22 resultados para Developing Software
em Universidad Politécnica de Madrid
Resumo:
Software testing is a key aspect of software reliability and quality assurance in a context where software development constantly has to overcome mammoth challenges in a continuously changing environment. One of the characteristics of software testing is that it has a large intellectual capital component and can thus benefit from the use of the experience gained from past projects. Software testing can, then, potentially benefit from solutions provided by the knowledge management discipline. There are in fact a number of proposals concerning effective knowledge management related to several software engineering processes. Objective: We defend the use of a lesson learned system for software testing. The reason is that such a system is an effective knowledge management resource enabling testers and managers to take advantage of the experience locked away in the brains of the testers. To do this, the experience has to be gathered, disseminated and reused. Method: After analyzing the proposals for managing software testing experience, significant weaknesses have been detected in the current systems of this type. The architectural model proposed here for lesson learned systems is designed to try to avoid these weaknesses. This model (i) defines the structure of the software testing lessons learned; (ii) sets up procedures for lesson learned management; and (iii) supports the design of software tools to manage the lessons learned. Results: A different approach, based on the management of the lessons learned that software testing engineers gather from everyday experience, with two basic goals: usefulness and applicability. Conclusion: The architectural model proposed here lays the groundwork to overcome the obstacles to sharing and reusing experience gained in the software testing and test management. As such, it provides guidance for developing software testing lesson learned systems.
Resumo:
Software Product Line Engineering (SPLE) is becoming widely used due to the improvement it means when developing software products of the same family. However, SPLE demands long-term investment on a product-line platform that might not be profitable due to rapid changing business settings. Since Agile Software Development (ASD) approaches are being successfully applied in volatile markets, several companies have suggested the idea of integrating SPLE and ASD when a family product has to be developed. Agile Product Line Engineering (APLE) advocates the integration of SPLE and ASD to address their lacks when they are individually applied to software development. A previous literature re-view of experiences and practices on APLE revealed important challenges about how to fully put APLE into practice. Our contribution address several of these challenges by tailoring the agile method Scrum by means of three concepts that we have defined: plastic partial components, working PL-architectures, and reactive reuse.
Resumo:
The crop simulation model AquaCrop, recently developed by FAO can be used for a wide range of purposes. However, in its present form, its use over large areas or for applications that require a large number of simulations runs (e.g., long-term analysis), is not practical without developing software to facilitate such applications. Two tools for managing the inputs and outputs of AquaCrop, named AquaData and AquaGIS, have been developed for this purpose and are presented here. Both software utilities have been programmed in Delphi v. 5 and in addition, AquaGIS requires the Geographic Information System (GIS) programming tool MapObjects. These utilities allow the efficient management of input and output files, along with a GIS module to develop spatial analysis and effect spatial visualization of the results, facilitating knowledge dissemination. A sample of application of the utilities is given here, as an AquaCrop simulation analysis of impact of climate change on wheat yield in Southern Spain, which requires extensive input data preparation and output processing. The use of AquaCrop without the two utilities would have required approximately 1000 h of work, while the utilization of AquaData and AquaGIS reduced that time by more than 99%. Furthermore, the use of GIS, made it possible to perform a spatial analysis of the results, thus providing a new option to extend the use of the AquaCrop model to scales requiring spatial and temporal analyses.
Resumo:
We attempt to integrate and start up the set of necessary tools to deploy the design cycle of embedded systems based on Embedded Linux on a "Cyclone V SoC" made by Altera. First, we will analyze the available tools for designing the hardware system of the SoCkit development kit, made by Arrow, which has a "Cyclone V SoC" system (based on a "ARM Cortex-A9 MP Core" architecture). When designing the SoCkit board hardware, we will create a new peripheral to integrate it into the hardware system, so it can be used as any other existent resource of the SoCkit board previously configured. Next, we will analyze the tools to generate an Embedded Linux distribution adapted to the SoCkit board. In order to generate the Linux distribution we will use, on the one hand, a software package from Yocto recommended by Altera; on the other hand, the programs and tools of Altera, Embedded Development Suite. We will integrate all the components needed to build the Embedded Linux distribution, creating a complete and functional system which can be used for developing software applications. Finally, we will study the programs for developing and debugging applications in C or C++ language that will be executed in this hardware platform, then we will program a Linux application as an example to illustrate the use of SoCkit board resources. RESUMEN Se pretende integrar y poner en funcionamiento el conjunto de herramientas necesarias para desplegar el ciclo de diseño de sistemas embebidos basados en "Embedded Linux" sobre una "Cyclone V SoC" de Altera. En primer lugar, se analizarán las diversas herramientas disponibles para diseñar el sistema hardware de la tarjeta de desarrollo SoCkit, fabricada por Arrow, que dispone de un sistema "Cyclone V SoC" (basado en una arquitectura "ARM Cortex A9 MP Core"). En el diseño hardware de la SoCkit se creará un periférico propio y se integrará en el sistema, pudiendo ser utilizado como cualquier otro recurso de la tarjeta ya existente y configurado. A continuación, también se analizarán las herramientas para generar una distribución de "Embedded Linux" adaptado a la placa SoCkit. Para generar la distribución de Linux se utilizará, por una parte, un paquete software de Yocto recomendado por Altera y, por otra parte, las propias herramientas y programas de Altera. Se integrarán todos los componentes necesarios para construir la distribución Linux, creando un sistema completo y funcional que se pueda utilizar para el desarrollo de aplicaciones software. Por último, se estudiarán las herramientas para el diseño y depuración de aplicaciones en lenguaje C ó C++ que se ejecutarán en esta plataforma hardware. Se pretende desarrollar una aplicación de ejemplo para ilustrar el uso de los recursos más utilizados de la SoCkit.
Resumo:
Usability is the capability of the software product to be understood, learned, used and attractive to the user, when used under specified conditions. Many studies demonstrate the benefits of usability, yet to this day software products continue to exhibit consistently low levels of this quality attribute. Furthermore, poor usability in software systems contributes largely to software failing in actual use. One of the main disciplines involved in usability is that of Human-Computer Interaction (HCI). Over the past two decades the HCI community has proposed specific features that should be present in applications to improve their usability, yet incorporating them into software continues to be far from trivial for software developers. These difficulties are due to multiple factors, including the high level of abstraction at which these HCI recommendations are made and how far removed they are from actual software implementation. In order to bridge this gap, the Software Engineering community has long proposed software design solutions to help developers include usability features into software, however, the problem remains an open research question. This doctoral thesis addresses the problem of helping software developers include specific usability features into their applications by providing them with a structured and tangible guidance in the form of a process, which we have termed the Usability-Oriented Software Development Process. This process is supported by a set of Software Usability Guidelines that help developers to incorporate a set of eleven usability features with high impact on software design. After developing the Usability-oriented Software Development Process and the Software Usability Guidelines, they have been validated across multiple academic projects and proven to help software developers to include such usability features into their software applications. In doing so, their use significantly reduced development time and improved the quality of the resulting designs of these projects. Furthermore, in this work we propose a software tool to automate the application of the proposed process. In sum, this work contributes to the integration of the Software Engineering and HCI disciplines providing a framework that helps software developers to create usable applications in an efficient way.
A repository for integration of software artifacts with dependency resolution and federation support
Resumo:
While developing new IT products, reusability of existing components is a key aspect that can considerably improve the success rate. This fact has become even more important with the rise of the open source paradigm. However, integrating different products and technologies is not always an easy task. Different communities employ different standards and tools, and most times is not clear which dependencies a particular piece of software has. This is exacerbated by the transitive nature of these dependencies, making component integration a complicated affair. To help reducing this complexity we propose a model-based repository, capable of automatically resolve the required dependencies. This repository needs to be expandable, so new constraints can be analyzed, and also have federation support, for the integration with other sources of artifacts. The solution we propose achieves these working with OSGi components and using OSGi itself.
Resumo:
World Health Organization actively stresses the importance of health, nutrition and well-being of the mother to foster children development. This issue is critical in the rural areas of developing countries where monitoring of health status of children is hardly performed since population suffers from a lack of access to health care. The aim of this research is to design, implement and deploy an e-health information and communication system to support health care in 26 rural communities of Cusmapa, Nicaragua. The final solution consists of an hybrid WiMAX/WiFi architecture that provides good quality communications through VoIP taking advantage of low cost WiFi mobile devices. Thus, a WiMAX base station was installed in the health center to provide a radio link with the rural health post "El Carrizo" sited 7,4 km. in line of sight. This service makes possible personal broadband voice and data communication facilities with the health center based on WiFi enabled devices such as laptops and cellular phones without communications cost. A free software PBX was installed at "San José de Cusmapa" health care site to enable communications for physicians, nurses and a technician through mobile telephones with IEEE 802.11 b/g protocol and SIP provided by the project. Additionally, the rural health post staff (midwives, brigade) received two mobile phones with these same features. In a complementary way, the deployed health information system is ready to analyze the distribution of maternal-child population at risk and the distribution of diseases on a geographical baseline. The system works with four information layers: fertile women, children, people with disabilities and diseases. Thus, authorized staff can obtain reports about prenatal monitoring tasks, status of the communities, malnutrition, and immunization control. Data need to be updated by health care staff in order to timely detect the source of problem to implement measures addressed to alleviate and improve health status population permanently. Ongoing research is focused on a mobile platform that collects and automatically updates in the information system, the height and weight of the children locally gathered in the remote communities. This research is being granted by the program Millennium Rural Communities of the Technical University of Madrid.
Resumo:
From the educational point of view, the most widespread method in developing countries is on-site education. Technical and economic resources cannot support conventional distance learning infrastructures and it is even worse for courses in universities. They usually suffer a lack of qualified faculty staff, especially in technical degrees. The literature suggest that e-learning is a suitable solution for this problem, but its methods are developed attending to educational necessities of the First World and cannot be applied directly to other contexts. The proposed methodology is a variant of traditional e-learning adapted to the needs of developing countries. E-learning for Cooperation and Development (c&d-learning) is oriented to be used for educational institutions without adequate technical or human resources. In this paper we describe the c&d-learning implementation architecture based on three main phases: hardware, communication and software; e.g. computer and technical equipping, internet accessing and e-learning platform adaptation. Proper adaptation of educational contents to c&d-learning is discussed and a real case of application in which the authors are involved is described: the Ngozi University at Burundi.
Resumo:
There is no empirical evidence whatsoever to support most of the beliefs on which software construction is based. We do not yet know the adequacy, limits, qualities, costs and risks of the technologies used to develop software. Experimentation helps to check and convert beliefs and opinions into facts. This research is concerned with the replication area. Replication is a key component for gathering empirical evidence on software development that can be used in industry to build better software more efficiently. Replication has not been an easy thing to do in software engineering (SE) because the experimental paradigm applied to software development is still immature. Nowadays, a replication is executed mostly using a traditional replication package. But traditional replication packages do not appear, for some reason, to have been as effective as expected for transferring information among researchers in SE experimentation. The trouble spot appears to be the replication setup, caused by version management problems with materials, instruments, documents, etc. This has proved to be an obstacle to obtaining enough details about the experiment to be able to reproduce it as exactly as possible. We address the problem of information exchange among experimenters by developing a schema to characterize replications. We will adapt configuration management and product line ideas to support the experimentation process. This will enable researchers to make systematic decisions based on explicit knowledge rather than assumptions about replications. This research will output a replication support web environment. This environment will not only archive but also manage experimental materials flexibly enough to allow both similar and differentiated replications with massive experimental data storage. The platform should be accessible to several research groups working together on the same families of experiments.
Resumo:
In this work a complete hardware-software support platform for a WSN testbed focused on developing wireless sensor applications in a simple and intuitive way is presented, as an alternative of commercial-motes-based testbeds that can be found in the state of the art. The main target of this hardware-software platform is to provide the highest abstraction level on the management of WSNs but in the simplest way in order to achieve a fast profiling mechanism for reliable prototyping based on the Cookies platform as well as helping users to develop, test and validate Cookie-Based WSN applications.
Resumo:
In this work a complete set of libraries for developing wireless sensor applications in a simple and intuitive way is presented, in contraposition to the most spread application abstraction-level mechanisms based on operating systems. The main target of this software platform, named CookieLibs, is to provide the highest abstraction level on the management of WSNs but in the simplest way for those users who are not familiar with software design, in order to achieve a fast profiling mechanism for reliable prototyping based on the Cookies platform.
Resumo:
Actualmente existen multitud de aplicaciones creadas para la gestión de proyectos software; cada una de ellas pretende dar solución y facilitar las tareas propias de los gestores y los desarrolladores pertenecientes a los equipos de desarrollo. Los equipos de desarrollo software suelen estar integrados por gran variedad de recursos, tanto humanos como materiales. Cada uno desempeña una función concreta en el proyecto, pudiendo no tener una dedicación plena al proyecto. Por eso, es necesario que dichos recursos sean compartidos entre la cartera proyectos existentes. Para resolver este planteamiento en las aplicaciones de gestión de proyectos, ha sido requisito fundamental que se puedan gestionar varios proyectos de forma simultánea (gestión multiproyecto), pudiendo repartir la dedicación de los recursos entre los proyectos existentes en la cartera. En la actualidad, existe un gran número de metodologías de gestión de proyectos, por lo que, en parte, el éxito del proyecto radica en la elección de la más adecuada. Entre todas las metodologías existentes, este estudio se ha centrado en las cada vez más utilizadas metodologías de gestión de proyectos ágiles; se describe en qué consisten, qué beneficios aportan frente a las metodologías clásicas y cuáles son las más utilizadas por sus ya contrastados beneficios y el valor que aportan a la gestión de proyectos. Por lo descrito anteriormente, otro requisito fundamental a la hora de valorar las aplicaciones de gestión de proyectos ha sido la capacidad de soportar y aplicar metodologías ágiles de gestión de proyectos. En este estudio también se ha tenido en cuenta el tipo de aplicación atendiendo a su instalación y acceso, y se ha realizado la diferenciación entre aplicaciones web- las cuales precisan ser instaladas en un servidor web y son accesibles desde cualquier dispositivo con navegador -, y aplicaciones de escritorio - las cuales precisan estar instaladas en un equipo de forma local y sólo pueden ser accedidas a ellas desde dicho equipo. En este estudio se han evaluado varias aplicaciones, intentando analizar el cumplimiento de las características comentadas anteriormente, dando como resultado tres aplicaciones seleccionadas siendo éstas las que pueden aportar más valor a la hora de gestionar una cartera de proyectos. ABSTRACT. At present, there are many applications aimed at managing software projects. Every application intends to solve and facilitate tasks to managers and developers belonging to the development teams. Software development teams are usually made up of many different human and material resources, each of them developing a specific task in the project and sometimes without a full dedication to the project. Therefore, these resources have to be shared within the existing project portfolio. To meet this need in project management applications, the main requirement is to be able to manage several projects simultaneously (multi-project management), thus allowing resources to be shared within the existing project portfolio. At present, there are a large number of project management methodologies and the success of the project lies in choosing the most appropriate one. Among all the existing methodologies, this study has focused on the increasingly used agile project management methodologies. The study describes the way they work, their added value in comparison traditional methodologies, and which ones are more often used due to their already verified benefits and value in managing projects. Taking into account the above-mention characteristics, another key requirement when assessing the project management applications has been their capacity to support and implement project management agile methodologies. This study has also taken into account the type of application according to its installation and access. A difference is established between web applications – which require to be installed in a web server and are accessible from any device with a web browser – and desktop applications, which must be installed in the equipment to be used and are only accessible from this equipment. The study has assessed several applications by analyzing the compliance with the above-mentioned characteristics and has chosen three applications that provide the management of the project portfolio with an added value.
Resumo:
One of the major problems in developing countries is minority access to higher education. Traditional scholarships usually focus on paying tuition fees for bringing brilliant students to developed countries (from where they seldom return). But local grants seldom target the more needy students. We propose a system of student loans to pay tuition fees in exchange for technical work. This appears to be a satisfactory and sustainable solution. We also provide UBURYO (a Kirundi word meaning opportunity). UBURYO is the free open source software, that we have developed, to manage this loan system in a simple, trustworthy, fair and efficient way.
Resumo:
Antecedentes: Esta investigación se enmarca principalmente en la replicación y secundariamente en la síntesis de experimentos en Ingeniería de Software (IS). Para poder replicar, es necesario disponer de todos los detalles del experimento original. Sin embargo, la descripción de los experimentos es habitualmente incompleta debido a la existencia de conocimiento tácito y a la existencia de otros problemas tales como: La carencia de un formato estándar de reporte, la inexistencia de herramientas que den soporte a la generación de reportes experimentales, etc. Esto provoca que no se pueda reproducir fielmente el experimento original. Esta problemática limita considerablemente la capacidad de los experimentadores para llevar a cabo replicaciones y por ende síntesis de experimentos. Objetivo: La investigación tiene como objetivo formalizar el proceso experimental en IS, de modo que facilite la comunicación de información entre experimentadores. Contexto: El presente trabajo de tesis doctoral ha sido desarrollado en el seno del Grupo de Investigación en Ingeniería del Software Empírica (GrISE) perteneciente a la Escuela Técnica Superior de Ingenieros Informáticos (ETSIINF) de la Universidad Politécnica de Madrid (UPM), como parte del proyecto TIN2011-23216 denominado “Tecnologías para la Replicación y Síntesis de Experimentos en Ingeniería de Software”, el cual es financiado por el Gobierno de España. El grupo GrISE cumple a la perfección con los requisitos necesarios (familia de experimentos establecida, con al menos tres líneas experimentales y una amplia experiencia en replicaciones (16 replicaciones hasta 2011 en la línea de técnicas de pruebas de software)) y ofrece las condiciones para que la investigación se lleve a cabo de la mejor manera, como por ejemplo, el acceso total a su información. Método de Investigación: Para cumplir este objetivo se opta por Action Research (AR) como el método de investigación más adecuado a las características de la investigación, para obtener resultados a través de aproximaciones sucesivas que abordan los problemas concretos de comunicación entre experimentadores. Resultados: Se formalizó el modelo conceptual del ciclo experimental desde la perspectiva de los 3 roles principales que representan los experimentadores en el proceso experimental, siendo estos: Gestor de la Investigación (GI), Gestor del Experimento (GE) y Experimentador Senior (ES). Por otra parte, se formalizó el modelo del ciclo experimental, a través de: Un workflow del ciclo y un diagrama de procesos. Paralelamente a la formalización del proceso experimental en IS, se desarrolló ISRE (de las siglas en inglés Infrastructure for Sharing and Replicating Experiments), una prueba de concepto de entorno de soporte a la experimentación en IS. Finalmente, se plantearon guías para el desarrollo de entornos de soporte a la experimentación en IS, en base al estudio de las características principales y comunes de los modelos de las herramientas de soporte a la experimentación en distintas disciplinas experimentales. Conclusiones: La principal contribución de la investigación esta representada por la formalización del proceso experimental en IS. Los modelos que representan la formalización del ciclo experimental, así como la herramienta ISRE, construida a modo de evaluación de los modelos, fueron encontrados satisfactorios por los experimentadores del GrISE. Para consolidar la validez de la formalización, consideramos que este estudio debería ser replicado en otros grupos de investigación representativos en la comunidad de la IS experimental. Futuras Líneas de Investigación: El cumplimiento de los objetivos, de la mano con los hallazgos alcanzados, han dado paso a nuevas líneas de investigación, las cuales son las siguientes: (1) Considerar la construcción de un mecanismo para facilitar el proceso de hacer explícito el conocimiento tácito de los experimentadores por si mismos de forma colaborativa y basados en el debate y el consenso , (2) Continuar la investigación empírica en el mismo grupo de investigación hasta cubrir completamente el ciclo experimental (por ejemplo: experimentos nuevos, síntesis de resultados, etc.), (3) Replicar el proceso de investigación en otros grupos de investigación en ISE, y (4) Renovar la tecnología de la prueba de concepto, tal que responda a las restricciones y necesidades de un entorno real de investigación. ABSTRACT Background: This research addresses first and foremost the replication and also the synthesis of software engineering (SE) experiments. Replication is impossible without access to all the details of the original experiment. But the description of experiments is usually incomplete because knowledge is tacit, there is no standard reporting format or there are hardly any tools to support the generation of experimental reports, etc. This means that the original experiment cannot be reproduced exactly. These issues place considerable constraints on experimenters’ options for carrying out replications and ultimately synthesizing experiments. Aim: The aim of the research is to formalize the SE experimental process in order to facilitate information communication among experimenters. Context: This PhD research was developed within the empirical software engineering research group (GrISE) at the Universidad Politécnica de Madrid (UPM)’s School of Computer Engineering (ETSIINF) as part of project TIN2011-23216 entitled “Technologies for Software Engineering Experiment Replication and Synthesis”, which was funded by the Spanish Government. The GrISE research group fulfils all the requirements (established family of experiments with at least three experimental lines and lengthy replication experience (16 replications prior to 2011 in the software testing techniques line)) and provides favourable conditions for the research to be conducted in the best possible way, like, for example, full access to information. Research Method: We opted for action research (AR) as the research method best suited to the characteristics of the investigation. Results were generated successive rounds of AR addressing specific communication problems among experimenters. Results: The conceptual model of the experimental cycle was formalized from the viewpoint of three key roles representing experimenters in the experimental process. They were: research manager, experiment manager and senior experimenter. The model of the experimental cycle was formalized by means of a workflow and a process diagram. In tandem with the formalization of the SE experimental process, infrastructure for sharing and replicating experiments (ISRE) was developed. ISRE is a proof of concept of a SE experimentation support environment. Finally, guidelines for developing SE experimentation support environments were designed based on the study of the key features that the models of experimentation support tools for different experimental disciplines had in common. Conclusions: The key contribution of this research is the formalization of the SE experimental process. GrISE experimenters were satisfied with both the models representing the formalization of the experimental cycle and the ISRE tool built in order to evaluate the models. In order to further validate the formalization, this study should be replicated at other research groups representative of the experimental SE community. Future Research Lines: The achievement of the aims and the resulting findings have led to new research lines, which are as follows: (1) assess the feasibility of building a mechanism to help experimenters collaboratively specify tacit knowledge based on debate and consensus, (2) continue empirical research at the same research group in order to cover the remainder of the experimental cycle (for example, new experiments, results synthesis, etc.), (3) replicate the research process at other ESE research groups, and (4) update the tools of the proof of concept in order to meet the constraints and needs of a real research environment.
Resumo:
El presente Trabajo de Fin de Grado (TFG) es el resultado de la necesidad de la seguridad en la construcción del software ya que es uno de los mayores problemas con que se enfrenta hoy la industria debido a la baja calidad de la misma tanto en software de Sistema Operativo, como empotrado y de aplicaciones. La creciente dependencia de software para que se hagan trabajos críticos significa que el valor del software ya no reside únicamente en su capacidad para mejorar o mantener la productividad y la eficiencia. En lugar de ello, su valor también se deriva de su capacidad para continuar operando de forma fiable incluso de cara de los eventos que la amenazan. La capacidad de confiar en que el software seguirá siendo fiable en cualquier circunstancia, con un nivel de confianza justificada, es el objetivo de la seguridad del software. Seguridad del software es importante porque muchas funciones críticas son completamente dependientes del software. Esto hace que el software sea un objetivo de valor muy alto para los atacantes, cuyos motivos pueden ser maliciosos, penales, contenciosos, competitivos, o de naturaleza terrorista. Existen fuentes muy importantes de mejores prácticas, métodos y herramientas para mejorar desde los requisitos en sus aspectos no funcionales, ciclo de vida del software seguro, pasando por la dirección de proyectos hasta su desarrollo, pruebas y despliegue que debe ser tenido en cuenta por los desarrolladores. Este trabajo se centra fundamentalmente en elaborar una guía de mejores prácticas con la información existente CERT, CMMI, Mitre, Cigital, HP, y otras fuentes. También se plantea desarrollar un caso práctico sobre una aplicación dinámica o estática con el fin de explotar sus vulnerabilidades.---ABSTRACT---This Final Project Grade (TFG) is the result of the need for security in software construction as it is one of the biggest problems facing the industry today due to the low quality of it both OS software, embedded software and applications software. The increasing reliance on software for critical jobs means that the value of the software no longer resides solely in its capacity to improve or maintain productivity and efficiency. Instead, its value also stems from its ability to continue to operate reliably even when facing events that threaten it. The ability to trust that the software will remain reliable in all circumstances, with justified confidence level is the goal of software security. The security in software is important because many critical functions are completely dependent of the software. This makes the software to be a very high value target for attackers, whose motives may be by a malicious, by crime, for litigating, by competitiveness or by a terrorist nature. There are very important sources of best practices, methods and tools to improve the requirements in their non-functional aspects, the software life cycle with security in mind, from project management to its phases (development, testing and deployment) which should be taken into account by the developers. This paper focuses primarily on developing a best practice guide with existing information from CERT, CMMI, Mitre, Cigital, HP, and other organizations. It also aims to develop a case study on a dynamic or static application in order to exploit their vulnerabilities.
