Security patterns encapsulate security-related problems and solutions that recur in certain contexts for secure software system development and operations. Almost 500 security patterns have been proposed since the late 1990s. Technical investigations on their applications have advanced implementation, but the direction, overall picture, and significant technical challenges remain unclear. In this study, we propose a taxonomy for security pattern research by conducting a systematic literature review. Over 200 papers are categorized based on the taxonomy. The taxonomy is expected to guide practitioners to choose existing security pattern methods and tools. In addition, the taxonomy and the survey results should support communications among practitioners and researchers, and improve the quality of security pattern research and the effectiveness of security patterns.

Many researchers have proposed program visualization tools for memory management because this is a challenging concept for novice programmers. For example, SeeC and PythonTutor (PT) are state-of-the-art tools for C languages. However, three problems hinder the use of these and other tools: capability (P1), installability (P2), and usability (P3). (P1) Tools do not fully support dynamic memory allocation or File Input / Output (I/O) and Standard Input. (P2) Novice programmers often have difficulty installing SeeC due to its dependence on Clang and setting up an offline environment that uses PT. (P3) Revisualization of the modified source code in SeeC requires several steps. To alleviate these issues, we propose a new visualization tool called PlayVisualizerC (PVC). PVC, which is designed for novice C language programmers to provide solutions (S1-3) for P1-3. S1 offers complete support for dynamic memory allocation, standard I/O, and file I/O. S2 involves installation in a user web browser and its server program is initiated by executing a jar file. S3 reduces the steps required for revisualization. To evaluate PVC, we conducted an experiment and questionnaire involving 30 students. Students using PVC solved a set of four programming tasks on average 1.7 times faster and with 19% more correct answers than those using a current state-of-the-art visualization tool.

<p>Recent organizations are expected to grow up by innovation management of IoT (Internet of Things) in a broad sense covering from planning to implementation. However, in Japan, there is a shortage of advanced information technology professionals who master IoT and related technologies, and can lead innovation using them. This paper analyzes and classifies requirements of IoT technology and innovation management education for working professionals, then explain some representative educational programs.</p>

Aligning organizational goals and strategies is important in Business Process Management (BPM). The Horizontal Relation Identification Method (HoRIM), which is our extension of the GQM+Strategies framework, improves the strategic alignment between organizations. GQM+Strategies aligns the strategies across organizational units at different levels by a strategy model, which is a tree structure of strategies called a GQM+Strategies grid. HoRIM identifies and handles horizontal relations (e.g., conflicting and similar strategies) between strategies in different branches, but we have yet to adequately inspect the impact of HoRIM on identifying correct horizontal relations and improving grids. This lack of clarity hampers the application of HoRIM to industrial business strategy models. Herein, we evaluate the impact of HoRIM on the review process and the improvement process of GQM+Strategies grids using two experiments. The review experiment confirms that HoRIM identifies about 1.5 more horizontal relations than an ad hoc review. The modification experiment where four researchers evaluated the validity of improved grids by the ranking method suggests that HoRIM effectively modifies GQM+Strategies grids.

Aligning organizational goals and strategies is important in Business Process Management (BPM). The Horizontal Relation Identification Method (HoRIM), which is our extension of the GQM+Strategies framework, improves the strategic alignment between organizations. GQM+Strategies aligns the strategies across organizational units at different levels by a strategy model, which is a tree structure of strategies called a GQM+Strategies grid. HoRIM identifies and handles horizontal relations (e.g., conflicting and similar strategies) between strategies in different branches, but we have yet to adequately inspect the impact of HoRIM on identifying correct horizontal relations and improving grids. This lack of clarity hampers the application of HoRIM to industrial business strategy models. Herein, we evaluate the impact of HoRIM on the review process and the improvement process of GQM+Strategies grids using two experiments. The review experiment confirms that HoRIM identifies about 1.5 more horizontal relations than an ad hoc review. The modification experiment where four researchers evaluated the validity of improved grids by the ranking method suggests that HoRIM effectively modifies GQM+Strategies grids.

Aligning organizational goals and strategies is important in Business Process Management (BPM). The Horizontal Relation Identification Method (HoRIM), which is our extension of the GQM+Strategies framework, improves the strategic alignment between organizations. GQM+Strategies aligns the strategies across organizational units at different levels by a strategy model, which is a tree structure of strategies called a GQM+Strategies grid. HoRIM identifies and handles horizontal relations (e.g., conflicting and similar strategies) between strategies in different branches, but we have yet to adequately inspect the impact of HoRIM on identifying correct horizontal relations and improving grids. This lack of clarity hampers the application of HoRIM to industrial business strategy models. Herein, we evaluate the impact of HoRIM on the review process and the improvement process of GQM+Strategies grids using two experiments. The review experiment confirms that HoRIM identifies about 1.5 more horizontal relations than an ad hoc review. The modification experiment where four researchers evaluated the validity of improved grids by the ranking method suggests that HoRIM effectively modifies GQM+Strategies grids.

A software system is developed for satisfying requirements of stakeholders. Each requirement will be never satisfied without the collaboration of several components such as the system, devices and people interacting with them, i.e. users. However, a user does not or cannot always behave toward the other components according to their expectations. For example, a user sometimes makes mistake or even misuse of the system. The system thus has to encourage users to behave according to such expectations as well as possible. In this paper, we propose a method for eliciting software requirements that will improve users’ behavior with respect to the expectations. We rely on transparency, i.e. the open flow of information amongst stakeholders because no one can directly manipulate users but transparency has an influence on users’ behavior. We expect users will voluntarily behave better than ever when the system provides suitable information flows. We represent our method by using KAOS goal modeling notation, and show examples how it works.

A software system is developed for satisfying requirements of stakeholders. Each requirement will be never satisfied without the collaboration of several components such as the system, devices and people interacting with them, i.e. users. However, a user does not or cannot always behave toward the other components according to their expectations. For example, a user sometimes makes mistake or even misuse of the system. The system thus has to encourage users to behave according to such expectations as well as possible. In this paper, we propose a method for eliciting software requirements that will improve users’ behavior with respect to the expectations. We rely on transparency, i.e. the open flow of information amongst stakeholders because no one can directly manipulate users but transparency has an influence on users’ behavior. We expect users will voluntarily behave better than ever when the system provides suitable information flows. We represent our method by using KAOS goal modeling notation, and show examples how it works.

Aligning organizational goals and strategies is important in Business Process Management (BPM). The Horizontal Relation Identification Method (HoRIM), which is our extension of the GQM+Strategies framework, improves the strategic alignment between organizations. GQM+Strategies aligns the strategies across organizational units at different levels by a strategy model, which is a tree structure of strategies called a GQM+Strategies grid. HoRIM identifies and handles horizontal relations (e.g., conflicting and similar strategies) between strategies in different branches, but we have yet to adequately inspect the impact of HoRIM on identifying correct horizontal relations and improving grids. This lack of clarity hampers the application of HoRIM to industrial business strategy models. Herein, we evaluate the impact of HoRIM on the review process and the improvement process of GQM+Strategies grids using two experiments. The review experiment confirms that HoRIM identifies about 1.5 more horizontal relations than an ad hoc review. The modification experiment where four researchers evaluated the validity of improved grids by the ranking method suggests that HoRIM effectively modifies GQM+Strategies grids.

Software developments involving multiple organizations such as Open Source Software (OSS)-based projects tend to have numerous defects when one organization develops and another organization edits the program source code files. Developments with complex file creation, modification history (origin), and software architecture (functional layer) are increasing in OSS-based development. As an example, we focus on an Android smart phone and a VirtualBox development project, and propose new visualization techniques for product metrics based on file origin and functional layers. One is the Metrics Area Figure, which can express duplication of edits by multiple organizations intuitively using overlapping figures. The other is Origin City, which was inspired by Code City. It can represent the scale and other measurements, while simultaneously stacking functional layers as 3D buildings. The contributions of our paper are to propose new techniques, implement them as web applications, and share the results of our questionnaire. Our proposed techniques are useful not only to visualize the measured metrics, but also to improve the product quality.

The recovery of traceability links to requirements from a functional model created through analysis/design is crucial to understand existing systems for reuse, improvement or maintenance. Functional and non-functional requirements generally are implicitly interpreted and non-systematically woven into a functional model by analysts/designers. Traditional traceability link recovery methods focusing on terminology or syntactic structure, however, have a recovery limit because such interpretation and weave are not paid enough attention. This paper presents a novel idea to decompose such a functional model into model components in order to accurately trace a components to requirements especially non-functional requirements. We call such the decomposition traceability link mining. A screen transition model is adopted as the functional model because of the focus on usability.

In software and IT systems engineering, personal characteristics are expected to impact performance and attitude. To clarify the optimal composition in a team of students in academic education, we researched the relationship between student personality characteristics and learning effectiveness of teams using the Five Factor and Stress theory (FFS). The results taken from a Project-based Learning (PBL) course at Waseda University showed that educational effectiveness is highest when a team consists of management and anchor types without leadership types. In addition to FFS, we are currently adopting the Five Factor Model (FFM), which is a well-accepted personal characteristic model, to dig deeper the relationship in different courses on IT systems and software development conducted at various universities. Preliminary results show that although individual characteristics are not strongly correlated to learning effectiveness, there are a few strong team correlations. As our future work, we plan to acquire more data and investigate relationship between FFS measurements and FFM ones in terms of learning effectiveness.

Previous studies have researched how developer experience affects code quality, but they ignore work difficulty, although experienced developers are more likely to work on the more complex parts of a project. To examine work difficulty, we focus on revised files. Using product metrics, we evaluate file complexity in each type of file origin. Specifically, we analyze three large commercial projects (each project has about 250,000 LOC) executed by the same organization to analyze the relationship between previous project experience and developer's work. Although experienced developers do not always work on more complicated files, they introduce fewer defects, especially if the difference in work difficulty is not significant.

Although working in teams is an effective method for students to learn skills necessary for information systems, the optimal combination of team members to maximize the learning effectiveness has yet to be clarified. This study investigates the relationship between the combination of students' personality characteristics and learning effectiveness in three information system lecture courses. Two Five Factor Model (FFM) questionnaires were used to determine each student's personality characteristic. For each course, which has different styles, several different relationships are found. This study should assist educators in maximizing students' learning effectiveness in information systems courses involving teamwork.

Today's development environment has changed drastically; the development periods are shorter than ever and the number of team members has increased. Consequently, controlling the activities and predicting when a development will end are difficult tasks. To adapt to changes, we propose a generalized software reliability model (GSRM) based on a stochastic process to simulate developments, which include uncertainties and dynamics such as unpredictable changes in the requirements and the number of team members. We assess two actual datasets using our formulated equations, which are related to three types of development uncertainties by employing simple approximations in GSRM. The results show that developments can be evaluated quantitatively. Additionally, a comparison of GSRM with existing software reliability models confirms that the approximation by GSRM is more precise than those by existing models.

Bodies of Knowledge (BOK) contains the relevant knowledge for a discipline. BOK must embody the consensus reached by the community for which this BOK will be of application. This consensus is a prerequisite for the adoption of the BOK by the community. In this paper, we utilize a combinations of Software Engineering Body of Knowledge (SWEBOK), models representation, and design science methodology in order to describe the software engineering knowledge context (SEC). SWEBOK serves as backbone taxonomy, while models representation provides a context of representation. In the process of develop of this paper science design methodology was used to provide fundamental knowledge in software engineering (SE).

Software stakeholders, including developers, managers, and end users, require high quality software products. Several works have aimed to identify software quality, but the quality of software products is often not comprehensively, specifically, or effectively defined because previous approaches have focused on certain quality aspects. Moreover, the evaluation results of quality metrics often depend on software stakeholders so that it is often hard to compare quality evaluation results across software products. ISO/IEC has tried to define evaluation methods for the quality of software products and provide common standards, called the SQuaRE (Systems and software Quality Requirements and Evaluation) series including ISO/IEC 25022:2016 and ISO/IEC 25023:2016. However, the SQuaRE series include ambiguous metrics so that it is not always easy to apply the series to products and compare results. In this paper, we propose a SQuaRE-based software quality evaluation framework, which successfully concretized many product metrics and quality in use metrics originally defined in the SQuaRE series1. Through a case study targeting a commercial software product, we confirmed that our framework is concretely applicable to the software package/service product.

Design Patterns provide solutions to problems that are notably prevailing in software engineering. The paper targets the importance of design patterns, but also aims on how design patterns uncover and fortify good object oriented principles. A design pattern called Bout was discovered to maintain sessions for a specific period of time. The design is a generic solution to implementing web portals by storing session data of clients on the server. The Bout pattern comprises the design principle of Singleton and Prototype patterns, thus guaranteeing a more reusable design. The Bout pattern is documented in the Gang of Four pattern description template. The Bout pattern was tested with a Job Portal system with additional patterns, Factory Method, Decorator and Observer, with significant improvement in object oriented design metrics. Metrics which showed a significant enhancement were Depth of Inheritance Tree and McCabe Cyclomatic Complexity. The reusability of black box components was analyzed for the Job Portal system which shows a momentous rise in the metrics. The source code was analyzed for modularity traits such as size, complexity, cohesion and coupling, which in turn determines the class quality, package quality and hence the modularity index. These quality metrics showed a symbolic upswing with Bout pattern and supporting patterns. Thus software designers can enhance the quality of distributed systems with the exercising of Bout pattern.

To improve practical IT education, many Japanese universities are implementing project-based learning (PBL). Although a previous study examined the relationship between educational effectiveness and the scatter of personal characteristics, the relationship between educational effectiveness and the combination of personal characteristics in a team, which is important to optimize the team composition for PBL, has yet to be examined. Herein, we use the five factor and stress theory to measure personal characteristics and classify students enrolled in a PBL class at Waseda University into four types-leadership, management, tugboat, and anchor. Then, knowledge and skills questionnaires are used to measure educational effectiveness. The results show that educational effectiveness is highest when a team consists of management and anchor types without leadership types. The results are preliminary, because the practical usefulness of our results is limited as the experiment of the paper targeted only one PBL course of one university. For that reason, we need to collect data from other PBL course at the same or other university.

To improve practical IT education, many Japanese universities are implementing project-based learning (PBL). Although a previous study examined the relationship between educational effectiveness and the scatter of personal characteristics, the relationship between educational effectiveness and the combination of personal characteristics in a team, which is important to optimize the team composition for PBL, has yet to be examined. Herein, we use the five factor and stress theory to measure personal characteristics and classify students enrolled in a PBL class at Waseda University into four types-leadership, management, tugboat, and anchor. Then, knowledge and skills questionnaires are used to measure educational effectiveness. The results show that educational effectiveness is highest when a team consists of management and anchor types without leadership types. The results are preliminary, because the practical usefulness of our results is limited as the experiment of the paper targeted only one PBL course of one university. For that reason, we need to collect data from other PBL course at the same or other university.

In software development, defects are inevitable. To improve reliability, software reliability growth models are useful to analyze projects. Selecting an expedient model can also help with defect predictions, but the model must be well fitted to all the original data. A particular software reliability growth model may not fit all the data well. To overcome this issue, herein we use multistage modeling to fit defect data. In the multistage model, an evaluation is used to divide the data into several parts. Each part is fitted with its own growth model, and the separate models are recombined. As a case study, projects provided by a Japanese enterprise are analyzed by both traditional software reliability growth models and the multistage model. The multistage model has a better performance for data with a poor fit using a traditional software reliability growth model.

Test Driven Development as well as the documentation of tests and their architecture are today an important pillar of software quality assurance. The change of requirements during the implementation phase entails a need to change tests as well as the test documentation of the software. Since unit tests are specified in the implementation language, an interdisciplinary readable documentation must be maintained, which is structurally easier to comprehend and also make the test transparent for persons who are not involved into code writing. This leads to additional effort, costs and possibly inconsistencies between the test and its documentation. This gap in the workflow could be closed by Tanni - a domain specific language, which allows the specification of test cases in the form of interdisciplinary readable tables without requiring programming skills. Based on them executable test code for the respective unit test framework is generated. This merges specification and documentation of unit test cases to one step of work. By this the mentioned additional effort, costs and imminent inconsistencies can be reduced. The Language Workbench Meta Programming System from JetBrains serves as a technological base and is enabler for further positive effects which possibly could be gained by using the described language.

Static-type systems are a major topic in programming language research and the software industry because they should reduce the development time and increase the code quality. Additionally, they are predicted to decrease the number of defects in a code due to early error detection. However, only a few empirical experiments exist on the potential benefits of static-type systems in programming activities. This paper describes an experiment that tests whether static-type systems help developers create solutions for certain programming tasks. The results indicate that although the existence of a static-type system has no positive impact when subjects code a program from scratch, it does allow more errors in program debugging to be fixed.

Test Driven Development as well as the documentation of tests and their architecture are today an important pillar of software quality assurance. The change of requirements during the implementation phase entails a need to change tests as well as the test documentation of the software. Since unit tests are specified in the implementation language, an interdisciplinary readable documentation must be maintained, which is structurally easier to comprehend and also make the test transparent for persons who are not involved into code writing. This leads to additional effort, costs and possibly inconsistencies between the test and its documentation. This gap in the workflow could be closed by Tanni - a domain specific language, which allows the specification of test cases in the form of interdisciplinary readable tables without requiring programming skills. Based on them executable test code for the respective unit test framework is generated. This merges specification and documentation of unit test cases to one step of work. By this the mentioned additional effort, costs and imminent inconsistencies can be reduced. The Language Workbench Meta Programming System from JetBrains serves as a technological base and is enabler for further positive effects which possibly could be gained by using the described language.

In software development, defects are inevitable. To improve reliability, software reliability growth models are useful to analyze projects. Selecting an expedient model can also help with defect predictions, but the model must be well fitted to all the original data. A particular software reliability growth model may not fit all the data well. To overcome this issue, herein we use multistage modeling to fit defect data. In the multistage model, an evaluation is used to divide the data into several parts. Each part is fitted with its own growth model, and the separate models are recombined. As a case study, projects provided by a Japanese enterprise are analyzed by both traditional software reliability growth models and the multistage model. The multistage model has a better performance for data with a poor fit using a traditional software reliability growth model.

Static-type systems are a major topic in programming language research and the software industry because they should reduce the development time and increase the code quality. Additionally, they are predicted to decrease the number of defects in a code due to early error detection. However, only a few empirical experiments exist on the potential benefits of static-type systems in programming activities. This paper describes an experiment that tests whether static-type systems help developers create solutions for certain programming tasks. The results indicate that although the existence of a static-type system has no positive impact when subjects code a program from scratch, it does allow more errors in program debugging to be fixed.

Personas are fictional characters used to understand users' requirements. Many researchers have proposed persona development methods from quantitative data (data-driven personas development). However, it is not assumed that personas in these works are used continuously and these personas cannot reflect on unpredictable changes in users. It is difficult to plan reliable strategies in a web service because users' preference dynamically changes. To develop more suitable personas for decision-making in a web service, this paper proposes Iterative Data-Driven Development of Personas (ID3P). In particular, to detect an unpredictable change in users' characteristics, our proposal includes an iterative process where the personas are quantitatively evaluated and revised in each iteration. Moreover, it provides a quantitative evaluation of business strategies based on GQM+Strategies and personas. To verify our proposal, we applied it to Yahoo!JAPAN's web service called Netallica.

Personas are fictional characters used to understand users' requirements. Many researchers have proposed persona development methods from quantitative data (data-driven personas development). However, it is not assumed that personas in these works are used continuously and these personas cannot reflect on unpredictable changes in users. It is difficult to plan reliable strategies in a web service because users' preference dynamically changes. To develop more suitable personas for decision-making in a web service, this paper proposes Iterative Data-Driven Development of Personas (ID3P). In particular, to detect an unpredictable change in users' characteristics, our proposal includes an iterative process where the personas are quantitatively evaluated and revised in each iteration. Moreover, it provides a quantitative evaluation of business strategies based on GQM+Strategies and personas. To verify our proposal, we applied it to Yahoo!JAPAN's web service called Netallica.

This chapter discusses common pitfalls and their countermeasures in software quality measurements and evaluations based on research and practical achievements. The pitfalls include negative Hawthorne effects, organization misalignment, uncertain future, and self-certified quality. Corresponding countermeasures include goal-oriented multidimensional measurements, alignment visualization and exhaustive identification of rationales, prediction incorporating uncertainty and machine learning-based measurement improvement, and standard/pattern-based evaluation.

Traceability is important knowledge for improving the artifacts of software and systems and processes related to them. Even in a single system, various kinds of artifacts exist. Various kinds of processes also exist, and each of them relates to different kinds of artifacts. Traceability over them has thus large diversity. In addition, developers in each process have different types of purposes to improve their artifacts and process. Research results in traceability have to be categorized and analyzed so that such a developer can choose one of them to achieve his/her purposes. In this paper, we report on the results of Systematic Literature Review (SLR) related to software and systems traceability. Our SLR is preliminary one because we only analyzed articles in ACM digital library and IEEE computer society digital library. We found several interesting trends in traceability research. For example, researches related to creating or maintaining traceability are larger than those related to using it or thinking its strategy. Various kinds of traceability purposes are addressed or assumed in many researches, but some researches do not specify purposes. Purposes related to changes and updates are dominant.

Monitoring the results of software reliability growth models (SRGMs) helps evaluate project's situations. SRGMs are used to measure the reliability of software by analyzing the relations between the number of detected bugs and the detected time to predict the number of remaining bugs within the software. For example, development managers apply a SRGM to the number of detected bugs and the detected time to predict the number of remaining bugs. Sometimes the SRGM results cause managers to make incorrect decisions because the results are temporary snapshots that change as a development progresses. We propose a method to help evaluate a project's qualities by monitoring the results of SRGM applications. We collected the number of detected bugs and the detected time in the test phases for cloud services provided by e-Seikatsu Co., Ltd. to real estate businesses. The datasets contain about 34 cloud service features. The evaluation found that our method provides correct answers for 29 features and incorrect answers for 5 features.

Monitoring the results of software reliability growth models (SRGMs) helps evaluate project's situations. SRGMs are used to measure the reliability of software by analyzing the relations between the number of detected bugs and the detected time to predict the number of remaining bugs within the software. For example, development managers apply a SRGM to the number of detected bugs and the detected time to predict the number of remaining bugs. Sometimes the SRGM results cause managers to make incorrect decisions because the results are temporary snapshots that change as a development progresses. We propose a method to help evaluate a project's qualities by monitoring the results of SRGM applications. We collected the number of detected bugs and the detected time in the test phases for cloud services provided by e-Seikatsu Co., Ltd. to real estate businesses. The datasets contain about 34 cloud service features. The evaluation found that our method provides correct answers for 29 features and incorrect answers for 5 features.

To achieve overall business goals, GQM+Strategies is one approach that aligns business goals at each level of an organization to strategies and assesses the achievement of goals. Strategies are based on rationales ( contexts and assumptions). Because extracting all rationales is an important process in the GQM+Strategies approach, we propose the Context-Assumption-Matrix ( CAM), which refines the GQM+Strategies model by extracting rationales based on analyzing the relationships between stakeholders, and the process of using GQM+Strategies with CAM effectively. To demonstrate the effectiveness of the CAM and the defined process, we conducted three experiments involving students majoring in information sciences at two different Japanese universities. Moreover, we applied the GQM+Strategies approach with CAM to the Recruit Sumai Company in Japan. The results reveal that compared to GQM+Strategies alone, GQM+Strategies with CAM can extract rationales of the same quality more efficiently and exhaustively.

To achieve overall business goals, GQM+Strategies is one approach that aligns business goals at each level of an organization to strategies and assesses the achievement of goals. Strategies are based on rationales ( contexts and assumptions). Because extracting all rationales is an important process in the GQM+Strategies approach, we propose the Context-Assumption-Matrix ( CAM), which refines the GQM+Strategies model by extracting rationales based on analyzing the relationships between stakeholders, and the process of using GQM+Strategies with CAM effectively. To demonstrate the effectiveness of the CAM and the defined process, we conducted three experiments involving students majoring in information sciences at two different Japanese universities. Moreover, we applied the GQM+Strategies approach with CAM to the Recruit Sumai Company in Japan. The results reveal that compared to GQM+Strategies alone, GQM+Strategies with CAM can extract rationales of the same quality more efficiently and exhaustively.

To achieve overall business goals, GQM+Strategies is one approach that aligns business goals at each level of an organization to strategies and assesses the achievement of goals. Strategies are based on rationales ( contexts and assumptions). Because extracting all rationales is an important process in the GQM+Strategies approach, we propose the Context-Assumption-Matrix ( CAM), which refines the GQM+Strategies model by extracting rationales based on analyzing the relationships between stakeholders, and the process of using GQM+Strategies with CAM effectively. To demonstrate the effectiveness of the CAM and the defined process, we conducted three experiments involving students majoring in information sciences at two different Japanese universities. Moreover, we applied the GQM+Strategies approach with CAM to the Recruit Sumai Company in Japan. The results reveal that compared to GQM+Strategies alone, GQM+Strategies with CAM can extract rationales of the same quality more efficiently and exhaustively.

To achieve overall business goals, GQM+Strategies is one approach that aligns business goals at each level of an organization to strategies and assesses the achievement of goals. Strategies are based on rationales (contexts and assumptions). Because extracting all rationales is an important process in the GQM+Strategies approach, we propose the Context-Assumption-Matrix (CAM), which refines the GQM+Strategies model by extracting rationales based on analyzing the relationships between stakeholders, and the process of using GQM+Strategies with CAM effectively. To demonstrate the effectiveness of the CAM and the defined process, we conducted three experiments involving students majoring in information sciences at two different Japanese universities. Moreover, we applied the GQM+Strategies approach with CAM to the Recruit Sumai Company in Japan. The results reveal that compared to GQM+Strategies alone, GQM+Strategies with CAM can extract rationales of the same quality more efficiently and exhaustively.

Although both visual and text environments have been used to teach programming, the most appropriate method for beginners is unknown. Herein we research the most suitable programming environment to introduce programming to beginners using Minecraft to provide different programming learning environments (Visual or Text) via ComputerCraftEdu as an extended function. The learning effects between these two environments are compared using a lecture course. The results show that a visual environment is more suitable to introduce programming to beginners.

Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an "aspect test template" to observe the internal processing and a "test case template". Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.

Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an "aspect test template" to observe the internal processing and a "test case template". Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.

Clouds do not work in isolation but interact with other clouds and with a variety of systems either developed by the same provider or by external entities with the purpose to interact with them
forming then an ecosystem. A software ecosystem is a collection of software systems that have been developed to coexist and evolve together. The stakeholders of such a system need a variety of models to give them a perspective of the possibilities of the system, to evaluate specific quality attributes, and to extend the system. A powerful representation when building or using software ecosystems is the use of architectural models, which describe the structural aspects of such a system. These models have value for security and compliance, are useful to build new systems, can be used to define service contracts, find where quality factors can be monitored, and to plan further expansion. We have described a cloud ecosystem in the form of a pattern diagram where its components are patterns and reference architectures. A pattern is an encapsulated solution to a recurrent problem. We have recently expanded these models to cover fog systems and containers. Fog Computing is a highly-virtualized platform that provides compute, storage, and networking services between end devices and Cloud Computing Data Centers
a Software Container provides an execution environment for applications sharing a host operating system, binaries, and libraries with other containers. We intend to use this architecture to answer a variety of questions about the security of this system as well as a reference to design interacting combinations of heterogeneous components. We defined a metamodel to relate security concepts which is being expanded.

To achieve the business objectives of an organization, the business goals and strategies must align. GQM+Strategies® is a method that aligns goals and strategies. By repeatedly defining lower-level goals and strategies, GQM+Strategies creates grids, which are specified from the initial set of goals and strategies, to link goals and strategies across different level units. Although the above approach can maintain consistency within a vertical refinement tree, horizontal relations at different branches may be missed. Herein we propose the Horizontal Relation Identification Method (HoRIM) to identify horizontal relations. HoRIM is an approach that detects the difference between the initial GQM+Strategies grid and a model obtained by applying Interpretive Structural Modeling (ISM) to the grid. ISM provides a hierarchical structure from the relation matrix that presents the relations between elements. An experiment confirms that HoRIM identifies about 1.5 times more horizontal relations than an ad hoc review. Additionally, an industrial application demonstrates the practical value of HoRIM.

To achieve the business objectives of an organization, the business goals and strategies must align. GQM+Strategies® is a method that aligns goals and strategies. By repeatedly defining lower-level goals and strategies, GQM+Strategies creates grids, which are specified from the initial set of goals and strategies, to link goals and strategies across different level units. Although the above approach can maintain consistency within a vertical refinement tree, horizontal relations at different branches may be missed. Herein we propose the Horizontal Relation Identification Method (HoRIM) to identify horizontal relations. HoRIM is an approach that detects the difference between the initial GQM+Strategies grid and a model obtained by applying Interpretive Structural Modeling (ISM) to the grid. ISM provides a hierarchical structure from the relation matrix that presents the relations between elements. An experiment confirms that HoRIM identifies about 1.5 times more horizontal relations than an ad hoc review. Additionally, an industrial application demonstrates the practical value of HoRIM.

Learning to programming language is difficult. One solution is to use a digital game, which increases motivation of first-time learners. In this paper, we were executing programming learning with MincraftEdu of sandbox game and ComputerCraftEdu of expansion function. In addition, learning method to programming has illustration-based programming and text-based programming in ComputerCraftEdu. We compare the programming way of illustration programming and text programming. In this result, there was a significant difference towards the illustration-based programming throughout the comparison. In this paper, we present the results.

Agile development is aimed at minimising overall risk and encouraging rapid and flexible response to specification changes by using an iterative process. Despite its iterative feature, studies on the effects of iteration length have been lacking. Currently, there is no established method to quantitatively determine the appropriate iteration length, and abortion of projects with an inappropriate iteration length has been reported. We therefore create a model of agile development that focuses on iteration length, and propose a method of simulating a particular project to estimate the appropriate iteration length. Furthermore, we simulate diverse situations using various parameters to understand the relationship between the iteration length and project constraints. Our results show that the appropriate iteration length depends on the condition of the project constraints
the larger the amount of uncertainty, the shorter the appropriate iteration length, while the higher the complexity of the project, the longer the iteration length should be.

Manual code inspections are intense and time-consuming activities to improve the maintainability and reusability of source code. Although automatic detection of high-risk source code file by metrics thresholds can help inspectors, determining the optimal thresholds is difficult Thus, we propose an iterative process to defin and improve GQM models with metrics thresholds to detect high-risk files Our process clarifie experts' viewpoints in the inspection and the measurement metrics using the GQM method, define how to interpret the metrics values, searches concrete thresholds for a specifi project by supervised learning using some of the file in the project as training data, and analyzes how to improve models and thresholds. We implemented our tool in R language and evaluated our process using a industrial project. Small-sized embedded C++ systems require only a few training data.

Agile development is aimed at minimising overall risk and encouraging rapid and flexible response to specification changes by using an iterative process. Despite its iterative feature, studies on the effects of iteration length have been lacking. Currently, there is no established method to quantitatively determine the appropriate iteration length, and abortion of projects with an inappropriate iteration length has been reported. We therefore create a model of agile development that focuses on iteration length, and propose a method of simulating a particular project to estimate the appropriate iteration length. Furthermore, we simulate diverse situations using various parameters to understand the relationship between the iteration length and project constraints. Our results show that the appropriate iteration length depends on the condition of the project constraints
the larger the amount of uncertainty, the shorter the appropriate iteration length, while the higher the complexity of the project, the longer the iteration length should be.

We propose a metamodel for handling security and privacy in cloud service development and operation. The metamodel is expected to be utilized for building a knowledge base to accumulate, classify and reuse existing cloud security and privacy patterns and practices in a consistent and uniform way. Moreover the metamodel and knowledge base are expected to be utilized for designing and maintaining architectures for cloud service systems incorporating security and privacy.

To improve practical IT education, many universities are implementing project-based learning (PBL). Although researchers have examined the relationship between projects and personality, they have not investigated the type of projects and team construction based on personality. We consider not to construct optimal team for the view of educational effectiveness if we do not understand the difference of each course characteristic. Herein the Five Factor & Stress theory is used to measure personal characteristics and classify students enrolled in two different PBL courses at a university into four types - leadership, management, tugboat, and anchor. Then knowledge and skills questionnaires are used to measure educational effectiveness. The results show that educational effectiveness is highest when a team consists of management and anchor types but not leadership types in the PBL course which teaches system development, and a team without management types is consisted in the PBL course which teaches IT management strategy.

Students working in teams to complete software tasks is an effective method to learn necessary skills. Previously we examined the educational effectiveness as a function of personal characteristics, but the findings were inconclusive. Because we hypothesize that team discussions impact learning and are related to educational effectiveness, this study investigates the influence of team discussions on learning effectiveness in various types of software engineering education courses. Students' responses to questionnaires about how much students contribute to discussions indicate that learning effectiveness and the number of remarks during a discussion are related. Additionally, upon comparing two learning courses (a system development course and a IT management course), two antithetical results are elucidated. We expect that this research will help improve the effectiveness of educators leading student team discussions.

Because program behaviors of database applications depend on the data used, code coverages do not effectively test database applications. Additionally, test coverages for database applications that focus on predicates in Structured Query Language (SQL) queries are not useful if the necessary predicates are omitted. In this paper, we present two new database applications using Plain Pairwise Coverage (PPC) and Selected Pairwise Coverage (SPC) for SQL queries called Plain Pairwise Coverage Testing (PPCT) and Selected Pairwise Coverage Testing (SPCT), respectively. These coverages are based on pairwise testing coverage, which employs selected elements in the SQL SELECT query as parameters. We also implement a coverage calculation tool and conduct case studies on two open source software systems. PPCT and SPCT can detect many faults, which are not detected by existing test methods based on predicates in the query. Furthermore, the case study suggests that SPCT can detect faults more efficiently than PPCT and the costs of SPCT can be further reduced by ignoring records filtered out by the conditions of the query.

To improve practical IT education, many universities are implementing project-based learning (PBL). Although researchers have examined the relationship between projects and personality, they have not investigated the type of projects and team construction based on personality. We consider not to construct optimal team for the view of educational effectiveness if we do not understand the difference of each course characteristic. Herein the Five Factor & Stress theory is used to measure personal characteristics and classify students enrolled in two different PBL courses at a university into four types - leadership, management, tugboat, and anchor. Then knowledge and skills questionnaires are used to measure educational effectiveness. The results show that educational effectiveness is highest when a team consists of management and anchor types but not leadership types in the PBL course which teaches system development, and a team without management types is consisted in the PBL course which teaches IT management strategy.

When developers operate a service, both the business objectives and users' requirements must be satisfied. However, the interest between a business strategy and an action for the users is often unclear. Moreover, users' requirements that are inferred from user data analysis may not correspond with users' real requirements. In this paper, we propose the GO-MUC method (Goal-oriented Measurement for Usability and Conflict) and apply it to Yahoo! Crowdsourcing. The GO-MUC method can develop a strategy considering requirements of both the user and the business. Our results validate this method; this method can find an interest between the business side and users side and plan more effective and user-friendly strategies to resolve a conflicting interest.

Students working in teams to complete software tasks is an effective method to learn necessary skills. Previously we examined the educational effectiveness as a function of personal characteristics, but the findings were inconclusive. Because we hypothesize that team discussions impact learning and are related to educational effectiveness, this study investigates the influence of team discussions on learning effectiveness in various types of software engineering education courses. Students' responses to questionnaires about how much students contribute to discussions indicate that learning effectiveness and the number of remarks during a discussion are related. Additionally, upon comparing two learning courses (a system development course and a IT management course), two antithetical results are elucidated. We expect that this research will help improve the effectiveness of educators leading student team discussions.

When developers operate a service, both the business objectives and users' requirements must be satisfied. However, the interest between a business strategy and an action for the users is often unclear. Moreover, users' requirements that are inferred from user data analysis may not correspond with users' real requirements. In this paper, we propose the GO-MUC method (Goal-oriented Measurement for Usability and Conflict) and apply it to Yahoo! Crowdsourcing. The GO-MUC method can develop a strategy considering requirements of both the user and the business. Our results validate this method; this method can find an interest between the business side and users side and plan more effective and user-friendly strategies to resolve a conflicting interest.

We propose a metamodel for handling security and privacy in cloud service development and operation. The metamodel is expected to be utilized for building a knowledge base to accumulate, classify and reuse existing cloud security and privacy patterns and practices in a consistent and uniform way. Moreover the metamodel and knowledge base are expected to be utilized for designing and maintaining architectures for cloud service systems incorporating security and privacy.

Bodies of Knowledge (BOK), contain the relevant knowledge for a disciplines as example Software Engineering (SE), System Information (SI), Information Technology (IT), Computer Science (CS), Medicine, Economics, and others areas of knowledge. BOK describes relevant knowledge for a discipline, and will need show the consensus in the Knowledge Areas (KA), and related disciplines. The development of this consensus is a prerequisite to the adoption of coherent skills development in the education context, and continuing professional programs both in public and private organizations.
In this context a systematic mapping study (SMS), it was performed to evaluate quantity and types of primary studies in an area of interest. SMS will be used as the research method within this research. The research method proposed will allow to sort and classify the information referent to the topics of this research.
This paper is an attempt to analyze existing proposals on BOK contents, structure, and make a proposal what the kind of contents it should have, and how it should be structured so that this consensus among all parties can be described and best achieved. In the same way the relevance, and useful of the BOK in the curricular design for the innovation, and the industry context is present.

Because program behaviors of database applications depend on the data used, code coverages do not effectively test database applications. Additionally, test coverages for database applications that focus on predicates in Structured Query Language (SQL) queries are not useful if the necessary predicates are omitted. In this paper, we present two new database applications using Plain Pairwise Coverage (PPC) and Selected Pairwise Coverage (SPC) for SQL queries called Plain Pairwise Coverage Testing (PPCT) and Selected Pairwise Coverage Testing (SPCT), respectively. These coverages are based on pairwise testing coverage, which employs selected elements in the SQL SELECT query as parameters. We also implement a coverage calculation tool and conduct case studies on two open source software systems. PPCT and SPCT can detect many faults, which are not detected by existing test methods based on predicates in the query. Furthermore, the case study suggests that SPCT can detect faults more efficiently than PPCT and the costs of SPCT can be further reduced by ignoring records filtered out by the conditions of the query.

Bodies of Knowledge (BOK), contain the relevant knowledge for a disciplines as example Software Engineering (SE), System Information (SI), Information Technology (IT), Computer Science (CS), Medicine, Economics, and others areas of knowledge. BOK describes relevant knowledge for a discipline, and will need show the consensus in the Knowledge Areas (KA), and related disciplines. The development of this consensus is a prerequisite to the adoption of coherent skills development in the education context, and continuing professional programs both in public and private organizations.
In this context a systematic mapping study (SMS), it was performed to evaluate quantity and types of primary studies in an area of interest. SMS will be used as the research method within this research. The research method proposed will allow to sort and classify the information referent to the topics of this research.
This paper is an attempt to analyze existing proposals on BOK contents, structure, and make a proposal what the kind of contents it should have, and how it should be structured so that this consensus among all parties can be described and best achieved. In the same way the relevance, and useful of the BOK in the curricular design for the innovation, and the industry context is present.

We propose a metamodel for handling security and privacy in cloud service development and operation. The metamodel is expected to be utilized for building a knowledge base to accumulate, classify and reuse existing cloud security and privacy patterns and practices in a consistent and uniform way. Moreover the metamodel and knowledge base are expected to be utilized for designing and maintaining architectures for cloud service systems incorporating security and privacy.

We propose a method to compare software products developed by the same company in the same domain. Our method, which measures the time series of the number of detected faults, employs software reliability growth models (SRGMs). SRGMs describe the relations between faults and the time necessary to detect them. Although several researchers have studied cross project defect predictions to determine defect locations using the features of previous software product's code such as lines of codes and complexities, past works on SRGMs did not compare products or develop comparison methods. Herein we propose a method to compare SRGMs across products. To provide managers and developers insight on advances of its products, our method is applied to the datasets for nine projects developed by Sumitomo Electric Industries, Ltd. SRGMs based on person hours are between 13% and 97% more precise than those based on calendar time.

Quality measured and evaluated based on organization-specific quality models cannot be compared to the quality of other software products. To alleviate this problem, ISO/IEC defined international standards called the SQuaRE (Systems and software Quality Requirements and Evaluation) series for comprehensive quality measurement and evaluation; however, these standards include ambiguous measurements, making them difficult to apply. Herein an initial comprehensive quality measurement framework, which includes a clear measurement plan based on ISO/IEC 25022 and 25023, is proposed. A case study confirms the usefulness of the framework. As future work, we will introduce the framework to various domains. And then, we revise and refine measurements and evaluation plans to improve feasibility and usefulness.

We propose a method to compare software products developed by the same company in the same domain. Our method, which measures the time series of the number of detected faults, employs software reliability growth models (SRGMs). SRGMs describe the relations between faults and the time necessary to detect them. Herein we propose a method to compare SRGMs across products. To provide managers and developers insight on advances of its products, our method is applied to the datasets for nine projects developed by Sumitomo Electric Industries, Ltd.

We propose a method to compare software products developed by the same company in the same domain. Our method, which measures the time series of the number of detected faults, employs software reliability growth models (SRGMs). SRGMs describe the relations between faults and the time necessary to detect them. Although several researchers have studied cross project defect predictions to determine defect locations using the features of previous software product's code such as lines of codes and complexities, past works on SRGMs did not compare products or develop comparison methods. Herein we propose a method to compare SRGMs across products. To provide managers and developers insight on advances of its products, our method is applied to the datasets for nine projects developed by Sumitomo Electric Industries, Ltd. SRGMs based on person hours are between 13% and 97% more precise than those based on calendar time.

Software development requires the protection of privacy. However, a body of knowledge does not exist for the development of privacy-aware software. Based on a literature survey, this paper introduces various studies that address knowledge regarding the development of privacy-aware software, and describes the current status and future direction toward building a knowledge base for privacy-aware software development.

An information system can store personal information of its primary users such as shopping histories, and some third party wants or happens to know such information. Because the system usually provides its privacy policy and its users have to give their consent to it, they sometimes have to partially give up the protection of their privacy. On the other hand, a chance of a third party to know such information is too limited if the policy is too defensive. We proposed a method to explore trade-offs between protection of such information and access permissions for a third party, and exemplified it. In this method, operation logs of a system are focused. The structure of each log is then modelled for analysing what kinds of information can be accessed by a third party. Access limitations of each third party are explored so as to balance the protection of privacy information against access right of third parties.

We propose a method to compare software products developed by the same company in the same domain. Our method, which measures the time series of the number of detected faults, employs software reliability growth models (SRGMs). SRGMs describe the relations between faults and the time necessary to detect them. Herein our method is extended to classify past projects for comparison to current projects to help managers and developers decide when to end the test phases or release a project. Past projects are classified by three parameters: lines of code, number of test cases, and test density. Then SRGM is applied. Our extended method is applied to the datasets for nine projects developed by Sumitomo Electric Industries, Ltd. Classification by test density produces the best results.

Software developments involving multiple organizations such as OSS (Open Source Software)-based projects tend to have numerous defects when one organization develops and another organization edits the program source code files. Developments with complex file creation, modification history (origin), and software architecture (functional layer) are increasing in OSS-based development. As an example, here we focus on an Android smart phone development project and propose new visualization techniques for product metrics based on the file origin and functional layers. One is the Metrics Area Figure, which can express duplication of edits by multiple organizations intuitively using overlapping figures. The other is Origin City, which was inspired by Code City. It can represent the scale and other measurements, while simultaneously stacking functional layers as 3D buildings.

To support program comprehension, maintenance, and evolution, metamodels are frequently used during program reverse engineering activities to describe and analyze constituents of a program and their relations. Reverse engineering tools often define their own metamodels according to the intended purposes and features. Although each metamodel has its own advantages, its limitations may be addressed by other metamodels. Existing works have evaluated and compared metamodels and tools, but none have considered all the possible characteristics and limitations to provide a comprehensive guideline for classifying, comparing, reusing, and extending program metamodels. To aid practitioners and researchers in classifying, comparing, reusing, and extending program metamodels and their corresponding reverse engineering tools according to the intended goals, we establish a conceptual framework with definitions of program metamodels and related concepts. Then this framework is used to provide a comprehensive taxonomy, named Program Metamodel TAxonomy (ProMeTA), which incorporates newly identified characteristics into those stated in previous works, which were identified via a systematic literature survey on program metamodels, while keeping the orthogonality of the entire taxonomy. Additionally, we validate the taxonomy in terms of its orthogonality and usefulness through the classification of popular metamodels.

Manual code inspections are intense and time-consuming activities to improve the maintainability and reusability of source code. Although automatic detection of high-risk source code file by metrics thresholds can help inspectors, determining the optimal thresholds is difficult Thus, we propose an iterative process to defin and improve GQM models with metrics thresholds to detect high-risk files Our process clarifie experts' viewpoints in the inspection and the measurement metrics using the GQM method, define how to interpret the metrics values, searches concrete thresholds for a specifi project by supervised learning using some of the file in the project as training data, and analyzes how to improve models and thresholds. We implemented our tool in R language and evaluated our process using a industrial project. Small-sized embedded C++ systems require only a few training data.

Software developments involving multiple organizations such as OSS (Open Source Software)-based projects tend to have numerous defects when one organization develops and another organization edits the program source code files. Developments with complex file creation, modification history (origin), and software architecture (functional layer) are increasing in OSS-based development. As an example, here we focus on an Android smart phone development project and propose new visualization techniques for product metrics based on the file origin and functional layers. One is the Metrics Area Figure, which can express duplication of edits by multiple organizations intuitively using overlapping figures. The other is Origin City, which was inspired by Code City. It can represent the scale and other measurements, while simultaneously stacking functional layers as 3D buildings.

We propose a method to compare software products developed by the same company in the same domain. Our method, which measures the time series of the number of detected faults, employs software reliability growth models (SRGMs). SRGMs describe the relations between faults and the time necessary to detect them. Herein our method is extended to classify past projects for comparison to current projects to help managers and developers decide when to end the test phases or release a project. Past projects are classified by three parameters: lines of code, number of test cases, and test density. Then SRGM is applied. Our extended method is applied to the datasets for nine projects developed by Sumitomo Electric Industries, Ltd. Classification by test density produces the best results.

Although different programming environments have been developed to teach programming to beginners, the programming environment most suitable for introductory education is unknown in terms of the programming method such as text or visual. This study applies programming learning using a digital game, Minecraft, to compare the learning effect of text-based and visual-based programming in the LUA programming environment provided by a Minecraft extension. Both methods have certain learning effects, but visual-based programming has more significance than text-based programming on the attitude toward programming, indicating that visual-based programming is superior to text-based programming in introductory education.

Software development requires the protection of privacy. However, a body of knowledge does not exist for the development of privacy-aware software. Based on a literature survey, this paper introduces various studies that address knowledge regarding the development of privacy-aware software, and describes the current status and future direction toward building a knowledge base for privacy-aware software development.

To support program comprehension, maintenance, and evolution, metamodels are frequently used during program reverse engineering activities to describe and analyze constituents of a program and their relations. Reverse engineering tools often define their own metamodels according to the intended purposes and features. Although each metamodel has its own advantages, its limitations may be addressed by other metamodels. Existing works have evaluated and compared metamodels and tools, but none have considered all the possible characteristics and limitations to provide a comprehensive guideline for classifying, comparing, reusing, and extending program metamodels. To aid practitioners and researchers in classifying, comparing, reusing, and extending program metamodels and their corresponding reverse engineering tools according to the intended goals, we establish a conceptual framework with definitions of program metamodels and related concepts. Then this framework is used to provide a comprehensive taxonomy, named Program Metamodel TAxonomy (ProMeTA), which incorporates newly identified characteristics into those stated in previous works, which were identified via a systematic literature survey on program metamodels, while keeping the orthogonality of the entire taxonomy. Additionally, we validate the taxonomy in terms of its orthogonality and usefulness through the classification of popular metamodels.

Although different programming environments have been developed to teach programming to beginners, the programming environment most suitable for introductory education is unknown in terms of the programming method such as text or visual. This study applies programming learning using a digital game, Minecraft, to compare the learning effect of text-based and visual-based programming in the LUA programming environment provided by a Minecraft extension. Both methods have certain learning effects, but visual-based programming has more significance than text-based programming on the attitude toward programming, indicating that visual-based programming is superior to text-based programming in introductory education.

Manual code inspections are intense and time-consuming activities to improve the maintainability and reusability of source code. Although automatic detection of high-risk source code file by metrics thresholds can help inspectors, determining the optimal thresholds is difficult Thus, we propose an iterative process to defin and improve GQM models with metrics thresholds to detect high-risk files Our process clarifie experts' viewpoints in the inspection and the measurement metrics using the GQM method, define how to interpret the metrics values, searches concrete thresholds for a specifi project by supervised learning using some of the file in the project as training data, and analyzes how to improve models and thresholds. We implemented our tool in R language and evaluated our process using a industrial project. Small-sized embedded C++ systems require only a few training data.

The studies of Repository Mining have been actively conducted. However, it is difficult to search projects with specified languages, development scale, purposes and so on. In this paper, we propose RepositoryProbe, a dataset creation support tool fot the study of repository mining. It makes easier to search and collect the projects in project hosting service on the web, and supports the creation of datasets. In addition, it can collect the social metrics, the amount of development activities.

Existing techniques for crawling Javascript-heavy Rich Internet Applications tend to ignore user interactions beyond mouse clicking, and therefore often fail to consider potential mouse, keyboard and touch interactions. We propose a new technique for automatically finding and exercising such interactions by analyzing and exercising event handlers registered in the DOM. A basic form of gesture emulation is employed to find states accessible via swiping and tapping. Testing the tool against 6 well-known gesture libraries and 5 actual RIAs, we find that the technique discovers many states and transitions resulting from such interactions, and could be useful for cases such as automatic test generation and error discovery, especially for mobile web applications.

Existing techniques for crawling Javascript-heavy Rich Internet Applications tend to ignore user interactions beyond mouse clicking, and therefore often fail to consider potential mouse, keyboard and touch interactions. We propose a new technique for automatically finding and exercising such interactions by analyzing and exercising event handlers registered in the DOM. A basic form of gesture emulation is employed to find states accessible via swiping and tapping. Testing the tool against 6 well-known gesture libraries and 5 actual RIAs, we find that the technique discovers many states and transitions resulting from such interactions, and could be useful for cases such as automatic test generation and error discovery, especially for mobile web applications.

A Pattern Writer's Workshop (WW) is a peer-review method to improve pattern or pattern language papers. However, several problems may arise, leading to "ad hoc" review meetings where patterns are not systematically reviewed and authors do not receive useful feedback. Previously, we considered Checklist-based Reading (CBR) and Perspective-based Reading (PBR), which are techniques to improve ad hoc reviews, but some deficiencies were noted. In our focus group, we organized a mini WW using these technique and results are summarized in this paper.

Traceability links between requirements and source code are helpful in software reuse and maintenance tasks. However, manually recovering links in a large group of products requires significant costs and some links may be overlooked. Here, we propose a semi-automatic method to recover traceability links between requirements and source code in the same series of large software products. In order to support differences in representation between requirements and source code, we recover links by using the configuration management log as an intermediary. We refine the links by classifying requirements and code elements in terms of whether they are common to multiple products or specific to one. As a result of applying our method to real products that have 60KLOC, we have recovered valid traceability links within a reasonable amount of time. Automatic parts have taken 13 minutes 36 seconds, and non-automatic parts have taken about 3 hours, with a recall of 76.2% and a precision of 94.1%. Moreover, we recovered some links that were unknown to engineers. By recovering traceability links, software reusability and maintainability will be improved.

Traceability links between requirements and source code are helpful in software reuse and maintenance tasks. However, manually recovering links in a large group of products requires significant costs and some links may be overlooked. Here, we propose a semi-automatic method to recover traceability links between requirements and source code in the same series of large software products. In order to support differences in representation between requirements and source code, we recover links by using the configuration management log as an intermediary. We refine the links by classifying requirements and code elements in terms of whether they are common to multiple products or specific to one. As a result of applying our method to real products that have 60KLOC, we have recovered valid traceability links within a reasonable amount of time. Automatic parts have taken 13 minutes 36 seconds, and non-automatic parts have taken about 3 hours, with a recall of 76.2% and a precision of 94.1%. Moreover, we recovered some links that were unknown to engineers. By recovering traceability links, software reusability and maintainability will be improved.

Although security patterns contain security expert knowledge to support software developers, these patterns may be inappropriately applied because most developers are not security specialists, leading to threats and vulnerabilities. Here we propose a validation method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, which consists of the "aspect test template" to observe the internal processing and the "test case template". Providing design information creates a test from the test template. Because a test template is recyclable, it can create easily a test, which can validate the security design patterns. As a case study, we applied our method to a web system. The result shows that our method can test repetition in the early stage of implementation, verify pattern applications, and assess whether vulnerabilities are resolved.

The studies of Repository Mining have been actively conducted. However, it is difficult to search projects with specified languages, development scale, purposes and so on. In this paper, we propose RepositoryProbe, a dataset creation support tool fot the study of repository mining. It makes easier to search and collect the projects in project hosting service on the web, and supports the creation of datasets. In addition, it can collect the social metrics, the amount of development activities.

We assume that there are three obstacles to learn programming: 1) elements of programming languages, 2) devices of educational tools for programming and 3) user interfaces of educational tools for programming. To the best of our knowledge, there is no educational tool for programming which removes the three obstacles.<BR>We propose a new educational tool for programming, named ManekkoDance. ManekkoDance has three features: 1) it manipulates cute a teddy bear robot and a cardboard robot, 2) it works on Android smartphones and tablets and 3) it provides a new programming language based on emoticons and Japanese. We evaluated ManekkoDance using questionary investigation in the open house of National Institute of Informatics. We collected 29 answers from high school students, 13 answers from other participants and 295 answers from mostly junior high school and high school students, then we found MannekoDance motivated them to learn programming, improved impressions of programming and helped to understand procedures, loops and conditions.

Traceability links between requirements and source code are helpful in software reuse and maintenance tasks. However, manually recovering links in a large group of products requires significant costs and some links may be overlooked. Here, we propose a semi-automatic method to recover traceability links between requirements and source code in the same series of large software products. In order to support differences in representation between requirements and source code, we recover links by using the configuration management log as an intermediary. We refine the links by classifying requirements and code elements in terms of whether they are common to multiple products or specific to one. As a result of applying our method to real products that have 60KLOC, we have recovered valid traceability links within a reasonable amount of time. Automatic parts have taken 13 minutes 36 seconds, and non-automatic parts have taken about 3 hours, with a recall of 76.2% and a precision of 94.1%. Moreover, we recovered some links that were unknown to engineers. By recovering traceability links, software reusability and maintainability will be improved.

Test case prioritization is a technique to improve software testing. Although a lot of work has investigated test case prioritization, they focus on white box testing or regression testing. However, software testing is often outsourced to a software testing company, in which testers are rarely able to access to source code due to a contract. Herein a framework is proposed to prioritize test cases for black box testing on a new product using the test execution history collected from a similar prior product and the Ant Colony Optimization. A simulation using two actual products shows the effectiveness and practicality of our proposed framework.

Because software developers are not necessarily security experts, identifying potential threats and vulnerabilities in the early stage of the development process (e.g., the requirement-or design-phase) is insufficient. Even if these issues are addressed at an early stage, it does not guarantee that the final software product actually satisfies security requirements. To realize secure designs, we propose extended security patterns, which include requirement-and design-level patterns as well as a new model testing process. Our approach is implemented in a tool called TESEM (Test Driven Secure Modeling Tool), which supports pattern applications by creating a script to execute model testing automatically. During an early development stage, the developer specifies threats and vulnerabilities in the target system, and then TESEM verifies whether the security patterns are properly applied and assesses whether these vulnerabilities are resolved.

Traceability links between requirements and source code can assist in software maintenance tasks. There are some automatic traceability recovery methods. Most of them are similarity-based methods recovering links by comparing representation similarity between requirements and code. They cannot work well if there are some links independent of the representation similarity. Herein to cover weakness of them and improve the accuracy of recovery, we propose a method that extends the similarity-based method using two techniques: a log-based traceability recovery method using the configuration management log and a link recommendation from user feedback. These techniques are independent of the representation similarity between requirements and code. As a result of applying our method to a large enterprise system, we successfully improved both recall and precision by more than a 20 percent point in comparison with singly applying the similarity-based method (recall: 60.2% to 80.4%, precision: 41.1% to 64.8%).

The importance of software security technologies has been gaining attention due to the increase in services on the Internet. Various technologies regarding software security have been developed. However, we believe knowledge regarding software security is not integrated; therefore, we have been developing a knowledge base for secure software development. We previously proposed a learning model that associates artifacts created in secure software development with knowledge in the knowledge base as design rationale. However, only a few case studies that addressed a full life cycle for secure software development have been reported. To mitigate this lack in reported case studies, Okubo et al. created a common task regarding software security. In this study, we developed a case base of secure software development whose artifacts are associated with the knowledge base using this common task as a case.

Because developers significantly impact software development projects, many researchers have studied developers as a means to improve the quality of software. However, most works have examined developers in a single project, and research involving multiple projects has yet to be published. Herein we propose an analysis method which investigates whether an evaluation of developers based on individual experience is feasible when targeting more than one project by the same organization transversely. Our method deals with the logs of the version control system and the bug tracking system. To support this method, we also propose two models to evaluate developer, the defect removal overhead rate (DROR) and developer's experience point (EXP). The results reveal the following. 1) DROR cannot be used to compare different projects in the same organization. 2) There is certainly a difference in DROR's between experienced and inexperienced developers. 3) EXP should be a useful model to evaluate developers as the number of projects increases. The data obtained from our method should propose the personnel distribution measures within the development framework for future developments, which might lead to improve the quality of software.

Crawling JavaScript heavy Rich Internet Applications has been a hot topic in recent years, giving us automated tools for indexing content, test generation, and security- and accessibility evaluation to mention a few examples. However, existing crawling techniques tend to ignore user interactions beyond mouse clicking, and therefore often fail to consider potential mouse, keyboard and touch interactions. We propose a new technique for finding and exercising mouse, keyboard, and touch interactions when crawling highly interactive JavaScript-based websites by analyzing and exercising event handlers registered in the DOM. A basic form of gesture emulation is employed to find states accessible via swiping and tapping. Testing the tool against 6 well-known gesture libraries and 5 actual RIA's, we find that the technique discovers many states and transitions resulting from such interactions. Our findings indicate the technique could be useful for automatic test generation, error discovery, and accessibility evaluation, especially for mobile web applications with advanced interaction options.

An ecosystem is the expansion of a software product line architecture to include systems outside the product which interact with the product. We model here the architecture of a cloud-based ecosystem, showing security patterns for its main components. We discuss the value of this type of models.

There is a significant challenge that how to predict the possible release date of the target software having enough reliability in agile development where incremental development and small software releases are key characteristics. Existing approaches targeting agile development usually use release backlogs for predicting and setting delivery windows; however these do not consider the reliability of software for release date prediction so that there is a possibility that software at the predicted release date have poor reliability. Previously we proposed a generalized software reliability model (GSRM) based on a stochastic process and compared it with other models to evaluate recent software developments. However, we, did not directly evaluate the accuracy of the predicted release time by model. In this paper, towards prediction of release dates in agile development, we focus on the release dates of open source software (OSS) developments and the number of detected issues (faults) since OSS developments comply well with the definition of the agile development in terms of incremental process and frequent releases We define the accuracy of the predicted release time using the given development terms and the number of issues. Additionally, we propose a method to evaluate the accuracy of the predicted release time. In the best case, GSRM shows only 0.572% Error Rate, which corresponds to a predicted release date of two days prior to the actual release date. We believe that our method should be applicable to agile developments too.

The importance of software security technologies has been gaining attention due to the increase in services on the Internet. Various technologies regarding software security have been developed. However, we believe knowledge regarding software security is not integrated; therefore, we have been developing a knowledge base for secure software development. We previously proposed a learning model that associates artifacts created in secure software development with knowledge in the knowledge base as design rationale. However, only a few case studies that addressed a full life cycle for secure software development have been reported. To mitigate this lack in reported case studies, Okubo et al. created a common task regarding software security. In this study, we developed a case base of secure software development whose artifacts are associated with the knowledge base using this common task as a case.

Although many methods have been suggested to automatically recover traceability links in software development, they do not cover all link combinations (e.g., links between the source code and test cases) because specific documents or artifact features (e.g., log documents and structures of source code) are used. In this paper, we propose a method called the Connecting Links Method (CLM) to recover transitive traceability links between two artifacts using a third artifact. Because CLM uses a different artifact as a document, it can be applied to kinds of various data. Basically, CLM recovers traceability links using the Vector Space Model (VSM) in Information Retrieval (IR) methods. For example, by connecting links between A and B and between B and C, CLM retrieves the link between A and C transitively. In this way, CLM can recover transitive traceability links when a suggested method cannot. Here we demonstrate that CLM can effectively recover links that VSM is hard using Open Source Software.

In recent years, importance on software security technologies has been recognized and various types of technologies have been developed. On the other hand, in spite of recognition of necessity of providing cases that deal with full life cycle for secure software development, only few are reported. This paper describes a case-based management system (CBMS) that consists of an artifact management system and a knowledge-based management system (KBMS) to manage cases for secure software development. The former manages the artifacts created in secure software life cycle. The latter manages software security knowledge. The case-based management system also manages association between artifacts and software security knowledge and supports both visualization among software security knowledge and between artifacts and software security knowledge. We conducted an experiment to evaluate the system. We describe the effectiveness and future work of the system. (C) 2015 The Authors. Published by Elsevier B.V

An ecosystem is the expansion of a software product line architecture to include systems outside the product which interact with the product. We model here the architecture of a cloud-based ecosystem, showing security patterns for its main components. We discuss the value of this type of models.

Although many methods have been suggested to automatically recover traceability links in software development, they do not cover all link combinations (e.g., links between the source code and test cases) because specific documents or artifact features (e.g., log documents and structures of source code) are used. In this paper, we propose a method called the Connecting Links Method (CLM) to recover transitive traceability links between two artifacts using a third artifact. Because CLM uses a different artifact as a document, it can be applied to kinds of various data. Basically, CLM recovers traceability links using the Vector Space Model (VSM) in Information Retrieval (IR) methods. For example, by connecting links between A and B and between B and C, CLM retrieves the link between A and C transitively. In this way, CLM can recover transitive traceability links when a suggested method cannot. Here we demonstrate that CLM can effectively recover links that VSM is hard using Open Source Software.

In software development, software reliability growth models (SRGMs) often provide values that do not meet expectations; sometimes the results of the SRGM and the actual data disagree and other times the SRGM overestimates the expected values. The former often occurs in model curves and the predicted number of faults. For example, the software reliability growth curve cannot describe the situation where developers stop testing multiple times because the equations in SRGMs cannot treat such information. The latter can arise when the total number of expected faults is 100, but the SRGM indicates 1000. If developers encounter such situations, they often doubt the SRGM results and hesitate using SRGMs for predictions. In this study, we apply two different cases of SRGM. Two projects of Fujitsu Labs Ltd. are analyzed using SRGM either for the entire dataset or each test phase. Based on the results and interviews with the developers, we found that the model using separate test phases provides a better fit because faults counted in each test phase have different viewpoints and the deviation between SRGM and expectations indicates a problem with development.

Learning to programming language is difficult. One solution is to use a digital game, which increases motivation of first-time learners. In this paper, we were executing programming learning with MincraftEdu of sandbox game and ComputerCraftEdu of expansion function. In addition, learning method to programming has illustration-based programming and text-based programming in ComputerCraftEdu. We compare the programming way of illustration programming and text programming. In this result, there was a significant difference towards the illustration-based programming throughout the comparison. In this paper, we present the results.

Software extension is a fundamental challenge in software engineering which involves extending the functionalities of a software module without modifying it. Many modern software developers choose to adapt third-party extension platform to further improve customizability. As the project evolves, the requirements may change to include third-party extension support. However to design and to implement such platform is no trivial task, and should happen at the beginning of the project. In this paper, we have shown the four types of extensions that are often made to object-oriented software, namely Member Access Extension, Subclass Extension, Event-based Extension and Data Extension. And proposed a language-independent platform design that can be applied to an existing software project to support such third-party extensions. The platform exercises design patterns to implement its features. We also developed an Eclipse plugin that helps developers introduce the platform to existing Java software via semi-automatic code manipulation. We further conducted a comparative experiment to test our tool with volunteers from Waseda University and noticed a significant decrease of required effort.

In software development, software reliability growth models (SRGMs) often provide values that do not meet expectations; sometimes the results of the SRGM and the actual data disagree and other times the SRGM overestimates the expected values. The former often occurs in model curves and the predicted number of faults. For example, the software reliability growth curve cannot describe the situation where developers stop testing multiple times because the equations in SRGMs cannot treat such information. The latter can arise when the total number of expected faults is 100, but the SRGM indicates 1000. If developers encounter such situations, they often doubt the SRGM results and hesitate using SRGMs for predictions. In this study, we apply two different cases of SRGM. Two projects of Fujitsu Labs Ltd. are analyzed using SRGM either for the entire dataset or each test phase. Based on the results and interviews with the developers, we found that the model using separate test phases provides a better fit because faults counted in each test phase have different viewpoints and the deviation between SRGM and expectations indicates a problem with development.

Software extension is a fundamental challenge in software engineering which involves extending the functionalities of a software module without modifying it. Many modern software developers choose to adapt third-party extension platform to further improve customizability. As the project evolves, the requirements may change to include third-party extension support. However to design and to implement such platform is no trivial task, and should happen at the beginning of the project. In this paper, we have shown the four types of extensions that are often made to object-oriented software, namely Member Access Extension, Subclass Extension, Event-based Extension and Data Extension. And proposed a language-independent platform design that can be applied to an existing software project to support such third-party extensions. The platform exercises design patterns to implement its features. We also developed an Eclipse plugin that helps developers introduce the platform to existing Java software via semi-automatic code manipulation. We further conducted a comparative experiment to test our tool with volunteers from Waseda University and noticed a significant decrease of required effort.

本稿では,2013 年 9 月にドイツ・レーゲンスブルクにおいて開催されたセキュリティの国際会議 ARES への参加について報告する.筆者らが本会議に参加した目的は,ソフトウェアのセキュリティパターンに関する研究発表を行なうとともに,ソフトウェアのセキュリティに関する共通問題の調査を行なうことである.ARES ではセキュリティモデルやソフトウェアセキュリティのセッションにおいて,対象となるソフトウェアのデータセットが扱われていたが,共通問題として扱われているものはなかった.この他本会議ではセキュリティ全般が幅広く扱われており,新しい分野への対応も早い.今回はモバイルや制御系,航空交通管理 (ATM) のセキュリティなどのテーマのセッションが見られた.

Do open source software projects provide and maintain tests? What metrics are correlated with the test success? This paper answers these questions by executing tests of 452 open source software projects in GitHub and measuring 13 metrics from 77 projects. Only 117 projects passed all test cases. Additionally, the results are correlated with the comment density, public documented API density, and test coverage.

In this paper, we report two case studies of applying aspect-oriented programming for achieving high performance and low energy consumption while keeping or improving maintainability: multi-threading existing unit test framework (JUnit) to reduce testing time on multi-core processing environments, and, adding and changing hardware control strategies and algorithms to reduce energy consumption while controlling robotics.

Design models are often developed using UML class diagrams. Based on past questionnaire surveys reported by Lange and Nugroho, we assumed that the existence of highly responsible classes indicate that a class diagram was created through the proper consideration of the structure of the system. Thus, we analyzed the structure of UML design class diagrams. Specifically, we measured our novel metrics (the amount of highly responsible classes in class diagrams), and investigate the correlations between our metrics and the structural validity of design. In this study, we propose two viewpoints to distinguish large values which indicate high responsibility. Additionally, we conducted the evaluation experiment using 65 design class diagrams, which were originally submitted to a Robot Contest on the domain of embedded systems and evaluated by software development experts based on structural validity. Then the correlations between our novel metrics and the experts' qualitative assessment were analyzed.

After a legacy system is re-engineered, it is important to perform compatibility testing so as to identify the differences and reduce the introduced bugs. We can first apply symbolic execution to obtain an exhaustive set of test cases, then use them to check the compatibility of the old system and the new one. However there may be a lot of failed test cases which are a mix of erroneous and allowable incompatibilities. To locate the causes of failures detected during the testing, we apply multiple statistical bug localization techniques. We are able to localize 90% of the incompatibilities in 10% of the code for an industrial application with around 20k lines by Tarantula. And we identify the characteristics of failure causes which are difficult to be detected by statistical bug localization.

In order to improve the training of IT professionals, practical courses in the form of project-based learning (PBL), which teach practical skills for systems acquisition and provisioning and for project management, are being implemented in various universities. For example, a course has been offered at Waseda University since 2011 in cooperation with the Japanese governmental bodies and IT companies. This course consists of three lectures per day for five days (each lecture has 90 minutes) and the number of students attending this course is 26 in 2011, 17 in 2012 and 39 in 2013. In this course, students mainly learn the management of software intensive systems development projects from the viewpoint of the provider such as requirements analysis and architectural design.
There is a study investigating the relationships between the variation in the personality profile of paired students and their academic performance in Pair Programming [1]. However, in practical courses on software intensive business systems, we do not yet have an established method for determining what kind of personal characteristics and team compositions are most beneficial to obtaining the maximal educational effectiveness.
In this study, we use the Five Factors and Stress (FFS) theory [2] to quantify the personal characteristics and we ask students to answer same questionnaire before and after the course to measure how improved their knowledge and skills. This questionnaire consists of about 40 questions and each student answers them in six degrees. As example of the questions, there is "Can you analyze requirements?". In many cases, the business of acquiring and providing software intensive systems is carried out as a team-based activity. Therefore, to teach actual business concepts, we randomly compose teams regardless of personal characteristics. The number of teams formed was 6, 4 and 8 for 2011, 2012 and 2013, respectively. This is an additional study of our paper [3] and as significant differences, we add the data of the course of 2013 in Waseda University and we analyze the data through 3 years (2011 - 2013).
We investigate the relationships between personal characteristics and educational effectiveness to reveal the common tendency. Through t-test and boxplot, we clearly see that variations in the team members' personal characteristics have an effect on educational effectiveness. Large variation team acquires approximately 1.5 times higher educational effectiveness than small one. From this result, it is better for a team to have members with different characteristics in FFS theory for acquiring more knowledge and skills through course. We expect that in similar practical courses, we can also obtain the desirable educational effectiveness if we can compose a team with the suitable characteristics as based on our findings.

GQM+Strategies is an approach that aligns business goals at each level of an organization to strategies to realize overall business goals and assesses the achievement of such goals. Strategies are extracted from business goals based on rationales (contexts and assumptions). Using the proposed approach, which refines the GQM+Strategies model by extracting rationales based on the analysis of the relationships between stakeholders, it is possible to extract rationales exhaustively and to reconsider the GQM+Strategies model even if the business environment changes. © Springer-Verlag Berlin Heidelberg 2014.

In practical courses on software-intensive business systems, students work in teams to acquire practical skills in systems acquisition and provisioning. However, we do not yet have an established method to determine the optimal team composition to achieve maximum educational effectiveness. In this study, we quantitatively and qualitatively investigate how personal characteristics and the learning process of team members affect educational effectiveness by examining a university course in which students work in teams on a realistic project in a classroom setting. We use the Five Factors and Stress (FFS) theory and the modified grounded theory approach (M-GTA) to measure the personal characteristics and to identify the learning process of each team member. Additionally, we compare the learning process of a team with a high educational effectiveness to one with a low educational effectiveness based on number of topics about the learning process and the kind of topics. As a result, we find that it is better for a team to have members with different personal characteristic as defined by FFS theory in order for the students to acquire more knowledge and skills through the course. Additionally, teams that focus on fewer learning process topics acquire more knowledge and skills. We expect that our findings will help increase the educational effectiveness in similar practical courses.

Because all the requirements analysts are not the experts of security, providing security knowledge automatically is one of the effective means for supporting security requirements elicitation. We propose a method for eliciting security requirements on the basis of Common Attack Patterns Enumeration and Classification (CAPEC). A requirements analyst can automatically acquire the candidates of attacks against a functional requirement with the help of our method. Because technical terms are mainly used in the descriptions in CAPEC and usual phrases are used in the requirements descriptions, there are gaps between them. To bridge the gaps, our method contains a mapping between technical terms and noun phrases called term maps.

Development environments have changed drastically, development periods are shorter than ever and the number of team members has increased. Especially in open source software (OSS), a large number of developers contribute to OSS. OSS has difficulties in predicting or deciding when it will be released. In order to assess recent software developments, we proposed a generalized software reliability model (GSRM) based on a stochastic process, and compared GSRM with other models. In this paper, we focus on the release dates of OSS and the growth of faults (issues).

Organizational patterns are known as the basis for Agile software development movement. Patterns usually form a network having relationships among them to support users understand and utilize patterns efficiently and effectively. However little is known about the nature of pattern networks, such as how are organizational patterns different from other patterns from the viewpoint of centrality. To clarify such characteristics, we mine a network consisting 285 patterns including 15 organizational patterns from an existing online pattern repository called Portland Pattern Repository. By applying network analysis techniques to the mined network, we revealed several interesting characteristics of the pattern network and organizational patterns such as that the degree centrality seems to somewhat reflect the commonness and generality of the corresponding pattern.

The challenge of validating Asynchronous JavaScript and XML (Ajax) applications lies in actual errors exposed in a user environment. Several studies have proposed effective and efficient testing techniques to identify executable faults. However, the applications might have faults that are not executed during testing, but might cause actual errors in a user environment. Although we have investigated static methods for finding "potential faults" that seem to cause actual errors if executed, developers need to confirm whether or not the potential faults are actually executable. Herein, we propose a mutation-based testing method implemented in a tool called JSPreventer. Even if the potential faults are not easily executable in a given environment, our method mutates the applications until they are executable using two delay-based mutation operators to manipulate the timing of the applications handling interactions. Thus, JSPreventer provides executable evidences of the not-easily-executable faults for developers, if it reveals actual errors by testing the mutated applications. We applied our method to real-world applications and found actual errors that developers could debug to improve their reliability. Therefore, JSPreventer can help developers validate reliable real-world Ajax applications.

Although design is an extremely important activity in software development, it is subjective because it depends on the designers' knowledge and skills. Every designer has her or his own strategies to solve design problems. Herein we model the design process as an ordered sequence of logical actions of "Create", "Delete", and "Modify" applied to the elements of a UML class diagram, and propose an automatic approach to collect information about the design process to elucidate design strategies. The strategies considered are top-down, bottom-up, breadthfirst, depth-first, and opportunistic. By mining the ordered sequences of actions for frequent patterns and analyzing the position and distribution of the actions in the sequence, we obtained two types of relationships in the design process: micro-patterns and macro-patterns. Then we evaluated our approach with two case studies. The first one, which occurred over a short time frame with seven subjects, identified the strategies used, while the second, which involved three subjects over a long period, revealed that there is not a universal strategy, but a combination of strategies.

It is important for project stakeholders to identify the states of projects and quality of products. Although metrics are useful for identifying them, it is difficult for project stakeholders to select appropriate metrics and determine the purpose of measuring metrics. We propose an approach that defines the measured metrics by GQM method, and supports identifying tendency in projects and products based on Trend Pattern. Additionally, we implement a tool as a Jenkins Plugin which to visualizes an evaluation results based on GQM method. We perform an experiment with OSS and industrial case study with two software development projects. In our experiment, we can identify the problem and project tendency. In our industrial case study, we can also identify the problem that project contains. As our future work, we will adopt our approach and GQM Plugin to software development project continuously to assess their effectiveness in the long term.1.

There is an issue when security measures are implemented and tested while using agile software development techniques such as Behavior Driven Development (BDD). We need to define the necessary levels of security and the privacy behaviors and acceptance criteria for the BDD. A method for defining the acceptance criteria (BehaveSafe) by creating a threat and countermeasure graph called the T&C graph is proposed in this paper. We have estimated the efficiency of our method with a web based system.

It is important for project stakeholders to identify the states of projects and quality of products. Although metrics are useful for identifying them, it is difficult for project stakeholders to select appropriate metrics and determine the purpose of measuring metrics. We propose an approach that defines the measured metrics by GQM method to identify tendency in projects and products based on Trend Pattern. Additionally, we implement a tool as a Jenkins Plugin to visualize an evaluation results based on GQM method. We perform an industrial case study, which objects are two software development projects. In our industrial case study, we can identify the problem that product contains. As our future work, we will adopt our approach and GQM Plugin to software development project continuously to assess their effectiveness in the long term.

Static analysis tools such as bug pattern tools are useful to detect bugs early in software development. However, existing tools sometimes yield so many warnings that developers tend to ignore such warnings.
To deal with this problem, we propose a gamified tool for motivating developers to remove such warnings. Our tool employs the gamification technique that calculates points by counting removed warnings with respect to each developer and each team. The points give developers feedback and urge them to compete with each other. We confirmed that developers removed about 150% warnings with our tool in comparison with the case where they did not use our tool through an experiment.

Many program tasks require continuous modification of similar program elements, which is burdensome on programmers because continuous modifications are time consuming and some modifications are easily overlooked. To resolve this issue, we developed a tool, named SimilarHighlight, which extracted all possible matching elements via similarity patterns from recently modified elements using a sub syntax tree comparison. SimilarHighlight suggests similar program elements that may be modified during the next modification. Potential elements are highlighted and their text can be immediately selected by shortcut keys. Evaluations indicate that SimilarHighlight can improve programming productivity. Currently, SimilarHighlight supports C, C#, JAVA, JavaScript, and PHP, but in the future we will expand it to other languages.

Development environments have changed drastically, development periods are shorter than ever and the number of team members has increased. These changes have led to difficulties in controlling the development activities and predicting when the development will end. Especially, quality managers try to control software reliability and project managers try to estimate the end of development for planing developing term and distribute the manpower to other developments. In order to assess recent software developments, we propose a generalized software reliability model (GSRM) based on a stochastic process, and simulate developments that include uncertainties and dynamics. We also compare our simulation results to those of other software reliability models. Using the values of uncertainties and dynamics obtained from GSRM, we can evaluate the developments in a quantitative manner. Additionally, we use equations to define the uncertainty regarding the time required to complete a development, and predict whether or not a development will be completed on time. We compare GSRM with an existing model using two old actual datasets and one new actual dataset which we collected, and show that the approximation curve generated by GSRM is about 12% more precise than that generated by the existing model. Furthermore, GSRM can narrow down the predicted time range in which a development will end to less than 40% of that obtained by the existing model.

We applied the technique of network analysis to collection site Portland Pattern Repository (henceforth, PPR) of the software pattern, and centrality was calculated. And the feature of the relation between software patterns was clarified. Moreover, metrics analysis was conducted about the history information of each software pattern. As a result, The degree centrality of the frequently-used software pattern was high value. This is useful to select a software pattern and the extraction of a new software pattern.

Development environments have changed drastically in recent years. The development periods are shorter than ever and the number of team has increased. These changes have led to difficulties in controlling the development activities and predicting the end of developments. In order to assess recent software developments, we propose a generalized software reliability model based on a stochastic process, and simulate developments that include uncertainties and dynamics, such as unpredictable requirements changes, shortening of the development period, and decrease in the number of members. We also compare our simulation results to those of other software reliability models. Using the values of uncertainties and dynamics obtained from our model, we can evaluate the developments in a quantitative manner.

Bug localization technique is effectual approach for locating software bugs using the number of failing and passing test cases that execute the statement. However, existing bug localization tools only support one type of programming languages and one type of suspiciousness metrics. In this paper, We presents customizable bug localization framework supporting multiple programming languages and multiple suspiciousness metrics. By apply each suspiciousness metrics to multiple programming languages and comparing, we show the availability of our proposed.

In practical lectures on software intensive business systems, we do not yet have an established method for determining what kind of personal characteristics and team compositions are most beneficial to obtaining the maximal educational effectiveness. Here, we propose a framework for analyzing the effects of personal characteristics of team members on educational effectiveness. We also apply the framework to an actual practical lecture. As a result, we find that it is better for a team to have members with a similar degree of tendency of conservative for acquiring more knowledge and skills and the team members have similar characteristics of progressive or conservative. It is expected that in similar practical lectures, we can also obtain the desired educational effectiveness if we can compose a team with the suitable characteristics as based on our findings.

Although many programming languages and test coverage criteria currently exist, most coverage measurement tools only support select programming languages and coverage criteria. Consequently, multiple measurement tools must be combined to measure coverage for software which uses multiple programming languages such as web applications. However, such combination leads to inconsistent and inaccurate measurement results.In this paper, we describe a consistent and flexible framework for measuring coverage supporting multiple programming languages, called Open Code Coverage Framework (OCCF). OCCF allows users to add new extensions for supporting programming languages and coverage criteria with low development costs. To evaluate the effectiveness of OCCF, sample implementation to support statement coverage and decision coverage for eight programming languages (C, C++, C#, Java, JavaScript, Python, Ruby and Lua) are demonstrated. Additionally, applications of OCCF for localizing faults and minimizing tests are shown. © 2013 IEEE.

Web applications are complex; they consist of many subsystems and run on various browsers and platforms. This makes it difficult to conduct adequate integration testing to detect faults in the connections between subsystems or in the specific environments. Therefore, establishing an efficient integration testing method with the proper test adequacy criteria and tools is an important issue.
In this paper, we propose a new test coverage called template variable coverage. We also propose a novel technique for generating skeleton test code that includes accessor methods and improves the template variable coverage criterion, using a tool that we developed called POGen. Our experiments show that template variable coverage correlates highly with the capability to detect faults, and that POGen can reduce testing costs.

An artificial intelligence programming contest with game software is one of the most effective way of learning programming. Contestants can spontaneously learn programming to win in such contests. Although our previous work helps to hold artificial intelligence programming contests, its effectiveness is limited owing to an insufficient requirement analysis and uses of an unrefined design pattern.
In this paper, we report on ACM JavaChallenge 2012, that is an artificial intelligence programming contest. we elicit requirements on a contest with a goal-oriented requirements analysis and extend the state design pattern using Scala to hold JavaChallenge 2012. We evaluate JavaChallenge 2012 very highly by questionnaire investigation.

In practical lectures on software intensive business systems, we do not yet have an established method for determining what kind of personal characteristics and team compositions are most beneficial to obtaining the maximal educational effectiveness. Here, we propose a framework for analyzing the effects of personal characteristics of team members on educational effectiveness. We also apply the framework to an actual practical lecture. As a result, we find that it is better for a team to have members with a similar degree of tendency of conservative for acquiring more knowledge and skills and the team members have similar characteristics of progressive or conservative. It is expected that in similar practical lectures, we can also obtain the desired educational effectiveness if we can compose a team with the suitable characteristics as based on our findings.

Development environments have changed drastically in recent years. The development periods are shorter than ever and the number of team has increased. These changes have led to difficulties in controlling the development activities and predicting the end of developments. In order to assess recent software developments, we propose a generalized software reliability model based on a stochastic process, and simulate developments that include uncertainties and dynamics, such as unpredictable requirements changes, shortening of the development period, and decrease in the number of members. We also compare our simulation results to those of other software reliability models. Using the values of uncertainties and dynamics obtained from our model, we can evaluate the developments in a quantitative manner.

One of the greatest barriers on the way to the efficient creation, handling, and evolution of product lines is the complexity and scale of the underlying artifacts. In this context, the MAPLE/SCALE workshop focuses on the investigation of scalability issues and the application of model-driven concepts and techniques in software product line engineering (SPLE). The workshop explores how to handle product lines of realistic complexity and how to facilitate systematic and efficient product derivation. © 2013 Authors.

If traceability links between requirements and source code are not clarified when conducting maintenance and enhancements for the same series of software products, engineers cannot immediately find the correction location in the source code for requirement changes. However, manually recovering links in a large group of products requires significant costs and some links may be overlooked. Here, we propose a semi-automatic method to recover traceability links between requirements and source code in the same series of large software products. In order to support differences in representation between requirements and source code, we recover links by using the configuration management log as an intermediary. We refine the links by classifying requirements and code elements in terms of whether they are common or specific to the products. As a result of applying our method to real products that have 60KLOC, we have recovered valid traceability links within a reasonable amount of time. Automatic parts have taken 13 minutes 36 seconds, and non-automatic parts have taken about 3 hours, with a recall of 76.2% and a precision of 94.1%. Moreover, we recovered some links that were unknown to engineers. By recovering traceability links, software reusability will be improved, and software product line introduction will be facilitated. © 2013 ACM.

Workshops are sometimes known as effective ways to learn the human and social factors of software engineering. However, their effectiveness in learning agile development principles in particular has not yet been determined, despite the fact that numerous agile development workshops have been held over the years. In this paper, we analyze the effectiveness of agile development workshops through an experiment, and show that one of representative workshops is indeed effective at learning agile principles. Self-study is another commonly used method to learn something new. Therefore, we compare the effectiveness of workshops with that of self-study to better illustrate the effectiveness of agile development workshops. In our experiment, we examine 7 workshop subjects and 8 self-study subjects, and compare their scores on the agile mind check, which is a method used to measure their degree of mastery of agile principles. As a result, we demonstrate the effectiveness of agile development workshops, especially those that simulate actual experiences. We also show that one of workshops is more effective than self-study regarding the agile mind check score.

Software developers are not necessarily security specialists, security patterns provide developers with the knowledge of security specialists. Although security patterns are reusable and include security knowledge, it is possible to inappropriately apply a security pattern or that a properly applied pattern does not mitigate threats and vulnerabilities. Herein we propose a method to validate security pattern applications. Our method provides extended security patterns, which include requirement- and design-level patterns as well as a new model testing process using these patterns. Developers specify the threats and vulnerabilities in the target system during an early stage of development, and then our method validates whether the security patterns are properly applied and assesses whether these vulnerabilities are resolved. © 2013 IEEE.

When developing asynchronous JavaScript and XML (Ajax) applications, developers implement Ajax design patterns for increasing the usability of the applications. However, unpredictable contexts of running applications might conceal faults that will break the design patterns, which decreases usability. We propose a support tool called JSVerifier that automatically verifies interaction invariants; the applications handle their interactions in invariant occurrence and order. We also present a selective set of interaction invariants derived from Ajax design patterns, as input. If the application behavior breaks the design patterns, JSVerifier automatically outputs faulty execution paths for debugging. The results of our case studies show that JSVerifier can verify the interaction invariants in a feasible amount of time, and we conclude that it can help developers increase the usability of Ajax applications.

The development organization often changes during software development. Derivative developments, forks, and change of developers due to acquisition or open-sourcing are some conceivable situations. However, the impact of this change on software quality has yet to be elucidated. Herein we introduce the concept of origins to study the effects of organizational changes on software quality. A file's origin is defined as its creation and modification history. Using the concept of origins, we analyze two open source projects, OpenOffice and VirtualBox, which were each developed by a total of three organizations. We conduct statistical analysis to investigate the relationship between the origins, product metrics, the number of modifications, and defects. Results show that files that are created or modified by multiple organizations or by later organizations tend to be faultier due to the increase in complexity and modification frequency.

When performing maintenance and expansion for the group of products derived, it is important to clarify traceability between requirements and implementation. However, for the large group of products, these tasks manually are difficult. First, we analyze commonality and variability in requirements and source codes. Next, using the configuration management log, we analyze the correspondence of those results. Finally, using the results of this study, we propose a method to extract traceability links between requirements and implements automatically. Result of applying the proposed method to derived products group of a certain size. we were able to extract the appropriate traceability links in a practical time.

Although asynchronous technologies such as Ajax make Rich Internet Applications (RIAs) responsive, they can result in unexpected behavior due to nondeterministic client-side processing and asynchronous communication. One difficulty in understanding such erroneous behavior lies in the unpredictable contexts of the running system. Dynamic behavior analysis techniques do not help to verify the correctness of certain "blind spots" in the execution path. In this work, we present a static approach for extracting all possible state transitions described in source code from the RIAs. Our approach is based on the assumption that user, server and self interactions with the RIAs can change the states of the application. Our method consists of four steps: 1) using given specifications of Ajax relevant to interactions as rules, 2) creating a call graph, annotating interactions on it and extracting interaction controls, 3) abstracting the call graph to extract relationships among the interactions, and 4) refining the relationships with the interaction controls. By extracting the state machines of test scenarios of the correct and wrong behavior, it can help developers to pinpoint the statements in the source code that lead to the erroneous behavior. Our approach has been evaluated against a few experimental cases and we conclude that it can extract comprehensible state machines in a reasonable time. © 2012 IEEE.

Existing AOP tools, typified by AspectJ, are proposed as extensions of a single language. Therefore, most existing AOP tools cannot deal with cross-cutting concerns, which are scattered on many modules implemented in two or more languages. We propose a novel language-independent AOP framework named UniAspect. UniAspect translates programs written in various languages into a Unified Code Object, which is our common representation of source code. And it achieves the modularization of scattered cross-cutting concerns in multiple languages by weaving aspects through the Unified Code Object. In this paper, we introduce a case study of the implementation of logs in a web application that is implemented in Java and JavaScript. Its result shows that UniAspect achieves the modularization of these concerns by a single aspect. © 2012 ACM.

Although asynchronous technologies such as Ajax make Rich Internet Applications (RIAs) responsive, they can result in unexpected behavior due to nondeterministic client-side processing and asynchronous communication. One difficulty in understanding such erroneous behavior lies in the unpredictable contexts of the running system. Dynamic behavior analysis techniques do not help to verify the correctness of certain "blind spots" in the execution path. In this work, we present a static approach for extracting all possible state transitions described in source code from the RIAs. Our approach is based on the assumption that user, server and self interactions with the RIAs can change the states of the application. Our method consists of four steps: 1) using given specifications of Ajax relevant to interactions as rules, 2) creating a call graph, annotating interactions on it and extracting interaction controls, 3) abstracting the call graph to extract relationships among the interactions, and 4) refining the relationships with the interaction controls. By extracting the state machines of test scenarios of the correct and wrong behavior, it can help developers to pinpoint the statements in the source code that lead to the erroneous behavior. Our approach has been evaluated against a few experimental cases and we conclude that it can extract comprehensible state machines in a reasonable time.

There are various approaches to quantitatively and statically measuring the reusability of program source code
however, empirical demonstrations of the effectiveness of such approaches by considering actual reuse in actual development projects or of the magnitude of their effect on actual reusability have not been reported in depth. In this paper, we identified a set of metrics that are thought to be effective for measuring the reusability of C language program source code. Subsequently, for ten projects involved in development with existing software modification and adoption, during which conventional source code in an old project are extensively reused and adopted to a new project, we compared values of the static metrics identified and the reuse results before and after the development. Statistical analysis demonstrated that some of our metrics are effective for actual software development, and we accurately determined the magnitude of their effect on actual reusability. More concretely, it was found that when the percentage of files used outside the belonging directory is small and the number of function calls is small, the complexity of source code as the material of reuse and factors that are affected by the source code are limited, indicating high reusability. © 2012 Springer-Verlag.

Simulink models represent program as block diagrams for usually control system design. In large scale models or a large number of models, duplicated parts called "clones" could reduces the maintainability of models. To overcome such issue, there are existing researches on detecting perfect-matching clones; however these researches are not adequate for detecting imperfect-matching clones made by some partial modifications after copied and pasted. We propose a technique for detecting imperfect-matching clones in Simulink models efficiently by combining the existing perfect-matching clone detection technique and a fast apriori-based graph mining algorithm. We implemented the proposed technique as a detection tool and confirmed that the tool can detect imperfect-matching tools by applying it to several control system models. It is expected that models could be easily maintained by detecting such clones by the technique, and recording and managing them.

The activities of software analysis and design are important because they are the first steps in the software development. The objective of this paper is to identify the patterns that emerge during these activities. Identifying these patterns is important because we can imitate the patterns that increase our productivity and avoid the patterns that decrease our productivity. The patterns are made from sequences the logical actions "Create", "Delete" and "Rename" applied on the elements of the design diagrams. These actions are collected when creating UML class diagrams with the open source modeling tool ArgoUML. The patterns found are of two types: micro-pattens and macro-patterns. These patterns were related to different design strategies such as top down, breadth first.

Agile development refers to the group of software development methodologies based on an iterative and incremental process model. It divides the development period into short time frames called iterations and uses a body of knowledge obtained from past experience called practice to ensure agile software development Although the iteration length is an important factor in agile development however it has so far been decided by the qualitatively and it has been reported that projects with an inappropriate iteration length tends to be failed. We thus propose a new methodology for estimating an appropriate iteration length through the conduct on of a simulation based on project constraints. In this paper we first, propose a method of calculating an appropriate iteration length for a particular project to promote the easy use of agile development. Second, the relationship between the iteration length and project constraints was investigated by varying the parameters to create diverse situations. © 2012 IEEE.

The commonality and variability analysis of legacy software assets requires high costs in terms of personnel and time in extractive core asset development. We propose a technique for supporting the commonality and variability analysis, targeting the requirements and structural models of legacy software assets for the development of a feature diagram and a product line architecture (PLA). We analyze the commonality and variability of the sentences as requirements and classes as structural models by calculating similarities based on a vector space model. By using our technique, the costs in terms of personnel and time required for the analysis of legacy software assets can be reduced. Copyright 2012 ACM.

Test coverage is an important indicator of whether software has been sufficiently tested. However, there are several problems with the existing measurement tools for test coverage, such as their cost of development and maintenance, inconsistency, and inflexibility in measurement. We propose a consistent and flexible measurement framework for test coverage that we call the Open Code Coverage Framework (OCCF). It supports multiple programming languages by extracting the commonalities from multiple programming languages using an abstract syntax tree to help in the development of the measurement tools for the test coverage of new programming languages. OCCF allows users to add programming language support independently of the test-coverage-criteria and also to add test-coverage-criteria support independently of programming languages in order to take consistent measurements in each programming language. Moreover, OCCF provides two methods for changin the measurement range and elements using XPath and adding user code in order to make more flexible measurements. We implemented a sample tool for C, Java, and Python using OCCF. OCCF can measure four test-coverage-criteria. We also confirmed that OCCF can support C#, Ruby, Java Script, and Lua. Moreover, we reduced the lines of code (LOCs) required to implement measurement tools for test coverage by approximately 90% and the time to implement a new test-coverage-criterion by over 80% in an experiment that compared OCCF with the conventional non-framework-based tools.

Analysis patterns encapsulating recurrent analysis processes and results are reused for software analysis. Due to high cost of extracting analysis patterns from existing assets, analysis patterns are sometimes unavailable even though there are a lot of requirements and models as assets. Thus we propose a technique for extracting analysis patterns from existing requirements and corresponding analysis models described in the form of UML class diagrams. Our technique analyzes a set of requirements and corresponding analysis models in terms of structure and word similarity, and specifies commonality. By using our technique, it is possible to extract analysis patterns without high cost.

Design patterns are known for their usefulness to solve recurrent problems. Design patterns are a way of transmitting knowledge and experience by using proven, high quality solutions. A problem that emerges when using design patterns is that it is not clear how to measure the impact that has its application on the source code. The relationships between metrics and design patterns is not clear. We propose an experiment for measuring the usefulness of metrics and their success in predicting correct usage of design patterns. With this experiment we will explore which metrics capture best the relationship of design patterns quality of the source code. By using those metrics we will make predictions about the correct usage of the design patterns. In this experiment the selected metrics were not a good predictor, however it is a starting point to explore more metrics and their relationships with design patterns.

We present two common patterns for distributed systems: Enterprise Service Bus (ESB) and Distributed Publish/Subscribe (P/S). ESB defines a common bus structure that provides basic brokerage functions as well as a set of other appropriate services. The ESB has been used mostly for web services but it can be used for any distributed system. The P/S realizes a system structure where subscribers register to receive events produced by a publisher. The P/S has been described usually in a centralized environment and we emphasize here its distributed nature. These patterns are mainly intended for web services application and distributed systems architects and designers. In those applications, the ESB and the Distributed P/S are architectural units that need to be combined with other architectural units. © Copyright 2011 Carnegie Mellon University.

UML class diagrams representing the static structure of the relations between different concepts existing in a problem are widely used in model-based software development. However, no effective measures of a class diagram's understandability yet exist. We have devised quantitative measures of a class diagram's understandability and evaluated their validity. We obtained strong correlations between the domain experts' subjective evaluations of the understandability of a class diagram and the measurements of our methods. These results indicate that our measures can effectively quantify the understandability of class diagrams. © 2011 IEEE.

A good way to obtain secure systems is to build applications in a systematic way where security is an integral part of the lifecycle. The same applies to reliability. If we want a system which is secure and reliable, both security and reliability must be built together. If we build not only applications but also middleware and operating systems in the same way, we can build systems that not only are inherently secure but also can withstand attacks from malicious applications and resist errors. In addition, all security and reliability constraints should be defined in the application level, where their semantics is understood and propagated to the lower levels. The lower levels provide the assurance that the constraints are being followed. In this approach all security constraints are defined at the conceptual or application level. The lower levels just enforce that there are no ways to bypass these constraints. By mapping to a highly secure platform, e.g., one using capabilities, we can produce a very secure system. Our approach is based on security patterns that are mapped through the architectural levels of the system. We make a case for this approach and we present here three aspects to further develop it. These aspects include a metamodel for security requirements, a mapping of models across architectural levels, and considerations about the degree of security of the system. © 2011 IEEE.

Among several diagrams defined in UML, the class diagram is particularly useful through entire software development process, from early domain analysis stages to later maintenance stages. However conventional UML environments are often inappropriate for collaborative modeling in physically remote locations, such as exchanging models on a public mailing list via email. To overcome this issue, we propose a new diagram notation, called "TCD" (Text-based uml Class Diagram), for describing UML class diagrams using ASCII text. Since text files can be easily created, modified and exchanged in anywhere by any computing platforms, TCD facilitates the collaborative modeling with a number of unspecified people. Moreover, we implemented model converters for converting in both directions between UML class diagrams described in the XMI form and those in the TCD form. By using the converters, the reusability of models can be significantly improved because many of UML modeling tools support the XMI for importing and exporting modeling data.

The spread of open-software services through the Internet increases the importance of security. A security pattern is one of the techniques in which developers utilize security experts' knowledge. Security patterns contain typical solutions about security problems. However there is a possibility that developers may apply security patterns in inappropriate ways due to a lack of consideration on dependencies among patterns. Application techniques of security patterns that consider such dependencies have not been proposed yet. In this paper, we propose an automated application technique of security patterns in model driven software development by defining applications procedures of security patterns to models as model transformation rules with consideration for pattern dependencies. Our technique prevents inappropriate applications such as the application of security patterns to wrong model elements and that in wrong orders. Therefore our technique supports developers apply security patterns to their own models automatically in appropriate ways.

Test coverage is an important indicator of whether software has been tested sufficiently. However, existing measurement tools for test coverage are associated with several problems such as their cost of development and maintenance, inconsistency and inflexibility in measurement. We propose a framework for consistent and flexible measurement of test coverage, called the Open Code Coverage Framework (OCCF), that supports multiple programming languages. OCCF extracts commonalities from multiple programming languages focusing on only small syntax differences in programming languages using an abstract syntax tree. OCCF provides guidelines to support several test coverage criteria. Moreover, OCCF let users expand features to add user-defined test coverage and new programming language. As a result, we reduced the lines of code required to implement measurement tools for test coverage by about 90%and the time to implement a special coverage criterion by80% or more in an experiment that compared OCCF with conventional tools developed individually without using the framework. © 2010 IEEE.

Addressing the challenges of developing secure software systems remains an active research area in software engineering. Current research efforts have resulted in the documentation of recurring security problems as security patterns. Security patterns provide encapsulated solutions to specific security problems and can be used to build secure systems by designers with little knowledge of security. Despite this benefit, there is lack of work that focus on evaluating the capabilities of security analysis approaches for their support in incorporating security analysis patterns. This chapter presents evaluation results of a study we conducted to examine the extent to which constructs provided by security requirements engineering approaches can support the use of security patterns as part of the analysis of security problems. To achieve this general objective, the authors used a specific security pattern and examined the challenges of representing this pattern in some security modeling approaches. The authors classify the security modeling approaches into two categories: Problem and solution and illustrate their capabilities with a well-known security patterns and some practical security examples. Based on the specific security pattern they have used our evaluation results suggest that current approaches to security engineering are, to a large extent, capable of incorporating security analysis patterns. © 2011, IGI Global.

This chapter describes ongoing work on the use of patterns in the development of secure systems. The work reflects a collaboration among five research centers on three continents. Patterns are applied to all aspects of development, from domain analysis and attack modeling to basic design, and to all aspects of the systems under development, from the database and infrastructure to policies, monitoring, and forensics. The chapter, provides an overview of the method of development involving the full range of patterns, and describes many recent contributions from the many research threads being pursued within the collaboration. Finally, future directions of research in the use of patterns are described. © 2011, IGI Global.

It is possible to reasonably measure the security quality of individual security patterns. However, more interesting is to ask: Can we show that a system built using security patterns is secure in some sense? We discuss here some issues about evaluating the security of a system built using security patterns. We consider the use of threats and misuse patterns to perform this evaluation.

The spread of open-software services through the Internet increases the importance of security. A security pattern is one of the techniques in which developers utilize security experts' knowledge. Security patterns contain typical solutions about security problems. However there is a possibility that developers may apply security patterns in inappropriate ways due to a lack of consideration on dependencies among patterns. Application techniques of security patterns that consider such dependencies have not been proposed yet. In this paper, we propose an automated application technique of security patterns in model driven software development by defining applications procedures of security patterns to models as model transformation rules with consideration for pattern dependencies. Our technique prevents inappropriate applications such as the application of security patterns to wrong model elements and that in wrong orders. Therefore our technique supports developers apply security patterns to their own models automatically in appropriate ways.

The duplicated test code exists widely in source code. However duplicated test code decreases maintainability. We therefore extract and propose a pattern for reconstructing test code to remove the duplication. The pattern finds duplicated test code based on test coverage and helps to remove redundant test code. We contribute to advancement and the spread of the test technology by describing the patter.

We have proposed a new type of pattern, the misuse pattern. This pattern describes, from the point of view of the attacker, how a type of attack or misuse is performed (what system units it uses and how)
it also provides ways of stopping the attack by enumerating possible security patterns that can be applied for this purpose, and helps analyzing the attack once it has happened by indicating where can we find forensics data as well as what type of data. A catalog of misuse patterns is needed to let designers evaluate their designs with respect to possible threats. We present here a misuse pattern for a generic worm, which describes the essential and typical characteristics of this type of malware. We consider how to stop this malware and we also discuss some examples and variations.

FIT船井ベストペーパー賞, FITヤングリサーチャー賞

This paper reports on &quot;Winter Workshop 2009 in Miyazaki (WW2009)&quot;; held in Miyazaki City from 23rd to 24th January 2009.

We will discuss here the theoretical, social, technological and practical issues related to quality aspects of software patterns including security and safety aspects. The workshop will provide the opportunity for bringing together researchers and practitioners, and for discussing the future prospects of this area. As for the workshop format, first, we will have short talks on what software patterns are, and how they are related to quality. Second, we will have accepted position paper presentations to expose the latest researches and practices on software patterns and quality. Finally, we will discuss several topics related to these presentations in small groups. Newcomers, interested researchers and practitioners are free to attend the workshop to facilitate their understandings, researches and practices on software patterns and quality.

There are a large number of security patterns encapsulating reusable solutions to recurrent security problems. However, catalogs of security patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. There is a need to conduct more precise classifications of security patterns. We analyze here ways to represent security patterns using specialized models for their precise classification. We define two new types of models, one that describes how a security pattern relates to several classification dimensions (Dimension Graph), and another that describes how security patterns relate to each other (Pattern Graphs). We show these ideas with examples from security patterns.

Java Script is a popular scripting language that is particularly useful for client-side programming together with HTML/XML on the Web. As Java Script programs become more complex and large, separation of concerns at the implementation level is a significant challenge. Aspect orientation has been a well known concept to realize improved separation; however, existing mechanisms require modifications in the target modules for aspect weaving in Java Script (i.e., not "complete" separation). In this paper, we propose an Aspect-Oriented Java Script framework, named "AOJS", which realizes the complete separation of aspects and other core modules in Java Script. AOJS can specify function executions, variable assignments and file initializations in Java Script programs as the joinpoints of aspects. Moreover, AOJS guarantees the complete separation of aspects and core program modules by adopting a proxy-based architecture for aspect weaving. By utilizing these features, we confirmed that AOJS offers improved modifiability and extendability for Java Script programming.

Detecting design patterns from object-oriented program source-code can help maintainers understand the design of the program. However the detection precision of conventional approaches based on the structural aspects of patterns is low due to the fact that there are several patterns with the same structure. To solve this problem, we propose an approach of design pattern detection using source-code of before the application of the design pattern. Our approach is able to distinguish different design patterns with similar structures, and help maintainers understand the design of the program more accurately. Moreover our technique reveals when and where the target pattern has been applied in an ordered series of revisions of the target program. Our technique is useful to assess what kinds of patterns increase what kinds of quality characteristics such as the maintainability.

Security patterns are now starting to be accepted by industry. Security patterns are useful to guide the security design of systems by providing generic solutions that can stop a variety of attacks but it is not clear to an inexperienced designer what pattern should be applied to stop a specific attack. They are not useful either for forensics because they do not emphasize the modus operandi of the attack. To complement security patterns, we have proposed a new type of pattern, the misuse pattern. This pattern describes, from the point of view of the attacker how a type of attack is performed (what units it uses and how), defines precisely the context of the attack, analyzes the ways of stopping the attack by enumerating possible security patterns that can be applied for this purpose, and describes how to trace the attack once it has happened by appropriate collection and observation of forensics data. We present here a model that characterizes the precise structure of this type of pattern.

Java Script is a popular scripting language that is particularly useful for client-side programming together with HTML/XML on the Web. As Java Script programs become more complex and large, separation of concerns at the implementation level is a significant challenge. Aspect orientation has been a well known concept to realize improved separation; however, existing mechanisms require modifications in the target modules for aspect weaving in Java Script (i.e., not "complete" separation). In this paper, we propose an Aspect-Oriented Java Script framework, named "AOJS", which realizes the complete separation of aspects and other core modules in Java Script. AOJS can specify function executions, variable assignments and file initializations in Java Script programs as the joinpoints of aspects. Moreover, AOJS guarantees the complete separation of aspects and core program modules by adopting a proxy-based architecture for aspect weaving. By utilizing these features, we confirmed that AOJS offers improved modifiability and extendability for Java Script programming.

We held the 2nd Workshop on Software Patterns and Quality (SPAQu'08) as a focus group of the 15th Conference on Pattern Languages of Programs (PLoP '08), to discuss the theoretical, social, technological and practical issues related to quality aspects of software patterns, including security aspects. In this report we summarize the objectives and results of the workshop. © 2008 is held by the author(s).

We introduce the concept of "abstract" security patterns that deal with abstract security mechanisms, rather than concrete implementations. We also show an organization of abstract security patterns and concrete ones into hierarchies. © 2008 is held by the author(s).

Patterns are useful knowledge about recurring problems and solutions. Detecting a security problem using patterns in requirements models may lead to its early solution. In order to facilitate early detection and resolution of security problems, in this paper, we formally describe a role-based access control (RBAC) as a pattern that may occur in stakeholder requirements models. We also implemented in our goal-oriented modeling tool the formally described pattern using model-driven queries and transformations. Applied to a number of requirements models published in literature, the tool automates the detection and resolution of the security pattern in several goal-oriented stakeholder requirements. Copyright 2008 ACM.

In component-based software development, it is necessary to measure the quality of components before they are built into the system in order to ensure the high quality of the entire system. However, in application development with component reuse, it is difficult to use conventional metrics because the source codes of components cannot be obtained, and these metrics require analysis of source codes. Moreover, conventional techniques do not cover the whole of quality characteristics. In this paper, we propose a suite of metrics for measuring quality of JavaBeans components based on limited information that can be obtained from the outside of components without any source codes. Our suite consists of 21 metrics, which are associated with quality characteristics based on the ISO9126 quality model. Our suite utilizes the qualitative evaluation data available on WWW to empirically identify effective metrics, and to derive a reference value (threshold) for each metric. As a result of evaluation experiments, it is found our suite can be used to effectively identify black-box components with high quality. Moreover we confirmed that our suite can form a systematic framework for component quality metrics that includes conventional metrics and newly defined metrics.

Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.

We have proposed in the past three separate methodologies for secure software development. We have found that they have many common and complementary aspects and we proposed a combination of them that appears as a good approach to secure software development. The combined methodology applies security at all stages, considers the architectural levels of the system, applies security policies through the use of patterns, and formalizes some portions of the design. We have studied in some detail how to elicit and describe security requirements, how to reflect these requirements in the conceptual model, how to estimate some performance aspects, how to formalize some aspects such as communication protocols, and how to map the conceptual requirements into design artifacts. A design aspect which we have not studied is the incorporation of databases as part of the secure architecture. The database system is a fundamental aspect for security because it stores the persistent information, which constitutes most of the information assets of the institution. We present here some ideas on how to make sure that the database system has the same level of security than the rest of the secure application.

In the age of pervasive computing, ubiquitous collaboration has become an every-day life paradigm. Without an ideal computing infrastructure, issues with ubiquitous collaboration, such as network unreliability, platform heterogeneity, and client's resource constraints, are inevitable. The traditional replication scheme copes with network unreliability by replicating all the objects of a shared application together at once. This is, however, suitable for neither cooperative applications nor mobile computing devices. These problems can be naturally addressed by using a fine-grained replication scheme that enables a portion of the application objects to be replicated. This paper presents an object-oriented middleware that is capable of dynamically and transparently replicating remotely shared Java applications in a partially and on-demand incremental manner. It is also able to maintain various consistency semantics and enables the coexistence of fine-grained replications and conventional remote method invocations. Empirical results indicate several practical benefits of the middleware.

A robot design contest, called the "Embedded Technology (ET) Software Design Robot Contest," which involves designing software to automatically control a line-trace robot, was held in Tokyo, in 2005. The contest was intended to provide a practical opportunity to educate young Japanese developers in the field of embedded software development. In this paper, we give the results of the contest from the viewpoint of software quality evaluation. We created a framework for evaluating software quality, which integrated the design model quality and the final system performance, and we conducted an analysis using this framework. As a result of the analysis, the quantitative measurement of the structural complexity of the design model was found to have a strong relationship to the qualitative evaluation of the design by the contest judges. On the other hand, no strong correlation between the design model quality evaluated by the judges and the final system performance was found. For embedded software development, it is particularly important to estimate and verify reliability and performance in the early stages, according to the design and analysis models. Based on the results, we consider possible remedies with respect to the models submitted, the evaluation methods used, and the contest specifications. To adequately measure several quality characteristics, including performance, in terms of a model, it is necessary to improve the approach to developing robot software (for example, by applying model-driven development) and to reexamine the evaluation methods. © 2007 National Instiute of Informatics.

A software component often requires programmers to set appropriate initial values in many of its attributes. The work involved in the initialization can be alleviated by attaching a wizard interface to the target component itself and setting the initial values visually from the wizard; however there are large development costs associated with devising suitable initial value candidates and producing a new wizard to use these initial values for each individual component. In this paper we propose a system whereby application programs that use a target component are subjected to dynamic analysis to discover which attributes and initial values are set most often during the running of the component. The proposed system generates and attaches a wizard, which supports application programmers to initialize the component visually by using these initial values, to the component. Experiments have shown that the attributes and their initial values chosen for initialization by generated wizards closely resemble the expectations of the component's original developers.

Definition and utilization of project-specific processes is important for effectively conducting industrial information system development. Process tailoring is an approach of achieving processes optimized for the characteristics of a project. However, conventional tailoring techniques such as component-based ones and generator ones lack a way to address the overall consistency or reuse process fragments. In this paper, we propose a technique for establishing process lines, which are sets of common processes in particular problem domains, and process line architectures that incorporate commonality and variability. Process line architectures are used as a basis for deriving process lines from the perspective of overall optimization. The proposed technique includes some extensions to the Software Process Engineering Metamodel for clearly expressing the commonality and variability in the process workflows when modeling the workflows as UML activity diagrams. As a result of applying the proposed technique to hardware/software co-design processes in an embedded system development domain, it is found that the proposed technique is useful for defining consistent and project-specific processes efficiently. © 2006 IEEE.

Demand for reliability in Web applications has increased greatly in recent years as they have begun to be used more for enterprise applications. Model checking is an effective way to increase software reliability, but because most Web applications have short delivery times, preparation and application costs make it difficult to introduce model-checking techniques into the development process. In this paper, we propose a technique for automatically extracting page transitions from a Web application that has been developed using a Web application framework, such as Struts configuration files and Java Server Page templates, and transforming it into a format that can be used by existing model-checking tools. Using the proposed technique, Web application developers will be able to reduce the preparation and application costs of introducing model-checking techniques.

The abstraction level of the problem treated by a design pattern has wide variety, from architecture to near implementation. There is no objective metric indicating the abstraction level of the problems addressed by patterns. Thus, it is difficult to understand the abstraction level of each pattern and to position a new pattern. In this paper, a metric is proposed. It indicates the relative abstraction level of a pattern's problem. We propose a metric obtained from inter-pattern relationships. We also propose a visualization method for the metric. Using such metrics, we aim to help developers easily understand the abstraction level of each pattern and, therefore, to better decide about its usefulness for the problem at hand. © 2007 Copyright is held by the authors.

This paper discusses the Top SE program established to bridge the industry-academia gap. The program features extensive use of software engineering tools, not only to introduce students to the tools, but also as a conduit for learning the techniques and guidelines needed to apply the tools to practical software development situations. The curriculum is organized around practical problems mainly from the area of digital home appliances and focuses on upper stream software development processes.
The Top SE program is developed and operated by a close collaboration between industry and academia. We illustrate our discussion with examples from one of the courses, Verification of Design Models, which takes up model checking technologies, including three specific tools: SPIN, SMV, and LTSA.

The effect of the quality of program source code on the cost of development and maintenance as well as on final system performance has resulted in a demand for technology that can measure and evaluate the quality with high precision. Many metrics have been proposed for measuring quality, but none have been able to provide a comprehensive evaluation, nor have they been used widely. We propose a practical framework which achieves effective measurement and evaluation of source code quality, solves many of the problems of earlier frameworks, and applies to programs in the C programming language. The framework consists of a comprehensive quality metrics suite, a technique for normalization of measured values, an aggregation tool which allows evaluation in arbitrary module units from the component level up to whole systems, a visualization tool for the evaluation of results, a tool for deriving rating levels, and a set of derived standard rating levels. By applying this framework to a collection of embedded programs experimentally, we verified that the framework can be used effectively to give quantitative evaluations of reliability, maintainability, reusability and portability of source code.

A software component often requires programmers to set appropriate initial values in many of its attributes. The work involved in the initialization can be alleviated by attaching a wizard interface to the target component itself and setting the initial values visually from the wizard; however there are large development costs associated with devising suitable initial value candidates and producing a new wizard to use these initial values for each individual component. In this paper we propose a system whereby application programs that use a target component are subjected to dynamic analysis to discover which attributes and initial values are set most often during the running of the component. The proposed system generates and attaches a wizard, which supports application programmers to initialize the component visually by using these initial values, to the component. Experiments have shown that the attributes and their initial values chosen for initialization by generated wizards closely resemble the expectations of the component's original developers.

Although numbers of software pattern catalogues and languages have been published, little is known about quality of patterns, quality by patterns and quality aspects of pattern activities. This workshop seeks to gain an improved understanding on the theoretical, social, technological and practical issues related to quality aspects of patterns including security and safety.

Although numbers of software pattern catalogues and languages have been published, little is known about quality of patterns, quality by patterns and quality aspects of pattern activities. This workshop seeks to gain an improved understanding on the theoretical, social, technological and practical issues related to quality aspects of patterns including security and safety.

Object caching is a common feature in the scalable distributed object systems. Fine-grained replication optimizes the performance and resource utilization in object caching by enabling a remote object-oriented application to be partially and incrementally on-demand replicated in units of cluster. Despite these benefits, the lack of common and simple implementation framework makes the fine-grained replication scheme not extensively used. This paper proposes the novel frameworks for dynamic, transparent, partial and automatically incremental replication of distributed Java objects based on three techniques that are lazy-object creation, proxy and hook. One framework enables the fine-grained replication of server-side stateful in-memory application, and the other framework enables the fine-grained replication of server-side stateless in-memory application, client-side program, or standalone application. The experimental evaluation demonstrates that the efficiency in terms of response time of both frameworks are relatively practical to the extent of a local method invocation.

It is typical that only a part of the whole program code is necessary for their successful execution. Partial program code loading optimizes the start-up delay and system resource consumption of the object-oriented programs by decomposing the program into a set of object class clusters as the units of incremental on-demand loading. Unfortunately, the lack of a systematic yet simple class clustering technique prohibits such an optimization approach. This paper presents a Java class clustering technique that is able to improve both the spatial locality and temporal affinity of an optimized prograrn. The technique provides two clustering algorithms, resource-centric and performance-centric, to achieve different requirements in optimizations. Experimental results indicate that Our algorithms are practically useful to both interactive and noninteractive programs. Among the tested Java programs, use of the performance-centric and resource-centric algorithms could significantly improve program loading, on average, by 2.9 and 2.2 times, respectively, faster than whole prograrn loading Both algorithms resulted in chances to economize system resources. (C) 2006 Institute of Electrical Engineers of Japan. Published by John Wiley & Sons, Inc.

A component connection enables a component to use the functionality of other components directly, without generating adapters or other mechanisms at run-time. In conventional component connection models, the connection between components, particularly third-party components, is very costly for code reuse because the component source code must be modified if the types of requester-side and provider-side are different. This paper proposes a new component model, built upon an existing component architecture, which abandons a component service type and connects components based on a method type collection of the provider and requester components. Our model enables flexible connections owing to relaxed component matching, in which the system that implements our model automatically converts values of parameters, return values, and exceptions between required methods and provided ones within a well-defined range. As a result of experimental evaluations, it is found that our model is superior to conventional models in terms of the component-use cost and the capability of changing connections.

Remote-component-based software systems (CBS) must provide high maintainability to support operation over long periods of time and correspond to changes in enterprise requirements/environments. Measurements of the degree of complexity of a system are one technique for evaluating maintainability. However, conventional complexity metrics are unable to reflect the overall complexity of the system, because they do not incorporate a procedure to account for characteristics of CBS. To help maintenance work proceed smoothly, we propose a new metric that measures the coupling-based complexity of CBS by abstracting the target system's structure through a step-wise process and taking into consideration the characteristics of remote components. Our metric can be applied to CBS based on the Enterprise JavaBeans component architecture. As a result of experimental evaluations, it is found that our metric better reflects the maintainability than conventional metrics. It is also found that our metric is nonredundant with existing metrics such as Coupling Factor. © 2006 IEEE.

When a software component is used, it is often necessary to set initial values in many of its attributes. To set these initial values appropriately, the user of the component must ascertain which attributes are needed to be initialized, and set them programmatically to suitable initial values. The work involved in this sort of initialization can be alleviated by attaching a wizard interface to the target component itself and setting the initial values visually from the wizard. However, there are large development costs associated with devising suitable initial value candidates and producing a new wizard to use these initial values for each individual component. In this paper, we propose a system whereby application programs that use a target component are subjected to dynamic analysis to discover which attributes and initial values are set most often during the running of the component. The proposed system generates and attaches a wizard, which supports application programmers to initialize the component visually by using these initial values, to the component. The proposed system can be recognized as a system for applying the Wizard pattern to each component automatically. Experiments have shown that the attributes and their initial values chosen for initialization by generated wizards closely resemble the expectations of the component's original developers. We have thus confirmed that the proposed system can bring about a substantial reduction in wizard development costs.

Java applications have been distributed more and more over the Internet. Deploying a Java application by retrieving the entire program often encounters extended delay due to network congestion or large program size. Many times system resources are also wasted because users do not utilize every component of the downloaded application. These problems can be addressed by decomposing a program into smaller pieces for individual downloading on demand. This paper proposes a middleware by which a Java application can be partially and on-demand incrementally deployed via HTTP. The middleware also supports application caching and automatically transparent updating. The launching delay for an application in an experiment was found to be reduced by 83% from that of traditional whole-at-once application deployment. Total program deployment and execution overhead was 22% less than that of Java Web Start. The middleware provides functional benefits over related technologies: these benefits include finer-grained program deployability, on-demand incremental updatability, and alternatively simple developing environment.

Remote-component-based software systems (CBS) must provide high maintainability to support operation over long periods of time and correspond to changes in enterprise requirements/environments. Measurements of the degree of complexity of a system are one technique for evaluating maintainability. However, conventional complexity metrics are unable to reflect the overall complexity of the system, because they do not incorporate a procedure to account for characteristics of CBS. To help maintenance work proceed smoothly, we propose a new metric that measures the coupling-based complexity of CBS by abstracting the target system's structure through a step-wise process and taking into consideration the characteristics of remote components. Our metric can be applied to CBS based on the Enterprise JavaBeans component architecture. As a result of experimental evaluations, it is found that our metric better reflects the maintainability than conventional metrics. It is also found that our metric is nonredundant with existing metrics such as Coupling Factor.

In general, a component-based system uses only a part of the functions of its software components. Therefore, precise structural testing for components requires to specify what functions of the components are used in the system. In addition, in the case with an object-oriented component, some existing studies point out that testing of all possible bindings between a call site and the methods that the site may invoke is extremely ineffective. In this paper, we propose a method for precisely estimating test coverage of components on an object-oriented frame work by using its deployment descriptor and evaluate its effectiveness.

In this paper, we propose a technique for establishing process lines, which are sets of common processes in particular problem domains, and process line architectures that incorporate commonality and variability. Process line architectures are used as a basis for deriving process lines from the perspective of overall optimization. The proposed technique includes some extensions to the Software Process Engineering Metamodel for clearly expressing the commonality and variability in the process workflows described as UML activity diagrams. As a result of applying the proposed technique to hardware/software co-design processes in an embedded system domain, it is found that the proposed technique is useful for defining consistent and project-specific processes efficiently.

Remote-component-based software systems (CBS) must provide high maintainability to support operation over long periods of time and correspond to changes in enterprise requirements/environments. Measurements of the degree of complexity of a system are one technique for evaluating maintainability. However, conventional complexity metrics are unable to reflect the overall complexity of the system, because they do not incorporate a procedure to account for characteristics of CBS. To help maintenance work proceed smoothly, we propose a new metric that measures the coupling-based complexity of CBS by abstracting the target system's structure through a step-wise process and taking into consideration the characteristics of remote components. Our metric can be applied to CBS based on the Enterprise JavaBeans component architecture. As a result of experimental evaluations, it is found that our metric better reflects the maintainability than conventional metrics. It is also found that our metric is nonredundant with existing metrics such as Coupling Factor.

Component-based software development (CBD) is based on building software systems from previously-existing software components. In CBD, reuse of common parts in component form can reduce the development cost of new systems, and reduce the maintenance cost associated with the support of these systems. However, existing programs have usually been built using another paradigm, such as the object-oriented (00) paradigm. 00 programs cannot be reused rapidly or effectively in the CBD paradigm even if they contain reusable functions. In this paper, we propose a technique for extracting components from existing 00 programs by our new refactoring "Extract Component". Our technique of refactoring can identify and extract reusable components composed of classes from 00 programs, and modify the surrounding parts of extracted components in original programs. We have developed a system that performs our refactoring automatically and extracts Java-Beans components from Java programs. As a result of evaluation experiments, it is found that our system is useful for extracting reusable components along with usage examples from Java programs. (c) 2004 Elsevier B.V. All rights reserved.

Graphical User Interface (GUI) application component is a compound component, which consists of fine-grained components (such as GUI widgets) and specific logic. GUI application components fabricated by conventional techniques expose low extensibility because of the incomplete separation between the application logic part and GUI part inside the components. In this paper we propose a new component architecture, "BeaM", which realizes complete separation between both parts inside the GUI application components. We have implemented a development environment corresponding to the proposed architecture in Java language. As a result of experimental evaluations, it is found that BeaM is useful to develop GUI application components as JavaBeans components with high extensibility.

In software development, many kinds of knowledge are shared and reused as software patterns. However the relation analysis among software patterns by hand is difficult on the large scale. In this paper we propose a technique for the automatic relation analysis among the patterns. Our technique is based on a new pattern model to treat various patterns, and utilizes exiting text processing techniques to extract patterns from documents and to calculate the strength of pattern relations. As a result of experiments, the system that implements our technique has extracted appropriate relations among patterns without information on relations described in original pattern documents. Moreover our system has the ability to suggest relations among patterns that the author has not noticed.

The activity of the software process improvement can be supported by reusing various kinds of knowledge on existing successful software processes in the form of process patterns. There are several catalogs of process patterns available on WWW; however, all of relations among patterns are closed in each pattern catalog. To acquire the cross-cutting relations over the different process pattern catalogs, we have applied the technique for the automatic relation analysis among the patterns. Our technique utilizes existing text processing techniques to extract patterns from documents and to calculate the strength of pattern relations. As a result of experimental evaluations, it is found that the system implementing our technique has extracted appropriate cross-cutting relations over the different process pattern catalogs without information on relations described in original pattern documents. These cross-cutting relations will be useful for dealing with larger problems than those dealt with by individual process patterns.

Class clustering is important to distributed object caching. We argue that clustering class to support distributed objects caching must consider the contemporaneity property among the classes to gain optimal performance and to satisfy system scalability at the same time. In this paper, we propose a novel class clustering algorithm that is simple while minimizing system resource wastage. The algorithm produces a set of cachable clusters by partitioning object-oriented program s class graph in such a way that each cluster contains only classes that are really needed in the same time period of execution. Through a graph theoretic model, the algorithm statically performs clustering analysis on input programs. A case study is given to illustrate the proposed algorithm. An experimental evaluation proves that our algorithm is practically useful.

Scalability is a stringent requirement to every evolving information system. One of the key solutions to the scalability is caching. Most distributed object caching systems to date offer only coarse-grained mechanism in which an entire servant object graph is cached at once. Doing this minimizes cache miss frequency but imposes the long latency of cache miss resolution especially when the servant object graph is large or when the network load is high. Hence, it is preferable to compromise between this pair of performance metrics. Using fine-grained caching approach in which only necessary parts of the servant object graph are cached can satisfy both metrics at the same time. In this paper, we propose a framework that supports the incremental and automatic fine-grained caching of Java objects at run time in transparent manner to client. This goal is efficiently achieved by means of proxy and hook mechanisms. Experimental results demonstrate that our framework incurs the latency of cache miss resolution by only one third of a remote invocation latency of Java RML Furthermore, the proposed framework can deliver cache hit performance closely to that of Java local invocation's while outperforming Java RMI 1400 times.

We propose a new conditional test suite that supports preconditions, postconditions, and class-invariants for any JavaBeans component, without the possibility of heisenbugs.

To realize appropriate software reuse, it is necessary to seek software that satisfies a given requirement. However, conventional search techniques cannot enable prompt reuse of software because such conventional techniques target the program source code as the retrieval unit. In this paper, we propose a new component-extraction-based program search system. Our system analyses a collection of object-oriented (00) programs, acquires relationships among 00 classes, and extracts reusable software components composed of some classes. Moreover, our system generates indexes composed of divided type names and comments for newly extracted components. Using our system, the extracted components can be searched by keywords, and the result set can be viewed by a web browser such that the user can decide whether the query result component matches his/her requirements.

A program search system is indispensable for software reuse. However, conventional search techniques are inappropriate for prompt reuse because of two reasons: (1) the retrieval unit is an individual program source code, and (2) behavioral features of the query result program cannot be confirmed immediately. In this paper, we propose a new program search and trial execution system based on a component extraction technique for existing Object-Oriented (OO) programs. Our system analyzes class relationships in OO program source codes, detects reusable parts composed of classes, and transforms the detected classes into components. The extracted components can be searched by keywords, and the result set can be viewed by a web browser. Moreover, our system allows users to perform the trial execution of components remotely via the web browser by performing the method execution and the mouse click operation. As a result of evaluation experiments, it is found that our system can extract many reusable components from existing programs, and support the user to search the extracted components effectively.

We propose a new component-extraction-based program search system. Our system analyses existing Java programs, acquires relationships among classes, and extracts JavaBeans components composed of classes. Moreover, our system generates indexes composed of divided type names and comments for newly extracted components. Using our system, the extracted components can be searched by keywords, and the result set can be viewed by a web browser such that the user can decide whether the query result component matches his/her requirements.

In component-based software development, it is necessary to measure the reusability of components in order to realize the reuse of components effectively. There are some product metrics for measuring the reusability of Object-Oriented software. However in application development with reuse, it is difficult to use conventional metrics because the source codes of components cannot be obtained, and these metrics require analysis of source codes. In this paper we propose a metrics suite for measuring the reusability of such black-box components based on limited information that can be obtained from the outside of components without any source codes. We define five metrics for measuring a component's understandability, adaptability, and portability, with confidence intervals that were set by statistical analysis of a number of JavaBeans components. Moreover we provide a reusability metric by combining these metrics based on a reusability model. As a result of evaluation experiments, it is found that our metrics can effectively identify black-box components with high reusability.

A mechanism of retrieving software components is indispensable for component-based software development. However, conventional retrieval techniques require an additional description, and cannot evaluate the total characteristics of a component. In this paper, we propose a new similarity metric, "directed replaceability similarity" (DRS), which represents how two components differ in terms of structure, behavior, and granularity. We developed a retrieval system that automatically measures DRS between a user's prototype component and components stored in a repository, without any source codes or additional information. As a result of evaluation experiments, it is found that the retrieval performance of our system is higher than those of conventional techniques.

In component-based software development, the mechanism by which the software components which best satisfy a user’s query are retrieved is indispensable. However, conventional retrieval methods cannot evaluate the total characteristics of a component, because they consider a single aspect of the component or require an additional description. In this paper, we propose a new distance metric, “directed replaceability distance” (DRD), which represents how different two components are in detail from the viewpoint of structure, behavior, and granularity. We have developed a retrieval system which uses DRD as a measure of the difference between a user’s query prototype component and the components stored in a repository. In this paper, we outline the concept of DRD and the usefulness of our retrieval system.

GUI application components, which are developed by combining the most basic generic GUI components and appending the required application logic, have been widely utilized. Their target is domain-specific and instance-level software reuse. In traditional methods, the separation between the application logic part and GUI part is incomplete. As a result, sufficient reusability and extensibility of the GUI application components cannot be realized. In this paper, the Model-View separation architecture BeaM (Bean for Model-view separation), which realizes complete independence between the application logic part and GUI part, is proposed. Also the evaluation results are analyzed based on the implementation in Java language.

品質の特定のためのパターン（2）：「測定可能なシステム品質」「品質の折り込み」「着陸ゾーン」

品質の特定のためのパターン：「重要な品質の発見」「品質シナリオ」「品質ストーリー」

ネットワークソフトウェア対象のセキュリティ・プライバシ・トラストのエコシステム

アジャイル品質はどのように取り組まれているのか？ – パターン QA to AQ の実践状況より

Editorial for the special issue of STVR on the 10th IEEE International Conference on Software Testing, Verification, and Validation (ICST 2017)

Towards Software Co-Engineering by AI and Developers

DX時代のAI・IoT活用イノベーティブ人材育成スマートエスイー

DXレポート2およびワーキンググループ1報告書

特集「ソフトウェア工学の基礎」の編集にあたって

特集「ソフトウェア工学の基礎」の編集にあたって

APSEC 2018 開催および参加報告

Designing Secure Software by Testing Application of Security Patterns

特集「ソフトウェア工学の基礎」の編集にあたって

Research on Software Quality Assurance for Artificial Intelligence System

「残念なシステム」のなくしかた、第３回 僕たちの仕事は役に立っているのか？

「残念なシステム」のなくしかた、第４回 測れるって素晴らしい!!

「残念なシステム」のなくしかた、第5回 プロジェクトに優先順位を付けよう

「残念なシステム」のなくしかた、第1回 「正しく」できても「正しいことをやる」のができない理由

Many programming tasks require programmers to modify similar program elements continuously. It will take some time to find out the next element to be modified without missing the necessary modifications, and it is too much hassle to select the text to change each similar element. To improve these problems, we extracted all possible matched elements by using the similarity patterns from recently modified elements. The sub syntax tree comparison is employed to extract similarity patterns. As a tool, SimilarHighlight can give programmers some suggests that program elements are similar to the last selected elements and might be modified at the next modifications. The elements will be highlighted and the text of the next element can be selected immediately for modify by shortcut keys. In addition, the tool supports C#, Java, C, JavaScript and other languages in future.

We report on the 17th Software Product Line Conference was held in Tokyo, Japan.

IPSJ Special Interest Group of Software Engineering (SIGSE) holds a workshop focusing on deep discussion among participants once a year. In the fiscal year of 2012, we had a workshop in Nasu, Tochigi prefecture, January 2013. We had a deep discussion about recent issues and future direction of software engineering. In this paper, we report each discussion held in each special theme session and the whole workshop.

ソフトウェアテストは,ソフトウェアの品質を保証する上で重要な工程である.しかし,実際の開発では,テスターによる貢献が成果物から見えにくいため,モチベーションの低下,ひいてはテスト工程への倦厭を引き起こす傾向がある.本研究では,テストカバレッジなどのメトリクスから貢献度を数値化して,テスト記述者の貢献度として可視化する手法を提案する.さらに,貢献度を用いたゲー ミフィケーションの要素を導入した教育用テストツールを提案することで,テストに対する教育効果およびモチベーション向上を図る.テストに不慣れな学生に 対する被験者実験を通して,提案ツールの教育効果およびモチベーション向上の効果を測定する.

Simulink model is suitable for embedded software development. On the other hand, it is difficult to fix, often tend to be large and complicated model. Understandability of the model is low abstraction is dependent on developers by subsystem, the model. Therefore, we conducted an appropriate abstraction aims to improve the maintainability of the Simulink model to apply the clustering method does not depend on the developer. In addition, we propose a two-way conversion of Simulink models and UML models. By converting to static and dynamic model of the UML model, to improve the understanding and clarifying the responsibilities. And to maintain the correspondence between the model in two-way conversion.

This paper reports the 15th Conference on Pattern Languages of Programs (PLoP2008), held in October 2008 in Nashville, USA. There were 27 pattern papers and one research paper in PLoP2008.

ソフトウェア中心システムの開発における品質要求は,要求分析の段階で明確に識別し,さらにはソフトウェアのアーキテクチャ分析・設計において明示的に扱うことではじめて実現される.また,属人性の排除,トレーサビリティを考慮したアーキテクチャ分析・設計は,ソフトウェア工学の手法を適用する必要がある.しかし,各工程に対して複数の手法を適応する場合,手法間の整合性を考慮する必要があり,手法を適用する阻害要因となっている.上述の背景を踏まえ,本稿では,簡単なWEBシステムの開発を事例として,複数の手法を用いた品質要求駆動型のアーキテクチャ分析・設計手法を提案する.具体的には,要求分析手法であるKAOS,アーキテクチャ設計手法である品質特性駆動型設計(Attribute-Driven Design)の整合性を考慮し,独自拡張を加えたアーキテクチャ分析・設計手法を提案する.さらに,提案手法は,品質要求を考慮したアーキテクチャ分析・設計を達成する中で,アスペクト指向型アーキテクチャを抽出する技法を取り扱う.

2008年1月24日,25日の2日間に愛媛大学(愛媛県・松山市)にて開催したウインターワークショップ2008・イン・道後(WW2008)の概要について報告する.

ソフトウェア中心システムの開発における品質要求は,要求分析の段階で明確に識別し,さらにはソフトウェアのアーキテクチャ分析・設計において明示的に扱うことではじめて実現される.また,属人性の排除,トレーサビリティを考慮したアーキテクチャ分析・設計は,ソフトウェア工学の手法を適用する必要がある.しかし,各工程に対して複数の手法を適応する場合,手法間の整合性を考慮する必要があり,手法を適用する阻害要因となっている.上述の背景を踏まえ,本稿では,簡単なWEBシステムの開発を事例として,複数の手法を用いた品質要求駆動型のアーキテクチャ分析・設計手法を提案する.具体的には,要求分析手法であるKAOS,アーキテクチャ設計手法である品質特性駆動型設計(Attribute-Driven Design)の整合性を考慮し,独自拡張を加えたアーキテクチャ分析・設計手法を提案する.さらに,提案手法は,品質要求を考慮したアーキテクチャ分析・設計を達成する中で,アスペクト指向型アーキテクチャを抽出する技法を取り扱う.

2008年1月24日,25日の2日間に愛媛大学(愛媛県・松山市)にて開催したウインターワークショップ2008・イン・道後(WW2008)の概要について報告する.

This paper reports &quot;Winter Workshop 2007 in Naha&quot;, held at Jan. 25-26 in Naha city.

ソフトウェアパターンとは,ソフトウェア開発において頻出する問題と問題が発生する状況,解法の選択にかかる制約条件,および,具体的な解法の組である.パターンを用いることで熟練技術者の持つ知織やノウハウの共有や再利用を促進することができる.パターンの有機的な利用にはパターン間関連の分析が重要であるが,人手による網羅的なパターン間関連の分析は困難である,本稿では,自然言語処理技術を用いて,ソフトウェアパターン間の関連を自動的に抽出する手法を提案する.本手法を用いることで,人手による分析よりも多数のパターンについて,網羅的な関連分析が可能になる.

2006年9月に東京にて第21回ソフトウェア工学の自動化国際会議(ASE2006)を開催および参加したので,取り上げられた主な内容を紹介する.会議の傾向として,モデル検査/記号実行に基づくプログラム解析/検証の取り組み,および,プログラム変更履歴からの特定の情報(例えばアスペクト)発掘の取り組みが多く見られ,両分野への取り組みの活発化を伺えた.会議には約220名の参加があり,国内外の研究者がソフトウェア工学自動化の最先端の取り組みについて議論し交流する良い機会となった.

This paper reports major topics of the 28th International Conference on Software Engineering at May 2006. There are many presentations on testing, architecture and design. Moreover, we saw the wide spread of software engineering applied to various domains such as pervasive/embedded systems and distributed/web/DB systems.

コンポーネントは, 組み込まれるシステムによって, その機能の利用範囲が異なる. よって, 構造テストによりコンポーネントに対する品質を評価する場合, その利用範囲を特定しなければ, 正しい品質指標を算出できない. また, オブジェクト指向言語で実装されたコンポーネントの場合, その多態的な振舞いを全網羅する構造テストは, 非効率であることが指摘されている. この解決のため, 本提案では, オブジェクト指向フレームワークを基盤としたシステムにおける配置記述にコンポーネント間の呼び出し関係を特定する記述があることに注目した. 本稿では, 配置記述を用い, テストすべきコンポーネントの機能を特定し, 精度の高い品質指標を算出する方式について示す.

本稿では, ソフトウェアパターンの発展の経緯を概観し, ソフトウェア工学やプログラミング言語の分野で著名な国際会議および論文誌などで発表された論文を中心に, ソフトウェアパターンへの工学的取り組みに関する最近の話題を概説する.

コンポーネント間接続とは, コンポーネントが他の独立したコンポーネントの機能を, 実行時にアダプタ生成などせずに利用することである. 従来のコンポーネント間接続では, 第三者によって開発されたコンポーネントを再利用する際, コンポーネントの要求側と提供側の型が一致しない場合は, ソースコードの変更が必要となり再利用のコストが高い. 本論文では, 既存のコンポーネントアーキテクチャ上において, コンポーネント自身の型付けを放棄しコンポーネントが提供・要求するメソッドのシグニチャの集合に基づいて接続を行うコンポーネントモデルを提案しその実装を示す. メソッドの引数・戻り値・例外の値が自動的に変換可能な範囲で, メソッド間の緩い適合判定を行うことにより, 柔軟で容易な再利用を可能とする.

コンポーネント間接続とは, コンポーネントが他の独立したコンポーネントの機能を, 実行時にアダプタ生成などせずに利用することである. 従来のコンポーネント間接続では, 第三者によって開発されたコンポーネントを再利用する際, コンポーネントの要求側と提供側の型が一致しない場合は, ソースコードの変更が必要となり再利用のコストが高い. 本論文では, 既存のコンポーネントアーキテクチャ上において, コンポーネント自身の型付けを放棄しコンポーネントが提供・要求するメソッドのシグニチャの集合に基づいて接続を行うコンポーネントモデルを提案しその実装を示す. メソッドの引数・戻り値・例外の値が自動的に変換可能な範囲で, メソッド間の緩い適合判定を行うことにより, 柔軟で容易な再利用を可能とする.

本稿では,ソフトウェアパターンに関するこれまでの研究動向について述べ,研究成果とパターン指向開発プロセスの関連付けを行う。さらに,ソフトウェアパターン研究の今後について述べる。

GUIを基本とした対話型アプリケーションシステムにおいて,ユーザが行った操作の取消し/再実行を実現するUndo機構は必要不可欠である.従来のオブジェクト指向開発におけるUndo機構の実装は,Undoフレームワークを開発時に利用することでなされてきたが,開発・保守コストが高く迅速な実装を行うのが困難であった.本論文では,細粒度なコンポーネント群によって構成されるすでに開発されたアプリケーションに対して,コンポーネントが持つ状態値の変化を中心としてUndo機構を実装し,開発・保守コストの大幅な低減を実現する手法を提案する.細粒度コンポーネントに着目した本手法では,アプリケーションに対してユーザ操作によってもたらされる影響が複数の履歴群によって表現されるので,ユーザが想定する1つの取消し/再実行を形成する履歴群のまとまりを適宜作成する必要がある.そこで,履歴リスト中の履歴群を実行時に複合化することで,利便性の高い適切な大きさの履歴群に再構成する履歴階層化手法を提案し,実装とともにその有用性を示す.

コンポーネント指向ソフトウェア開発において,組立ての基本要素となるソフトウェアコンポーネントを対象として品質測定を行い,コンポーネント単体での信頼性を向上させることが重要である.しかしコンポーネントは基本的にソースコードを直接参照することができないため,ソースコードの参照を前提としている従来提案される品質測定法(プロダクト測定法)を適用するのは困難である.本稿では,コンポーネントが備える再利用特性に着目したプロダクト測定法を提案し,ソースコードが非開示なコンポーネントの品質を測定した結果について述べる.

コンポーネント指向開発においてコンポーネントの開発者が,コンポーネントが正常に動作するために満たすべき条件の一部を,コンポーネント中の内部属性に関する条件の論理的記述として表現し,コンポーネント単体での条件テストを行うことがある.しかしながら,従来の条件テスト手法では,コンポーネント本体のソースコードと条件テストスクリプトの明確な分離,および条件テストモデルの柔軟な記述を同時に実現できなかった.本稿では,細粒度コンポーネント内部の観測可能な属性を利用して,条件テスト用の環境を自動的に生成することでコンポーネント本体のソースコードと条件テストスクリプトの明確な分離を果たし,さらに条件記述を別ファイルで与えることで条件記述を容易に変更可能な手法を提案する.提案する手法を実装した条件テストスイートを構築した結果について,その有用性を示す.

複雑な設定を容易に定義可能とするウィザードを、コンポーネントに付加しようという試みがある。しかしながら、コンポーネントウィザードを付加するにあたり、ウィザードのコードの作成、コンポーネントのプロパティの望ましい設定の導出に必要な時間の問題があるため、実際にウィザードを提供するコンポーネントは少数である。本稿では、ウィザードをコンポーネントで使用可能にするため、コンポーネントのプロパティの情報を利用し、コンポーネントにウィザードを自動付加する手法を提案する。我々は、アプリケーション中でコンポーネントの生成直後にプロパティの値を設定するメソッドに注目し、複数のサンプルアプリケーションについて、設定されたプロパティの情報解析(利用情報解析)を行い、コンポーネントに設定するプロパティの組合せを導出する。続いて、プロパティの組合せとそれに対応するプロパティの値を、自動付加したウィザードで開発者に提示する。

コンポーネント指向ソフトウェア開発において,要求に合致するコンポーネントの検索を適切に支援する機構は不可欠である.従来の検索手法は,コンポーネントの単一の特徴面を考慮するため特徴全体の要求に対する適合性を判断できず,また,コンポーネント本体以外の情報を必要とする等準備コストが大きい.本論文では,ソースコードを参照せずにコンポーネントから自動抽出可能な情報を基に,コンポーネント間の構造面・振舞面・粒度面について差異を表し,重視する特徴面を変更可能な有向置換性類似度を提案する。本論文では,検索要求をプロトタイプとして与え,プロトタイプとの有向置換性類似度に基づきリポジトリ中のコンポーネント群を順位付けする検索方式を実現した結果について,その有用性を示す.

GUIアプリケーションの開発時に, 最も基本的な汎用コンポーネントを組み合せ, さらにアプリケーションロジックを付加することで, 特定のアプリケーションドメインに特化された, クラスレベルでの再利用を目的とするGUIアプリケーション部品を開発, 利用することがある.従来の手法では, GUIアプリケーション部品内部でのアプリケーションロジックとGUI部分との依存性の排除は不完全なものであり, 結果として部品全体の再利用性および拡張性の欠如をもたらす.本稿ではGUIアプリケーション部品の開発において, アプリケーションロジック部とGUI部が相互に依存しないアーキテクチャBeaMを提案し, Java言語による実装を行った結果についての評価を行う.

ソフトウェアブロダクトの品質向上を目的として、プロダクトに対する静的側面の計測指標(プロダクトメトリクス)が従来から数々提案されてきている。従来提案される手法は、ソースコードを参照して得られる情報を基に品質測定を行っている。しかしながら、近年注目されるコンポーネント指向開発において、組立ての基本要素となるソフトウェアコンポーネントについて品質測定を行う場合、ソフトウェアコンポーネントは基本的にソースコードを直接参照することができないため、従来手法を適用するのは困難である。本稿では、ソフトウェアコンポーネントが備える特性に着目したプロダクトメトリクスと、それらをブラックボックス的に計測する品質測定手法を提案する。

Existing privacy methods which is extension of security method do not mention user needs including individual private feeling. Therefore it is hard to specify appropriate requirements because we cannot make the validation and the reason clear with such methods. We have proposed a method which comes up with privacy requirements with privacy preference from the viewpoint of users' needs. In addition, existing research does not handle the conflicts between privacy and security requirements well. We take the conflicts into account, so that we can develop secure and privacy-friendly service efficiently

Most existing Aspect-Oriented Programming (AOP) environments cannot deal with cross-cutting concerns, which are scattered on many modules implemented in two or more languages. The modularization of such cross-cutting concerns is necessary to achieve efficient and reliable software development involving multiple programming languages. This research realized a novel language-independent AOP framework named UniAspect; which translates programs written in various languages into common representations of source code. It achieves the modularization of scattered cross-cutting concerns in multiple languages by weaving aspects

We need a security development method to quickly adapt to changes ofsecurity requirements. In other words, we firstly estimate the impact on a software system to change it for implementation of security countermeasures before the implementation to know the security costs with the method. Additionally, the method should allow us to apply security countermeasures semi-automatically to reduce the implementation costs. In this research, we have proposed three kinds of security patterns: threat patterns, attack patterns and countermeasure patterns with the relationships among them. In addition, we illustrate relations between these patterns and a design of applications with security stereo-types of UML

Test coverage is an important indicator of whether software has been sufficiently tested. However, there are several problems with the existing measurement tools for test coverage, such as their cost of development and maintenance, inconsistency, and inflexibility in measurement. This research proposes a consistent and flexible measurement framework for test coverage. It supports multiple programming languages by extracting the commonalities from multiple programming languages using an abstract syntax tree to help in the development of the measurement tools for the test coverage of new programming languages

In order to improve productivity of software development, to improve stability of quality and to shorten the lead time of software development, product line development of software is attention whose target is a product family in the same domain. The software product line development is a method of large-scale reusing software components systematically. The purpose of this research was to develop a qualified software product lines by the given methodology, and to utilize it. In particular, our research target is optimal representation method of core assets, establishment of a clear scoping technique, and selection method of core asset. For these purposes, we pointed out some problems, presented countermeasures, and verify its effectiveness. In addition, we suggested a new maintenance method of core asset was proposed. It will be possible that the application of the product line in this research makes the application developments easy for high reliability with high productivity.