IET Software最新文献

{"title":"A Differential Datalog Interpreter","authors":"Matthew James Stephenson","doi":"10.3390/software2030020","DOIUrl":"https://doi.org/10.3390/software2030020","url":null,"abstract":"The core reasoning task for datalog engines is materialization, the evaluation of a datalog program over a database alongside its physical incorporation into the database itself. The de-facto method of computing is through the recursive application of inference rules. Due to it being a costly operation, it is a must for datalog engines to provide incremental materialization; that is, to adjust the computation to new data instead of restarting from scratch. One of the major caveats is that deleting data is notoriously more involved than adding since one has to take into account all possible data that has been entailed from what is being deleted. Differential dataflow is a computational model that provides efficient incremental maintenance, notoriously with equal performance between additions and deletions, and work distribution of iterative dataflows. In this paper, we investigate the performance of materialization with three reference datalog implementations, out of which one is built on top of a lightweight relational engine, and the two others are differential-dataflow and non-differential versions of the same rewrite algorithm with the same optimizations. Experimental results suggest that monotonic aggregation is more powerful than ascenting merely the powerset lattice.","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136236435","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"User Authorization in Microservice-Based Applications","authors":"Niklas Sänger, Sebastian Abeck","doi":"10.3390/software2030019","DOIUrl":"https://doi.org/10.3390/software2030019","url":null,"abstract":"Microservices have emerged as a prevalent architectural style in modern software development, replacing traditional monolithic architectures. The decomposition of business functionality into distributed microservices offers numerous benefits, but introduces increased complexity to the overall application. Consequently, the complexity of authorization in microservice-based applications necessitates a comprehensive approach that integrates authorization as an inherent component from the beginning. This paper presents a systematic approach for achieving fine-grained user authorization using Attribute-Based Access Control (ABAC). The proposed approach emphasizes structure preservation, facilitating traceability throughout the various phases of application development. As a result, authorization artifacts can be traced seamlessly from the initial analysis phase to the subsequent implementation phase. One significant contribution is the development of a language to formulate natural language authorization requirements and policies. These natural language authorization policies can subsequently be implemented using the policy language Rego. By leveraging the analysis of software artifacts, the proposed approach enables the creation of comprehensive and tailored authorization policies.","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"154 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135063218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Quantitative Review of the Research on Business Process Management in Digital Transformation: A Bibliometric Approach","authors":"Bui Quang Truong, Anh Nguyen-Duc, Nguyen Thi Cam Van","doi":"10.3390/software2030018","DOIUrl":"https://doi.org/10.3390/software2030018","url":null,"abstract":"In recent years, research on digital transformation (DT) and business process management (BPM) has gained significant attention in the field of business and management. This paper aims to conduct a comprehensive bibliometric analysis of global research on DT and BPM from 2007 to 2022. A total of 326 papers were selected from Web of Science and Scopus for analysis. Using bibliometric methods, we evaluated the current state and future research trends of DT and BPM. Our analysis reveals that the number of publications on DT and BPM has grown significantly over time, with the Business Process Management Journal being the most active. The countries that have contributed the most to this field are Germany (with four universities in the top 10) and the USA. The Business Process Management Journal is the most active in publishing research on digital transformation and business process management. The analysis showed that “artificial intelligence” is a technology that has been studied extensively and is increasingly asserted to influence companies’ business processes. Additionally, the study provides valuable insights from the co-citation network analysis. Based on our findings, we provide recommendations for future research directions on DT and BPM. This study contributes to a better understanding of the current state of research on DT and BPM and provides insights for future research.","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"84 2 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89314142","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Challenges and Solutions for Engineering Applications on Smartphones","authors":"Anthony Khoury, Mohamad Abbas Kaddaha, Maya Saade, R. Younes, Rachid Outbib, Pascal Lafon","doi":"10.3390/software2030017","DOIUrl":"https://doi.org/10.3390/software2030017","url":null,"abstract":"This paper starts by presenting the concept of a mobile application. A literature review is conducted, which shows that there is still a certain lack with regard to smartphone applications in the domain of engineering as independent simulation applications and not only as extensions of smartphone tools. The challenges behind this lack are then discussed. Subsequently, three case studies of engineering applications for both smartphones and the internet are presented, alongside their solutions to the challenges presented. The first case study concerns an engineering application for systems control. The second case study focuses on an engineering application for composite materials. The third case study focuses on the finite element method and structure generation. The solutions to the presented challenges are then described through their implementation in the applications. The three case studies show a new system of thought concerning the development of engineering smartphone applications.","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"122 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2023-08-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88257718","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Synthesis-Based Stateful Approach for Guiding Design Thinking in Embedded System Development","authors":"Hung-Fu Chang, S. K. Mobasser","doi":"10.3390/software2030016","DOIUrl":"https://doi.org/10.3390/software2030016","url":null,"abstract":"Embedded systems have attracted more attention and have become more critical due to the recent computer technology advancements and applications in various areas, such as healthcare, transportation, and manufacturing. Traditional software design approaches and the finite state machine cannot provide sufficient support due to two major reasons: the increasing need for more functions in designing an embedded system and sequential controls in the implementation. This deficiency particularly discourages inexperienced engineers who use conventional methods to design embedded software. Hence, we proposed a design method, the Synthesis-Based Stateful Software Design Approach (SSSDA), which synthesizes two existing methods, the Synthesis-Based Software Design Framework (SSDF) and Process and Artifact State Transition Abstraction (PASTA), to remedy the drawback of conventional methods. To show how to conduct our proposed design approach and investigate how it supports embedded system design, we studied an industrial project developed by a sophomore student team. Our results showed that our proposed approach could significantly help students lay out modules, improve testability, and reduce defects.","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"53 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2023-08-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83720268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Test-driven development, engagement in activity, and maintainability: An empirical study","authors":"Wei Ren,&nbsp;Stephen Barrett","doi":"10.1049/sfw2.12135","DOIUrl":"https://doi.org/10.1049/sfw2.12135","url":null,"abstract":"<p>The software engineering community aims to achieve and maintain high-efficient software engineering practical activities. One of the techniques used for this purpose is Test-Driven Development (TDD), which is a cyclic and test-centered development method positively related to maintainability, which may vary depending on the context and application. Previous research has indicated that TDD's benefits on maintainability may be due to the improved focus on coding and testing activities. However, limited research has investigated the role of engagement in software quality. Therefore, this study investigates the relationship between TDD methods, engagement level in development activities, and maintainability. The primary research questions addressed in this study are does following TDD methods improve the engagement level in development activities? And does a higher engagement level leads to better maintainability? The study employs a statistical analysis technique, regression analysis to explore the research questions. The results show that TDD behaviours improve the engagement level, and engaging in development activities has a significant positive impact on maintainability. Additionally, the study finds that the positive impact of focussing on testing, such as writing more test cases, is more pronounced compared to coding activities. Our study adds to current software engineering literature that not only personal expertise but the engagement level in the development process are associated with software quality and calls for the emphasis on developer's engagement.</p>","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"17 4","pages":"509-525"},"PeriodicalIF":1.6,"publicationDate":"2023-07-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/sfw2.12135","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50145743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Comparing Measured Agile Software Development Metrics Using an Agile Model-Based Software Engineering Approach versus Scrum Only","authors":"Moe Huss, Daniel R. Herber, J. Borky","doi":"10.3390/software2030015","DOIUrl":"https://doi.org/10.3390/software2030015","url":null,"abstract":"This study compares the reliability of estimation, productivity, and defect rate metrics for sprints driven by a specific instance of the agile approach (i.e., scrum) and an agile model-Bbased software engineering (MBSE) approach called the integrated Scrum Model-Based System Architecture Process (sMBSAP) when developing a software system. The quasi-experimental study conducted ten sprints using each approach. The approaches were then evaluated based on their effectiveness in helping the product development team estimate the backlog items that they could build during a time-boxed sprint and deliver more product backlog items (PBI) with fewer defects. The commitment reliability (CR) was calculated to compare the reliability of estimation with a measured average scrum-driven value of 0.81 versus a statistically different average sMBSAP-driven value of 0.94. Similarly, the average sprint velocity (SV) for the scrum-driven sprints was 26.8 versus 31.8 for the MBSAP-driven sprints. The average defect density (DD) for the scrum-driven sprints was 0.91, while that of the sMBSAP-driven sprints was 0.63. The average defect leakage (DL) for the scrum-driven sprints was 0.20, while that of the sMBSAP-driven sprints was 0.15. The t-test analysis concluded that the sMBSAP-driven sprints were associated with a statistically significant larger mean CR, SV, DD, and DL than that of the scrum-driven sprints. The overall results demonstrate formal quantitative benefits of an agile MBSE approach compared to an agile alone, thereby strengthening the case for considering agile MBSE methods within the software development community. Future work might include comparing agile and agile MBSE methods using alternative research designs and further software development objectives, techniques, and metrics.","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"43 1","pages":""},"PeriodicalIF":1.6,"publicationDate":"2023-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78344153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Revisit security in the era of DevOps: An evidence-based inquiry into DevSecOps industry","authors":"Xin Zhou,&nbsp;Runfeng Mao,&nbsp;He Zhang,&nbsp;Qiming Dai,&nbsp;Huang Huang,&nbsp;Haifeng Shen,&nbsp;Jingyue Li,&nbsp;Guoping Rong","doi":"10.1049/sfw2.12132","DOIUrl":"https://doi.org/10.1049/sfw2.12132","url":null,"abstract":"<p>By adopting agile and lean practices, DevOps aims to achieve rapid value delivery by speeding up development and deployment cycles, which however lead to more security concerns that cannot be fully addressed by an isolated security role only in the final stage of development. <i>DevSecOps</i> promotes security as a shared responsibility integrated into the DevOps process that seamlessly intertwines development, operations, and security from the start throughout to the end of cycles. While some companies have already begun to embrace this new strategy, both industry and academia are still seeking a common understanding of the DevSecOps movement. The goal of this study is to report the state-of-the-practice of DevSecOps, including the impact of DevOps on security, practitioners' understanding of DevSecOps, and the practices associated with DevSecOps as well as the challenges of implementing DevSecOps. The authors used a mixed-methods approach for this research. The authors carried out a grey literature review on DevSecOps, and surveyed the practitioners of DevSecOps in industry of China. The status quo of DevSecOps in industry is summarized. Three major software security risks are identified with DevOps, where the establishment of DevOps pipeline provides opportunities for security-related activities. The authors classify the interpretations of DevSecOps into three core aspects of DevSecOps capabilities, cultural enablers, and technological enablers. To materialise the interpretations into daily software production activities, the recommended DevSecOps practices from three perspectives—people, process, and technology. Although a preliminary consensus is that DevSecOps is regarded as an extension of DevOps, there is a debate on whether DevSecOps is a superfluous term. While DevSecOps is attracting an increasing attention by industry, it is still in its infancy and more effort needs to be invested to promote it in both research and industry communities.</p>","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"17 4","pages":"435-454"},"PeriodicalIF":1.6,"publicationDate":"2023-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/sfw2.12132","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50144606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Guest Editorial: Machine learning applied to quality and security in software systems","authors":"Honghao Gao,&nbsp;Walayat Hussain,&nbsp;Ramón J. Durán Barroso,&nbsp;Junaid Arshad,&nbsp;Yuyu Yin","doi":"10.1049/sfw2.12141","DOIUrl":"10.1049/sfw2.12141","url":null,"abstract":"&lt;p&gt;During the development of software systems, even with advanced planning, problems with quality and security occur. These defects may result in threats to program development and maintenance. Therefore, to control and minimise these defects, machine learning can be used to improve the quality and security of software systems. This special issue focuses on recent advances in architecture, algorithms, optimisation, and models for machine learning applied to quality and security in software systems. After a rigorous review according to relevance, originality, technical novelties, and presentation quality, we selected 4 manuscripts. A summary of these accepted papers is outlined below.&lt;/p&gt;&lt;p&gt;In the first paper entitled “Robust Malware Identification via Deep Temporal Convolutional Network with Symmetric Cross Entropy Learning” by Sun et al., the authors propose a robust Malware identification method using the temporal convolutional network (TCN). Moreover, word embedding techniques are generally utilised to understand the contextual relationship between the input operation code (opcode) and application programming interface (API) function names in many cases. Here, considering the numerous unlabelled samples in practical intelligent environments, the authors pre-train the TCN model on an unlabelled set using a word embedding method, that is, &lt;i&gt;word&lt;/i&gt;2&lt;i&gt;vec&lt;/i&gt;. In the experiments, the proposed method is compared to several traditional statistical methods and more recent neural networks on a synthetic Malware dataset and a real-world dataset. The performance comparisons demonstrate the better performance and noise robustness of the proposed method, that the proposed method can yield the best identification accuracy of 98.75% in real-world scenarios.&lt;/p&gt;&lt;p&gt;In the second paper entitled “Just-In-Time Defect Prediction Enhanced by the Joint Method of Line Label Fusion and File Filtering” by Zhang et al., the authors propose a Just-in-Time defect prediction model enhanced by the joint method of line label Fusion and file Filtering (JIT-FF). First, to distinguish added and removed lines while preserving the original software changes information, the authors represent the code changes as original, added, and removed codes according to line labels. Second, to obtain semantics-enhanced code representation, the authors propose a cross-attention-based line label fusion method to perform complementary feature enhancement. Third, to generate code changes containing fewer defect-irrelevant files, the authors formalise the file filtering as a sequential decision problem and propose a reinforcement learning-based file filtering method. Finally, based on generated code changes, CodeBERT-based commit representation and multi-layer perceptron-based defect prediction are performed to identify the defective software changes. The experiments demonstrate that JIT-FF predicts defective software changes more effectively.&lt;/p&gt;&lt;p&gt;In the third paper entitled “Android Malwar","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"17 4","pages":"345-347"},"PeriodicalIF":1.6,"publicationDate":"2023-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/sfw2.12141","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44482903","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Structuring meaningful bug-fixing patches to fix software defect","authors":"Hui Li,&nbsp;Yong Liu,&nbsp;Xuexin Qi,&nbsp;Xi Yu,&nbsp;Shikai Guo","doi":"10.1049/sfw2.12140","DOIUrl":"https://doi.org/10.1049/sfw2.12140","url":null,"abstract":"<p>Currently, software projects require a significant amount of time, effort and other resources to be invested in software testing to reduce the number of code defects. However, this process decreases the efficiency of software development and leads to a significant waste of workforce and resources. To address this challenge, researchers developed various solutions utilising deep neural networks. However, these solutions are frequently challenged by issues, such as a vast vocabulary, network training difficulties and elongated training processes resulting from the handling of redundant information. To overcome these limitations, the authors proposed a new neural network-based model named HopFix, designed to detect software defects that may be introduced during the coding process. HopFix consists of four parts: data preprocessing, encoder, decoder and code generation components, which were used for preprocessing data, extracting information about software defects, analysing defect information, generating software patches and controlling the generation process of software patches, respectively. Experimental studies on Bug-Fix Pairs (BFP) show that HopFix correctly fixed 47.2% (<i>BFP</i>_<i>small</i> datasets) and 25.7% (<i>BFP</i>_{<i>medium</i>} datasets) of software defects.</p>","PeriodicalId":50378,"journal":{"name":"IET Software","volume":"17 4","pages":"566-581"},"PeriodicalIF":1.6,"publicationDate":"2023-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/sfw2.12140","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50130089","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}