occur in BSS D&EP, what factors are then promoting them? These issues classify into economics problems of software engineering research and practice.展开更多
Agile Transformations are challenging processes for organizations that look to extend the benefits of Agile philosophy and methods beyond software engineering.Despite the impact of these transformations on orga-nizati...Agile Transformations are challenging processes for organizations that look to extend the benefits of Agile philosophy and methods beyond software engineering.Despite the impact of these transformations on orga-nizations,they have not been extensively studied in academia.We conducted a study grounded in workshops and interviews with 99 participants from 30 organizations,including organizations undergoing transformations(“final organizations”)and companies supporting these processes(“consultants”).The study aims to understand the motivations,objectives,and factors driving and challenging these transformations.Over 700 responses were collected to the question and categorized into 32 objectives.The findings show that organizations primarily aim to achieve customer centricity and adaptability,both with 8%of the mentions.Other primary important objectives,with above 4%of mentions,include alignment of goals,lean delivery,sustainable processes,and a flatter,more team-based organizational structure.We also detect discrepancies in perspectives between the objectives identified by the two kinds of organizations and the existing agile literature and models.This misalignment highlights the need for practitioners to understand with the practical realities the organizations face.展开更多
The rapid growth of Internet usage and electronic commerce (e commerce) applications will push traditional industries to transform their business models and to re engineer their information systems. This direction w...The rapid growth of Internet usage and electronic commerce (e commerce) applications will push traditional industries to transform their business models and to re engineer their information systems. This direction will give the software industry either great opportunities for their business growth or crucial challenges to their existence. This article describes two essential challenges the software industry will face and presents relevant new technologies that will be helpful for overcoming those challenges.展开更多
A carefully planned software development process helps in maintaining the quality of the software.In today’s scenario the primitive software development models have been replaced by the Agile based models like SCRUM,...A carefully planned software development process helps in maintaining the quality of the software.In today’s scenario the primitive software development models have been replaced by the Agile based models like SCRUM,KANBAN,LEAN,etc.Although,every framework has its own boon,the reason for widespread acceptance of the agile-based approach is its evolutionary nature that permits change in the path of software development.The development process occurs in iterative and incremental cycles called sprints.In SCRUM,which is one of the most widely used agile-based software development modeling framework;the sprint length is fixed throughout the process wherein;it is usually taken to be 1–4 weeks.But in practical application,the sprint length should be altered intuitively as per the requirement.To overcome this limitation,in this paper,a methodical work has been presented that determines the optimal sprint length based on two varied and yet connected attributes;the cost incurred and the work intensity required.The approach defines the number of tasks performed in each sprint along with the corresponding cost incurred in performing those tasks.Multi-attribute utility theory(MAUT),a multi-criterion decision making approach,has been utilized to find the required trade-off between two attributes under consideration.The proposed modeling framework has been validated using real life data set.With the use of the model,the optimal sprint for each sprint could be evaluated which was much shorter than the original length.Thus,the results obtained validate the proposal of a dynamic sprint length that can be determined before the start of each sprint.The structure would help in cost as well as time savings for a firm.展开更多
Software testing is a very important phase of the software development process. It is a very difficult job for a software manager to allocate optimally the financial budget to a software project during testing. In thi...Software testing is a very important phase of the software development process. It is a very difficult job for a software manager to allocate optimally the financial budget to a software project during testing. In this paper the problem of optimal allocation of the software testing cost is studied. There exist several models focused on the development of software costs measuring the number of software errors remaining in the software during testing. The purpose of this paper is to use these models to formulate the optimization problems of resource allocation: Minimization of the total number of software errors remaining in the system. On the assumption that a software project consists of some independent modules, the presented approach extends previous work by defining new goal functions and extending the primary assumption and precondition.展开更多
Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As re...Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As requirement changes continuously,it increases the irrelevancy and redundancy during testing.Due to these challenges;fault detection capability decreases and there arises a need to improve the testing process,which is based on changes in requirements specification.In this research,we have developed a model to resolve testing challenges through requirement prioritization and prediction in an agile-based environment.The research objective is to identify the most relevant and meaningful requirements through semantic analysis for correct change analysis.Then compute the similarity of requirements through case-based reasoning,which predicted the requirements for reuse and restricted to error-based requirements.Afterward,the apriori algorithm mapped out requirement frequency to select relevant test cases based on frequently reused or not reused test cases to increase the fault detection rate.Furthermore,the proposed model was evaluated by conducting experiments.The results showed that requirement redundancy and irrelevancy improved due to semantic analysis,which correctly predicted the requirements,increasing the fault detection rate and resulting in high user satisfaction.The predicted requirements are mapped into test cases,increasing the fault detection rate after changes to achieve higher user satisfaction.Therefore,the model improves the redundancy and irrelevancy of requirements by more than 90%compared to other clustering methods and the analytical hierarchical process,achieving an 80%fault detection rate at an earlier stage.Hence,it provides guidelines for practitioners and researchers in the modern era.In the future,we will provide the working prototype of this model for proof of concept.展开更多
The crowdsourcing, as a service pattern in cloud environment, usually aims at the cross-disciplinary cooperation and creating value together with customers and becomes increasingly prevalent. Software process, as a ki...The crowdsourcing, as a service pattern in cloud environment, usually aims at the cross-disciplinary cooperation and creating value together with customers and becomes increasingly prevalent. Software process, as a kind of software development and management strategy, is defined as a series of activities implemented by software life cycle and provides a set of rules for various phases of the software engineering to achieve the desired objectives. With the current software development cycle getting shorter, facing more frequent needs change and fierce competition, a new resource management pattern is proposed to respond to these issues agilely by introducing the crowdsourcing service to agile software development for pushing the agility of software process. Then, a user-oriented resource scheduling method is proposed for rational use of various resources in the process and maximizing the benefits of all parties. From the experimental results, the proposed pattern and resources scheduling method reduces greatly the resource of project resource manager and increases the team resource utilization rate, which greatly improves the agility of software process and delivers software products quickly in crowdsourcing pattern.展开更多
Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely h...Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely heavily on historical and accurate data.In addition,expert judgment is required to set many input parameters,which can introduce subjectivity and variability in the estimation process.Consequently,there is a need to improve the current GSD models to mitigate reliance on historical data,subjectivity in expert judgment,inadequate consideration of GSD-based cost drivers and limited integration of modern technologies with cost overruns.This study introduces a novel hybrid model that synergizes the COCOMO II with Artificial Neural Networks(ANN)to address these challenges.The proposed hybrid model integrates additional GSD-based cost drivers identified through a systematic literature review and further vetted by industry experts.This article compares the effectiveness of the proposedmodelwith state-of-the-artmachine learning-basedmodels for software cost estimation.Evaluating the NASA 93 dataset by adopting twenty-six GSD-based cost drivers reveals that our hybrid model achieves superior accuracy,outperforming existing state-of-the-artmodels.The findings indicate the potential of combining COCOMO II,ANN,and additional GSD-based cost drivers to transform cost estimation in GSD.展开更多
Software has been developed for digital control of WDW series testing machine and the measurement of fracture toughness by modularized design. Development of the software makes use of multi-thread and serial communica...Software has been developed for digital control of WDW series testing machine and the measurement of fracture toughness by modularized design. Development of the software makes use of multi-thread and serial communication techniques, which can accurately control the testing machine and measure the fracture toughness in real-time. Three-point bending specimens were used in the measurement. The software operates stably and reliably, expanding the function of WDW series testing machine.展开更多
This paper reviews the adaptive sparse grid discontinuous Galerkin(aSG-DG)method for computing high dimensional partial differential equations(PDEs)and its software implementation.The C++software package called AdaM-D...This paper reviews the adaptive sparse grid discontinuous Galerkin(aSG-DG)method for computing high dimensional partial differential equations(PDEs)and its software implementation.The C++software package called AdaM-DG,implementing the aSG-DG method,is available on GitHub at https://github.com/JuntaoHuang/adaptive-multiresolution-DG.The package is capable of treating a large class of high dimensional linear and nonlinear PDEs.We review the essential components of the algorithm and the functionality of the software,including the multiwavelets used,assembling of bilinear operators,fast matrix-vector product for data with hierarchical structures.We further demonstrate the performance of the package by reporting the numerical error and the CPU cost for several benchmark tests,including linear transport equations,wave equations,and Hamilton-Jacobi(HJ)equations.展开更多
Irregular fine protrusions formed on the surface of a mechanical part through biomimetic technology can enhance the part’s properties,including tribology,self-cleaning,and light absorption.However,underlying principl...Irregular fine protrusions formed on the surface of a mechanical part through biomimetic technology can enhance the part’s properties,including tribology,self-cleaning,and light absorption.However,underlying principles for the formation of fine protrusions according to the requirements of their shapes,sizes,and material distributions have not been studied sufficiently.This paper presents the software development for modeling irregular fine protrusions,which is essential for the simulation,experimentation,and analysis of fine protrusions formed by sputter etching.展开更多
文摘The Chinese software industry has had a late start. Although it has been developing fast, it is still at its initial stage. 1. Industry Scale At present, there are more than 1,800 software enterprises, with employees numbering 100,000. Enterprises of a certain scale include the Founder Group Corporation, Chinese Software Corporation,Software Group Corporation of Northeast University, Shandong Zhongchuan Software Engineering Corporation, Yongyou Software Group Corporation, Beijing Hope Group Corporation, Stone Lifang Company,
文摘Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.
文摘The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Industry 4.0 ecosystems.This qualitative study employs a hermeneutic phenomenological approach to explore the lived experiences of Information Technology(IT)professionals as they navigate a dynamic technological landscape marked by intelligent automation,shifting professional identities,and emerging ethical concerns.Findings indicate that developers are actively adapting to AI-augmented environments by engaging in continuous upskilling,prompt engineering,interdisciplinary collaboration,and heightened ethical awareness.However,participants also voiced growing concerns about the reliability and security of AI-generated code,noting that these tools can introduce hidden vulnerabilities and reduce critical engagement due to automation bias.Many described instances of flawed logic,insecure patterns,or syntactically correct but contextually inappropriate suggestions,underscoring the need for rigorous human oversight.Additionally,the study reveals anxieties around job displacement and the gradual erosion of fundamental coding skills,particularly in environments where AI tools dominate routine development tasks.These findings highlight an urgent need for educational reforms,industry standards,and organizational policies that prioritize both technical robustness and the preservation of human expertise.As AI becomes increasingly embedded in software engineering workflows,this research offers timely insights into how developers and organizations can responsibly integrate intelligent systems to promote accountability,resilience,and innovation across the software development lifecycle.
基金supported by the National Natural Science Foundation for Youth of China(61802174)the Natural Science Foundation for Youth of Jiangsu Province(BK20181016)+1 种基金the Natural Science Foundation of the Jiangsu Higher Education Institutions of China(18KJB520019)the Scientific Research Foundation of Nanjing Institute of Technology of China(YKJ201614)
文摘In order to assure quality and control process in the development of the aircraft collaborative design software, a maturity assessment model is proposed. The requirements designing—house of quality is designed to evaluate the maturity degree of the solution, and the evaluation results can help to manage and control the development process. Furthermore, a fuzzy evaluation method based on the minimum deviation is proposed to deal with the fuzzy information. The quantitative evaluation result of the maturity degree can be calculated by optimizing the semantic discount factor aim for the minimum deviation. Finally, this model is illustrated and analyzed by an example study of the aircraft collaborative design software.
基金Supported by the National Natural Science Foun dation of China(60173063)
文摘Based on the fact that the software development cost is an important factorto control the whole project,we discuss the relationship between the software development cost andsoftware reliability according to the empirieal data collected from the development process.Byevolutionary modeling we get an empirical model of the relationship between cost and softwarereliability,and validate the estimate results with the empirical data.
基金‘This research is funded by Taif University,TURSP-2020/115’.
文摘Software crowdsourcing(SW CS)is an evolving software development paradigm,in which crowds of people are asked to solve various problems through an open call(with the encouragement of prizes for the top solutions).Because of its dynamic nature,SW CS has been progressively accepted and adopted in the software industry.However,issues pertinent to the understanding of requirements among crowds of people and requirements engineers are yet to be clarified and explained.If the requirements are not clear to the development team,it has a significant effect on the quality of the software product.This study aims to identify the potential challenges faced by requirements engineers when conducting the SW–CS based requirements engineering(RE)process.Moreover,solutions to overcome these challenges are also identified.Qualitative data analysis is performed on the interview data collected from software industry professionals.Consequently,20 SW–CS based RE challenges and their subsequent proposed solutions are devised,which are further grouped under seven categories.This study is beneficial for academicians,researchers and practitioners by providing detailed SW–CS based RE challenges and subsequent solutions that could eventually guide them to understand and effectively implement RE in SW CS.
文摘Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.
基金National Science and Technology Support Program of China(No.2009BAG15B01)Key Programs for Science and Technology Development of Chinese Transportation Industry(No.2008-353-332-190)
文摘Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is developed based on .Net platform, with VB.Net, C# language and OpenGL graphic technique. With parameterized modeling method, finite element model of this kind of bridge can be built quickly and accurately, and multi-type element modeling with uniform parameters is realized. With advanced graphic technique, three-dimensional model graph can be real-timely previewed for intuitive data check. With an example of practice project, the accuracy and feasibility of this modeling method and practicality of this software are verified.
文摘Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace identification,peak-picking,and frequency domain decomposition method in modal analysis based on ambient excitation,and the effectiveness of these three methods is verified through finite element calculation and numerical simulation,Then the damage element is added to the finite element model to simulate the crack,and the curvature mode difference and the curvature mode area difference square ratio are calculated by using the stochastic subspace identification results to verify their ability of damage identification and location.Finally,the above modal and damage identification techniques are integrated to develop a bridge modal and damage identification software platform.The final results show that all three modal identification methods can accurately identify the vibration frequency and mode shape,both damage identification methods can accurately identify and locate the damage,and the developed software platform is simple and efficient.
文摘In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increase with the growth of such projects product size. Thus this is diseconomies of scale that occur in them. The significance of this phenomenon results from the fact that it is commonly considered to be one of the fundamental objective causes of their low effectiveness. This is of particular significance with regard to Business Software Systems (BSS) D&EP characterized by exceptionally low effectiveness comparing to other software D&EP. Thus the paper aims at answering the following two questions: (1) Do economies of scale really not occur in BSS D&EP? (2) If economies of scale may occur in BSS D&EP, what factors are then promoting them? These issues classify into economics problems of software engineering research and practice.
基金funding from the European Commission for the Ruralities Project(grant agreement no.101060876).
文摘Agile Transformations are challenging processes for organizations that look to extend the benefits of Agile philosophy and methods beyond software engineering.Despite the impact of these transformations on orga-nizations,they have not been extensively studied in academia.We conducted a study grounded in workshops and interviews with 99 participants from 30 organizations,including organizations undergoing transformations(“final organizations”)and companies supporting these processes(“consultants”).The study aims to understand the motivations,objectives,and factors driving and challenging these transformations.Over 700 responses were collected to the question and categorized into 32 objectives.The findings show that organizations primarily aim to achieve customer centricity and adaptability,both with 8%of the mentions.Other primary important objectives,with above 4%of mentions,include alignment of goals,lean delivery,sustainable processes,and a flatter,more team-based organizational structure.We also detect discrepancies in perspectives between the objectives identified by the two kinds of organizations and the existing agile literature and models.This misalignment highlights the need for practitioners to understand with the practical realities the organizations face.
文摘The rapid growth of Internet usage and electronic commerce (e commerce) applications will push traditional industries to transform their business models and to re engineer their information systems. This direction will give the software industry either great opportunities for their business growth or crucial challenges to their existence. This article describes two essential challenges the software industry will face and presents relevant new technologies that will be helpful for overcoming those challenges.
文摘A carefully planned software development process helps in maintaining the quality of the software.In today’s scenario the primitive software development models have been replaced by the Agile based models like SCRUM,KANBAN,LEAN,etc.Although,every framework has its own boon,the reason for widespread acceptance of the agile-based approach is its evolutionary nature that permits change in the path of software development.The development process occurs in iterative and incremental cycles called sprints.In SCRUM,which is one of the most widely used agile-based software development modeling framework;the sprint length is fixed throughout the process wherein;it is usually taken to be 1–4 weeks.But in practical application,the sprint length should be altered intuitively as per the requirement.To overcome this limitation,in this paper,a methodical work has been presented that determines the optimal sprint length based on two varied and yet connected attributes;the cost incurred and the work intensity required.The approach defines the number of tasks performed in each sprint along with the corresponding cost incurred in performing those tasks.Multi-attribute utility theory(MAUT),a multi-criterion decision making approach,has been utilized to find the required trade-off between two attributes under consideration.The proposed modeling framework has been validated using real life data set.With the use of the model,the optimal sprint for each sprint could be evaluated which was much shorter than the original length.Thus,the results obtained validate the proposal of a dynamic sprint length that can be determined before the start of each sprint.The structure would help in cost as well as time savings for a firm.
文摘Software testing is a very important phase of the software development process. It is a very difficult job for a software manager to allocate optimally the financial budget to a software project during testing. In this paper the problem of optimal allocation of the software testing cost is studied. There exist several models focused on the development of software costs measuring the number of software errors remaining in the software during testing. The purpose of this paper is to use these models to formulate the optimization problems of resource allocation: Minimization of the total number of software errors remaining in the system. On the assumption that a software project consists of some independent modules, the presented approach extends previous work by defining new goal functions and extending the primary assumption and precondition.
文摘Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As requirement changes continuously,it increases the irrelevancy and redundancy during testing.Due to these challenges;fault detection capability decreases and there arises a need to improve the testing process,which is based on changes in requirements specification.In this research,we have developed a model to resolve testing challenges through requirement prioritization and prediction in an agile-based environment.The research objective is to identify the most relevant and meaningful requirements through semantic analysis for correct change analysis.Then compute the similarity of requirements through case-based reasoning,which predicted the requirements for reuse and restricted to error-based requirements.Afterward,the apriori algorithm mapped out requirement frequency to select relevant test cases based on frequently reused or not reused test cases to increase the fault detection rate.Furthermore,the proposed model was evaluated by conducting experiments.The results showed that requirement redundancy and irrelevancy improved due to semantic analysis,which correctly predicted the requirements,increasing the fault detection rate and resulting in high user satisfaction.The predicted requirements are mapped into test cases,increasing the fault detection rate after changes to achieve higher user satisfaction.Therefore,the model improves the redundancy and irrelevancy of requirements by more than 90%compared to other clustering methods and the analytical hierarchical process,achieving an 80%fault detection rate at an earlier stage.Hence,it provides guidelines for practitioners and researchers in the modern era.In the future,we will provide the working prototype of this model for proof of concept.
基金Projects(61304184,61672221)supported by the National Natural Science Foundation of ChinaProject(2016JJ6010)supported by the Hunan Provincial Natural Science Foundation of China
文摘The crowdsourcing, as a service pattern in cloud environment, usually aims at the cross-disciplinary cooperation and creating value together with customers and becomes increasingly prevalent. Software process, as a kind of software development and management strategy, is defined as a series of activities implemented by software life cycle and provides a set of rules for various phases of the software engineering to achieve the desired objectives. With the current software development cycle getting shorter, facing more frequent needs change and fierce competition, a new resource management pattern is proposed to respond to these issues agilely by introducing the crowdsourcing service to agile software development for pushing the agility of software process. Then, a user-oriented resource scheduling method is proposed for rational use of various resources in the process and maximizing the benefits of all parties. From the experimental results, the proposed pattern and resources scheduling method reduces greatly the resource of project resource manager and increases the team resource utilization rate, which greatly improves the agility of software process and delivers software products quickly in crowdsourcing pattern.
文摘Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely heavily on historical and accurate data.In addition,expert judgment is required to set many input parameters,which can introduce subjectivity and variability in the estimation process.Consequently,there is a need to improve the current GSD models to mitigate reliance on historical data,subjectivity in expert judgment,inadequate consideration of GSD-based cost drivers and limited integration of modern technologies with cost overruns.This study introduces a novel hybrid model that synergizes the COCOMO II with Artificial Neural Networks(ANN)to address these challenges.The proposed hybrid model integrates additional GSD-based cost drivers identified through a systematic literature review and further vetted by industry experts.This article compares the effectiveness of the proposedmodelwith state-of-the-artmachine learning-basedmodels for software cost estimation.Evaluating the NASA 93 dataset by adopting twenty-six GSD-based cost drivers reveals that our hybrid model achieves superior accuracy,outperforming existing state-of-the-artmodels.The findings indicate the potential of combining COCOMO II,ANN,and additional GSD-based cost drivers to transform cost estimation in GSD.
文摘Software has been developed for digital control of WDW series testing machine and the measurement of fracture toughness by modularized design. Development of the software makes use of multi-thread and serial communication techniques, which can accurately control the testing machine and measure the fracture toughness in real-time. Three-point bending specimens were used in the measurement. The software operates stably and reliably, expanding the function of WDW series testing machine.
基金supported by the NSF grant DMS-2111383Air Force Office of Scientific Research FA9550-18-1-0257the NSF grant DMS-2011838.
文摘This paper reviews the adaptive sparse grid discontinuous Galerkin(aSG-DG)method for computing high dimensional partial differential equations(PDEs)and its software implementation.The C++software package called AdaM-DG,implementing the aSG-DG method,is available on GitHub at https://github.com/JuntaoHuang/adaptive-multiresolution-DG.The package is capable of treating a large class of high dimensional linear and nonlinear PDEs.We review the essential components of the algorithm and the functionality of the software,including the multiwavelets used,assembling of bilinear operators,fast matrix-vector product for data with hierarchical structures.We further demonstrate the performance of the package by reporting the numerical error and the CPU cost for several benchmark tests,including linear transport equations,wave equations,and Hamilton-Jacobi(HJ)equations.
文摘Irregular fine protrusions formed on the surface of a mechanical part through biomimetic technology can enhance the part’s properties,including tribology,self-cleaning,and light absorption.However,underlying principles for the formation of fine protrusions according to the requirements of their shapes,sizes,and material distributions have not been studied sufficiently.This paper presents the software development for modeling irregular fine protrusions,which is essential for the simulation,experimentation,and analysis of fine protrusions formed by sputter etching.
