Security bug reports can describe security critical vulnerabilities in software products. Bug tracking systems may contain thousands of reports, where relatively few them are related. Therefore finding unlabelled bugs among be challenging. To help engineers identify these quickly and accurately, text-based prediction models have been proposed. These often mislabel due to a number reasons such as class imbalance, the ratio non-security is very high. More critically, we observed that presence...

Non-functional requirements (NFRs), such as security and cost, are generally subjective oftentimes synergistic or conflicting with each other. Properly dealing NFRs requires a large body of knowledge – goals to be achieved, problems obstacles avoided, alternative solutions mitigate the problems, best compromising solution selected. However, few patterns exist for these kinds NFRs. In this paper, we present four NFR capturing reusing objective pattern, problem alternatives pattern selection...

The efficiency of energy usage applied to robots that implement autonomous duties such as floor cleaning depends crucially on the adopted path planning strategies. Energy-aware for complete coverage (CCPP) in reconfigurable raises interesting research, since ability change robot’s shape needs dynamic estimate model. In this paper, a CCPP predefined workspace by new platform (hTetro) which can self-reconfigure among seven tetromino cooperation hinge-based four blocks with independent...

As software-intensive digital systems become an integral part of modern life, ensuring that these are developed to satisfy security and privacy requirements is increasingly important societal concern. This paper examines how secure coding practice supported on Stack Overflow. Although there indications on-line environments not robust or accurate sources information, they used by large numbers developers. Findings demonstrate developers use conversation within the site actively connect with...

Research has established the wide variety of security failures in mobile apps, their consequences, and how app developers introduce or exacerbate them. What is not well known why do so---what rationale underpinning decisions they make which eventually strengthen weaken security? This all more complicated modern development's increasingly diverse demographic: growing numbers independent, solo, small team who have organizational structures support that larger software development houses enjoy.

A feature model captures various possible configurations of products within a product family. When configuring product, several features are selected and composed. Selecting at the program level has general limitation not being able to relate resulting configuration its requirements. As result, it is difficult decide whether given optimal. An optimal satisfies all stakeholder requirements quantitative constraints, while ensuring that there no extraneous in it. In relating configurations, we...

When showing that a software system meets certain security requirements, it is often necessary to work with formal and informal descriptions of the behavior, vulnerabilities, threats from potential attackers. In earlier work, Haley et al. [1] showed structured argumentation could deal such mixed descriptions. However, incomplete uncertain information, limited resources force practitioners settle for good-enough security. To these conditions practice, we extend method risk assessment. The...

Despite the availability of various methods and tools to facilitate secure coding, developers continue write code that contains common vulnerabilities. It is important understand why technological advances do not sufficiently in writing code. To widen our understanding developers' behaviour, we considered complexity security decision space using theory from cognitive social psychology. Our interdisciplinary study reported this article (1) draws on psychology literature provide conceptual...

As software becomes more ubiquitous, and the risk of cyber-crimes increases, ensuring that systems are forensic-ready (i.e., capable supporting potential digital investigations) is critical. However, little or no attention has been given to how well-suited existing engineering methodologies practices for systematic development such systems. In this paper, we consider meaning forensic readiness software, define requirements, highlight some open challenges in face readiness. We use a real...

The façade cleaning of high rise buildings is one the hazardous tasks that performed by human operators. Even after a significant advancement in construction technologies, several newfangled skyscrapers are still using manual method for glass panels. This research aimed at development robot, capable adapting to any kind building architecture. A robotic system vertical surfaces demands transformable morphology. self-reconfigurable robot potential solutions realize degrees adaptability....

This paper describes materials developed to engage professional developers in discussions about security. First, the work is framed context of ethnographic studies software development, highlighting how method used explore and investigate research aims for Motivating Jenny project. A description given a series practitioner engagements, that were develop reflection discussion tool using security stories taken from media internet sources. An explanation has been collect data within field...

Developers turn to Stack Overflow and other on-line sources find solutions security problems, but little is known about how they engage with guide one another in these environments or the perceptions of software this may encourage. This study joins recent calls understand more developers use Internet solve problems. Using qualitative methods, a set questions within channel were selected examined for themes. Preliminary findings reveal community practitioners: who are askers commenters, asked...

When software systems are verified against security requirements, formal and informal arguments provide a structure for organizing the artifacts. Our recent work on evolution of security-critical demonstrates that our argumentation technique is useful in limiting scope change identifying changes to properties. In support this work, we have developed OpenArgue, tool syntax checking, visualizing, formalizing, reasoning about incremental arguments. OpenArgue has been integrated with...

Security of software systems is general concern, yet breaches caused by common vulnerabilities still occur. Software developers are routinely called upon to "do more" address this situation. However there has been little focus on the developers' point view, and understanding how security features in their day-to-day activities. This paper reports preliminary findings semi-structured interviews taken during an ethnographic study professional one organization who not experts. The overall aims...

Software developers are often interested in particular changes programs that relevant to their current tasks: not all evolving software equally important. However, most existing differencing tools, such as diff, notify of more than they wish see. In this paper, we propose a technique specify and automatically detect only those deemed meaningful, or relevant, development task. Using four elementary annotations on the grammar any programming language, namely Ignore, Order, Prefer Scope, can...

Privacy requirements for mobile applications offer a distinct set of challenges engineering. First, they are highly dynamic, changing over time and locations, across the different roles agents involved kinds information that may be disclosed. Second, although some general privacy can elicited priori, users often refine them at runtime as interact with system its environment. Selectively disclosing to appropriate is therefore key management challenge, requiring carefully formulated amenable...

We propose the use of forensic requirements to drive automation a digital forensics process. augment traditional reactive processes with proactive evidence collection and analysis activities, provide immediate investigative suggestions before an investigation starts. These activities adapt depending on suspicious events, which in turn might require additional evidence. The process are also adapted findings.

Online freelance software development (OFSD) is a significant part of the industry and thriving online economy; recent survey by Stack Overflow reported that nearly 15% developers are independent contractors, freelancers, or self-employed. Although security an important quality requirement for social sustainability software, existing studies have shown differences in way issues handled working OFSD compared to those organisational environments. This paper investigates culture developers,...