Service-Oriented Architecture (SOA) is becoming the dominant approach for developing and organizing distributed enterprise-wide applications. Although the concepts of SOA have been extensively described in the literat...Service-Oriented Architecture (SOA) is becoming the dominant approach for developing and organizing distributed enterprise-wide applications. Although the concepts of SOA have been extensively described in the literature and in-dustry, the effects of adopting SOA on software quality are still unclear. The aim of the paper is to analyze how adopt-ing SOA can affect software quality as opposed to the Object-Oriented (OO) paradigm and expose the differential implications of adopting both paradigms on software quality. The paper provides a brief introduction of the architectural differences between the Service-Oriented (SO) and OO paradigms and a description of internal software quality metrics used for the comparison. The effects and differences are exposed by providing a case study architected for both paradigms. The quantitative measure concluded in the paper showed that a software system developed using SOA approach provides higher reusability and lower coupling among software modules, but at the same time higher complexity than those of the OO approach. It was also found that some of the existing OO software quality metrics are inapplicable to SOA software systems. As a consequence, new metrics need to be developed specifically to SOA software systems.展开更多
Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniq...Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.展开更多
Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As re...Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As requirement changes continuously,it increases the irrelevancy and redundancy during testing.Due to these challenges;fault detection capability decreases and there arises a need to improve the testing process,which is based on changes in requirements specification.In this research,we have developed a model to resolve testing challenges through requirement prioritization and prediction in an agile-based environment.The research objective is to identify the most relevant and meaningful requirements through semantic analysis for correct change analysis.Then compute the similarity of requirements through case-based reasoning,which predicted the requirements for reuse and restricted to error-based requirements.Afterward,the apriori algorithm mapped out requirement frequency to select relevant test cases based on frequently reused or not reused test cases to increase the fault detection rate.Furthermore,the proposed model was evaluated by conducting experiments.The results showed that requirement redundancy and irrelevancy improved due to semantic analysis,which correctly predicted the requirements,increasing the fault detection rate and resulting in high user satisfaction.The predicted requirements are mapped into test cases,increasing the fault detection rate after changes to achieve higher user satisfaction.Therefore,the model improves the redundancy and irrelevancy of requirements by more than 90%compared to other clustering methods and the analytical hierarchical process,achieving an 80%fault detection rate at an earlier stage.Hence,it provides guidelines for practitioners and researchers in the modern era.In the future,we will provide the working prototype of this model for proof of concept.展开更多
Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely h...Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely heavily on historical and accurate data.In addition,expert judgment is required to set many input parameters,which can introduce subjectivity and variability in the estimation process.Consequently,there is a need to improve the current GSD models to mitigate reliance on historical data,subjectivity in expert judgment,inadequate consideration of GSD-based cost drivers and limited integration of modern technologies with cost overruns.This study introduces a novel hybrid model that synergizes the COCOMO II with Artificial Neural Networks(ANN)to address these challenges.The proposed hybrid model integrates additional GSD-based cost drivers identified through a systematic literature review and further vetted by industry experts.This article compares the effectiveness of the proposedmodelwith state-of-the-artmachine learning-basedmodels for software cost estimation.Evaluating the NASA 93 dataset by adopting twenty-six GSD-based cost drivers reveals that our hybrid model achieves superior accuracy,outperforming existing state-of-the-artmodels.The findings indicate the potential of combining COCOMO II,ANN,and additional GSD-based cost drivers to transform cost estimation in GSD.展开更多
Software Development Life Cycle (SDLC) is one of the major ingredients for the development of efficient software systems within a time frame and low-cost involvement. From the literature, it is evident that there are ...Software Development Life Cycle (SDLC) is one of the major ingredients for the development of efficient software systems within a time frame and low-cost involvement. From the literature, it is evident that there are various kinds of process models that are used by the software industries for the development of small, medium and long-term software projects, but many of them do not cover risk management. It is quite obvious that the improper selection of the software development process model leads to failure of the software products as it is time bound activity. In the present work, a new software development process model is proposed which covers the risks at any stage of the development of the software product. The model is named a Hemant-Vipin (HV) process model and may be helpful for the software industries for development of the efficient software products and timely delivery at the end of the client. The efficiency of the HV process model is observed by considering various kinds of factors like requirement clarity, user feedback, change agility, predictability, risk identification, practical implementation, customer satisfaction, incremental development, use of ready-made components, quick design, resource organization and many more and found through a case study that the presented approach covers many of parameters in comparison of the existing process models. .展开更多
Under the background of“new engineering”construction,software engineering teaching pays more attention to cultivating students’engineering practice and innovation ability.In view of the inconsistency between develo...Under the background of“new engineering”construction,software engineering teaching pays more attention to cultivating students’engineering practice and innovation ability.In view of the inconsistency between development and demand design,team division of labor,difficult measurement of individual contribution,single assessment method,and other problems in traditional practice teaching,this paper proposes that under the guidance of agile development methods,software engineering courses should adopt Scrum framework to organize course project practice,use agile collaboration platform to implement individual work,follow up experiment progress,and ensure effective project advancement.The statistical data of curriculum“diversity”assessment show that there is an obvious improvement effect on students’software engineering ability and quality.展开更多
Security technology is crucial in software development and operation in the digital age. Secure software can protect user privacy and data security, prevent hacker attacks and data breaches, ensure legitimate business...Security technology is crucial in software development and operation in the digital age. Secure software can protect user privacy and data security, prevent hacker attacks and data breaches, ensure legitimate business operations, and protect core assets. However, the development process often faces threats such as injection attacks, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), mainly due to code vulnerabilities, configuration errors, and risks from third-party components. To meet these challenges, this paper discusses the application of security technology in development and operation, emphasizing security requirements analysis, design principles, coding practices, and testing during the development phase. Along with focusing on environmental configuration, continuous monitoring, emergency response, disaster recovery, and regular auditing and updating during the operation phase. These measures can significantly enhance the security of software systems and protect user and corporate data.展开更多
In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementi...In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.展开更多
The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Indu...The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Industry 4.0 ecosystems.This qualitative study employs a hermeneutic phenomenological approach to explore the lived experiences of Information Technology(IT)professionals as they navigate a dynamic technological landscape marked by intelligent automation,shifting professional identities,and emerging ethical concerns.Findings indicate that developers are actively adapting to AI-augmented environments by engaging in continuous upskilling,prompt engineering,interdisciplinary collaboration,and heightened ethical awareness.However,participants also voiced growing concerns about the reliability and security of AI-generated code,noting that these tools can introduce hidden vulnerabilities and reduce critical engagement due to automation bias.Many described instances of flawed logic,insecure patterns,or syntactically correct but contextually inappropriate suggestions,underscoring the need for rigorous human oversight.Additionally,the study reveals anxieties around job displacement and the gradual erosion of fundamental coding skills,particularly in environments where AI tools dominate routine development tasks.These findings highlight an urgent need for educational reforms,industry standards,and organizational policies that prioritize both technical robustness and the preservation of human expertise.As AI becomes increasingly embedded in software engineering workflows,this research offers timely insights into how developers and organizations can responsibly integrate intelligent systems to promote accountability,resilience,and innovation across the software development lifecycle.展开更多
Although recent studies have examined collaboration within open-source software projects,the focus has primarily been on their motivations and governance.This study explores the complex dynamics of trust and involveme...Although recent studies have examined collaboration within open-source software projects,the focus has primarily been on their motivations and governance.This study explores the complex dynamics of trust and involvement among Cameroonian software developers in open-source projects.In the context of a rapidly evolving software development landscape,these projects have emerged as a transformative force,redefining global collaboration standards.The qualitative methodological approach involved a survey of 22 participants in open-source software projects,including Cameroonian software developers,project governance actors,and open-source community members.Analyses revealed that the trust given to African software developers,including their effective integration into projects and consideration of their specificities and contributions,has a positive impact on their involvement in and ability to appropriate information technologies.By exploring the interaction between cultural,social,and technological factors,this study enhances our understanding of trust mechanisms within open-source communities,especially those involving remote developers.展开更多
The interfacial transition zone (ITZ) between the aggregates and the bulk paste is the weakest zone of ordinary concrete, which largely determines its mechanical and transporting properties. However, a complete unders...The interfacial transition zone (ITZ) between the aggregates and the bulk paste is the weakest zone of ordinary concrete, which largely determines its mechanical and transporting properties. However, a complete understanding and a quantitative modeling of ITZ are still lacking. Consequently, an integrated modeling and experimental study were conducted. First, the theoretical calculation model of the ITZ volume fraction about the rotary ellipsoidal aggregate particles was established based on the nearest surface function formula. Its calculation programs were written based on Visual Basic 6.0 language and achieved visualization and functionalization. Then, the influencing factors of ITZ volume fraction of the ellipsoidal aggregate particles and the overlapping degree between the ITZ were systematically analyzed. Finally, the calculation models of ITZ volume fraction on actual ellipsoidal aggregate were given, based on cobblestones or pebbles particles with naturally ellipsoidal shape. The results indicate that the calculation model proposed is highly reliable.展开更多
Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).T...Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.展开更多
Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace id...Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace identification,peak-picking,and frequency domain decomposition method in modal analysis based on ambient excitation,and the effectiveness of these three methods is verified through finite element calculation and numerical simulation,Then the damage element is added to the finite element model to simulate the crack,and the curvature mode difference and the curvature mode area difference square ratio are calculated by using the stochastic subspace identification results to verify their ability of damage identification and location.Finally,the above modal and damage identification techniques are integrated to develop a bridge modal and damage identification software platform.The final results show that all three modal identification methods can accurately identify the vibration frequency and mode shape,both damage identification methods can accurately identify and locate the damage,and the developed software platform is simple and efficient.展开更多
Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is d...Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is developed based on .Net platform, with VB.Net, C# language and OpenGL graphic technique. With parameterized modeling method, finite element model of this kind of bridge can be built quickly and accurately, and multi-type element modeling with uniform parameters is realized. With advanced graphic technique, three-dimensional model graph can be real-timely previewed for intuitive data check. With an example of practice project, the accuracy and feasibility of this modeling method and practicality of this software are verified.展开更多
In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increa...In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increase with the growth of such projects product size. Thus this is diseconomies of scale that occur in them. The significance of this phenomenon results from the fact that it is commonly considered to be one of the fundamental objective causes of their low effectiveness. This is of particular significance with regard to Business Software Systems (BSS) D&EP characterized by exceptionally low effectiveness comparing to other software D&EP. Thus the paper aims at answering the following two questions: (1) Do economies of scale really not occur in BSS D&EP? (2) If economies of scale may occur in BSS D&EP, what factors are then promoting them? These issues classify into economics problems of software engineering research and practice.展开更多
The software industries in developing countries are facing enormous challenges in order to grow amid fierce competition of import from the software makers in developed countries. Open source software (OSS) movement, w...The software industries in developing countries are facing enormous challenges in order to grow amid fierce competition of import from the software makers in developed countries. Open source software (OSS) movement, which is a particular phenomenon in the software industries, seems to be a challenging opportunity for the developing countries that wants to move their own software industries up the value chain. This paper, using China as an example, identifies the issues that need to be addressed for the software industry, as well as the special characteristics of software products that need to be dealt with carefully. It proposes promoting OSS as a strategy the Chinese government should adopt to grow the software industry and the specific actions that should be taken.展开更多
Software has been developed for digital control of WDW series testing machine and the measurement of fracture toughness by modularized design. Development of the software makes use of multi-thread and serial communica...Software has been developed for digital control of WDW series testing machine and the measurement of fracture toughness by modularized design. Development of the software makes use of multi-thread and serial communication techniques, which can accurately control the testing machine and measure the fracture toughness in real-time. Three-point bending specimens were used in the measurement. The software operates stably and reliably, expanding the function of WDW series testing machine.展开更多
Robert C.Martin的经典著作《Agile SoftwareDevelopment》中文版即将由清华大学出版社出版,这是计算机技术出版领域的一件大喜事。即使在今天技术图书市场非常繁荣的局面下,这本书的问世也仍然是值得广大开发者格外留意和关注的事件。...Robert C.Martin的经典著作《Agile SoftwareDevelopment》中文版即将由清华大学出版社出版,这是计算机技术出版领域的一件大喜事。即使在今天技术图书市场非常繁荣的局面下,这本书的问世也仍然是值得广大开发者格外留意和关注的事件。这不仅是因为它刚刚荣获2003年度Jolt震撼大奖,更因为这本书本身的价值和独特魅力。展开更多
A carefully planned software development process helps in maintaining the quality of the software.In today’s scenario the primitive software development models have been replaced by the Agile based models like SCRUM,...A carefully planned software development process helps in maintaining the quality of the software.In today’s scenario the primitive software development models have been replaced by the Agile based models like SCRUM,KANBAN,LEAN,etc.Although,every framework has its own boon,the reason for widespread acceptance of the agile-based approach is its evolutionary nature that permits change in the path of software development.The development process occurs in iterative and incremental cycles called sprints.In SCRUM,which is one of the most widely used agile-based software development modeling framework;the sprint length is fixed throughout the process wherein;it is usually taken to be 1–4 weeks.But in practical application,the sprint length should be altered intuitively as per the requirement.To overcome this limitation,in this paper,a methodical work has been presented that determines the optimal sprint length based on two varied and yet connected attributes;the cost incurred and the work intensity required.The approach defines the number of tasks performed in each sprint along with the corresponding cost incurred in performing those tasks.Multi-attribute utility theory(MAUT),a multi-criterion decision making approach,has been utilized to find the required trade-off between two attributes under consideration.The proposed modeling framework has been validated using real life data set.With the use of the model,the optimal sprint for each sprint could be evaluated which was much shorter than the original length.Thus,the results obtained validate the proposal of a dynamic sprint length that can be determined before the start of each sprint.The structure would help in cost as well as time savings for a firm.展开更多
Ocean information management is of great importance as it has been employed in many areas of ocean science and technology. However, the developments of Ocean Information Systems(OISs) often suffer from low efficiency ...Ocean information management is of great importance as it has been employed in many areas of ocean science and technology. However, the developments of Ocean Information Systems(OISs) often suffer from low efficiency because of repetitive work and continuous modifications caused by dynamic requirements. In this paper, the basic requirements of OISs are analyzed first, and then a novel platform DPOI is proposed to improve development efficiency and enhance software quality of OISs by providing off-the-shelf resources. In the platform, the OIS is decomposed hierarchically into a set of modules, which can be reused in different system developments. These modules include the acquisition middleware and data loader that collect data from instruments and files respectively, the database that stores data consistently, the components that support fast application generation, the web services that make the data from distributed sources syntactical by use of predefined schemas and the configuration toolkit that enables software customization. With the assistance of the development platform, the software development needs no programming and the development procedure is thus accelerated greatly. We have applied the development platform in practical developments and evaluated its efficiency in several development practices and different development approaches. The results show that DPOI significantly improves development efficiency and software quality.展开更多
文摘Service-Oriented Architecture (SOA) is becoming the dominant approach for developing and organizing distributed enterprise-wide applications. Although the concepts of SOA have been extensively described in the literature and in-dustry, the effects of adopting SOA on software quality are still unclear. The aim of the paper is to analyze how adopt-ing SOA can affect software quality as opposed to the Object-Oriented (OO) paradigm and expose the differential implications of adopting both paradigms on software quality. The paper provides a brief introduction of the architectural differences between the Service-Oriented (SO) and OO paradigms and a description of internal software quality metrics used for the comparison. The effects and differences are exposed by providing a case study architected for both paradigms. The quantitative measure concluded in the paper showed that a software system developed using SOA approach provides higher reusability and lower coupling among software modules, but at the same time higher complexity than those of the OO approach. It was also found that some of the existing OO software quality metrics are inapplicable to SOA software systems. As a consequence, new metrics need to be developed specifically to SOA software systems.
文摘Software-related security aspects are a growing and legitimate concern,especially with 5G data available just at our palms.To conduct research in this field,periodic comparative analysis is needed with the new techniques coming up rapidly.The purpose of this study is to review the recent developments in the field of security integration in the software development lifecycle(SDLC)by analyzing the articles published in the last two decades and to propose a way forward.This review follows Kitchenham’s review protocol.The review has been divided into three main stages including planning,execution,and analysis.From the selected 100 articles,it becomes evident that need of a collaborative approach is necessary for addressing critical software security risks(CSSRs)through effective risk management/estimation techniques.Quantifying risks using a numeric scale enables a comprehensive understanding of their severity,facilitating focused resource allocation and mitigation efforts.Through a comprehensive understanding of potential vulnerabilities and proactive mitigation efforts facilitated by protection poker,organizations can prioritize resources effectively to ensure the successful outcome of projects and initiatives in today’s dynamic threat landscape.The review reveals that threat analysis and security testing are needed to develop automated tools for the future.Accurate estimation of effort required to prioritize potential security risks is a big challenge in software security.The accuracy of effort estimation can be further improved by exploring new techniques,particularly those involving deep learning.It is also imperative to validate these effort estimation methods to ensure all potential security threats are addressed.Another challenge is selecting the right model for each specific security threat.To achieve a comprehensive evaluation,researchers should use well-known benchmark checklists.
文摘Software testing is a critical phase due to misconceptions about ambiguities in the requirements during specification,which affect the testing process.Therefore,it is difficult to identify all faults in software.As requirement changes continuously,it increases the irrelevancy and redundancy during testing.Due to these challenges;fault detection capability decreases and there arises a need to improve the testing process,which is based on changes in requirements specification.In this research,we have developed a model to resolve testing challenges through requirement prioritization and prediction in an agile-based environment.The research objective is to identify the most relevant and meaningful requirements through semantic analysis for correct change analysis.Then compute the similarity of requirements through case-based reasoning,which predicted the requirements for reuse and restricted to error-based requirements.Afterward,the apriori algorithm mapped out requirement frequency to select relevant test cases based on frequently reused or not reused test cases to increase the fault detection rate.Furthermore,the proposed model was evaluated by conducting experiments.The results showed that requirement redundancy and irrelevancy improved due to semantic analysis,which correctly predicted the requirements,increasing the fault detection rate and resulting in high user satisfaction.The predicted requirements are mapped into test cases,increasing the fault detection rate after changes to achieve higher user satisfaction.Therefore,the model improves the redundancy and irrelevancy of requirements by more than 90%compared to other clustering methods and the analytical hierarchical process,achieving an 80%fault detection rate at an earlier stage.Hence,it provides guidelines for practitioners and researchers in the modern era.In the future,we will provide the working prototype of this model for proof of concept.
文摘Accurate software cost estimation in Global Software Development(GSD)remains challenging due to reliance on historical data and expert judgments.Traditional models,such as the Constructive Cost Model(COCOMO II),rely heavily on historical and accurate data.In addition,expert judgment is required to set many input parameters,which can introduce subjectivity and variability in the estimation process.Consequently,there is a need to improve the current GSD models to mitigate reliance on historical data,subjectivity in expert judgment,inadequate consideration of GSD-based cost drivers and limited integration of modern technologies with cost overruns.This study introduces a novel hybrid model that synergizes the COCOMO II with Artificial Neural Networks(ANN)to address these challenges.The proposed hybrid model integrates additional GSD-based cost drivers identified through a systematic literature review and further vetted by industry experts.This article compares the effectiveness of the proposedmodelwith state-of-the-artmachine learning-basedmodels for software cost estimation.Evaluating the NASA 93 dataset by adopting twenty-six GSD-based cost drivers reveals that our hybrid model achieves superior accuracy,outperforming existing state-of-the-artmodels.The findings indicate the potential of combining COCOMO II,ANN,and additional GSD-based cost drivers to transform cost estimation in GSD.
文摘Software Development Life Cycle (SDLC) is one of the major ingredients for the development of efficient software systems within a time frame and low-cost involvement. From the literature, it is evident that there are various kinds of process models that are used by the software industries for the development of small, medium and long-term software projects, but many of them do not cover risk management. It is quite obvious that the improper selection of the software development process model leads to failure of the software products as it is time bound activity. In the present work, a new software development process model is proposed which covers the risks at any stage of the development of the software product. The model is named a Hemant-Vipin (HV) process model and may be helpful for the software industries for development of the efficient software products and timely delivery at the end of the client. The efficiency of the HV process model is observed by considering various kinds of factors like requirement clarity, user feedback, change agility, predictability, risk identification, practical implementation, customer satisfaction, incremental development, use of ready-made components, quick design, resource organization and many more and found through a case study that the presented approach covers many of parameters in comparison of the existing process models. .
文摘Under the background of“new engineering”construction,software engineering teaching pays more attention to cultivating students’engineering practice and innovation ability.In view of the inconsistency between development and demand design,team division of labor,difficult measurement of individual contribution,single assessment method,and other problems in traditional practice teaching,this paper proposes that under the guidance of agile development methods,software engineering courses should adopt Scrum framework to organize course project practice,use agile collaboration platform to implement individual work,follow up experiment progress,and ensure effective project advancement.The statistical data of curriculum“diversity”assessment show that there is an obvious improvement effect on students’software engineering ability and quality.
文摘Security technology is crucial in software development and operation in the digital age. Secure software can protect user privacy and data security, prevent hacker attacks and data breaches, ensure legitimate business operations, and protect core assets. However, the development process often faces threats such as injection attacks, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF), mainly due to code vulnerabilities, configuration errors, and risks from third-party components. To meet these challenges, this paper discusses the application of security technology in development and operation, emphasizing security requirements analysis, design principles, coding practices, and testing during the development phase. Along with focusing on environmental configuration, continuous monitoring, emergency response, disaster recovery, and regular auditing and updating during the operation phase. These measures can significantly enhance the security of software systems and protect user and corporate data.
文摘In today’s rapidly evolving digital landscape,web application security has become paramount as organizations face increasingly sophisticated cyber threats.This work presents a comprehensive methodology for implementing robust security measures in modern web applications and the proof of the Methodology applied to Vue.js,Spring Boot,and MySQL architecture.The proposed approach addresses critical security challenges through a multi-layered framework that encompasses essential security dimensions including multi-factor authentication,fine-grained authorization controls,sophisticated session management,data confidentiality and integrity protection,secure logging mechanisms,comprehensive error handling,high availability strategies,advanced input validation,and security headers implementation.Significant contributions are made to the field of web application security.First,a detailed catalogue of security requirements specifically tailored to protect web applications against contemporary threats,backed by rigorous analysis and industry best practices.Second,the methodology is validated through a carefully designed proof-of-concept implementation in a controlled environment,demonstrating the practical effectiveness of the security measures.The validation process employs cutting-edge static and dynamic analysis tools for comprehensive dependency validation and vulnerability detection,ensuring robust security coverage.The validation results confirm the prevention and avoidance of security vulnerabilities of the methodology.A key innovation of this work is the seamless integration of DevSecOps practices throughout the secure Software Development Life Cycle(SSDLC),creating a security-first mindset from initial design to deployment.By combining proactive secure coding practices with defensive security approaches,a framework is established that not only strengthens application security but also fosters a culture of security awareness within development teams.This hybrid approach ensures that security considerations are woven into every aspect of the development process,rather than being treated as an afterthought.
文摘The rapid integration of artificial intelligence(AI)into software development,driven by large language models(LLMs),is reshaping the role of programmers from traditional coders into strategic collaborators within Industry 4.0 ecosystems.This qualitative study employs a hermeneutic phenomenological approach to explore the lived experiences of Information Technology(IT)professionals as they navigate a dynamic technological landscape marked by intelligent automation,shifting professional identities,and emerging ethical concerns.Findings indicate that developers are actively adapting to AI-augmented environments by engaging in continuous upskilling,prompt engineering,interdisciplinary collaboration,and heightened ethical awareness.However,participants also voiced growing concerns about the reliability and security of AI-generated code,noting that these tools can introduce hidden vulnerabilities and reduce critical engagement due to automation bias.Many described instances of flawed logic,insecure patterns,or syntactically correct but contextually inappropriate suggestions,underscoring the need for rigorous human oversight.Additionally,the study reveals anxieties around job displacement and the gradual erosion of fundamental coding skills,particularly in environments where AI tools dominate routine development tasks.These findings highlight an urgent need for educational reforms,industry standards,and organizational policies that prioritize both technical robustness and the preservation of human expertise.As AI becomes increasingly embedded in software engineering workflows,this research offers timely insights into how developers and organizations can responsibly integrate intelligent systems to promote accountability,resilience,and innovation across the software development lifecycle.
文摘Although recent studies have examined collaboration within open-source software projects,the focus has primarily been on their motivations and governance.This study explores the complex dynamics of trust and involvement among Cameroonian software developers in open-source projects.In the context of a rapidly evolving software development landscape,these projects have emerged as a transformative force,redefining global collaboration standards.The qualitative methodological approach involved a survey of 22 participants in open-source software projects,including Cameroonian software developers,project governance actors,and open-source community members.Analyses revealed that the trust given to African software developers,including their effective integration into projects and consideration of their specificities and contributions,has a positive impact on their involvement in and ability to appropriate information technologies.By exploring the interaction between cultural,social,and technological factors,this study enhances our understanding of trust mechanisms within open-source communities,especially those involving remote developers.
基金Funded by the National Natural Science Foundations of China(Nos.51478278 and 51408380)the Natural Science Foundation of Hebei Province(No.E2014210149)Higher Education Science and Technology Research Project of Hebei Province(No.ZD2016065)
文摘The interfacial transition zone (ITZ) between the aggregates and the bulk paste is the weakest zone of ordinary concrete, which largely determines its mechanical and transporting properties. However, a complete understanding and a quantitative modeling of ITZ are still lacking. Consequently, an integrated modeling and experimental study were conducted. First, the theoretical calculation model of the ITZ volume fraction about the rotary ellipsoidal aggregate particles was established based on the nearest surface function formula. Its calculation programs were written based on Visual Basic 6.0 language and achieved visualization and functionalization. Then, the influencing factors of ITZ volume fraction of the ellipsoidal aggregate particles and the overlapping degree between the ITZ were systematically analyzed. Finally, the calculation models of ITZ volume fraction on actual ellipsoidal aggregate were given, based on cobblestones or pebbles particles with naturally ellipsoidal shape. The results indicate that the calculation model proposed is highly reliable.
文摘Security is critical to the success of software,particularly in today’s fast-paced,technology-driven environment.It ensures that data,code,and services maintain their CIA(Confidentiality,Integrity,and Availability).This is only possible if security is taken into account at all stages of the SDLC(Software Development Life Cycle).Various approaches to software quality have been developed,such as CMMI(Capabilitymaturitymodel integration).However,there exists no explicit solution for incorporating security into all phases of SDLC.One of the major causes of pervasive vulnerabilities is a failure to prioritize security.Even the most proactive companies use the“patch and penetrate”strategy,inwhich security is accessed once the job is completed.Increased cost,time overrun,not integrating testing and input in SDLC,usage of third-party tools and components,and lack of knowledge are all reasons for not paying attention to the security angle during the SDLC,despite the fact that secure software development is essential for business continuity and survival in today’s ICT world.There is a need to implement best practices in SDLC to address security at all levels.To fill this gap,we have provided a detailed overview of secure software development practices while taking care of project costs and deadlines.We proposed a secure SDLC framework based on the identified practices,which integrates the best security practices in various SDLC phases.A mathematical model is used to validate the proposed framework.A case study and findings show that the proposed system aids in the integration of security best practices into the overall SDLC,resulting in more secure applications.
文摘Modal and damage identification based on ambient excitation can greatly improve the efficiency of high-speed railway bridge vibration detection.This paper first describes the basic principles of stochastic subspace identification,peak-picking,and frequency domain decomposition method in modal analysis based on ambient excitation,and the effectiveness of these three methods is verified through finite element calculation and numerical simulation,Then the damage element is added to the finite element model to simulate the crack,and the curvature mode difference and the curvature mode area difference square ratio are calculated by using the stochastic subspace identification results to verify their ability of damage identification and location.Finally,the above modal and damage identification techniques are integrated to develop a bridge modal and damage identification software platform.The final results show that all three modal identification methods can accurately identify the vibration frequency and mode shape,both damage identification methods can accurately identify and locate the damage,and the developed software platform is simple and efficient.
基金National Science and Technology Support Program of China(No.2009BAG15B01)Key Programs for Science and Technology Development of Chinese Transportation Industry(No.2008-353-332-190)
文摘Building a reasonable and accurate finite element model is the first and critical step for structural analysis of complicated bridge. In this article, modeling assistant for continuous suspension with multi-pylon is developed based on .Net platform, with VB.Net, C# language and OpenGL graphic technique. With parameterized modeling method, finite element model of this kind of bridge can be built quickly and accurately, and multi-type element modeling with uniform parameters is realized. With advanced graphic technique, three-dimensional model graph can be real-timely previewed for intuitive data check. With an example of practice project, the accuracy and feasibility of this modeling method and practicality of this software are verified.
文摘In the software engineering literature, it is commonly believed that economies of scale do not occur in case of software Development and Enhancement Projects (D&EP). Their per-unit cost does not decrease but increase with the growth of such projects product size. Thus this is diseconomies of scale that occur in them. The significance of this phenomenon results from the fact that it is commonly considered to be one of the fundamental objective causes of their low effectiveness. This is of particular significance with regard to Business Software Systems (BSS) D&EP characterized by exceptionally low effectiveness comparing to other software D&EP. Thus the paper aims at answering the following two questions: (1) Do economies of scale really not occur in BSS D&EP? (2) If economies of scale may occur in BSS D&EP, what factors are then promoting them? These issues classify into economics problems of software engineering research and practice.
文摘The software industries in developing countries are facing enormous challenges in order to grow amid fierce competition of import from the software makers in developed countries. Open source software (OSS) movement, which is a particular phenomenon in the software industries, seems to be a challenging opportunity for the developing countries that wants to move their own software industries up the value chain. This paper, using China as an example, identifies the issues that need to be addressed for the software industry, as well as the special characteristics of software products that need to be dealt with carefully. It proposes promoting OSS as a strategy the Chinese government should adopt to grow the software industry and the specific actions that should be taken.
文摘Software has been developed for digital control of WDW series testing machine and the measurement of fracture toughness by modularized design. Development of the software makes use of multi-thread and serial communication techniques, which can accurately control the testing machine and measure the fracture toughness in real-time. Three-point bending specimens were used in the measurement. The software operates stably and reliably, expanding the function of WDW series testing machine.
文摘A carefully planned software development process helps in maintaining the quality of the software.In today’s scenario the primitive software development models have been replaced by the Agile based models like SCRUM,KANBAN,LEAN,etc.Although,every framework has its own boon,the reason for widespread acceptance of the agile-based approach is its evolutionary nature that permits change in the path of software development.The development process occurs in iterative and incremental cycles called sprints.In SCRUM,which is one of the most widely used agile-based software development modeling framework;the sprint length is fixed throughout the process wherein;it is usually taken to be 1–4 weeks.But in practical application,the sprint length should be altered intuitively as per the requirement.To overcome this limitation,in this paper,a methodical work has been presented that determines the optimal sprint length based on two varied and yet connected attributes;the cost incurred and the work intensity required.The approach defines the number of tasks performed in each sprint along with the corresponding cost incurred in performing those tasks.Multi-attribute utility theory(MAUT),a multi-criterion decision making approach,has been utilized to find the required trade-off between two attributes under consideration.The proposed modeling framework has been validated using real life data set.With the use of the model,the optimal sprint for each sprint could be evaluated which was much shorter than the original length.Thus,the results obtained validate the proposal of a dynamic sprint length that can be determined before the start of each sprint.The structure would help in cost as well as time savings for a firm.
基金supported in part by National Natural Science Foundation of China under grant No. 61170258 and 61379127National Ocean Public Benefit Research Foundation under grant No. 201305033-6 and 2011 05034-10+1 种基金Marine Renewable Energy Special Foundation under grant No. GHME2012ZC02Science and Technology Development Plan of Qingdao City under Grant No. 12-1-3-81-jh
文摘Ocean information management is of great importance as it has been employed in many areas of ocean science and technology. However, the developments of Ocean Information Systems(OISs) often suffer from low efficiency because of repetitive work and continuous modifications caused by dynamic requirements. In this paper, the basic requirements of OISs are analyzed first, and then a novel platform DPOI is proposed to improve development efficiency and enhance software quality of OISs by providing off-the-shelf resources. In the platform, the OIS is decomposed hierarchically into a set of modules, which can be reused in different system developments. These modules include the acquisition middleware and data loader that collect data from instruments and files respectively, the database that stores data consistently, the components that support fast application generation, the web services that make the data from distributed sources syntactical by use of predefined schemas and the configuration toolkit that enables software customization. With the assistance of the development platform, the software development needs no programming and the development procedure is thus accelerated greatly. We have applied the development platform in practical developments and evaluated its efficiency in several development practices and different development approaches. The results show that DPOI significantly improves development efficiency and software quality.
