Developing secure software requires the integration of numerous methods and tools into the development process, and software design is based on shared expert knowledge, claims, and opinions. Empirical methods, including data analytics, allow extracting knowledge and insights from the data that organizations collect from their processes and tools, and from the opinions of the experts who practice these processes and methods. This book introduces the reader to the fundamentals of empirical research methods, and demonstrates how these methods can be used to hone a secure software development lifecycle based on empirical data and published best practices.

The International Conference on Communications, Management, and Information Technology (ICCMIT'16) provides a discussion forum for scientists, engineers, educators and students about the latest discoveries and realizations in the foundations, theory, models and applications of systems inspired on nature, using computational intelligence methodologies, as well as in emerging areas related to the three tracks of the conference: Communication Engineering, Knowledge, and Information Technology. The best 25 papers to be included in the book will be carefully reviewed and selected from numerous submissions, then revised and expanded to provide deeper insight into trends shaping future ICT.

"A stereotype of computer science textbooks is that they are dry, boring, and sometimes even intimidating. As a result, they turn students' interests off from the subject matter instead of enticing them into it. This textbook is the opposite of such a stereotype. The author presents the subject matter in a refreshing story-telling style and aims to bring the Internet-generation of students closer to her stories." --Yingcai Xiao, The University of Akron Introduction to Middleware: Web Services, Object Components, and Cloud Computing provides a comparison of different middleware technologies and the overarching middleware concepts they are based on. The various major paradigms of middleware are introduced and their pros and cons are discussed. This includes modern cloud interfaces, including the utility of Service Oriented Architectures. The text discusses pros and cons of RESTful vs. non-RESTful web services, and also compares these to older but still heavily used distributed object/component middleware. The text guides readers to select an appropriate middleware technology to use for any given task, and to learn new middleware technologies as they appear over time without being greatly overwhelmed by any new concept. The book begins with an introduction to different distributed computing paradigms, and a review of the different kinds of architectures, architectural styles/patterns, and properties that various researchers have used in the past to examine distributed applications and determine the quality of distributed applications. Then it includes appropriate background material in networking and the web, security, and encoding necessary to understand detailed discussion in this area. The major middleware paradigms are compared, and a comparison methodology is developed. Readers will learn how to select a paradigm and technology for a particular task, after reading this text. Detailed middleware technology review sections allow students or industry practitioners working to expand their knowledge to achieve practical skills based on real projects so as to become well-functional in that technology in industry. Major technologies examined include: RESTful web services (RESTful cloud interfaces such as OpenStack, AWS EC2 interface, CloudStack; AJAX, JAX-RS, ASP.NET MVC and ASP.NET Core), non-RESTful (SOAP and WSDL-based) web services (JAX-WS, Windows Communication Foundation), distributed objects/ components (Enterprise Java Beans, .NET Remoting, CORBA). The book presents two projects that can be used to illustrate the practical use of middleware, and provides implementations of these projects over different technologies. This versatile and class-tested textbook is suitable (depending on chapters selected) for undergraduate or first-year graduate courses on client server architectures, middleware, and cloud computing, web services, and web programming.

Software Engineering for Science provides an in-depth collection of peer-reviewed chapters that describe experiences with applying software engineering practices to the development of scientific software. It provides a better understanding of how software engineering is and should be practiced, and which software engineering practices are effective for scientific software. The book starts with a detailed overview of the Scientific Software Lifecycle, and a general overview of the scientific software development process. It highlights key issues commonly arising during scientific software development, as well as solutions to these problems. The second part of the book provides examples of the use of testing in scientific software development, including key issues and challenges. The chapters then describe solutions and case studies aimed at applying testing to scientific software development efforts. The final part of the book provides examples of applying software engineering techniques to scientific software, including not only computational modeling, but also software for data management and analysis. The authors describe their experiences and lessons learned from developing complex scientific software in different domains. About the Editors Jeffrey Carver is an Associate Professor in the Department of Computer Science at the University of Alabama. He is one of the primary organizers of the workshop series on Software Engineering for Science (http://www.SE4Science.org/workshops). Neil P. Chue Hong is Director of the Software Sustainability Institute at the University of Edinburgh. His research interests include barriers and incentives in research software ecosystems and the role of software as a research object. George K. Thiruvathukal is Professor of Computer Science at Loyola University Chicago and Visiting Faculty at Argonne National Laboratory. His current research is focused on software metrics in open source mathematical and scientific software.

Automatic biometrics recognition techniques are increasingly important in corporate and public security systems and have increased in methods due to rapid field development. This book discusses classic behavioral biometrics as well as collects the latest advances in techniques, theoretical approaches, and dynamic applications. This future-looking book is an important reference tool for researchers, practitioners, academicians, and technologists. While there are existing books that focus on physiological biometrics or algorithmic approaches deployed in biometrics, this book addresses a gap in the existing literature for a text that is solely dedicated to the topic of behavioral biometrics.

From the Foreword "Getting CPS dependability right is essential to forming a solid foundation for a world that increasingly depends on such systems. This book represents the cutting edge of what we know about rigorous ways to ensure that our CPS designs are trustworthy. I recommend it to anyone who wants to get a deep look at these concepts that will form a cornerstone for future CPS designs." --Phil Koopman, Carnegie Mellon University, Pittsburgh, Pennsylvania, USA Trustworthy Cyber-Physical Systems Engineering provides practitioners and researchers with a comprehensive introduction to the area of trustworthy Cyber Physical Systems (CPS) engineering. Topics in this book cover questions such as What does having a trustworthy CPS actually mean for something as pervasive as a global-scale CPS? How does CPS trustworthiness map onto existing knowledge, and where do we need to know more? How can we mathematically prove timeliness, correctness, and other essential properties for systems that may be adaptive and even self-healing? How can we better represent the physical reality underlying real-world numeric quantities in the computing system? How can we establish, reason about, and ensure trust between CPS components that are designed, installed, maintained, and operated by different organizations, and which may never have really been intended to work together? Featuring contributions from leading international experts, the book contains sixteen self-contained chapters that analyze the challenges in developing trustworthy CPS, and identify important issues in developing engineering methods for CPS. The book addresses various issues contributing to trustworthiness complemented by contributions on TCSP roadmapping, taxonomy, and standardization, as well as experience in deploying advanced system engineering methods in industry. Specific approaches to ensuring trustworthiness, namely, proof and refinement, are covered, as well as engineering methods for dealing with hybrid aspects.

Formal methods traditionally address the question of transforming software engineering into a mature engineering discipline. This essentially refers to trusting that the software-intensive systems that form our society's infrastructures are behaving according to their specifications. More recently, formal methods are also used to understand properties and evolution laws of existing complex and adaptive systems-man-made such as smart electrical grids or natural ones such as biological networks. A tribute to Professor Kaisa Sere's contributions to the field of computer science, From Action Systems to Distributed Systems: The Refinement Approach is the first book to address the impact of refinement through a multitude of formal methods ranging from Action Systems to numerous related approaches in computer science research. It presents a state-of-the-art review on the themes of distributed systems and refinement. A fundamental part of Kaisa Sere's research consisted of developing Action Systems, a formalism for modeling, analysing, and constructing distributed systems. Within the design of distributed systems, Kaisa Sere's main research focus was on refinement-based approaches to the construction of systems ranging from pure software to hardware and digital circuits. Presenting scientific contributions from renowned researchers around the world, this edited book consists of five sections: Modeling, Analysis, Proof, Refinement, and Applications. Each chapter has been thoroughly reviewed by experts in the field. The book covers both traditional aspects in formal methods research, as well as current and innovative research directions. It describes the transition from the strong theory of refinement to a methodology that can be applied in practice, with tool support. Examining industrial applications of the methods discussed, this book is a suitable resource for graduate students, researchers, and practitioners interested in using formal methods to develop distributed systems of quality.

Practical Guidance on the Efficient Development of High-Quality Software Introduction to Software Engineering, Second Edition equips students with the fundamentals to prepare them for satisfying careers as software engineers regardless of future changes in the field, even if the changes are unpredictable or disruptive in nature. Retaining the same organization as its predecessor, this second edition adds considerable material on open source and agile development models. The text helps students understand software development techniques and processes at a reasonably sophisticated level. Students acquire practical experience through team software projects. Throughout much of the book, a relatively large project is used to teach about the requirements, design, and coding of software. In addition, a continuing case study of an agile software development project offers a complete picture of how a successful agile project can work. The book covers each major phase of the software development life cycle, from developing software requirements to software maintenance. It also discusses project management and explains how to read software engineering literature. Three appendices describe software patents, command-line arguments, and flowcharts.

In the decade since the idea of adapting the evidence-based paradigm for software engineering was first proposed, it has become a major tool of empirical software engineering. Evidence-Based Software Engineering and Systematic Reviews provides a clear introduction to the use of an evidence-based model for software engineering research and practice. The book explains the roles of primary studies (experiments, surveys, case studies) as elements of an over-arching evidence model, rather than as disjointed elements in the empirical spectrum. Supplying readers with a clear understanding of empirical software engineering best practices, it provides up-to-date guidance on how to conduct secondary studies in software engineering-replacing the existing 2004 and 2007 technical reports. The book is divided into three parts. The first part discusses the nature of evidence and the evidence-based practices centered on a systematic review, both in general and as applying to software engineering. The second part examines the different elements that provide inputs to a systematic review (usually considered as forming a secondary study), especially the main forms of primary empirical study currently used in software engineering. The final part provides practical guidance on how to conduct systematic reviews (the guidelines), drawing together accumulated experiences to guide researchers and students in planning and conducting their own studies. The book includes an extensive glossary and an appendix that provides a catalogue of reviews that may be useful for practice and teaching.

Computer games represent a significant software application domain for innovative research in software engineering techniques and technologies. Game developers, whether focusing on entertainment-market opportunities or game-based applications in non-entertainment domains, thus share a common interest with software engineers and developers on how to best engineer game software. Featuring contributions from leading experts in software engineering, the book provides a comprehensive introduction to computer game software development that includes its history as well as emerging research on the interaction between these two traditionally distinct fields. An ideal reference for software engineers, developers, and researchers, this book explores game programming and development from a software engineering perspective. It introduces the latest research in computer game software engineering (CGSE) and covers topics such as HALO (Highly Addictive, sociaLly Optimized) software engineering, multi-player outdoor smartphone games, gamifying sports software, and artificial intelligence in games. The book explores the use of games in software engineering education extensively. It also covers game software requirements engineering, game software architecture and design approaches, game software testing and usability assessment, game development frameworks and reusability techniques, and game scalability infrastructure, including support for mobile devices and web-based services.

A collection of best practices and effective implementation recommendations that are proven to work, Secure, Resilient, and Agile Software Development leaves the boring details of software security theory out of the discussion as much as possible to concentrate on practical applied software security for practical people. Written to aid your career as well as your organization, the book shows how to gain skills in secure and resilient software development and related tasks. The book explains how to integrate these development skills into your daily duties, thereby increasing your professional value to your company, your management, your community, and your industry. Secure, Resilient, and Agile Software Development was written for the following professionals: AppSec architects and program managers in information security organizations Enterprise architecture teams with application development focus Scrum teams DevOps teams Product owners and their managers Project managers Application security auditors With a detailed look at Agile and Scrum software development methodologies, this book explains how security controls need to change in light of an entirely new paradigm on how software is developed. It focuses on ways to educate everyone who has a hand in any software development project with appropriate and practical skills to Build Security In. After covering foundational and fundamental principles for secure application design, this book dives into concepts, techniques, and design goals to meet well-understood acceptance criteria on features an application must implement. It also explains how the design sprint is adapted for proper consideration of security as well as defensive programming techniques. The book concludes with a look at white box application analysis and sprint-based activities to improve the security and quality of software under development.

With recent advances in natural language understanding techniques and far-field microphone arrays, natural language interfaces, such as voice assistants and chatbots, are emerging as a popular new way to interact with computers. They have made their way out of the industry research labs and into the pockets, desktops, cars and living rooms of the general public. But although such interfaces recognize bits of natural language, and even voice input, they generally lack conversational competence, or the ability to engage in natural conversation. Today's platforms provide sophisticated tools for analyzing language and retrieving knowledge, but they fail to provide adequate support for modeling interaction. The user experience (UX) designer or software developer must figure out how a human conversation is organized, usually relying on commonsense rather than on formal knowledge. Fortunately, practitioners can rely on conversation science. This book adapts formal knowledge from the field of Conversation Analysis (CA) to the design of natural language interfaces. It outlines the Natural Conversation Framework (NCF), developed at IBM Research, a systematic framework for designing interfaces that work like natural conversation. The NCF consists of four main components: 1) an interaction model of "expandable sequences," 2) a corresponding content format, 3) a pattern language with 100 generic UX patterns and 4) a navigation method of six basic user actions. The authors introduce UX designers to a new way of thinking about user experience design in the context of conversational interfaces, including a new vocabulary, new principles and new interaction patterns. User experience designers and graduate students in the HCI field as well as developers and conversation analysis students should find this book of interest.

In the context of Distributed and Real-time Embedded Systems (DRES), system developers are faced with reducing system development cost and time while developing correct (relating to safe and QoS properties) and increasingly complex systems. To take up this challenge, Model Driven Development (MDD) advocates the intensive use of models and model transformations on several levels of abstraction. This book includes contributions from academic and professional experts on a range of topics related to MDD practices, methods and emerging technologies. After introducing general concepts about modeling and how to implement model transformations, two presentations provide an overview of the MARTE profile. Coverage is then given to the most common aspects of MDD for DRES: structuring architectures using components, designing hardware architecture, evaluation and validation through tests and performance analysis. Finally, guidance is given as to how and why MDD should be used by presenting a tool to support MDD and describing an industrial application of MDD concepts.

"The Testing Network" presents an integrated approach to testing based on cutting-edge methodologies, processes and tools in today's IT context. It means complex network-centric applications to be tested in heterogeneous IT infrastructures and in multiple test environments (also geographically distributed). The added-value of this book is the in-depth explanation of all processes and relevant methodologies and tools to address this complexity. Main aspects of testing are explained using TD/QC - the world-leader test platform.

This up-to-date know-how is based on real-life IT experiences gained in large-scale projects of companies operating worldwide. The book is abundantly illustrated to better show all technical aspects of modern testing in a national and international context. The author has a deep expertise by designing and giving testing training in large companies using the above-mentioned tools and processes. "The Testing Network" is a unique synthesis of core test topics applied in real-life.

This highly accessible textbook teaches programming from first principles. In common with many programming courses, it uses Python as the introductory programming language before going on to use Java as the vehicle for more advanced programming concepts. The first part, which teaches Python, covers fundamental programming concepts, such as data types and control structures and functions. It introduces more complex data types such as lists and dictionaries and also deals with file handling. It introduces object-oriented concepts and ends with a case study bringing together all the topics of the first semester. The second part uses Java to teach advanced concepts and centres around object-oriented programming, teaching key object-oriented concepts such as inheritance and polymorphism. The semester again ends with an advanced case study bringing together all the topics of the second semester. Topics and features: Assumes no prior knowledge, and makes the transition from Python to Java a smooth process Features numerous exercises and also an illustrative case study for each language Examines procedural and object-oriented methodologies, as well as design principles Covers such advanced topics as interfaces and lambda expressions, exceptions and Collections Includes a chapter on graphics programming in Python using Tkinter Introduces the latest Java technology for graphical interfaces, JavaFX Explains design concepts using UML notation Offering a gentle introduction to the field and assuming no prerequisite background, Programming in Two Semesters is the ideal companion to undergraduate modules in software development or programming. In addition, it will serve as a strong primer for professionals looking to strengthen their knowledge of programming with these languages.

Mashups are mostly lightweight Web applications that offer new functionalities by combining, aggregating and transforming resources and services available on the Web. Popular examples include a map in their main offer, for instance for real estate, hotel recommendations, or navigation tools. Mashups may contain and mix client-side and server-side activity. Obviously, understanding the incoming resources (services, statistical figures, text, videos, etc.) is a precondition for optimally combining them, so that there is always some undercover semantics being used. By using semantic annotations, neutral mashups permute into the branded type of semantic mashups. Further and deeper semantic processing such as reasoning is the next step. The chapters of this book reflect the diversity of real-life semantic mashups. Two overview chapters take the reader to the environments where mashups are at home and review the regulations (standards, guidelines etc.) mashups are based on and confronted with. Chapters focusing on DBpedia, search engines and the Web of Things inspect the main Web surroundings of mashups. While mashups upgrading search queries may be nearer to the everyday experience of readers, mashups using DBpedia input and sensor data from the real world lead to important new and therefore less known developments. Finally, the diversity of mashups is tracked through a few application areas: mathematical knowledge, speech, crisis and disaster management, recommendations (for games), inner-city information, and tourism. Participants of the AI Mashup Challenge wrote all the chapters of this book. The authors were writing for their current and future colleagues - researchers and developers all over the Web who integrate mashup functionalities into their thinking and possibly into their applications.

Written for those starting a career in IT or whose career is well advanced, this career guide shows how to blaze a path to success through the jungle of modern IT. With a career spanning five decades, the author shares lessons he learned the hard way so readers do not have to learn them the hard way. By emphasizing the importance of business processes and applications to IT, this book explains how to understand the value and positioning of hardware and software technology in order to make appropriate decisions. It addresses the importance of IT architecture and the roles service and systems management play. It also explains service level agreements (SLAs) and provides sample SLAs. Readers learn how to conduct IT assessments using SWOT (strengths, weaknesses, opportunities, and threats) analysis. It also shows how to use root-cause analysis (RCA) to detect the sources of failure and poor performance. An overview of risk management and the steps involved in developing a business continuity plan are also included. The book looks at all facets of an IT professional's career. It explains how to build an IT team and examines the roles and responsibilities within the team. It shows how to provide professional customer care to IT clients. Business executives recognize the importance of IT, and this book shows technology professionals how to thrive in the business world. It covers: Making effective presentations Report and proposal writing Negotiating and persuasion skills Running productive meetings Time and stress management The book also discusses such important career skills as listening, continual and incremental learning, and communicating at all levels. From its templates and checklists to its comprehensive and holistic view of a successful IT career, this book is an indispensable guide for every professional working in IT today and tomorrow.

This book provides insights into contemporary issues and challenges in multi-criteria decision models. It is a useful guide for identifying, understanding and categorising multi-criteria decision models, and ultimately implementing the analysis for effective decision-making. The use of multi-criteria decision models in software reliability engineering is a relatively new field of study, and this book collects all the latest methodologies, tools and techniques in one single volume. It covers model selection, assessment, resource allocation, release management, up-grade planning, open-source systems, bug tracking system management and defect prediction. Multi-Criteria Decision Models in Software Reliability: Methods and Applications will cater to researchers, academicians, post-graduate students, software developers, software reliability engineers and IT managers.

The text provides a comprehensive overview of the design aspects of the internet of things devices and covers the fundamentals of big data and data science. It explores various scenarios such as what are the middleware and frameworks available and how to build a stable, standards-based, and Secure internet of things device. It discusses important concepts including embedded programming techniques, machine-to-machine architecture, and the internet of things for smart city applications. It will serve as an ideal design book for professionals, senior undergraduate, and graduate students in the fields including electrical engineering, electronics and communication engineering, and computer engineering. The book- Covers applications and architecture needed to deliver solutions to end customers and readers. Discusses practical aspects of implementing the internet of things in diverse areas including manufacturing, and software development. Highlights big data concepts and embedded programming techniques. Presents technologies including machine to machine, integrated sensors, and radio-frequency identification. Introduces global system for mobile communication and precise details of standards based on internet of things architecture models. The book focuses on practical design aspects such as how to finalize a processor integrated circuit, which operating system to use, etc. in a single volume. It will serve as an ideal text for professionals, senior undergraduate, and graduate students in diverse engineering domains including electrical, electronics and communication, computer.

Updates content and introduces topics such as business changes and outsourcing. Addresses new cyber security risks such as IoT and Distributed Networks (i.e., blockchain). Covers strategy based on the OODA loop in the cycle. Demonstrates application of the concepts through short case studies of real-world incidents chronologically delineating related events. Discusses certifications and reference manuals in cyber security and digital forensics. Includes an entire chapter on tools used by professionals in the field.

Advances in Computers, the latest volume in the series published since 1960, presents detailed coverage of innovations in computer hardware, software, theory, design, and applications. In addition, it provides contributors with a medium in which they can explore their subjects in greater depth and breadth than journal articles usually allow. As a result, many articles have become standard references that continue to be of significant, lasting value in this rapidly expanding field.

Smart shipping is a future method for transporting ocean cargo and exploring the resources of oceans for medical drugs, food, energy resources, and other products. A smart ship is an integration of shipping with many fields such as fishing, manufacturing, navigation, communication, computing, control, sensing, etc., to provide better shipping and services. The purpose of this edited book is to provide state-of-the-art approaches and novel technologies for smart ships, covering a range of topics in these areas so that it will be an excellent reference book for the researchers, students, and professionals in these areas. It presents the fundamental technologies needed to build smart ships, and gives a clear explanation of them. This book will serve as a good reference for researchers to know the state of the art and to discover uncovered territory and develop new applications, as well as being a guideline for building future smart ships. Yang Xiao is a Full Professor in the Department of Computer Science at the University of Alabama, Tuscaloosa, Alabama, USA. Tieshan Li is a Full Professor in the School of Automation Engineering, University of Electronic Science and Technology of China, Chengdu, China.

- This book covers the production of dissertations in an area where students are much more comfortable writing code than writing academically. - With practical examples of bachelor dissertations and practical research methods utilised in the field of computer science and computer games such as survey methodologies, experimental methodologies, case studies, analysis techniques and reporting techniques, this book will break down the sometimes complicated-seeming nature of the dissertation. - Written to be concise yet comprehensive and with easily accessible language and examples, this book will take the mystery out of undergraduate dissertations in this field.

Managing Trade-Offs in Adaptable Software Architectures explores the latest research on adapting large complex systems to changing requirements. To be able to adapt a system, engineers must evaluate different quality attributes, including trade-offs to balance functional and quality requirements to maintain a well-functioning system throughout the lifetime of the system. This comprehensive resource brings together research focusing on how to manage trade-offs and architect adaptive systems in different business contexts. It presents state-of-the-art techniques, methodologies, tools, best practices, and guidelines for developing adaptive systems, and offers guidance for future software engineering research and practice. Each contributed chapter considers the practical application of the topic through case studies, experiments, empirical validation, or systematic comparisons with other approaches already in practice. Topics of interest include, but are not limited to, how to architect a system for adaptability, software architecture for self-adaptive systems, understanding and balancing the trade-offs involved, architectural patterns for self-adaptive systems, how quality attributes are exhibited by the architecture of the system, how to connect the quality of a software architecture to system architecture or other system considerations, and more.

Certifiable Software Applications 1: Main Processes is dedicated to the establishment of quality assurance and safety assurance. It establishes the context for achieving a certifiable software application. In it, the author covers recent developments such as the module, component and product line approach. Applicable standards are presented and security principles are described and discussed. Finally, the requirements for mastering quality and configuration are explained. In this book the reader will find the fundamental practices from the field and an introduction to the concept of software application.