908 resultados para Security-critical software
Resumo:
When developing interactive applications, considering the correctness of graphical user interfaces (GUIs) code is essential. GUIs are critical components of today's software, and contemporary software tools do not provide enough support for ensuring GUIs' code quality. GUIsurfer, a GUI reverse engineering tool, enables evaluation of behavioral properties of user interfaces. It performs static analysis of GUI code, generating state machines that can help in the evaluation of interactive applications. This paper describes the design, software architecture, and the use of GUIsurfer through an example. The tool is easily re-targetable, and support is available to Java/Swing, and WxHaskell. The paper sets the ground for a generalization effort to consider rich internet applications. It explores the GWT web applications' user interface programming toolkit.
Resumo:
Graphical user interfaces (GUIs) are critical components of today's software. Developers are dedicating a larger portion of code to implementing them. Given their increased importance, correctness of GUIs code is becoming essential. This paper describes the latest results in the development of GUISurfer, a tool to reverse engineer the GUI layer of interactive computing systems. The ultimate goal of the tool is to enable analysis of interactive system from source code.
Resumo:
Over the last decade, software architecture emerged as a critical issue in Software Engineering. This encompassed a shift from traditional programming towards software development based on the deployment and assembly of independent components. The specification of both the overall systems structure and the interaction patterns between their components became a major concern for the working developer. Although a number of formalisms to express behaviour and to supply the indispensable calculational power to reason about designs, are available, the task of deriving architectural designs on top of popular component platforms has remained largely informal. This paper introduces a systematic approach to derive, from CCS behavioural specifications the corresponding architectural skeletons in the Microsoft .Net framework, in the form of executable C and Cω code. The prototyping process is fully supported by a specific tool developed in Haskell
Resumo:
What sort of component coordination strategies emerge in a software integration process? How can such strategies be discovered and further analysed? How close are they to the coordination component of the envisaged architectural model which was supposed to guide the integration process? This paper introduces a framework in which such questions can be discussed and illustrates its use by describing part of a real case-study. The approach is based on a methodology which enables semi-automatic discovery of coordination patterns from source code, combining generalized slicing techniques and graph manipulation
Resumo:
Cryptographic software development is a challenging eld: high performance must be achieved, while ensuring correctness and com- pliance with low-level security policies. CAO is a domain speci c language designed to assist development of cryptographic software. An important feature of this language is the design of a novel type system introducing native types such as prede ned sized vectors, matrices and bit strings, residue classes modulo an integer, nite elds and nite eld extensions, allowing for extensive static validation of source code. We present the formalisation, validation and implementation of this type system
Resumo:
Abstract: in Portugal, and in much of the legal systems of Europe, «legal persons» are likely to be criminally responsibilities also for cybercrimes. Like for example the following crimes: «false information»; «damage on other programs or computer data»; «computer-software sabotage»; «illegitimate access»; «unlawful interception» and «illegitimate reproduction of protected program». However, in Portugal, have many exceptions. Exceptions to the «question of criminal liability» of «legal persons». Some «legal persons» can not be blamed for cybercrime. The legislature did not leave! These «legal persons» are v.g. the following («public entities»): legal persons under public law, which include the public business entities; entities utilities, regardless of ownership; or other legal persons exercising public powers. In other words, and again as an example, a Portuguese public university or a private concessionaire of a public service in Portugal, can not commit (in Portugal) any one of cybercrime pointed. Fair? Unfair. All laws should provide that all legal persons can commit cybercrimes. PS: resumo do artigo em inglês.
Resumo:
Software architecture is currently recognized as one of the most critical design steps in Software Engineering. The specification of the overall system structure, on the one hand, and of the interactions patterns between its components, on the other, became a major concern for the working developer. Although a number of formalisms to express behaviour and supply the indispensable calculational power to reason about designs, are available, the task of deriving architectural designs on top of popular component platforms has remained largely informal. This paper introduces a systematic approach to derive, from behavioural specifications written in Cw, the corresponding architectural skeletons in the Microsoft .NET framework in the form of executable code
Resumo:
Over the last decade, software architecture emerged as a critical design step in Software Engineering. This encompassed a shift from traditional programming towards the deployment and assembly of independent components. The specification of the overall system structure, on the one hand, and of the interactions patterns between its components, on the other, became a major concern for the working developer. Although a number of formalisms to express behaviour and supply the indispensable calculational power to reason about designs, are available, the task of deriving architectural designs on top of popular component platforms has remained largely informal. This paper introduces a systematic approach to derive, from behavioural specifications written in Ccs, the corresponding architectural skeletons in the Microsoft .Net framework in the form of executable C] code. Such prototyping process is automated by means of a specific tool developed in Haskell
Resumo:
Graphical user interfaces (GUIs) are critical components of today's open source software. Given their increased relevance, the correctness and usability of GUIs are becoming essential. This paper describes the latest results in the development of our tool to reverse engineer the GUI layer of interactive computing open source systems. We use static analysis techniques to generate models of the user interface behavior from source code. Models help in graphical user interface inspection by allowing designers to concentrate on its more important aspects. One particular type of model that the tool is able to generate is state machines. The paper shows how graph theory can be useful when applied to these models. A number of metrics and algorithms are used in the analysis of aspects of the user interface's quality. The ultimate goal of the tool is to enable analysis of interactive system through GUIs source code inspection.
Resumo:
The purpose of this paper is to, in a holistic way, identify and explore the critical success factors (CSFs) that are considered in the context of the growing discussions, movements, proposed models, and case studies about the integration of management systems (MSs). This work is an investigation focused on the integration of MSs into an integrated management system (IMS) and the proposed approach takes into account the literature review as well as the experience gained by the authors on researches about Portuguese enterprises. This qualitative and empirical research, investigated the integration of MSs from existing scientific publications for the period 1999 to 2014, on-going case studies and one inquiry conducted by the authors. This research contributes to a better understanding of the CSFs regarding the integration of MSs and thus provides an insight on the preventive management. This research shows an evident lack of information regarding case studies on CSFs for integrated management systems (IMSs) and has identified a set of relevant CSFs, for MSs integration and associated guidelines that organizations should take as a priority, in order to be able to manage, on a preventive way, the implementation of IMSs, and consequently to become more competitive with added value for the stakeholders.
Resumo:
Despite the still present hegemony of the structural-functionalist orthodoxy, the mid 1980's witnesses the insurgence of new philosophical approaches. This body of work had become a vital intellectual and ideological resource for those who wanted to confront the functionalist dominance in organization studies, such as structuration theory, labour process theory and neoinstitutionalist theory. The purpose of this paper is to review the incorporation of Bourdieu's work into neoinstitutionalism. I argue that this appropriation has resulted in a significant loss of theoretical strength. By giving place to the cognitivist metaphors of mental models, "scripts" and "schemas", instead of adopting the notion of habitus, neoinstitutionalism reinforces some of the ever-present dichotomies in social sciences, especially those of agency/structure and individual/society. While neoinstitutionalism was refining the cognitive approach in the 1990's, Bourdieu was moving towards psychoanalysis. Some indications for future research are provided in the concluding notes.
Resumo:
São escassos estudos sobre a dinâmica da acumulação de capacidades inovadoras. Este artigo examina o tema em oito empresas de software em São Paulo e Rio de Janeiro, encontrando: diferenças inter e intraempresariais em termos da direção e taxa de acumulação de capacidade para funções tecnológicas específicas; acúmulo de capacidade tecnológica mais rápido em empresas mais jovens; e decréscimo das taxas de acumulação tecnológica à medida que as empresas se aproximam de níveis mais inovadores de capacidades, demonstrando a potencialidade para aceleração do processo. Tais evidências são relevantes para o entendimento da acumulação tecnológica e fornecem uma noção do tempo necessário para se obterem benefícios de esforços de aprendizagem e construção de capacidade inovadora.
Resumo:
Milhares de Projetos de Software Livre (PSL) foram e continuam sendo criados na Internet. Esse cenário aumenta as oportunidades de colaboração tanto quanto acirra a concorrência por usuários e contribuidores, que elevariam esses projetos a níveis superiores aos que seriam alcançados por seus fundadores sozinhos. E dado que o aprimoramento por meio de colaboração é o principal objetivo dos fundadores de PSL, a importância de entender e administrar a capacidade de atrair usuários e contribuidores fica estabelecida. Para auxiliar pesquisadores e fundadores nesse desafio, o conceito de atratividade é introduzido neste artigo, que desenvolve um ferramental teórico-gerencial sobre as causas, indicadores e consequências da atratividade, viabilizando sua administração estratégica.
Resumo:
Software and information services (SIS) have become a field of increasing opportunities for international trade due to the worldwide diffusion of a combination of technological and organizational innovations. In several regions, the software industry is organized in clusters, usually referred to as "knowledge cities" because of the growing importance of knowledge-intensive services in their economy. This paper has two primary objectives. First, it raises three major questions related to the attractiveness of different cities in Argentina and Brazil for hosting software companies and to their impact on local development. Second, a new taxonomy is proposed for grouping clusters according to their dominant business segment, ownership pattern and scope of operations. The purpose of this taxonomy is to encourage further studies and provide an exploratory analytical tool for analyzing software clusters.
Resumo:
This paper shows the results of the empirical study conducted in 186 tourist accommodation businesses in Spain certified under the "Q for Tourist Quality", own System Quality Management. It was raised with the purpose of analyzing the structure of the relationship between critical quality factors and results-social impact, how they operate and the level of their influence on obtaining these results within the company. Starting from a deep theoretical revision we propose a theoretical model together with the hypotheses to be tested, and we proceed to validation using the technique of Structural Equation Models. The results obtained show that companies wishing to improve their social impact should take into account that leadership is the most important factor to achieve it. Leadership indirectly affects the social impact through its influence on alliances and resources, quality policy/planning, personnel management and learning.
