Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniq...Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.展开更多
The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Indu...The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Industry 4.0 ecosystems.This qualitative study employs a hermeneutic phenomenological approach to explore the lived experiences of Information Technology(IT)professionals as they navigate a dynamic technological landscape marked by intelligent automation,shifting professional identities,and emerging ethical concerns.Findings indicate that developers are actively adapting to AI-augmented environments by engaging in continuous upskilling,prompt engineering,interdisciplinary collaboration,and heightened ethical awareness.However,participants also voiced growing concerns about the reliability and security of AI-generated code,noting that these tools can introduce hidden vulnerabilities and reduce critical engagement due to automation bias.Many described instances of flawed logic,insecure patterns,or syntactically correct but contextually inappropriate suggestions,underscoring the need for rigorous human oversight.Additionally,the study reveals anxieties around job displacement and the gradual erosion of fundamental coding skills,particularly in environments where AI tools dominate routine development tasks.These findings highlight an urgent need for educational reforms,industry standards,and organizational policies that prioritize both technical robustness and the preservation of human expertise.As AI becomes increasingly embedded in software engineering workflows,this research offers timely insights into how developers and organizations can responsibly integrate intelligent systems to promote accountability,resilience,and innovation across the software development lifecycle.展开更多
The Chinese software industry has had a late start. Although it has been developing fast, it is still at its initial stage. 1. Industry Scale At present, there are more than 1,800 software enterprises, with employees ...The Chinese software industry has had a late start. Although it has been developing fast, it is still at its initial stage. 1. Industry Scale At present, there are more than 1,800 software enterprises, with employees numbering 100,000. Enterprises of a certain scale include the Founder Group Corporation, Chinese Software Corporation,Software Group Corporation of Northeast University, Shandong Zhongchuan Software Engineering Corporation, Yongyou Software Group Corporation, Beijing Hope Group Corporation, Stone Lifang Company,展开更多
Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As re...Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As requirement changes continuously,it increases the irrelevancy and redundancy during testing.Due to these challenges;fault detection capability decreases and there arises a need to improve the testing process,which is based on changes in requirements specification.In this research,we have developed a model to resolve testing challenges through requirement prioritization and prediction in an agile-based environment.The research objective is to identify the most relevant and meaningful requirements through semantic analysis for correct change analysis.Then compute the similarity of requirements through case-based reasoning,which predicted the requirements for reuse and restricted to error-based requirements.Afterward,the apriori algorithm mapped out requirement frequency to select relevant test cases based on frequently reused or not reused test cases to increase the fault detection rate.Furthermore,the proposed model was evaluated by conducting experiments.The results showed that requirement redundancy and irrelevancy improved due to semantic analysis,which correctly predicted the requirements,increasing the fault detection rate and resulting in high user satisfaction.The predicted requirements are mapped into test cases,increasing the fault detection rate after changes to achieve higher user satisfaction.Therefore,the model improves the redundancy and irrelevancy of requirements by more than 90%compared to other clustering methods and the analytical hierarchical process,achieving an 80%fault detection rate at an earlier stage.Hence,it provides guidelines for practitioners and researchers in the modern era.In the future,we will provide the working prototype of this model for proof of concept.展开更多
Agile Transformations are challenging processes for organizations that look to extend the benefits of Agile philosophy and methods beyond software engineering.Despite the impact of these transformations on orga-nizati...Agile Transformations are challenging processes for organizations that look to extend the benefits of Agile philosophy and methods beyond software engineering.Despite the impact of these transformations on orga-nizations,they have not been extensively studied in academia.We conducted a study grounded in workshops and interviews with 99 participants from 30 organizations,including organizations undergoing transformations(“final organizations”)and companies supporting these processes(“consultants”).The study aims to understand the motivations,objectives,and factors driving and challenging these transformations.Over 700 responses were collected to the question and categorized into 32 objectives.The findings show that organizations primarily aim to achieve customer centricity and adaptability,both with 8%of the mentions.Other primary important objectives,with above 4%of mentions,include alignment of goals,lean delivery,sustainable processes,and a flatter,more team-based organizational structure.We also detect discrepancies in perspectives between the objectives identified by the two kinds of organizations and the existing agile literature and models.This misalignment highlights the need for practitioners to understand with the practical realities the organizations face.展开更多
Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely h...Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely heavily on historical and accurate data.In addition,expert judgment is required to set many input parameters,which can introduce subjectivity and variability in the estimation process.Consequently,there is a need to improve the current GSD models to mitigate reliance on historical data,subjectivity in expert judgment,inadequate consideration of GSD-based cost drivers and limited integration of modern technologies with cost overruns.This study introduces a novel hybrid model that synergizes the COCOMO II with Artificial Neural Networks(ANN)to address these challenges.The proposed hybrid model integrates additional GSD-based cost drivers identified through a systematic literature review and further vetted by industry experts.This article compares the effectiveness of the proposedmodelwith state-of-the-artmachine learning-basedmodels for software cost estimation.Evaluating the NASA 93 dataset by adopting twenty-six GSD-based cost drivers reveals that our hybrid model achieves superior accuracy,outperforming existing state-of-the-artmodels.The findings indicate the potential of combining COCOMO II,ANN,and additional GSD-based cost drivers to transform cost estimation in GSD.展开更多
This paper reviews the adaptive sparse grid discontinuous Galerkin(aSG-DG)method for computing high dimensional partial differential equations(PDEs)and its software implementation.The C++software package called AdaM-D...This paper reviews the adaptive sparse grid discontinuous Galerkin(aSG-DG)method for computing high dimensional partial differential equations(PDEs)and its software implementation.The C++software package called AdaM-DG,implementing the aSG-DG method,is available on GitHub at https://github.com/JuntaoHuang/adaptive-multiresolution-DG.The package is capable of treating a large class of high dimensional linear and nonlinear PDEs.We review the essential components of the algorithm and the functionality of the software,including the multiwavelets used,assembling of bilinear operators,fast matrix-vector product for data with hierarchical structures.We further demonstrate the performance of the package by reporting the numerical error and the CPU cost for several benchmark tests,including linear transport equations,wave equations,and Hamilton-Jacobi(HJ)equations.展开更多
Software Development Life Cycle (SDLC) is one of the major ingredients for the development of efficient software systems within a time frame and low-cost involvement. From the literature, it is evident that there are ...Software Development Life Cycle (SDLC) is one of the major ingredients for the development of efficient software systems within a time frame and low-cost involvement. From the literature, it is evident that there are various kinds of process models that are used by the software industries for the development of small, medium and long-term software projects, but many of them do not cover risk management. It is quite obvious that the improper selection of the software development process model leads to failure of the software products as it is time bound activity. In the present work, a new software development process model is proposed which covers the risks at any stage of the development of the software product. The model is named a Hemant-Vipin (HV) process model and may be helpful for the software industries for development of the efficient software products and timely delivery at the end of the client. The efficiency of the HV process model is observed by considering various kinds of factors like requirement clarity, user feedback, change agility, predictability, risk identification, practical implementation, customer satisfaction, incremental development, use of ready-made components, quick design, resource organization and many more and found through a case study that the presented approach covers many of parameters in comparison of the existing process models. .展开更多
Although recent studies have examined collaboration within open-source software projects,the focus has primarily been on their motivations and governance.This study explores the complex dynamics of trust and involveme...Although recent studies have examined collaboration within open-source software projects,the focus has primarily been on their motivations and governance.This study explores the complex dynamics of trust and involvement among Cameroonian software developers in open-source projects.In the context of a rapidly evolving software development landscape,these projects have emerged as a transformative force,redefining global collaboration standards.The qualitative methodological approach involved a survey of 22 participants in open-source software projects,including Cameroonian software developers,project governance actors,and open-source community members.Analyses revealed that the trust given to African software developers,including their effective integration into projects and consideration of their specificities and contributions,has a positive impact on their involvement in and ability to appropriate information technologies.By exploring the interaction between cultural,social,and technological factors,this study enhances our understanding of trust mechanisms within open-source communities,especially those involving remote developers.展开更多
Security technology is crucial in software development and operation in the digital age. Secure software can protect user privacy and data security, prevent hacker attacks and data breaches, ensure legitimate business...Security technology is crucial in software development and operation in the digital age. Secure software can protect user privacy and data security, prevent hacker attacks and data breaches, ensure legitimate business operations, and protect core assets. However, the development process often faces threats such as injection attacks, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), mainly due to code vulnerabilities, configuration errors, and risks from third-party components. To meet these challenges, this paper discusses the application of security technology in development and operation, emphasizing security requirements analysis, design principles, coding practices, and testing during the development phase. Along with focusing on environmental configuration, continuous monitoring, emergency response, disaster recovery, and regular auditing and updating during the operation phase. These measures can significantly enhance the security of software systems and protect user and corporate data.展开更多
As quantum computing transitions from a theoretical domain to a practical technology, many aspects of established practice in software engineering are being faced with new challenges. Quantum Software Engineering has ...As quantum computing transitions from a theoretical domain to a practical technology, many aspects of established practice in software engineering are being faced with new challenges. Quantum Software Engineering has been developed to address the peculiar needs that arise with quantum systems’ dependable, scalable, and fault-tolerant software development. The present paper critically reviews how traditional software engineering methodologies can be reshaped to fit into the quantum field. This also entails providing some critical contributions: frameworks to integrate classical and quantum systems, new error mitigation techniques, and the development of quantum-specific testing and debugging tools. In this respect, best practices have been recommended to ensure that future quantum software can harness the evolving capabilities of quantum hardware with continued performance, reliability, and scalability. The work is supposed to act as a foundational guide for the researcher and developer as quantum computing approaches widespread scientific and industrial adoption.展开更多
In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementi...In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.展开更多
Purpose-Conventional high-speed railways(HSR)subgrade design methods remain constrained by platformdependent drafting systems,leading to data interaction hindrances and redundant design processes.This study strives to...Purpose-Conventional high-speed railways(HSR)subgrade design methods remain constrained by platformdependent drafting systems,leading to data interaction hindrances and redundant design processes.This study strives to develop a digital earthwork design methodology that enhances design while reducing collaborative expenses.Design/methodology/approach-A novel digital subgrade design approach,utilizing sophisticated analysis and modeling tools customized for different subgrade elements,is put forward in this study.The methodology incorporates the following essential steps:(1)the advancement of digital analysis and modeling techniques for diverse subgrade components,including surfaces,filling,slopes,retaining structures,and foundation treatments;(2)the formulation of a digital design principle repository incorporating various slope protection combinations;(3)the establishment of a comprehensive digital design framework and process for subgrade cross-sections;and(4)the development and implementation of an open-source digital design system.Findings-The proposed method liberates subgrade design from the constraints of conventional drawing platforms,elevating efficiency,intelligence,and flexibility.The open software architecture and code have achieved over 60%efficiency gains in design workflows during its deployment on three major high-speed rail projects:the Baotou-Yinchuan HSR corridor,Shenyang-Baihe HSR network,and Weifang-Yantai HSR system.Originality/value-This paper introduces an innovative digital design methodology that enables modular and parametric design for railway subgrade sections.The proposed approach provides a digital base for the intelligent design and maintenance of the next-generation high-speed railway.展开更多
In order to assure quality and control process in the development of the aircraft collaborative design software, a maturity assessment model is proposed. The requirements designing—house of quality is designed to eva...In order to assure quality and control process in the development of the aircraft collaborative design software, a maturity assessment model is proposed. The requirements designing—house of quality is designed to evaluate the maturity degree of the solution, and the evaluation results can help to manage and control the development process. Furthermore, a fuzzy evaluation method based on the minimum deviation is proposed to deal with the fuzzy information. The quantitative evaluation result of the maturity degree can be calculated by optimizing the semantic discount factor aim for the minimum deviation. Finally, this model is illustrated and analyzed by an example study of the aircraft collaborative design software.展开更多
Based on the fact that the software development cost is an important factorto control the whole project,we discuss the relationship between the software development cost andsoftware reliability according to the empiri...Based on the fact that the software development cost is an important factorto control the whole project,we discuss the relationship between the software development cost andsoftware reliability according to the empirieal data collected from the development process.Byevolutionary modeling we get an empirical model of the relationship between cost and softwarereliability,and validate the estimate results with the empirical data.展开更多
Software crowdsourcing(SW CS)is an evolving software development paradigm,in which crowds of people are asked to solve various problems through an open call(with the encouragement of prizes for the top solutions).Beca...Software crowdsourcing(SW CS)is an evolving software development paradigm,in which crowds of people are asked to solve various problems through an open call(with the encouragement of prizes for the top solutions).Because of its dynamic nature,SW CS has been progressively accepted and adopted in the software industry.However,issues pertinent to the understanding of requirements among crowds of people and requirements engineers are yet to be clarified and explained.If the requirements are not clear to the development team,it has a significant effect on the quality of the software product.This study aims to identify the potential challenges faced by requirements engineers when conducting the SW–CS based requirements engineering(RE)process.Moreover,solutions to overcome these challenges are also identified.Qualitative data analysis is performed on the interview data collected from software industry professionals.Consequently,20 SW–CS based RE challenges and their subsequent proposed solutions are devised,which are further grouped under seven categories.This study is beneficial for academicians,researchers and practitioners by providing detailed SW–CS based RE challenges and subsequent solutions that could eventually guide them to understand and effectively implement RE in SW CS.展开更多
Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).T...Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.展开更多
Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is d...Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is developed based on .Net platform, with VB.Net, C# language and OpenGL graphic technique. With parameterized modeling method, finite element model of this kind of bridge can be built quickly and accurately, and multi-type element modeling with uniform parameters is realized. With advanced graphic technique, three-dimensional model graph can be real-timely previewed for intuitive data check. With an example of practice project, the accuracy and feasibility of this modeling method and practicality of this software are verified.展开更多
Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace id...Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace identification,peak-picking,and frequency domain decomposition method in modal analysis based on ambient excitation,and the effectiveness of these three methods is verified through finite element calculation and numerical simulation,Then the damage element is added to the finite element model to simulate the crack,and the curvature mode difference and the curvature mode area difference square ratio are calculated by using the stochastic subspace identification results to verify their ability of damage identification and location.Finally,the above modal and damage identification techniques are integrated to develop a bridge modal and damage identification software platform.The final results show that all three modal identification methods can accurately identify the vibration frequency and mode shape,both damage identification methods can accurately identify and locate the damage,and the developed software platform is simple and efficient.展开更多
In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increa...In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increase with the growth of such projects product size. Thus this is diseconomies of scale that occur in them. The significance of this phenomenon results from the fact that it is commonly considered to be one of the fundamental objective causes of their low effectiveness. This is of particular significance with regard to Business Software Systems (BSS) D&EP characterized by exceptionally low effectiveness comparing to other software D&EP. Thus the paper aims at answering the following two questions: (1) Do economies of scale really not occur in BSS D&EP? (2) If economies of scale may occur in BSS D&EP, what factors are then promoting them? These issues classify into economics problems of software engineering research and practice.展开更多
文摘Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.
文摘The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Industry 4.0 ecosystems.This qualitative study employs a hermeneutic phenomenological approach to explore the lived experiences of Information Technology(IT)professionals as they navigate a dynamic technological landscape marked by intelligent automation,shifting professional identities,and emerging ethical concerns.Findings indicate that developers are actively adapting to AI-augmented environments by engaging in continuous upskilling,prompt engineering,interdisciplinary collaboration,and heightened ethical awareness.However,participants also voiced growing concerns about the reliability and security of AI-generated code,noting that these tools can introduce hidden vulnerabilities and reduce critical engagement due to automation bias.Many described instances of flawed logic,insecure patterns,or syntactically correct but contextually inappropriate suggestions,underscoring the need for rigorous human oversight.Additionally,the study reveals anxieties around job displacement and the gradual erosion of fundamental coding skills,particularly in environments where AI tools dominate routine development tasks.These findings highlight an urgent need for educational reforms,industry standards,and organizational policies that prioritize both technical robustness and the preservation of human expertise.As AI becomes increasingly embedded in software engineering workflows,this research offers timely insights into how developers and organizations can responsibly integrate intelligent systems to promote accountability,resilience,and innovation across the software development lifecycle.
文摘The Chinese software industry has had a late start. Although it has been developing fast, it is still at its initial stage. 1. Industry Scale At present, there are more than 1,800 software enterprises, with employees numbering 100,000. Enterprises of a certain scale include the Founder Group Corporation, Chinese Software Corporation,Software Group Corporation of Northeast University, Shandong Zhongchuan Software Engineering Corporation, Yongyou Software Group Corporation, Beijing Hope Group Corporation, Stone Lifang Company,
文摘Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As requirement changes continuously,it increases the irrelevancy and redundancy during testing.Due to these challenges;fault detection capability decreases and there arises a need to improve the testing process,which is based on changes in requirements specification.In this research,we have developed a model to resolve testing challenges through requirement prioritization and prediction in an agile-based environment.The research objective is to identify the most relevant and meaningful requirements through semantic analysis for correct change analysis.Then compute the similarity of requirements through case-based reasoning,which predicted the requirements for reuse and restricted to error-based requirements.Afterward,the apriori algorithm mapped out requirement frequency to select relevant test cases based on frequently reused or not reused test cases to increase the fault detection rate.Furthermore,the proposed model was evaluated by conducting experiments.The results showed that requirement redundancy and irrelevancy improved due to semantic analysis,which correctly predicted the requirements,increasing the fault detection rate and resulting in high user satisfaction.The predicted requirements are mapped into test cases,increasing the fault detection rate after changes to achieve higher user satisfaction.Therefore,the model improves the redundancy and irrelevancy of requirements by more than 90%compared to other clustering methods and the analytical hierarchical process,achieving an 80%fault detection rate at an earlier stage.Hence,it provides guidelines for practitioners and researchers in the modern era.In the future,we will provide the working prototype of this model for proof of concept.
基金funding from the European Commission for the Ruralities Project(grant agreement no.101060876).
文摘Agile Transformations are challenging processes for organizations that look to extend the benefits of Agile philosophy and methods beyond software engineering.Despite the impact of these transformations on orga-nizations,they have not been extensively studied in academia.We conducted a study grounded in workshops and interviews with 99 participants from 30 organizations,including organizations undergoing transformations(“final organizations”)and companies supporting these processes(“consultants”).The study aims to understand the motivations,objectives,and factors driving and challenging these transformations.Over 700 responses were collected to the question and categorized into 32 objectives.The findings show that organizations primarily aim to achieve customer centricity and adaptability,both with 8%of the mentions.Other primary important objectives,with above 4%of mentions,include alignment of goals,lean delivery,sustainable processes,and a flatter,more team-based organizational structure.We also detect discrepancies in perspectives between the objectives identified by the two kinds of organizations and the existing agile literature and models.This misalignment highlights the need for practitioners to understand with the practical realities the organizations face.
文摘Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely heavily on historical and accurate data.In addition,expert judgment is required to set many input parameters,which can introduce subjectivity and variability in the estimation process.Consequently,there is a need to improve the current GSD models to mitigate reliance on historical data,subjectivity in expert judgment,inadequate consideration of GSD-based cost drivers and limited integration of modern technologies with cost overruns.This study introduces a novel hybrid model that synergizes the COCOMO II with Artificial Neural Networks(ANN)to address these challenges.The proposed hybrid model integrates additional GSD-based cost drivers identified through a systematic literature review and further vetted by industry experts.This article compares the effectiveness of the proposedmodelwith state-of-the-artmachine learning-basedmodels for software cost estimation.Evaluating the NASA 93 dataset by adopting twenty-six GSD-based cost drivers reveals that our hybrid model achieves superior accuracy,outperforming existing state-of-the-artmodels.The findings indicate the potential of combining COCOMO II,ANN,and additional GSD-based cost drivers to transform cost estimation in GSD.
基金supported by the NSF grant DMS-2111383Air Force Office of Scientific Research FA9550-18-1-0257the NSF grant DMS-2011838.
文摘This paper reviews the adaptive sparse grid discontinuous Galerkin(aSG-DG)method for computing high dimensional partial differential equations(PDEs)and its software implementation.The C++software package called AdaM-DG,implementing the aSG-DG method,is available on GitHub at https://github.com/JuntaoHuang/adaptive-multiresolution-DG.The package is capable of treating a large class of high dimensional linear and nonlinear PDEs.We review the essential components of the algorithm and the functionality of the software,including the multiwavelets used,assembling of bilinear operators,fast matrix-vector product for data with hierarchical structures.We further demonstrate the performance of the package by reporting the numerical error and the CPU cost for several benchmark tests,including linear transport equations,wave equations,and Hamilton-Jacobi(HJ)equations.
文摘Software Development Life Cycle (SDLC) is one of the major ingredients for the development of efficient software systems within a time frame and low-cost involvement. From the literature, it is evident that there are various kinds of process models that are used by the software industries for the development of small, medium and long-term software projects, but many of them do not cover risk management. It is quite obvious that the improper selection of the software development process model leads to failure of the software products as it is time bound activity. In the present work, a new software development process model is proposed which covers the risks at any stage of the development of the software product. The model is named a Hemant-Vipin (HV) process model and may be helpful for the software industries for development of the efficient software products and timely delivery at the end of the client. The efficiency of the HV process model is observed by considering various kinds of factors like requirement clarity, user feedback, change agility, predictability, risk identification, practical implementation, customer satisfaction, incremental development, use of ready-made components, quick design, resource organization and many more and found through a case study that the presented approach covers many of parameters in comparison of the existing process models. .
文摘Although recent studies have examined collaboration within open-source software projects,the focus has primarily been on their motivations and governance.This study explores the complex dynamics of trust and involvement among Cameroonian software developers in open-source projects.In the context of a rapidly evolving software development landscape,these projects have emerged as a transformative force,redefining global collaboration standards.The qualitative methodological approach involved a survey of 22 participants in open-source software projects,including Cameroonian software developers,project governance actors,and open-source community members.Analyses revealed that the trust given to African software developers,including their effective integration into projects and consideration of their specificities and contributions,has a positive impact on their involvement in and ability to appropriate information technologies.By exploring the interaction between cultural,social,and technological factors,this study enhances our understanding of trust mechanisms within open-source communities,especially those involving remote developers.
文摘Security technology is crucial in software development and operation in the digital age. Secure software can protect user privacy and data security, prevent hacker attacks and data breaches, ensure legitimate business operations, and protect core assets. However, the development process often faces threats such as injection attacks, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), mainly due to code vulnerabilities, configuration errors, and risks from third-party components. To meet these challenges, this paper discusses the application of security technology in development and operation, emphasizing security requirements analysis, design principles, coding practices, and testing during the development phase. Along with focusing on environmental configuration, continuous monitoring, emergency response, disaster recovery, and regular auditing and updating during the operation phase. These measures can significantly enhance the security of software systems and protect user and corporate data.
文摘As quantum computing transitions from a theoretical domain to a practical technology, many aspects of established practice in software engineering are being faced with new challenges. Quantum Software Engineering has been developed to address the peculiar needs that arise with quantum systems’ dependable, scalable, and fault-tolerant software development. The present paper critically reviews how traditional software engineering methodologies can be reshaped to fit into the quantum field. This also entails providing some critical contributions: frameworks to integrate classical and quantum systems, new error mitigation techniques, and the development of quantum-specific testing and debugging tools. In this respect, best practices have been recommended to ensure that future quantum software can harness the evolving capabilities of quantum hardware with continued performance, reliability, and scalability. The work is supposed to act as a foundational guide for the researcher and developer as quantum computing approaches widespread scientific and industrial adoption.
文摘In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.
基金supported by the major project of China State Railway Group Co.,Ltd.(No.Q2023G020)the internal project of China Railway Design Cooperation(No.2023A0248002).
文摘Purpose-Conventional high-speed railways(HSR)subgrade design methods remain constrained by platformdependent drafting systems,leading to data interaction hindrances and redundant design processes.This study strives to develop a digital earthwork design methodology that enhances design while reducing collaborative expenses.Design/methodology/approach-A novel digital subgrade design approach,utilizing sophisticated analysis and modeling tools customized for different subgrade elements,is put forward in this study.The methodology incorporates the following essential steps:(1)the advancement of digital analysis and modeling techniques for diverse subgrade components,including surfaces,filling,slopes,retaining structures,and foundation treatments;(2)the formulation of a digital design principle repository incorporating various slope protection combinations;(3)the establishment of a comprehensive digital design framework and process for subgrade cross-sections;and(4)the development and implementation of an open-source digital design system.Findings-The proposed method liberates subgrade design from the constraints of conventional drawing platforms,elevating efficiency,intelligence,and flexibility.The open software architecture and code have achieved over 60%efficiency gains in design workflows during its deployment on three major high-speed rail projects:the Baotou-Yinchuan HSR corridor,Shenyang-Baihe HSR network,and Weifang-Yantai HSR system.Originality/value-This paper introduces an innovative digital design methodology that enables modular and parametric design for railway subgrade sections.The proposed approach provides a digital base for the intelligent design and maintenance of the next-generation high-speed railway.
基金supported by the National Natural Science Foundation for Youth of China(61802174)the Natural Science Foundation for Youth of Jiangsu Province(BK20181016)+1 种基金the Natural Science Foundation of the Jiangsu Higher Education Institutions of China(18KJB520019)the Scientific Research Foundation of Nanjing Institute of Technology of China(YKJ201614)
文摘In order to assure quality and control process in the development of the aircraft collaborative design software, a maturity assessment model is proposed. The requirements designing—house of quality is designed to evaluate the maturity degree of the solution, and the evaluation results can help to manage and control the development process. Furthermore, a fuzzy evaluation method based on the minimum deviation is proposed to deal with the fuzzy information. The quantitative evaluation result of the maturity degree can be calculated by optimizing the semantic discount factor aim for the minimum deviation. Finally, this model is illustrated and analyzed by an example study of the aircraft collaborative design software.
基金Supported by the National Natural Science Foun dation of China(60173063)
文摘Based on the fact that the software development cost is an important factorto control the whole project,we discuss the relationship between the software development cost andsoftware reliability according to the empirieal data collected from the development process.Byevolutionary modeling we get an empirical model of the relationship between cost and softwarereliability,and validate the estimate results with the empirical data.
基金‘This research is funded by Taif University,TURSP-2020/115’.
文摘Software crowdsourcing(SW CS)is an evolving software development paradigm,in which crowds of people are asked to solve various problems through an open call(with the encouragement of prizes for the top solutions).Because of its dynamic nature,SW CS has been progressively accepted and adopted in the software industry.However,issues pertinent to the understanding of requirements among crowds of people and requirements engineers are yet to be clarified and explained.If the requirements are not clear to the development team,it has a significant effect on the quality of the software product.This study aims to identify the potential challenges faced by requirements engineers when conducting the SW–CS based requirements engineering(RE)process.Moreover,solutions to overcome these challenges are also identified.Qualitative data analysis is performed on the interview data collected from software industry professionals.Consequently,20 SW–CS based RE challenges and their subsequent proposed solutions are devised,which are further grouped under seven categories.This study is beneficial for academicians,researchers and practitioners by providing detailed SW–CS based RE challenges and subsequent solutions that could eventually guide them to understand and effectively implement RE in SW CS.
文摘Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.
基金National Science and Technology Support Program of China(No.2009BAG15B01)Key Programs for Science and Technology Development of Chinese Transportation Industry(No.2008-353-332-190)
文摘Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is developed based on .Net platform, with VB.Net, C# language and OpenGL graphic technique. With parameterized modeling method, finite element model of this kind of bridge can be built quickly and accurately, and multi-type element modeling with uniform parameters is realized. With advanced graphic technique, three-dimensional model graph can be real-timely previewed for intuitive data check. With an example of practice project, the accuracy and feasibility of this modeling method and practicality of this software are verified.
文摘Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace identification,peak-picking,and frequency domain decomposition method in modal analysis based on ambient excitation,and the effectiveness of these three methods is verified through finite element calculation and numerical simulation,Then the damage element is added to the finite element model to simulate the crack,and the curvature mode difference and the curvature mode area difference square ratio are calculated by using the stochastic subspace identification results to verify their ability of damage identification and location.Finally,the above modal and damage identification techniques are integrated to develop a bridge modal and damage identification software platform.The final results show that all three modal identification methods can accurately identify the vibration frequency and mode shape,both damage identification methods can accurately identify and locate the damage,and the developed software platform is simple and efficient.
文摘In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increase with the growth of such projects product size. Thus this is diseconomies of scale that occur in them. The significance of this phenomenon results from the fact that it is commonly considered to be one of the fundamental objective causes of their low effectiveness. This is of particular significance with regard to Business Software Systems (BSS) D&EP characterized by exceptionally low effectiveness comparing to other software D&EP. Thus the paper aims at answering the following two questions: (1) Do economies of scale really not occur in BSS D&EP? (2) If economies of scale may occur in BSS D&EP, what factors are then promoting them? These issues classify into economics problems of software engineering research and practice.
