An increasing number of organisations focusing on security orchestration approaches and solutions to automate the processes of their Security Operation Centre (SOC). There are hundreds of approaches and tools to support security orchestration, hence, practitioners find it hard to access a consolidated material on the available solutions and researchers are unable to figure out the gaps. Our team has tried to address this need by reporting a systematic horizon scan of the security orchestration approaches and tools – the report has been published in one of the most prestigious journal of computing, ACM Computing Survey – the work is led by Chadni Islam, and Data61’s Surya Nepal is the collaborator. The abstracts of the paper is below and interested readers are welcome to contact us for a copy of the paper. Read More »A Systematic Horizon Scan of Security Orchestration Approaches and Tools
Evidence-Based Software Engineering
Continuous Software Engineering has been gaining signifiant momentum in terms of widespread adoption among large and small Software houses. This paradigm shift is based on the promise of early, frequent delivery and deployment of software features and continuous feedback on the usefulness and adoption of the features. One of the key challenging area of practice for continuous software engineering is architecting – Software development teams are expected to adopt new conceptualisation and designing approaches and design decision making processes – for example, moving from monolithic to micro services. Given the significant challenges of architectural issues in DevOps, it is important to build and share evidence-based body of knowledge about practices and processes for architectural support in Continuous Software Engineering. We have undertaken a significant research program on this topic and one of our comprehensive pieces of of work has just been accepted in a premier Software Engineering journal with the title of, An Empirical Study of Architecting for Continuous Delivery and Deployment, following is the abstract copied from the paper for the readers of this blog. The paper’s pre-print copies will be available soon. Read More »Architecting for Continuous Delivery and Deployment
The increasing amount of literature on Continuous Integration (CI), Continuous Delivery (CDE), and Continuous Deployment (CD) has stimulated the need and desire of secondary studies. Recently, there have been several reviews published on CI, CDE, and CD, mostly in Software Engineering journal. Whilst these reviews have made important contributions to the body of knowledge about CI, CDE, CD, there was no significant effort to perform an integrated review of these three practices areas, which are so much intertwined that it is critically important that the key pieces of work on these topics are reviewed in an integrated fashion. Such an integrated review is expected to provide the researchers and practitioners with a 360 degree view on the approaches, tools, and challenges in these areas. We have tried to address this need through a Systematic Literature Review (SLR), Continuous Integration, Delivery and Deployment: A Systematic Review on Approaches, Tools, Challenges, which has been recently published in IEEE Access. We are really excited to have this work done as it would fill important gaps left by other secondary studies on these important topics. Our review also critically comparing the existing reviews and our work that is an important part of progressing the state of the art in an emerging area. I’m copying/pasting the abstract for the readers’ interests as a teaser leading to a full read of the article. We also welcome comments.
Continuous Software Engineering has gained significant attraction in the software development industry. One of the key areas of Continuous Software Engineering is Development and Operation (DevOps) – according to which development and operations teams are… Read More »Security Support in Continuous Deployment Pipeline
A large number of Software Engineering teams are virtual, which are characterised by various types of distances such geographical, culture, temporal, and knowledge. Such distances can cause a number of small and big challenges that lead sub-optimal development teams or event project failures. Software engineering researchers and practitioners have been researching and debating the cost and benefits of site visits for enabling software development teams to spend time together in order to get to know each other professionally and personally. It is argued that such visits result in establishing and growing trust that is important for successful teams. However, software development managers always find it hard to make a strong enough case for investing such visits. We have carried out a longitudinal case study focused on the socio-ethnical dynamics and potential benefits of site visits in terms of enhanced trust and cooperation among team members who came from entirely different regions, culture, region, and socio-economic background. Our study has found very useful insights for software development managers and researchers. We are sharing the details of our study through the pre-print copy of our paper, whose abstract is provided here.
After several months of deliberations and discussions, I’m glad to announce that finally Australasian Software Engineering Conference (ASWEC) will be coming to Adelaide in late September this year; the exact dates are September 28 to October 1 2015. ASWEC will be coming to Adelaide after almost 18 years and we are really looking forward to hosting. A ASWEC2015 flyer can be downed and distributed. We have secured excellent keynote speakers and a series of invited speakers from industry and academia. We plan on building a non-conventioal and interesting program, which will not be heavily dependant upon scientific research findings; rather we are going to hugely engage industry and government agencies, particular local, educators at high schools and tertiary educational institutes, and several special interests groups.Read More »Australasian Software Engineering Conference Coming to Adelaide
The Software Engineering community is increasingly recognising the value of empirical evidence to support research and practice. Empirical evidence provides a means to evaluate the utility of promising research areas and to help practitioners to make informed technology adoption decisions. Hence, there is an increasing need for providing software engineering researchers and practitioners with appropriate knowledge and training in different methods and techniques to design, execute, analyze, and report empirical research. Software Engineering degree programs (both undergraduate and postgraduate) are expected to have high quality courses on Research Methods for imparting appropriate knowledge and skills of designing, connecting, analysing, and reporting empirical studies. There are an increasing number of books and articles on research methods, however, many Software Engineering degree programs appear to find it difficult to come up with a high quality course that can impart the knowledge, understanding, and skills of carrying out both quantitive and qualitative research a wide variety of topics in Software Engineering. Based on several tutorials We are also working on designing and running a course on research methods for our Software Engineering students. Read More »Research Methods for Software Engineering Students
During my recent visit to China, I visited the Software Engineering Laboratory, Software School at Fudan University in Shanghai. It has always a great pleasure visiting Professor Xin Peng and his team who are conducting an excellent research on challenging and important topics of Software Product Lines, Software Maintenance and Evolution, and Requirements Engineering. This was my second visit to the group and I always find quite useful and important research threads being followed by different graduate students and academic staff associated with the laboratory under the direction of Professor Xin Peng. I was also invited to give a talk to the group. I chose to present our work on privacy in mobile devices and data exfiltration challenges and countermeasures using Evidence Based Software Engineering. This work is ongoing and we are continuing updating the work on privacy issues in mobile computing and now this work would have collaborators from Open University UK. The abstract of the talk can give some ideas about our ongoing work in these areas:Read More »Visiting Software School at Fudan University, China
Software Design is one of the most important activities of Software Development lifecycle as the design decisions usually have significant impact on many other decisions to be made later on; most importantly software design facilities… Read More »Teaching Software Design with Holistic Personas
Knowledge sharing is critical for successful software development projects – Software Engineering community has been investing huge amount of efforts in supporting and promoting knowledge sharing over the last many years with mixed outcomes. Knowledge sharing for gaining common understanding is considered a central concern when software development work crosses geographical, cultural, or organizational boundaries. One of our key research topic is knowledge sharing in Globally Distributed teams. Recently I was invited to give a keynote talk at the XIII Brazilian Symposium on Software Quality (SBQS 2014) to be held in August in Brazil. Here are TalkinBrazil-05August2014 (19 MB size). I spoke about the knowledge sharing challenges and solutions . Read More »Keynote Talk on Knowledge Sharing & Global Software Development