325 result(s)
Page Size: 10, 20, 50
Export: bibtex, xml, json, csv
Order by:

CNR Author operator: and / or
more
Typology operator: and / or
Language operator: and / or
Date operator: and / or
more
Rights operator: and / or
2021 Journal article Open Access OPEN

A survey of field-based testing techniques
Bertolino A., Braione P., De Angelis G., Gazzola L., Kifetew F., Mariani L., Orrù M., Pezzè M., Pietrantuono R., Russo S., Tonella P.
Field testing refers to testing techniques that operate in the field to reveal those faults that escape in-house testing. Field testing techniques are becoming increasingly popular with the growing complexity of contemporary software systems. In this paper, we present the first systematic survey of field testing approaches over a body of 80 collected studies, and propose their categorization based on the environment and the system on which field testing is performed. We discuss four research questions addressing how software is tested in the field, what is tested in the field, which are the requirements, and how field tests are managed, and identify many challenging research directions.Source: ACM computing surveys (Online) 54 (2021). doi:10.1145/3447240
DOI: 10.1145/3447240

See at: ISTI Repository Open Access | ISTI Repository Open Access | dl.acm.org Restricted | CNR ExploRA Restricted


2021 Conference article Open Access OPEN

What we talk about when we talk about software test flakiness
Barboni M., Bertolino A., De Angelis G.
Software test flakiness is drawing increasing interest among both academic researchers and practitioners. In this work we report our findings from a scoping review of white and grey literature, highlighting variations across flaky tests key concepts. Our study clearly indicates the need of a unifying definition as well as of a more comprehensive analysis for establishing a conceptual map that can better guide future research.Source: QUATIC 2021 - 14th International Conference Quality of Information and Communications Technology, pp. 29–39, Algarve, Portugal and Online, 8-11/9/2021
DOI: 10.1007/978-3-030-85347-1_3

See at: ISTI Repository Open Access | link.springer.com Restricted | CNR ExploRA Restricted


2020 Report Open Access OPEN

Know your neighbor: fast static prediction of test flakiness
Bertolino A., Cruciani E., Miranda B., Verdecchia R.
Flaky tests plague regression testing in Continuous Integration environments by slowing down change releases, wasting development effort, and also eroding testers trust in the test process. We present FLAST, the rst static approach to akiness detection using test code similarity. Our extensive evaluation on 24 projects taken from repositories used in three previous studies showed that FLAST can identify aky tests with up to 0.98 Median and 0.92 Mean precision. For six of those projects it could already yield 0.98 average precision values with a training set containing less than 100 tests. Besides, where known aky tests are classied according to their causes, the same approach can also predict a aky test category with alike precision values. The cost of the approach is negligible: the average train time over a dataset of 1,700 test methods is less than one second, while the average prediction time for a new test is less than one millisecond.Source: ISTI Technical Reports 001/2020, 2020, 2020
DOI: 10.32079/isti-tr-2020/001

See at: ISTI Repository Open Access | CNR ExploRA Open Access


2020 Journal article Restricted

Digital persona portrayal: identifying pluridentity vulnerabilities in digital life
Olivero M. A., Bertolino A., Dominguez-mayo F. J., Escalona M. J., Matteucci I.
The increasing use of the Internet for social purposes enriches the data available online about all of us and promotes the concept of the Digital Persona. Actually, most of us are represented online by more than one identity, what we define here as a Pluridentity. This trend brings increased risks: it is well known that the security of a Digital Persona can be exploited if its data and security are not effectively managed. In this paper, we focus specifically on a new type of digital attack that can be perpetrated by combining pieces of data belonging to one same Pluridentity in order to profile their target. Some victims can be so accurately depicted when looking at their Pluridentity that by using the gathered information attackers can execute very personalized social engineering attacks, or even bypass otherwise safe security mechanisms. We characterize these Pluridentity attacks as a security issue of a virtual System of Systems, whose constituent systems are the individual identities and the humans themselves. We present a strategy to identify vulnerabilities caused by overexposure due to the combination of data from the constituent identities of a Pluridentity. To this end we introduce the Digital Persona Portrayal Metamodel, and the related Digital Pluridentity Persona Portrayal Analysis process that supports the architecting of data from different identities: such model and process can be used to identify the vulnerabilities of a Pluridentity due to its exploitation as a System of Systems. The approach has been validated on the Pluridentities of seventeen candidates selected from a data leak, by retrieving the data of their Digital Personae, and matching them against the security mechanisms of their Pluridentities. After analyzing the results for some of the analyzed subjects we could detect several vulnerabilities.Source: Journal of Information Security and Applications 52 (2020). doi:10.1016/j.jisa.2020.102492
DOI: 10.1016/j.jisa.2020.102492

See at: Journal of Information Security and Applications Restricted | Journal of Information Security and Applications Restricted | Journal of Information Security and Applications Restricted | Journal of Information Security and Applications Restricted | CNR ExploRA Restricted | Journal of Information Security and Applications Restricted


2020 Journal article Restricted

RETORCH: an approach for resource-aware orchestration of end-to-end test cases
Augusto C., Moran J., Bertolino A., De La Riva C., Tuya J.
Continuous integration practice mandates to continuously introduce incremental changes into code, but doing so may introduce new faults too. These faults could be detected automatically through regression testing, but this practice becomes prohibitive as the cost of executing the tests grows. This problem is preponderant in end-to-end testing where the whole system is requested for test execution. However, some of these test cases could be executed with fewer resources (e.g., memory, web services, computation, Cloud instances, among others), by deploying only the subsystems needed by each test. This paper is focused on the optimization of the resources employed in end-to-end testing by means of a resource-aware test orchestration technique in the context of continuous integration practices in the Cloud. The RETORCH approach proposes a novel way to identify the resources required by end-to-end test cases and to use this information to group together those tests requiring equivalent resources. Besides, the approach proposes to deploy the grouped tests in isolated and elastic environments, so that their execution can be scheduled in parallel on several machines. RETORCH is exemplified with a real-world application, and its performance evaluation shows promising savings in terms of resource usage and time.Source: Software quality journal (2020): 1–25. doi:10.1007/s11219-020-09505-2
DOI: 10.1007/s11219-020-09505-2
Project(s): ELASTEST via OpenAIRE

See at: Software Quality Journal Restricted | Software Quality Journal Restricted | Software Quality Journal Restricted | Software Quality Journal Restricted | Software Quality Journal Restricted | Software Quality Journal Restricted | CNR ExploRA Restricted


2020 Journal article Open Access OPEN

FlakyLoc: Flakiness localization for reliable test suites in web applications
Moran J., Augusto C., Bertolino A., De La Riva C., Tuya J.
Web application testing is a great challenge due to the management of complex asynchronous communications, the concurrency between the clients-servers, and the heterogeneity of resources employed. It is difficult to ensure that a test case is re-running in the same conditions because it can be executed in undesirable ways according to several environmental factors that are not easy to fine-grain control such as network bottlenecks, memory issues or screen resolution. These environmental factors can cause flakiness, which occurs when the same test case sometimes obtains one test outcome and other times another outcome in the same application due to the execution of environmental factors. The tester usually stops relying on flaky test cases because their outcome varies during the re-executions. To fix and reduce the flakiness it is very important to locate and understand which environmental factors cause the flakiness. This paper is focused on the localization of the root cause of flakiness in web applications based on the characterization of the different environmental factors that are not controlled during testing. The root cause of flakiness is located by means of spectrum-based localization techniques that analyse the test execution under different combinations of the environmental factors that can trigger the flakiness. This technique is evaluated with an educational web platform called FullTeaching. As a result, our technique was able to locate automatically the root cause of flakiness and provide enough information to both understand it and fix it.Source: Journal of web engineering 19 (2020): 267–296. doi:10.13052/jwe1540-9589.1927
DOI: 10.13052/jwe1540-9589.1927
Project(s): ELASTEST via OpenAIRE

See at: Repositorio Institucional de la Universidad de Oviedo Open Access | journals.riverpublishers.com Open Access | ISTI Repository Open Access | CNR ExploRA Open Access | Journal of Web Engineering Restricted | Journal of Web Engineering Restricted | Journal of Web Engineering Restricted | Journal of Web Engineering Restricted | Journal of Web Engineering Restricted


2020 Conference article Open Access OPEN

EDUFYSoS: A Factory of Educational System of Systems Case Studies
Bertolino A., De Angelis G., Lonetti F., De Oliveira Neves V., Olivero M. A.
We propose a factory of educational System of Systems (SoS) case studies that can be used for evaluating SoS research results, in particular in SoS testing. The factory includes a first set of constituent systems that can collaborate within different SoS architectures to accomplish different missions. In the paper, we introduce three possible SoSs and outline their missions. For more detailed descriptions, diagrams and the source code, we refer to the online repository of EDUFYSoS. The factory is meant to provide an extensible playground, which we aim to grow to include more systems and other missions with the support of the community.Source: IEEE 15th Int. Conf. of System of Systems Engineering (SoSE), Budapest, Ungheria, 2-5/06/2020
DOI: 10.1109/sose50414.2020.9130551

See at: ieeexplore.ieee.org Open Access | ISTI Repository Open Access | CNR ExploRA Open Access | academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | doi.org Restricted | ieeexplore.ieee.org Restricted | xplorestaging.ieee.org Restricted


2020 Journal article Open Access OPEN

Testing relative to usage scope: revisiting software coverage criteria
Miranda B., Bertolino A.
Coverage criteria provide a useful and widely used means to guide software testing; however, indiscriminately pursuing full coverage may not always be convenient or meaningful, as not all entities are of interest in any usage context. We aim at introducing a more meaningful notion of coverage that takes into account how the software is going to be used. Entities that are not going to be exercised by the user should not contribute to the coverage ratio. We revisit the definition of coverage measures, introducing a notion of relative coverage. According to this notion, we provide a definition and a theoretical framework of relative coverage, within which we discuss implications on testing theory and practice. Through the evaluation of three different instances of relative coverage, we could observe that relative coverage measures provide a more effective strategy than traditional ones: we could reach higher coverage measures, and test cases selected by relative coverage could achieve higher reliability. We hint at several other useful implications of relative coverage notion on different aspects of software testing.Source: ACM transactions on software engineering and methodology 29 (2020). doi:10.1145/3389126
DOI: 10.1145/3389126

See at: dl.acm.org Open Access | ISTI Repository Open Access | CNR ExploRA Open Access | ACM Transactions on Software Engineering and Methodology Restricted | ACM Transactions on Software Engineering and Methodology Restricted | ACM Transactions on Software Engineering and Methodology Restricted | ACM Transactions on Software Engineering and Methodology Restricted | ACM Transactions on Software Engineering and Methodology Restricted


2020 Journal article Restricted

DevOpRET: continuous reliability testing in DevOps
Bertolino A., De Angelis G., Guerriero A., Miranda B., Pietrantuono R., Russo S.
To enter the production stage, in DevOps practices candidate software releases have to pass quality gates, where they are assessed to meet established target values for key indicators of interest. We believe software reliability should be an important such indicator, as it greatly contributes to the end-user satisfaction. We proposeDevOpRET, an approach for reliability testing as part of the acceptance testing stage in DevOps.DevOpRETrelies on operational-profile-based testing, a common reliability assessment technique.DevOpRETleverages usage and failure data monitored in operations to continuously refine its estimate. We evaluate accuracy and efficiency ofDevOpRETthrough controlled experiments with a real-world open source platform and with a microservice architectures benchmark. The results show thatDevOpRETprovides accurate and efficient estimates of the true reliability over subsequent DevOps cycles.Source: Journal of software (Malden, Mass. Online) (2020). doi:10.1002/smr.2298
DOI: 10.1002/smr.2298

See at: Journal of Software Evolution and Process Restricted | Journal of Software Evolution and Process Restricted | Journal of Software Evolution and Process Restricted | Journal of Software Evolution and Process Restricted | Journal of Software Evolution and Process Restricted | CNR ExploRA Restricted


2020 Conference article Open Access OPEN

Run Java Applications and Test Them In-Vivo Meantime
Bertolino A., De Angelis G., Miranda B., Tonella P.
The outcome of test case execution depends on the state of the object under test. While testers can carefully choose meaningful and representative object states for test execution, it is unaffordable to cover the combinatorial space of possible object states exhaustively. An appealing option is to delegate part of the testing activities to the runtime and to execute test cases in the field whenever a new or uncommon state is observed. We have designed and developed Groucho, a framework for in-vivo testing of Java applications. Among the challenges that we faced, the most important ones are isolation of the test session from the user session and minimal performance overhead. Experimental results show that if the activation probability is kept reasonably small (e.g., 10 ^- 4), the impact of the framework is imperceptible(i.e., either statistically insignificant or with a negligible effect size).Source: IEEE 13th International Conference on Software Testing, Validation and Verification (ICST), pp. 454–459, Porto, 24-28/10/2020
DOI: 10.1109/icst46399.2020.00061
DOI: 10.5281/zenodo.5054693
DOI: 10.5281/zenodo.5054694
Project(s): ELASTEST via OpenAIRE, PRECRIME via OpenAIRE

See at: ieeexplore.ieee.org Open Access | CNR ExploRA Open Access | academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | xplorestaging.ieee.org Restricted


2020 Conference article Open Access OPEN

JTeC: A Large Collection of Java Test Classes for Test Code Analysis and Processing
Corò F., Verdecchia R., Cruciani E., Miranda B., Bertolino A.
The recent push towards test automation and test-driven development continues to scale up the dimensions of test code that needs to be maintained, analysed, and processed side-by-side with production code. As a consequence, on the one side regression testing techniques, e.g., for test suite prioritization or test case selection, capable to handle such large-scale test suites become indispensable; on the other side, as test code exposes own characteristics, specific techniques for its analysis and refactoring are actively sought. We present JTeC, a large-scale dataset of test cases that researchers can use for benchmarking the above techniques or any other type of tool expressly targeting test code. JTeC collects more than 2.5M test classes belonging to 31K+ GitHub projects and summing up to more than 430 Million SLOCs of ready-to-use real-world test code.Source: 2020 IEEE/ACM 17th International Conference on Mining Software Repositories (MSR), pp. 578–582, 29-30/06/2020
DOI: 10.1145/3379597.3387484

See at: dl.acm.org Open Access | ISTI Repository Open Access | CNR ExploRA Open Access | academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | dl.acm.org Restricted | hal.archives-ouvertes.fr Restricted | research.vu.nl Restricted | www.narcis.nl Restricted


2020 Conference article Restricted

What is the Vocabulary of Flaky Tests?
Pinto G., Miranda B., Dissanayake S., D'Amorim M., Treude C., Bertolino A.
Flaky tests are tests whose outcomes are non-deterministic. Despite the recent research activity on this topic, no effort has been made on understanding the vocabulary of flaky tests. This work proposes to automatically classify tests as flaky or not based on their vocabulary. Static classification of flaky tests is important, for example, to detect the introduction of flaky tests and to search for flaky tests after they are introduced in regression test suites. We evaluated performance of various machine learning algorithms to solve this problem. We constructed a data set of flaky and non-flaky tests by running every test case, in a set of 64k tests, 100 times (6.4 million test executions). We then used machine learning techniques on the resulting data set to predict which tests are flaky from their source code. Based on features, such as counting stemmed tokens extracted from source code identifiers, we achieved an F-measure of 0.95 for the identification of flaky tests. The best prediction performance was obtained when using Random Forest and Support Vector Machines. In terms of the code identifiers that are most strongly associated with test flakiness, we noted that job, action, and services are commonly associated with flaky tests. Overall, our results provides initial yet strong evidence that static detection of flaky tests is effective.Source: 2020 IEEE/ACM 17th International Conference on Mining Software Repositories (MSR), pp. 492–502, 29-30/06/2020
DOI: 10.1145/3379597.3387482

See at: academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | dl.acm.org Restricted | dl.acm.org Restricted | CNR ExploRA Restricted


2020 Conference article Embargo

Defensive Programming for Smart Home Cybersecurity
Rossi M. T., Greca R., Iovino L., Giacinto G., Bertolino A.
Cybersecurity has become a real issue in the development of smart services in the smart home domain, which is formed by a System of Systems where several smart objects are connected to each other and to the Internet. However, these connections expose the devices to possible attackers inside or outside the network, who may exploit software or hardware vulnerabilities to achieve malicious goals. To alleviate this issue, the use of defensive programming assertions can allow the behaviour of smart objects to be monitored and checked for correctness. Furthermore, open source intelligence tools, such as the Shodan search engine, provide features that could be leveraged to detect potential vulnerabilities. In this paper, we propose an approach for the monitoring of Systems of Systems in the smart home domain exploiting the defensive programming paradigm in combination with Shodan APIs.Source: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 600–605, 11/09/2020
DOI: 10.1109/eurospw51379.2020.00087

See at: academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | ieeexplore.ieee.org Restricted | CNR ExploRA Restricted | xplorestaging.ieee.org Restricted


2020 Journal article Embargo

Cloud testing automation: industrial needs and ElasTest response
Bertolino A., Calabrò A., Marchetti E., Cervantes Sala A., Tunon De Hita G., Gheorghe Pop I. D., Gowtham V.
While great emphasis is given in the current literature about the potential of leveraging the cloud for testing purposes, the authors have scarce factual evidence from real-world industrial contexts about the motivations, drawbacks and benefits related to the adoption of automated cloud testing technology. In this study, the authors present an empirical study undertaken within the ongoing European Project ElasTest, which has developed an open source platform for end-to-end testing of large distributed systems. This study aims at validating the ElasTest solution, and consists of the assessment of four demonstrators belonging to different application domains, namely e-commerce, 5G networking, WebRTC and Internet of Things. For each demonstrator, they collected differing requirements, and achieved varying results, both positive and negative, showing that cloud testing needs careful assessment before adoption.Source: IET software (Print) 14 (2020): 553–562. doi:10.1049/iet-sen.2019.0140
DOI: 10.1049/iet-sen.2019.0140
Project(s): ELASTEST via OpenAIRE

See at: IET Software Restricted | IET Software Restricted | IET Software Restricted | IET Software Restricted | IET Software Restricted | IET Software Restricted | IET Software Restricted | IET Software Restricted | Fraunhofer-ePrints Restricted | CNR ExploRA Restricted


2020 Conference article Restricted

Learning-to-rank vs ranking-to-learn: strategies for regression testing in continuous integration
Bertolino A., Guerriero A., Miranda B., Pietrantuono R., Russo S.
In Continuous Integration (CI), regression testing is constrained by the time between commits. This demands for careful selection and/or prioritization of test cases within test suites too large to be run entirely. To this aim, some Machine Learning (ML) techniques have been proposed, as an alternative to deterministic approaches. Two broad strategies for ML-based prioritization are learning-to-rank and what we call ranking-to-learn (i.e., reinforcement learning). Various ML algorithms can be applied in each strategy. In this paper we introduce ten of such algorithms for adoption in CI practices, and perform a comprehensive study comparing them against each other using subjects from the Apache Commons project. We analyze the influence of several features of the code under test and of the test process. The results allow to draw criteria to support testers in selecting and tuning the technique that best fits their context.Source: 2020 IEEE/ACM 42nd International Conference on Software Engineering (ICSE), pp. 1–12, 6-11/07/2020
DOI: 10.1145/3377811.3380369

See at: academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | dl.acm.org Restricted | dl.acm.org Restricted | ieeexplore.ieee.org Restricted | CNR ExploRA Restricted


2020 Journal article Open Access OPEN

Process-oriented knowledge management and learning in public administrations
Bertolino A., De Angelis G., Polini A., Re B., Sergiacomi A.
The capability to easily access and acquire knowledge is a key enabler for complex organisations that need to adapt to frequent changes of their operative contexts. These changes generally challenge workers that need to acquire new competences and skills. Such a situation is particularly evident in public administrations that nowadays are undergoing complex re-organisations in order to implement new regulations, and to deliver simplified services to both citizens and enterprises. This paper reports the insights gained in assessing the effectiveness of a novel knowledge management and learning approach, which was developed within a project financed by the European Commission. The approach, which is supported by a modular software platform, leverages enterprise related models to organise knowledge and make it available for learning purposes according to different paradigms. A validation, by means of a comparative study against more traditional learning paradigms currently in use within public administrations, is reported.Source: Electronic government (Online) 16 (2020): 441–465. doi:10.1504/EG.2020.110615
DOI: 10.1504/eg.2020.110615
DOI: 10.1504/eg.2020.10029669
Project(s): LEARN PAD via OpenAIRE

See at: ISTI Repository Open Access | Electronic Government an International Journal Restricted | CNR ExploRA Restricted | Electronic Government an International Journal Restricted | Electronic Government an International Journal Restricted | Electronic Government an International Journal Restricted


2020 Conference article Open Access OPEN

Quality-of-Experience driven configuration of WebRTC services through automated testing
Bertolino A., Calabró A., De Angelis G., Gortázar F., Lonetti F., Maes M., Tuñón G.
Quality of Experience (QoE) refers to the end users level of satisfaction with a real-time service, in particular in relation to its audio and video quality. Advances in WebRTC technology have favored the spread of multimedia services through use of any browser. Provision of adequate QoE in such services is of paramount importance. The assessment of QoE is costly and can be done only late in the service lifecycle. In this work we propose a simple approach for QoE-driven non-functional testing of WebRTC services that relies on the ElasTest open-source platform for end-to-end testing of large complex systems. We describe the ElasTest platform, the proposed approach and an experimental study. In this study, we compared qualitatively and quantitatively the effort required in the ElasTest supported scenario with respect to a "traditional" solution, showing great savings in terms of effort and time.Source: IEEE 20th International Conference on Software Quality, Reliability, and Security (QRS), pp. 152–159, Macau, China, 11-14/12/2020
DOI: 10.1109/qrs51102.2020.00031
Project(s): ELASTEST via OpenAIRE

See at: ISTI Repository Open Access | CNR ExploRA Open Access | qrs20.techconf.org Open Access | academic.microsoft.com Restricted | ieeexplore.ieee.org Restricted | xplorestaging.ieee.org Restricted


2020 Conference article Open Access OPEN

Standing on the Shoulders of Software Product Line Research for Testing Systems of Systems
Bertolino A., Lonetti F., De Oliveira Neves V.
The complex and dynamic nature of Systems of Systems (SoSs) poses many challenges on their validation and testing, but so far few effective test strategies exist to address them. On the other hand, extensive research has been conducted in the testing of Software Product Lines (SPLs), which present interesting convergence points with SoSs, as both disciplines aim at reducing development costs and time-to-market thanks to extensive reuse of existing artifacts. In this paper, we outline commonalities and differences between the SoS and SPL paradigms from the point of view of testing and investigate how existing methods and tools from SPL testing could be leveraged to address the challenges of SoS testing.Source: 2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 209–214, Coimbra, Portugal, 12/10/2020
DOI: 10.1109/issrew51248.2020.00074

See at: ISTI Repository Open Access | academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | doi.org Restricted | ieeexplore.ieee.org Restricted | ieeexplore.ieee.org Restricted | CNR ExploRA Restricted | xplorestaging.ieee.org Restricted


2019 Journal article Open Access OPEN

A systematic review on cloud testing
Bertolino A., De Angelis G., Gallego M., García B., Gortázar F., Lonetti F., Marchetti E.
A systematic literature review is presented that surveyed the topic of cloud testing over the period 2012-2017. Cloud testing can refer either to testing cloud-based systems (testing of the cloud) or to leveraging the cloud for testing purposes (testing in the cloud): both approaches (and their combination into testing of the cloud in the cloud) have drawn research interest. An extensive paper search was conducted by both automated query of popular digital libraries and snowballing, which resulted in the final selection of 147 primary studies. Along the survey, a framework has been incrementally derived that classifies cloud testing research among six main areas and their topics. The article includes a detailed analysis of the selected primary studies to identify trends and gaps, as well as an extensive report of the state-of-the-art as it emerges by answering the identified Research Questions. We find that cloud testing is an active research field, although not all topics have received enough attention and conclude by presenting the most relevant open research challenges for each area of the classification framework.Source: ACM computing surveys 52 (2019). doi:10.1145/3331447
DOI: 10.1145/3331447
Project(s): ELASTEST via OpenAIRE

See at: ISTI Repository Open Access | ZENODO Open Access | ACM Computing Surveys Open Access | ACM Computing Surveys Restricted | ACM Computing Surveys Restricted | ACM Computing Surveys Restricted | ACM Computing Surveys Restricted | dl.acm.org Restricted | ACM Computing Surveys Restricted | ACM Computing Surveys Restricted | ACM Computing Surveys Restricted | CNR ExploRA Restricted


2019 Conference article Open Access OPEN

Addressing security properties in systems of systems: challenges and ideas
Olivero M. A., Bertolino A., Dominguez-mayo F. J., Escalona M. J., Matteucci I.
Within growing pervasive information systems, Systems of Systems (SoS) emerge as a new research frontier. A SoS is formed by a set of constituent systems that live on their own with well-established functionalities and requirements, and, in certain circumstances, they must collaborate to achieve a common mission. In this scenario, security is one crucial property that needs to be considered since the early stages of SoS lifecycle. Unfortunately, SoS security cannot be guaranteed by addressing the security of each constituent system separately. The aim of this paper is to discuss the challenges faced in addressing the security of SoS and to propose some research ideas centered around the notion of a mission to be carried out by the SoS.Source: SERENE 2019 - 11th International Workshop on Software Engineering for Resilient Systems, pp. 138–146, Napoli, Italy, 17 September, 2019
DOI: 10.1007/978-3-030-30856-8_10

See at: ISTI Repository Open Access | academic.microsoft.com Restricted | dblp.uni-trier.de Restricted | doi.org Restricted | link.springer.com Restricted | link.springer.com Restricted | link.springer.com Restricted | CNR ExploRA Restricted