Change search
Link to record
Permanent link

Direct link
BETA
Publications (10 of 45) Show all publications
Colesky, M., Demetzou, K., Fritsch, L. & Herold, S. (2019). Helping Software Architects Familiarize with theGeneral Data Protection Regulation. In: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C): . Paper presented at IEEE International Conference on Software Architecture, ICSA 2019, Hamburg, Germany (pp. 226-229). IEEE
Open this publication in new window or tab >>Helping Software Architects Familiarize with theGeneral Data Protection Regulation
2019 (Swedish)In: 2019 IEEE International Conference on Software Architecture Companion (ICSA-C), IEEE , 2019, p. 226-229Conference paper, Published paper (Refereed)
Abstract [en]

Abstract—The General Data Protection Regulation (GDPR)impacts any information systems that process personal datain or from the European Union. Yet its enforcement is stillrecent. Organizations under its effect are slow to adopt itsprinciples. One particular difficulty is the low familiarity withthe regulation among software architects and designers. Thedifficulty to interpret the content of the legal regulation ata technical level adds to that. This results in problems inunderstanding the impact and consequences that the regulationmay have in detail for a particular system or project context.In this paper we present some early work and emergingresults related to supporting software architects in this situation.Specifically, we target those who need to understand how theGDPR might impact their design decisions. In the spirit ofarchitectural tactics and patterns, we systematically identifiedand categorized 155 forces in the regulation. These results formthe conceptual base for a first prototypical tool. It enablessoftware architects to identify the relevant forces by guidingthem through an online questionnaire. This leads them to relevantfragments of the GDPR and potentially relevant privacy patterns.We argue that this approach may help software professionals,in particular architects, familiarize with the GDPR and outlinepotential paths for evaluation.

Place, publisher, year, edition, pages
IEEE, 2019
Keywords
software architecture; data privacy; decision support systems; design decisions
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-71838 (URN)10.1109/ICSA-C.2019.00046 (DOI)978-1-7281-1877-2 (ISBN)978-1-7281-1876-5 (ISBN)
Conference
IEEE International Conference on Software Architecture, ICSA 2019, Hamburg, Germany
Available from: 2019-04-15 Created: 2019-04-15 Last updated: 2019-09-19Bibliographically approved
Sinkala, Z. T., Blom, M. & Herold, S. (2018). A mapping study of software architecture recovery for software product lines. In: Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings. Paper presented at 12th European Conference on Software Architecture ECSA '18). Madrid, Spain: ACM Press, Article ID 49.
Open this publication in new window or tab >>A mapping study of software architecture recovery for software product lines
2018 (English)In: Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings, Madrid, Spain: ACM Press, 2018, article id 49Conference paper, Published paper (Refereed)
Abstract [en]

Migrating a family of software systems from ad-hoc development approaches such as `clone-and-own' towards software product lines (SPL) is a challenging task. Software architecture recovery techniques can play a crucial role in such a migration. However, it is to date still unclear how these techniques, which have been mostly developed for single system architecture recovery in mind, can be utilized in an SPL context most effectively. In this paper, we present a mapping study examining 35 research articles with the purpose of discussing the current state of the art in applying software architecture recovery techniques for SPL and identifying potential research gaps in this area. The results provide evidence that currently used approaches do not seem to consider the potential architectural degradation that might exist in the family of systems to be migrated. Moreover, it is hard to generalize across empirical studies as currently it seems difficult to compare and benchmark the approaches applied for software product line architecture (SPLA) extraction/reconstruction.

Place, publisher, year, edition, pages
Madrid, Spain: ACM Press, 2018
Keywords
mapping study, software architecture recovery, software architectures, software product lines, software reverse engineering
National Category
Software Engineering
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-69815 (URN)10.1145/3241403.3241454 (DOI)000455670400049 ()978-1-4503-6483-6 (ISBN)
Conference
12th European Conference on Software Architecture ECSA '18)
Projects
REVaMP2 - Round-Trip Engineering and Variability Management Platform and Process - http://www.revamp2-project.eu
Available from: 2018-10-22 Created: 2018-10-22 Last updated: 2019-06-14Bibliographically approved
Fischer-Hübner, S., Martucci, L., Fritsch, L., Pulls, T., Herold, S., Iwaya, L. H., . . . Albin, Z. (2018). A MOOC on Privacy by Design and the GDPR. In: Lynette Drevin, Marianthi Theocharidou (Ed.), Information Security Education: Towards a Cybersecure Society. Paper presented at 11th IFIP World Conference on Information Security Education (WISE 11), Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18–20, 2018, Proceedings (pp. 95-107). Cham, Switzerland: Springer
Open this publication in new window or tab >>A MOOC on Privacy by Design and the GDPR
Show others...
2018 (English)In: Information Security Education: Towards a Cybersecure Society / [ed] Lynette Drevin, Marianthi Theocharidou, Cham, Switzerland: Springer, 2018, p. 95-107Conference paper, Published paper (Refereed)
Abstract [en]

In this paper we describe how we designed a massive open online course (mooc) on Privacy by Design with a focus on how to achieve compliance with the eu gdpr principles and requirements in it engineering and management. This mooc aims at educating both professionals and undergraduate students, i.e., target groups with distinct educational needs and requirements, within a single course structure. We discuss why developing and publishing such a course is a timely decision and fulfills the current needs of the professional and undergraduate education. The mooc is organized in five modules, each of them with its own learning outcomes and activities. The modules focus on different aspects of the gdpr that data protection officers have to be knowledgeable about, ranging from the legal basics, to data protection impact assessment methods, and privacy-enhancing technologies. The modules were delivered using hypertext, digital content and three video production styles: slides with voice-over, talking heads and interviews. The main contribution of this work is the roadmap on how to design a highly relevant mooc on privacy by design and the gdpr aimed at an heterogeneous audience.

Place, publisher, year, edition, pages
Cham, Switzerland: Springer, 2018
Series
IFIP Advances in Information Technology (AICT) ; 531
Keywords
privacy, teaching, mooc, course design
National Category
Engineering and Technology Humanities and the Arts
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-69413 (URN)10.1007/978-3-319-99734-6_8 (DOI)978-3-319-99734-6 (ISBN)
Conference
11th IFIP World Conference on Information Security Education (WISE 11), Held at the 24th IFIP World Computer Congress, WCC 2018, Poznan, Poland, September 18–20, 2018, Proceedings
Projects
WISR
Funder
Knowledge Foundation, NU16
Available from: 2018-09-27 Created: 2018-09-27 Last updated: 2019-07-11Bibliographically approved
Ali, N., Baker, S., O’Crowley, R., Herold, S. & Buckley, J. (2018). Architecture consistency: State of the practice, challenges and requirements. Journal of Empirical Software Engineering, 23(1), 224-258
Open this publication in new window or tab >>Architecture consistency: State of the practice, challenges and requirements
Show others...
2018 (English)In: Journal of Empirical Software Engineering, ISSN 1382-3256, E-ISSN 1573-7616, Vol. 23, no 1, p. 224-258Article in journal (Refereed) Published
Abstract [en]

Architecture Consistency (AC) aims to align implemented systems with their intended architectures. Several AC approaches and tools have been proposed and empirically evaluated, suggesting favourable results. In this paper, we empirically examine the state of practice with respect to Architecture Consistency, through interviews with nineteen experienced software engineers. Our goal is to identify 1) any practises that the companies these architects work for, currently undertake to achieve AC; 2) any barriers to undertaking explicit AC approaches in these companies; 3) software development situations where practitioners perceive AC approaches would be useful, and 4) AC tool needs, as perceived by practitioners. We also assess current commercial AC tool offerings in terms of these perceived needs. The study reveals that many practitioners apply informal AC approaches as there are barriers for adopting more formal and explicit approaches. These barriers are: 1) Difficulty in quantifying architectural inconsistency effects, and thus justifying the allocation of resources to fix them to senior management, 2) The near invisibility of architectural inconsistency to customers, 3) Practitioners’ reluctance towards fixing architectural inconsistencies, and 4) Practitioners perception that huge effort is required to map the system to the architecture when using more formal AC approaches and tools. Practitioners still believe that AC would be useful in supporting several of the software development activities such as auditing, evolution and ensuring quality attributes. After reviewing several commercial tools, we posit that AC tool vendors need to work on their ability to support analysis of systems made up of different technologies, that AC tools need to enhance their capabilities with respect to artefacts such as services and meta-data, and to focus more on non-maintainability architectural concerns.

Place, publisher, year, edition, pages
Springer, 2018
Keywords
Software architecture, Consistency, Architectural drift, Empirical study, Architecture recovery, Architecture conformance and erosion
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-65226 (URN)10.1007/s10664-017-9515-3 (DOI)000424199400006 ()
Note

Se även rättelse till artikeln, DOI: 10.1007/s10664-017-9542-0

Available from: 2017-11-16 Created: 2017-11-16 Last updated: 2018-06-26Bibliographically approved
Ali, N., Baker, S., O'Crowley, R., Herold, S. & Buckley, J. (2018). Architecture consistency: State of the practice, challenges and requirements (vol 23, pg 224, 2018). Journal of Empirical Software Engineering, 23(3), 1868-1869
Open this publication in new window or tab >>Architecture consistency: State of the practice, challenges and requirements (vol 23, pg 224, 2018)
Show others...
2018 (English)In: Journal of Empirical Software Engineering, ISSN 1382-3256, E-ISSN 1573-7616, Vol. 23, no 3, p. 1868-1869Article in journal (Refereed) Published
Place, publisher, year, edition, pages
Dordrecht: , 2018
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-68093 (URN)10.1007/s10664-017-9542-0 (DOI)000433532300019 ()
Note

Det här är en rättelse till artikel med DOI: 10.1007/s10664-017-9515-3

Available from: 2018-06-26 Created: 2018-06-26 Last updated: 2018-06-26Bibliographically approved
Lenhard, J., Blom, M. & Herold, S. (2018). Exploring the suitability of source code metrics for indicating architectural inconsistencies. Software quality journal
Open this publication in new window or tab >>Exploring the suitability of source code metrics for indicating architectural inconsistencies
2018 (English)In: Software quality journal, ISSN 0963-9314, E-ISSN 1573-1367Article in journal (Refereed) Published
Abstract [en]

Software architecture degradation is a phenomenon that frequently occurs during software evolution. Source code anomalies are one of the several aspects that potentially contribute to software architecture degradation. Many techniques for automating the detection of such anomalies are based on source code metrics. It is, however, unclear how accurate these techniques are in identifying the architecturally relevant anomalies in a system. The objective of this paper is to shed light on the extent to which source code metrics on their own can be used to characterize classes contributing to software architecture degradation. We performed a multi-case study on three open-source systems for each of which we gathered the intended architecture and data for 49 different source code metrics taken from seven different code quality tools. This data was analyzed to explore the links between architectural inconsistencies, as detected by applying reflexion modeling, and metric values indicating potential design problems at the implementation level. The results show that there does not seem to be a direct correlation between metrics and architectural inconsistencies. For many metrics, however, classes more problematic as indicated by their metric value seem significantly more likely to contribute to inconsistencies than less problematic classes. In particular, the fan-in, a classes’ public API, and method counts seem to be suitable indicators. The fan-in metric seems to be a particularly interesting indicator, as class size does not seem to have a confounding effect on this metric. This finding may be useful for focusing code restructuring efforts on architecturally relevant metrics in case the intended architecture is not explicitly specified and to further improve architecture recovery and consistency checking tool support.

Place, publisher, year, edition, pages
Springer, 2018
Keywords
Architectural inconsistencies Software architecture degradation Reflexion modeling Source code metrics Code anomalies Multi-case study
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-66704 (URN)10.1007/s11219-018-9404-z (DOI)000462236000007 ()
Projects
DigitalWell Research (5465)
Funder
Region Värmland
Available from: 2018-03-15 Created: 2018-03-15 Last updated: 2019-06-12Bibliographically approved
Lenhard, J., Fritsch, L. & Herold, S. (2017). A Literature Study on Privacy Patterns Research. In: SEAA 2017 - 43rd Euromicro Conference Series on Software Engineering and Advanced Applications: . Paper presented at 2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA) Aug 30 - Sept 1. Vienna, Austria (pp. 194-200). IEEE
Open this publication in new window or tab >>A Literature Study on Privacy Patterns Research
2017 (English)In: SEAA 2017 - 43rd Euromicro Conference Series on Software Engineering and Advanced Applications, IEEE, 2017, p. 194-200Conference paper, Published paper (Refereed)
Abstract [en]

Context: Facing the implementation of the EU General Data Protection Regulation in May 2018, many commercial software providers will soon need to adapt their products to new privacy-related constraints. Privacy patterns defined for different aspects of the software engineering process promise to be a useful concept for this task. In this situation, it seems valuable to characterize the state of the research related to privacy patterns.Objective: To identify, characterize and classify the contributions made by published research results related to patterns in the context of considering privacy concerns in engineering software. Method: A literature review in form of a mapping study of scientific articles was performed. The resulting map structures the relevant body of work into multiple dimensions, illustrating research focuses and gaps.Results: Results show that empirical evidence in this field is scarce and that holistic approaches to engineering privacy into software based on patterns are lacking. This potentially hinders industrial adoption.Conclusion: Based on these results, we recommend to empirically validate existing privacy patterns, to consolidate them in pattern catalogues and languages, and to move towards seamless approaches from engineering privacy requirements to implementation.

Place, publisher, year, edition, pages
IEEE, 2017
Series
Software Engineering and Advanced Applications (SEAA), ISSN 2376-9505
Keywords
privacy patterns, privacy, software engineering, mapping study
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-65025 (URN)10.1109/SEAA.2017.28 (DOI)000426074600029 ()978-1-5386-2141-7 (ISBN)978-1-5386-2142-4 (ISBN)
Conference
2017 43rd Euromicro Conference on Software Engineering and Advanced Applications (SEAA) Aug 30 - Sept 1. Vienna, Austria
Available from: 2017-11-01 Created: 2017-11-01 Last updated: 2019-07-11Bibliographically approved
Lenhard, J., Hassan, M. M., Blom, M. & Herold, S. (2017). Are Code Smell Detection Tools Suitable For Detecting Architecture Degradation?. In: ECSA '17 Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings. Paper presented at 4th Workshop on Software Architecture Erosion and Architectural Consistency (SAEroCon 2017) co-located with the 11th European Conference on Software Architecture (ECSA 2017) (pp. 138-144). Association for Computing Machinery (ACM)
Open this publication in new window or tab >>Are Code Smell Detection Tools Suitable For Detecting Architecture Degradation?
2017 (English)In: ECSA '17 Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings, Association for Computing Machinery (ACM), 2017, p. 138-144Conference paper, Published paper (Refereed)
Abstract [en]

Context: Several studies suggest that there is a relation between code smells and architecture degradation. They claim that classes, which have degraded architecture-wise, can be detected on the basis of code smells, at least if these are manually identiÿed in the source code.

Objective: To evaluate the suitability of contemporary code smell detection tools by combining different smell categories for ÿnding classes that show symptoms of architecture degradation.

Method: A case study is performed in which architectural in-consistencies in an open source system are detected via reflexion modeling and code smell metrics are collected through several tools. Using data mining techniques, we investigate if it is possible to auto-matically and accurately classify classes connected to architectural inconsistencies based on the gathered code smell data.

Results: Results suggest that existing code smell detection techniques, as implemented in contemporary tools, are not sufficiently accurate for classifying whether a class contains architectural in-consistencies, even when combining categories of code smells.

Conclusion: It seems that current automated code smell detection techniques require ÿne-tuning for a speciÿc system if they are to be used for ÿnding classes with architectural inconsistencies. More research on architecture violation causes is needed to build more accurate detection techniques that work out-of-the-box.

Place, publisher, year, edition, pages
Association for Computing Machinery (ACM), 2017
Keywords
architecture erosion, code smells, data mining, case study
National Category
Software Engineering
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-63784 (URN)10.1145/3129790.3129808 (DOI)000426556400032 ()978-1-4503-5217-8 (ISBN)
Conference
4th Workshop on Software Architecture Erosion and Architectural Consistency (SAEroCon 2017) co-located with the 11th European Conference on Software Architecture (ECSA 2017)
Available from: 2017-09-18 Created: 2017-09-18 Last updated: 2018-11-16Bibliographically approved
Buckley, J., Herold, S. & Pruijt, L. (2017). The 4th Workshop on Software Architecture Erosion and Architectural Consistency (SAEroCon 2017). In: Book Group Author(s):ACM (Ed.), PROCEEDINGS 11TH EUROPEAN CONFERENCE ON SOFTWARE ARCHITECTURE (ECSA 2017) - COMPANION VOLUME: . Paper presented at 11th European Conference on Software Architecture (ECSA; Univ Kent, Canterbury, ENGLAND,SEP 11-15, 2017. Broadway, New York: Association for Computing Machinery (ACM)
Open this publication in new window or tab >>The 4th Workshop on Software Architecture Erosion and Architectural Consistency (SAEroCon 2017)
2017 (English)In: PROCEEDINGS 11TH EUROPEAN CONFERENCE ON SOFTWARE ARCHITECTURE (ECSA 2017) - COMPANION VOLUME / [ed] Book Group Author(s):ACM, Broadway, New York: Association for Computing Machinery (ACM), 2017Conference paper, Published paper (Other academic)
Place, publisher, year, edition, pages
Broadway, New York: Association for Computing Machinery (ACM), 2017
Series
PROCEEDINGS 11TH EUROPEAN CONFERENCE ON SOFTWARE ARCHITECTURE (ECSA 2017) - COMPANION VOLUME
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-66783 (URN)000426556400005 ()978-1-4503-5217-8 (ISBN)
Conference
11th European Conference on Software Architecture (ECSA; Univ Kent, Canterbury, ENGLAND,SEP 11-15, 2017
Available from: 2018-03-22 Created: 2018-03-22 Last updated: 2018-10-12Bibliographically approved
Knodel, J., Buckley, J. & Herold, S. (2017). The need for an open corpus of software architecture descriptions. In: 19. Workshop Software-Reengineering und -Evolution: 8. Workshop "Design for Future". Paper presented at Workshop Software-Reengineering und -Evolution. Gesellschaft für Informatik. Bad-Honnef, 8-10 May 2017 (pp. 25-26). Bad-Honnef: Gesellschaft für Informatik
Open this publication in new window or tab >>The need for an open corpus of software architecture descriptions
2017 (English)In: 19. Workshop Software-Reengineering und -Evolution: 8. Workshop "Design for Future", Bad-Honnef: Gesellschaft für Informatik, 2017, p. 25-26Conference paper, Published paper (Refereed)
Abstract [en]

Software architectures are the conceptual tool to share information about key aspects of a software system and to enable reasoning about the principal, most fundamental, and often most difficult-to-change design decisions of the system. Studies of failed software systems give evidence that architecture drift, erosion or degradation is a prevalent problem in industrial practice. But a recent systematic literature review [9] indicates that research currently investigates compliance checking or inconsistency detection only. To advance research we need an open and grounded corpus of software architecture description – serving as a basis for more sophisticated studies beyond detection only. Such a corpus could enable (1) to evaluate new approaches, (2) to provide means for fixing degradation (when it occurs or a-posteriori), (3) to compare and benchmark approaches and, ultimately, (4) enable longitudinal studies in the field.

Place, publisher, year, edition, pages
Bad-Honnef: Gesellschaft für Informatik, 2017
Keywords
software architecture, software architecture description, drift, erosion, degradation, open corpus
National Category
Computer Sciences Software Engineering
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-64486 (URN)
Conference
Workshop Software-Reengineering und -Evolution. Gesellschaft für Informatik. Bad-Honnef, 8-10 May 2017
Available from: 2017-10-13 Created: 2017-10-13 Last updated: 2018-07-03Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0002-3180-9182

Search in DiVA

Show all publications