Nowadays, there is a large diffusion of open and dynamic cooperative architectures that are based on services (SOA). In general, a customer is not only interested in service functionalities, but also in its quality (i.e. performance, cost, reliability, security and so on). In this scenario, models, techniques and tools supporting the effective selection of the service that provides the better quality are needed. In this paper, we propose an evaluation framework that includes a flexible quality meta-model for formalizing Customer and Provider views of quality, and a decisional model defining a systematic approach for comparing offered and requested quality of services. We will also illustrate the applicability of the framework in a Web Service scenario.
A policy-based evaluation framework for Quality and Security in Service Orien...Porfirio Tramontana
In dynamic cooperative architectures that are based on services (SOA), Customers are not only interested in service functionalities, but also in their quality, such as performance, cost, reliability, security and so on. In this scenario, models, techniques and tools supporting the selection of the best service are needed.
In this paper, we propose an evaluation framework that includes a flexible quality meta-model for formalising Customer and Provider views of quality, and a decisional model defining a systematic approach for comparing offered and requested quality of services. We also illustrate the applicability of the framework in a Web Service(WS) scenario.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
A policy-based evaluation framework for Quality and Security in Service Orien...Porfirio Tramontana
In dynamic cooperative architectures that are based on services (SOA), Customers are not only interested in service functionalities, but also in their quality, such as performance, cost, reliability, security and so on. In this scenario, models, techniques and tools supporting the selection of the best service are needed.
In this paper, we propose an evaluation framework that includes a flexible quality meta-model for formalising Customer and Provider views of quality, and a decisional model defining a systematic approach for comparing offered and requested quality of services. We also illustrate the applicability of the framework in a Web Service(WS) scenario.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
It is on Conjoint Analysis presented by Radhika Gupta, Shivi Agarwal, Neha Arya, Neha Kasturia, Mudita Maheshwari, Dhruval Dholakia, Chinmay Jaggan Anmol Sahani and Madhusudan Partani of FMG-18A, FORE School of Management
Outcomes in Occupational Therapy (& Assistive Technology)will wade
An overview of the aspects of Outcomes in Occupational Therapy with the latter part of the presentation focusing on the challenges of Assistive Technology and AAC. Please see http://citeulike.org/user/willwade/tag/outcomes for further reading.
Mats Grindal - Risk-Based Testing - Details of Our Success TEST Huddle
EuroSTAR Software Testing Conference 2009 presentation on Risk-Based Testing - Details of Our Success by Mats Grindal. See more at conferences.eurostarsoftwaretesting.com/past-presentations/
An Approach for Model Based Testing of Augmented Reality Applications.pdfPorfirio Tramontana
The popularity of Augmented Reality (AR) applications has strongly been increased with the worldwide
success of the Pokemon Go videogame released by Niantic in 2016. However, AR offers tangible benefits
in many further areas beyond entertainment, such as advertisement, education, navigation, maintenance,
health, and so on. With the growing spread and success of AR applications in these fields, there has also
been a growing necessity for approaches and technologies for assuring the quality of these applications,
such as testing. A few technologies and frameworks have been recently proposed supporting the
implementation and execution of test scripts that can be used to exercise the applications, but there still
is a lack of effective techniques and tools for the automatic generation of executable test cases. In this
paper, we investigate the possibility of using Model Based Testing techniques to generate executable
test scripts from Finite State Machines modeling the behaviour of the GUI of AR applications, similarly
to other GUI based applications. We have applied several model coverage criteria to design test suites
and we have shown the feasibility of this approach by testing two small example applications involving
Unity3D and Vuforia technologies
Towards the Generation of Robust E2E Test Cases in Template-based Web Applica...Porfirio Tramontana
Capture and Replay techniques provide a well known
solution for End-To-End (E2E) testing of Web applications.
They allow a tester to generate test scripts without
requiring advanced programming skills. For this reason, they
are very popular in acceptance and regression testing activities.
These techniques are affected by the issue of fragility of the
produced test cases, which may break even if small changes
are operated in the user interface, without modifications of the
app functionality. To overcome this issue, several approaches for
either generating robust test cases or automatically repairing
broken test cases have been proposed. In this paper we propose an
alternative solution that aims at improving the testability of Web
applications for generating robust test cases. This solution applies
to Web applications developed with template-based technologies.
It is based on the template source code automatic injection of
additional hook attributes and on the proposal of a new type
of locators based on such hooks. These locators aid the unique
retrieval of the user interface items involved in test cases. We
validated our technique in the context of a continuous integration
and delivery processes of template-based web applications that
was developed from scratch. The study showed that the use of
hook-based locators can improve the robustness of test cases
generated by a Capture & Replay testing tool, introducing
relevant savings in the regression test case repairing activity.
More Related Content
Similar to An AHP-based Framework for Quality and Security Evaluation
It is on Conjoint Analysis presented by Radhika Gupta, Shivi Agarwal, Neha Arya, Neha Kasturia, Mudita Maheshwari, Dhruval Dholakia, Chinmay Jaggan Anmol Sahani and Madhusudan Partani of FMG-18A, FORE School of Management
Outcomes in Occupational Therapy (& Assistive Technology)will wade
An overview of the aspects of Outcomes in Occupational Therapy with the latter part of the presentation focusing on the challenges of Assistive Technology and AAC. Please see http://citeulike.org/user/willwade/tag/outcomes for further reading.
Mats Grindal - Risk-Based Testing - Details of Our Success TEST Huddle
EuroSTAR Software Testing Conference 2009 presentation on Risk-Based Testing - Details of Our Success by Mats Grindal. See more at conferences.eurostarsoftwaretesting.com/past-presentations/
An Approach for Model Based Testing of Augmented Reality Applications.pdfPorfirio Tramontana
The popularity of Augmented Reality (AR) applications has strongly been increased with the worldwide
success of the Pokemon Go videogame released by Niantic in 2016. However, AR offers tangible benefits
in many further areas beyond entertainment, such as advertisement, education, navigation, maintenance,
health, and so on. With the growing spread and success of AR applications in these fields, there has also
been a growing necessity for approaches and technologies for assuring the quality of these applications,
such as testing. A few technologies and frameworks have been recently proposed supporting the
implementation and execution of test scripts that can be used to exercise the applications, but there still
is a lack of effective techniques and tools for the automatic generation of executable test cases. In this
paper, we investigate the possibility of using Model Based Testing techniques to generate executable
test scripts from Finite State Machines modeling the behaviour of the GUI of AR applications, similarly
to other GUI based applications. We have applied several model coverage criteria to design test suites
and we have shown the feasibility of this approach by testing two small example applications involving
Unity3D and Vuforia technologies
Towards the Generation of Robust E2E Test Cases in Template-based Web Applica...Porfirio Tramontana
Capture and Replay techniques provide a well known
solution for End-To-End (E2E) testing of Web applications.
They allow a tester to generate test scripts without
requiring advanced programming skills. For this reason, they
are very popular in acceptance and regression testing activities.
These techniques are affected by the issue of fragility of the
produced test cases, which may break even if small changes
are operated in the user interface, without modifications of the
app functionality. To overcome this issue, several approaches for
either generating robust test cases or automatically repairing
broken test cases have been proposed. In this paper we propose an
alternative solution that aims at improving the testability of Web
applications for generating robust test cases. This solution applies
to Web applications developed with template-based technologies.
It is based on the template source code automatic injection of
additional hook attributes and on the proposal of a new type
of locators based on such hooks. These locators aid the unique
retrieval of the user interface items involved in test cases. We
validated our technique in the context of a continuous integration
and delivery processes of template-based web applications that
was developed from scratch. The study showed that the use of
hook-based locators can improve the robustness of test cases
generated by a Capture & Replay testing tool, introducing
relevant savings in the regression test case repairing activity.
Development and diffusion of Mobile applications go forward at a tremendous rhythm, due to the always increasing impact of smartphones and other mobile devices on people’s habitudes but many applications are uninstalled and discarded by users when they experience the presence of bugs. Functional testing represents a crucial activity in the context of mobile applications, and there is a large request in both industry and scientific community for mobile testing methodologies, techniques and tools. In particular, since these activities are usually repetitive, expensive and time consuming, there is a remarkable request for automated techniques and tools supporting them.
This talk will provide a view of the state-of-the-art on techniques and tools supporting the automation of functional testing of mobile applications, including model based, model learning, search based, user session based and random testing techniques.
A technique for parallel gui testing of android applicationsPorfirio Tramontana
There is a large need for effective and efficient testing processes and tools for mobile applications, due to their continuous evolution and to the sensitivity of their users to failures. Industries and researchers focus their effort to the realization of effective fully automatic testing techniques for mobile applications. Many of the proposed testing techniques
lack in efficiency because their algorithms cannot be executed in parallel. In particular, Active Learning testing techniques usually relay on sequential algorithms.
In this paper we propose a Active Learning technique for the fully automatic exploration and testing of Android applications, that parallelizes and improves a general algorithm proposed in the literature. The novel parallel algorithm has been implemented in the context of a prototype tool exploiting a component-based architecture, and has been experimentally evaluated on 3 open source Android applications by varying different deployment configurations.
The measured results have shown the feasibility of the proposed technique and an average saving in testing time between 33% (deploying two testing resources) and about 80% (deploying 12 testing resources).
Reverse Engineering of Data Models from Legacy Spreadsheets-Based Systems: An...Porfirio Tramontana
Nevertheless spreadsheets were originally designed for computing purposes and for commercial applications, they are often used in industry to implement Information Systems, thanks to the functionalities offered by integrated scripting languages and ad-hoc frameworks (e.g., Visual Basic for Applications). This technological solution allows the adoption of Rapid Application Development processes for the quickly development of Spreadsheets-based Information Systems, but the resulting systems are quite difficult to be maintained and very difficult to be migrated to other architectures such as Database-oriented Informative Systems or Web applications. In this paper we present an approach for reverse engineering the data model from an Excel spreadsheet-based system in the context of a process of migration to a Web based application based on a MVC architecture. The proposed approach was successfully applied in a real context of a company operating in the automotive industry. The main contribution of this paper is represented by the Data Model Reverse Engineering activity that is the basis of the Migration process.
Reverse Engineering Techniques: from Web Applications to Rich Internet Applic...Porfirio Tramontana
Web systems evolved in the last years starting from static websites to Web applications, up to Ajax-based Rich Internet Applications (RIAs). Reverse Engineering techniques followed the same evolution, too. The authors and many other WSE contributors proposed a lot of innovative and effective ideas providing important advances in the reverse engineering field. In this paper, we will show the historical evolution of reverse engineering approaches for Web Systems with particular attention to the ones presented in the WSE events.
Over the last fifteen years, Web applications have evolved from the early simple and hyper-text based ones into the more complex, interactive, usable and adaptive applications of the new generations. New paradigms, architectures, and technologies for developing Web-based systems continuously emerge and transform this specific context. At the same time, new techniques and tools for effectively testing them have been proposed. This paper reports some relevant contributions about the Web application testing topic that appeared in the past editions of the Web Systems Evolution international symposium (WSE) and discusses some future trends for this specific field.
Towards a Better Comprehensibility of Web Applications: Lessons Learned from ...Porfirio Tramontana
The rapid diffusion of Internet has triggered a growing request for new Web sites and Web Applications (WA).
Due to the pressing market demand, new WAs are usually developed in a very short time, while existing WAs are modified frequently and quickly. In these conditions, the well-known software engineering principles are not usually applied, as well as well-defined software processes and methodologies are rarely adopted. As a consequence, WAs usually present disordered architectures, poor or non-existing documentation, and can be analyzed, comprehended and modified with a considerable effort.
Reverse engineering methods and tools are being proposed in order to reduce the effort required to comprehend existing WAs and to support their maintenance and evolution. In this paper, the experimentation of a reverse engineering approach is described. Experimentation was carried out with the aim of assessing which characteristics of a WA mostly affect comprehensibility. The results of the experiments highlighted a set of techniques and best practices that should be applied for producing best analyzable and maintainable WAs.
Comprehending Web Applications by a Clustering Based Approach Porfirio Tramontana
The number and the complexity of web applications are increasing dramatically to satisfy the market requests, and the need of effective approaches for comprehending them is growing accordingly. Recently, some reverse engineering methods and tools have been proposed to support the comprehension of a web application; the information recovered by these tools is usually rendered in graphical representations. However, the graphical representations become progressively less useful with large-scale applications, and do not support adequately the comprehension of the application.
In this paper, to overcome this limitation, we propose an approach based on a clustering method for decomposing a web application (WA) into groups of highly functionally related components. The approach is based on the definition of a coupling measure between interconnected components of the WA that takes into account both the typology and the topology of the connections. The coupling measure is exploited by a clustering algorithm that produces a hierarchy of clustering. This hierarchy allows a structured approach to the comprehension of the web application to be carried out. The approach has been experimented with on medium sized web applications and produced interesting and encouraging results.
The heterogeneous and dynamic nature of components making up a Web Application, the lack of effective programming mechanisms for implementing basic software engineering principles in it, and undisciplined development processes induced by the high pressure of a very short time-to-market, make Web Application maintenance a challenging problem. A relevant issue consists of reusing the methodological and technological experience in the sector of traditional software maintenance, and exploring the opportunity of using Reverse Engineering to support effective Web Application maintenance.
The Ph.D. Thesis presents an approach for Reverse Engineering Web Applications. The approach include the definition of Reverse Engineering methods and supporting software tools, that help to understand existing undocumented Web Applications to be maintained or evolved, through the reconstruction of UML diagrams. Some validation experiments have been carried out and they showed the usefulness of the proposed approach and highlighted possible areas for improvement of its effectiveness.
Recovering Interaction Design Patterns in Web Applications Porfirio Tramontana
In the last years, appropriate user interaction design patterns for Web Applications have been defined to improve the development and quality of such applications. Identifying which interaction design patterns are implemented in the Web client pages of an existing application may make easier some maintenance tasks, such as the re-engineering of the user interfaces.
In this paper a method to support the automatic identification of interaction design patterns implemented in a Web client page is proposed. The method is based on reverse engineering techniques aiming to search the page code for those features characterizing a pattern.
Warranting the access to Web contents to any citizen, even to people with physical disabilities, is a major concern of many government organizations. Although guidelines for Web developers have been proposed by international organisations (such as the W3C) to make Web site contents accessible, the wider part of today’s Web sites are not completely usable by peoples with sight disabilities.
In this paper, two different approaches for dynamically transforming Web Pages into Aural Web Pages, i.e. pages that are optimised for blind peoples, will be presented. The approaches exploit heuristic techniques for summarising Web pages contents and providing them to blind users in order to improve the usability of Web sites. The techniques have been validated in an experiment where usability metrics have been used to assess the effectiveness of the Web page transformation techniques.
Techniques and Tools for Rich Internet Applications TestingPorfirio Tramontana
The User Interfaces of Rich Internet Applications (RIAs) present a richer functionality and enhanced usability than the ones of traditional Web applications which are obtained by means of a successful combination of heterogeneous technologies, frameworks, and communication models. Due to its increased complexity, dynamicity, and responsiveness, testing the user interfaces of an RIA is more complex than testing the user interfaces of a traditional Web application and requires that effective and efficient testing techniques are proposed and validated. In this paper we analyse the most critical open issues in RIA testing automation and propose a classification framework that characterizes existing RIA testing techniques from four different perspectives. Driven by this classification, we present a set of testing techniques that can be used for automatically and semi-automatically generating test cases, for executing them and evaluating their results. Some examples of applying the proposed techniques for testing real Ajax applications will also be shown in the paper.
Thanks to Rich Internet Applications (RIAs) with their enhanced interactivity, responsiveness and dynamicity, the user experience in the Web 2.0 is becoming more and more appealing and user-friendly. The dynamic nature of RIAs and the heterogeneous technologies, frameworks, communication models used for implementing them negatively affect their analyzability and understandability. Consequently, specific software techniques and tools are needed for supporting RIA comprehension. This paper presents DynaRIA, a tool for the comprehension of RIAs implemented in Ajax that is based on dynamic analysis. It provides functionalities for recording and analyzing user sessions from several perspectives, and for producing various types of abstractions and visualizations about the run-time behavior of the application. In order to evaluate this tool, four case studies involving different comprehension tasks of Ajax applications have been executed. The experimental results showed the usefulness and effectiveness of the tool that provided a valid support for Ajax comprehension in reverse engineering, debugging, testing and quality assessment contexts.
A GUI Crawling-based Technique for Android Mobile Application TestingPorfirio Tramontana
As mobile applications become more complex, specific development tools and frameworks as well as cost-effective testing techniques and tools will be essential to assure the development of secure, high-quality mobile applications.
This paper addresses the problem of automatic testing of mobile applications developed for the Google Android platform, and presents a technique for rapid crash testing and regression testing of Android applications. The technique is based on a crawler that automatically builds a model of the application GUI and obtains test cases that can be automatically executed. The technique is supported by a tool for both crawling the application and generating the test cases. In the paper we present an example of using the technique and the tool for testing a real small size Android application that preliminary shows the effectiveness and usability of the proposed testing approach.
Using Dynamic Analysis for Generating End User Documentation for Web 2.0 Appl...Porfirio Tramontana
The relevance of end user documentation for improving usability, learnability and operability of software applications is well known. However, software processes often devote little effort to the production of end user documentation due to budget and time constraints, or leave it not up-to-date as new versions of the application are produced. In particular, in the field of Web applications, due to their quick release time and the rapid evolution, end user documentation is often lacking, or it is incomplete and of poor quality. In this paper a semi-automatic approach for user documentation generation of Web 2.0 applications is presented. The approach exploits dynamic analysis techniques for capturing the user visible behaviour of a web application and, hence, producing end user documentation compliant with known standards and guidelines for software user documentation. A suite of tools support the approach by providing facilities for collecting user session traces associated with use case scenarios offered by the Web application, for abstracting a Navigation Graph of the application, and for generating tutorials and procedure descriptions. The obtained documentation is provided in textual and hypertextual formats. In order to show the feasibility and usefulness of the approach, an example of generating the user documentation for an existing Web application is presented in the paper.
Considering Context Events in Event-Based Testing of Mobile Applications Porfirio Tramontana
A relevant complexity factor in developing and testing mobile apps is given by their sensibility to changes in the context in which they run. As an example, apps running on a smartphone can be influenced by location changes, phone calls, device movements and many other typologies of context events.
In this paper, we address the problem of testing a mobile app as an event-driven system by taking into account both context events and GUI events. We present approaches based on the definition of reusable event patterns for the manual and automatic generation of test cases for mobile app testing.
One of the proposed testing techniques, based on a systematic and automatic exploration of the behaviour of an Android app, has been implemented and some preliminary case studies on real apps have been carried out in order to explore their effectiveness.
As mobile applications become more complex and business-critical, use of well-defined software engineering techniques becomes essential to assure the necessary software quality. In particular, testing and its automation play a strategic part for assuring the quality of applications that are often developed by small teams, working on strict timelines and under the pressure of short time-to-market. This paper presents an automated GUI based testing technique for Android apps. The technique is based on a ripper that automatically explores the GUI with the aim of exercising the application and revealing run-time crashes. At the same time, the ripper builds a GUI model and an executable test suite based on the JUnit test framework. The technique has been evaluated by an experiment where the ripper has been used to test a real Android application. The experiment has shown the fault-detection capability of the technique and its cost-effectiveness in smoke testing processes.
This paper presents a toolset for GUI testing of Android applications. The toolset is centered on a GUI ripper that systematically explores the GUI structure of an application under test with the aim of firing sequences of user events and exposing failures of the application. The toolset supports the execution of a testing procedure that automatically performs crash testing of subject applications and provides test results made of several artifacts. The paper illustrates some examples of using the toolset for testing real Android applications.
Thanks to Rich Internet Applications (RIAs) with their enhanced interactivity, responsiveness and dynamicity, the user experience in the Web 2.0 is becoming more and more appealing and user-friendly. The dynamic nature of RIAs and the heterogeneous technologies, frameworks, communication models used for implementing them negatively affect their analyzability and understandability. Consequently, specific software techniques and tools are needed for supporting RIA comprehension. This paper presents DynaRIA, a tool for the comprehension of RIAs implemented in Ajax that is based on dynamic analysis. It provides functionalities for recording and analyzing user sessions from several perspectives, and for producing various types of abstractions and visualizations about the run-time behavior of the application. In order to evaluate this tool, four case studies involving different comprehension tasks of Ajax applications have been executed. The experimental results showed the usefulness and effectiveness of the tool that provided a valid support for Ajax comprehension in reverse engineering, debugging, testing and quality assessment contexts.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
An AHP-based Framework for Quality and Security Evaluation
1. An AHP-based Framework
for Quality and Security
Evaluation
V. Casola, A.R. Fasolino, N. Mazzocca, P. Tramontana
Dipartimento di Informatica e Sistemistica
Universita' degli Studi di Napoli, Federico II
Naples, Italy
{casolav, fasolino, n.mazzocca, ptramont}@unina.it
2. Rationale
Context and open issues
Our approach to quality and security
evaluation
Methodology
Policy Formalization
Evaluation technique
Applicability in Web Service Architectures
Conclusions and Future Works
3. Context: service cooperation, a
security point of view
Service Oriented Architectures are capable of
intelligent interaction and are able to discover and
compose themselves into more complex services;
The open issue is: how to guarantee the “quality and
security” of a service built at run-time in a potential
un-trusted domain?
4. How a Customer can choose the Web Service that better
fits his “quality” requirements?
Service
Provider1
Quality
Service Offer 1
Customer ? …
Quality Service
Request Provider n
Quality
Offer n
4
5. Our approach to quality/security
evaluation
Actually, these problems are faced by explicit
agreements among services:
Each service defines its own Service Level Agreement
and Security Policy and publishes them in a public
document;
People from the various organization that want to
cooperate, manually evaluate the different SLAs and
decide to agree or not.
SLA and Policies are expressed by means of a free
text document; they usually contain provisions on
the “quality” of services and on “security”
mechanisms adopted, they are used to decide to
extend trust to other services;
These documents are mostly manually evaluated.
6. Security evaluation Methodology
We are working on different methodologies to:
Express quality/security through a semi-formal
and not ambiguous model; the chosen
formalization must be “easy to adopt” for
technical and organizational people;
Evaluate the quality/security level that a
security infrastructure is able to guarantee by
aggregating the security associated to all policy
provisions (multidecision approach).
Compare different services according to the
measured quality/security level.
7. The proposed approach
• Models are needed to formally express the Quality
and security of Web Services (quality of protection,
QoS, security and so on) requested by Customers
and offered by Providers;
1. We defined a quality meta-model and formally
express Quality as an instance of the meta-model;
2. We investigated the adoption of a decision
framework based on AHP (Analytic Hierarchy
Process) proposed by Saaty for Quality evaluation;
8. The Quality Meta-Model
• Quality Characteristic: any quality requirements,
Quality Model such as Performance, Security, Cost, Maintainability
1..n •Characteristics may be arranged in a hierarchy
Characteristic +SubCharacteristic
0..n (Measurable Characteristics are the leaves)
0..1
• Measurable Characteristic: a Quality Characteristic
Measurable Characteristic that can directly be measured
1..n
Component Quality Characteristic: Efficiency
oQuality Characteristic: Time Behavior
1..n
Quality Characteristic: Response Time
1 •Measurable Quality Characteristic: Average
Measurement Unit Response Time
Measurable Quality Characteristic: Standard
deviation
Measurable Quality Characteristic: Maximum8
response time
9. The Analytical Hierarchy Process
1. The decision model design activity:
1. Weight Assignment step: the relative
importance of the characteristics is rated; A security expert
2. Clustering step: for each measurable designs the
characteristic, the sets of values that will decision model
be considered equivalent for the aims of
the evaluation are defined;
3. Rating Step: each set is associated to a
rating value; The decision
maker evaluates
the quality by
2. The decision making activity: to compare the applying the
quality of an offered service (formalised in a decision model
Quality Offer Model) against requestor needs 9
(formalised in a Quality Request Model)
10. Building the decisional model:
Step 1: Weight Assignment
For each Characteristic that is not directly measurable,
the decision process designer will estimate the relative Intensity of Importance of any
pair of its n Sub-Characteristics, by defining a matrix of nxn
Response Average Standard Maximum
Intensity of Importance and its interpretation
Time Response Deviation of Response
Intensity of Interpretation Time Response Time
Importance Time
1 Equal Importance Average 1 3 7
Response Time
3 Moderate 1. Build the Standard 1/3 1 5
Importance Comparison Deviation
5 Strong Importance matrix Response Time
Maximum 1/7 1/5 1
7 Very strong Response Time
Importance
9 Extreme Importance
m(i, j) = 1 m( j,i) ∀i, j
2. Normalize m(i,i) = 1 ∀i
The matrix 10
11. Building the decisional model:
Step 1: Weight Assignment (cont.)
2. Normalize n
The matrix m'(i, j) = m(i, j) ∑ m(h, j) ∀i,j
h=1
Average Standard Maximum Weights
Response Deviation Response
Time Response Time
Characteristic Weights Time
are assigned by comparing
Average Response 21/31 15/21 7/13 0.64
their relative importance: Time
Standard 7/31 5/21 5/13 0.28
Deviation
n
m' (i, k )
w(i ) = ∑
Response Time
∀i Maximum 3/31 1/21 1/13 0.07
k =1 n Response Time
11
12. Building the decisional model:
Step 2: Clustering
We need an Utility Function to ORDER the possible values on the basis of relative (and
not absolute) preferences (LOCAL SECURITY LEVELS).
In general, an Utility function R assigns ordered values (of utility) to members of a
set: given two values x and y of the set, if x is preferred to y then R(x)> R(y).
Example: Average Response Time characteristic
R = Offered_value / Requested_value
Possible Solutions are R < 0.5 (very fast response);
clustered in three levels: 0.5≤ R <1 (sufficiently fast response);
1≤ R <2 (quite slow response). 12
13. Building the decisional model:
Step 3: Rating
After clustering each possible value, we need to rate such clusters according their goodness
Intensity of Goodness and its Ratings are assigned to clusters by
interpretation comparing their relative Goodness
Intensity of Interpretation
Goodness R<0.5 0.5≤R<1 1≤R<2 Rating
1 Equivalent R < 0.5 1 3 5 0.63
3 Moderately 0.5≤R<1 1/3 1 3 0.26
better 1≤ R<2 1/5 1/3 1 0.11
5 Strongly better
7 Very strongly
better This is the relative
⎧0.63 if R < 0.5
9 Extremely better
Satisfaction S (R ) = ⎪0.26 if rate/evaluation
⎨ 0.5 ≤ R < 1
Function Ssc(R) ⎪ of a cluster
⎩0.11 if 1≤ R < 2
13
14. The Decision Making Activity
The Quality of different Web Services is compared by evaluating:
1. a Satisfaction Function for each Measurable Characteristic.
2. a Satisfaction Function for each non-Measurable Characteristic:
Sc (request,offer) = ∑w sc Ssc (request,offer)
sc ∈C (c )
A non measurable characteristic ( c ), All measurable sub-characteristic of ( c )
For example: Confidentiality denoted sc are weighted and summed
For example: (Encryption Alghoritm,
KeyLenght, KeyProtection, ) 14
15. The Decision Making Activity (cont.)
3. the Overall Satisfaction Function:
S(request,offer) = ∑ w S (request,offer)
c c
c ∈Characteristic
The Web Service with the greater
Satisfaction Function value is chosen
15
16. Application of the evaluation model: evaluating
measurable and not-measurable characteristics
SIntegrity(Customer,Provider1)=
0.12*0.8+0.12*0.88+0.38*0.75+0.38*0.75=0.77
SIntegrity(Customer,Provider2)=
0.12*0.8+0.12*0.88+0.38*0.19+0.38*0.06=0.30
SResponseTime(Customer,Provider1)=
0.64*0.26+0.07*0.75+0.28*0.07=0.24
SResponseTime(Customer,Provider2)=
0.64*0.11+0.07*0.25+0.28*0.25=0.16
17. Application of the evaluation model:
Overall evaluation
Finally we evaluate the overall satisfaction function (GLOBAL SECURITY LEVEL)
The first provider will be chosen on the basis of the provided security level
18. An idea on how to automatically enforce the
evaluation: A reference architecture
V.Casola et al.
An Architectural Model for Trusted Domains in Web
Services
Journal of Information Assurance and Security 2 (2006)
19. Conclusions and Future work
We are working on methodologies to automatically
evaluate quality and security provided by an internet
service on the basis of the published policies;
The AHP methodology allows to address measurable
and not-measurable quality and security aspects in a
unifying way and propose an evaluation model;
We are going to integrate such methodology in the
TRUMAN architecture and compare with existing
ones.