This document proposes SEASIDE, a systematic methodology for developing Internet-based self-services (ISS) from analysis through deployment. SEASIDE leverages enterprise architectures, model-driven development, MVC patterns, and platform as a service. It was applied to develop an ITIL incident management service as a case study. SEASIDE increases traceability, consistency, and reduces complexity of ISS development.
"Building rich applications can be a challenge in today’s environment. You have a wide range of UI technologies and patterns to choose from like ASP.NET, MVC, MVP, MVVM, SilverLight, Mobile, WFP, WCF. To complicate matters UI techniques are evolving and you often find yourself supporting many presentation layers. CSLA (Component-Based, Scalable, Logical Architecture) is a fantastic framework for building business objects which tie together the multitude of UI choices with the data provided by any number of access technologies.
The primary focus of CSLA .NET is to help in the creation of a rich object-oriented business layer that expresses the needs of the business domain model. CSLA objects provide rich databinding, validation and authorization making them a logical choice for today's business applications and services. This talk will provide an introduction to CSLA.
Internet of Things Environment for Service Creation and Testing (IoT.est)iotest
S Nechifor, Internet of Things Environment for Service Creation and Testing (IoT.est), at CompArch 2012 Main Program (Industry Day, Wednesday 27 June), Bertinoro, Italy, 25-28 June 2012
"Building rich applications can be a challenge in today’s environment. You have a wide range of UI technologies and patterns to choose from like ASP.NET, MVC, MVP, MVVM, SilverLight, Mobile, WFP, WCF. To complicate matters UI techniques are evolving and you often find yourself supporting many presentation layers. CSLA (Component-Based, Scalable, Logical Architecture) is a fantastic framework for building business objects which tie together the multitude of UI choices with the data provided by any number of access technologies.
The primary focus of CSLA .NET is to help in the creation of a rich object-oriented business layer that expresses the needs of the business domain model. CSLA objects provide rich databinding, validation and authorization making them a logical choice for today's business applications and services. This talk will provide an introduction to CSLA.
Internet of Things Environment for Service Creation and Testing (IoT.est)iotest
S Nechifor, Internet of Things Environment for Service Creation and Testing (IoT.est), at CompArch 2012 Main Program (Industry Day, Wednesday 27 June), Bertinoro, Italy, 25-28 June 2012
Ever wondered why you need a blueprint to make sense of it all. We breakdown the needs for a winning architecture technique with a template example based approach. Feel free to reach out to and if more details are required or you have an opportunity to explore
An Enterprise Ontology based approach to Model-Driven EngineeringJohan den Haan
The presentation of a Model-Driven Enterprise Engineering (MDEE) approach based on a sound theoretical foundation, providing end-to-end guidance to refine and transform an organization model into an IT system supporting that organization.
EKON20 Conference, November 2016
Monolithic rich Windows applications are not enough for our customers. We are often requested to provide a web front-end, or a REST server to be consumed by mobile or thin clients. Integrating n-Tier architecture to an existing project is challenging. Some good practices, based on industry standards and proven design patterns (like uncoupling or SOLID) can be mind-breaker for RAD developers. In this session, we will define some architectural aspects of SOA, ORM and MVC/MVVM, and what our Open Source mORMot framework offers to ease this transition.
When customers think about moving to the cloud, one of their first considerations is cost. AWS helps lower customer costs through its “pay only for what you use” pricing model. In this session, we explain our TCO analysis methodology and explore the financial considerations of owning and operating a traditional data center or managed hosting provider compared with using AWS services. Customers also share their processes for developing the right cost savings and optimization model.
Bhadale group of companies systems engineering services catalogueVijayananda Mohire
This is our offerings in areas of systems engineering based on INCOSE and SeBoK knowledge areas. Our System Engineers will analyse requirements , define system model, life cycle processes, activities, verify and test for full integration of the subsystems based on engineering principles and system features.
OUCC2015 Service Oriented Enterprise (SOE)Colin Bell
Extending Service Oriented Architectures (SOA) to the whole organization from first principles in the Cloud (*aaS), through ITIL, and eventually landing at architected business services.
On the Application of AI for Failure Management: Problems, Solutions and Algo...Jorge Cardoso
Artificial Intelligence for IT Operations (AIOps) is a class of software which targets the automation of operational tasks through machine learning technologies. ML algorithms are typically used to support tasks such as anomaly detection, root-causes analysis, failure prevention, failure prediction, and system remediation. AIOps is gaining an increasing interest from the industry due to the exponential growth of IT operations and the complexity of new technology. Modern applications are assembled from hundreds of dependent microservices distributed across many cloud platforms, leading to extremely complex software systems. Studies show that cloud environments are now too complex to be managed solely by humans. This talk discusses various AIOps problems we have addressed over the years and gives a sketch of the solutions and algorithms we have implemented. Interesting problems include hypervisor anomaly detection, root-cause analysis of software service failures using application logs, multi-modal anomaly detection, root-cause analysis using distributed traces, and verification of virtual private cloud networks.
Distributed Trace & Log Analysis using MLJorge Cardoso
The field of AIOps, also known as Artificial Intelligence for IT Operations, uses advanced technologies to dramatically improve the monitoring, operation, and troubleshooting of distributed systems. Its main premise is that operations can be automated using monitoring data to reduce the workload of operators (e.g., SREs or production engineers). Our current research explores how AIOps – and many related fields such as deep learning, machine learning, distributed traces, graph analysis, time-series analysis, sequence analysis, advanced statistics, NLP and log analysis – can be explored to effectively detect, localize, predict, and remediate failures in large-scale cloud infrastructures (>50 regions and AZs) by analyzing service management data (e.g., distributed traces, logs, events, alerts, metrics). In particular, this talk will describe how a particular monitoring data structure, called distributed traces, can be analyzed using deep learning to identify anomalies in its spans. This capability empowers operators to quickly identify which components of a distributed system are faulty.
More Related Content
Similar to IEEE SE2012 Internet-based self-services
Ever wondered why you need a blueprint to make sense of it all. We breakdown the needs for a winning architecture technique with a template example based approach. Feel free to reach out to and if more details are required or you have an opportunity to explore
An Enterprise Ontology based approach to Model-Driven EngineeringJohan den Haan
The presentation of a Model-Driven Enterprise Engineering (MDEE) approach based on a sound theoretical foundation, providing end-to-end guidance to refine and transform an organization model into an IT system supporting that organization.
EKON20 Conference, November 2016
Monolithic rich Windows applications are not enough for our customers. We are often requested to provide a web front-end, or a REST server to be consumed by mobile or thin clients. Integrating n-Tier architecture to an existing project is challenging. Some good practices, based on industry standards and proven design patterns (like uncoupling or SOLID) can be mind-breaker for RAD developers. In this session, we will define some architectural aspects of SOA, ORM and MVC/MVVM, and what our Open Source mORMot framework offers to ease this transition.
When customers think about moving to the cloud, one of their first considerations is cost. AWS helps lower customer costs through its “pay only for what you use” pricing model. In this session, we explain our TCO analysis methodology and explore the financial considerations of owning and operating a traditional data center or managed hosting provider compared with using AWS services. Customers also share their processes for developing the right cost savings and optimization model.
Bhadale group of companies systems engineering services catalogueVijayananda Mohire
This is our offerings in areas of systems engineering based on INCOSE and SeBoK knowledge areas. Our System Engineers will analyse requirements , define system model, life cycle processes, activities, verify and test for full integration of the subsystems based on engineering principles and system features.
OUCC2015 Service Oriented Enterprise (SOE)Colin Bell
Extending Service Oriented Architectures (SOA) to the whole organization from first principles in the Cloud (*aaS), through ITIL, and eventually landing at architected business services.
On the Application of AI for Failure Management: Problems, Solutions and Algo...Jorge Cardoso
Artificial Intelligence for IT Operations (AIOps) is a class of software which targets the automation of operational tasks through machine learning technologies. ML algorithms are typically used to support tasks such as anomaly detection, root-causes analysis, failure prevention, failure prediction, and system remediation. AIOps is gaining an increasing interest from the industry due to the exponential growth of IT operations and the complexity of new technology. Modern applications are assembled from hundreds of dependent microservices distributed across many cloud platforms, leading to extremely complex software systems. Studies show that cloud environments are now too complex to be managed solely by humans. This talk discusses various AIOps problems we have addressed over the years and gives a sketch of the solutions and algorithms we have implemented. Interesting problems include hypervisor anomaly detection, root-cause analysis of software service failures using application logs, multi-modal anomaly detection, root-cause analysis using distributed traces, and verification of virtual private cloud networks.
Distributed Trace & Log Analysis using MLJorge Cardoso
The field of AIOps, also known as Artificial Intelligence for IT Operations, uses advanced technologies to dramatically improve the monitoring, operation, and troubleshooting of distributed systems. Its main premise is that operations can be automated using monitoring data to reduce the workload of operators (e.g., SREs or production engineers). Our current research explores how AIOps – and many related fields such as deep learning, machine learning, distributed traces, graph analysis, time-series analysis, sequence analysis, advanced statistics, NLP and log analysis – can be explored to effectively detect, localize, predict, and remediate failures in large-scale cloud infrastructures (>50 regions and AZs) by analyzing service management data (e.g., distributed traces, logs, events, alerts, metrics). In particular, this talk will describe how a particular monitoring data structure, called distributed traces, can be analyzed using deep learning to identify anomalies in its spans. This capability empowers operators to quickly identify which components of a distributed system are faulty.
AIOps: Anomalous Span Detection in Distributed Traces Using Deep LearningJorge Cardoso
The field of AIOps, also known as Artificial Intelligence for IT Operations, uses algorithms and machine learning to dramatically improve the monitoring, operation, and maintenance of distributed systems. Its main premise is that operations can be automated using monitoring data to reduce the workload of operators (e.g., SREs or production engineers). Our current research explores how AIOps – and many related fields such as deep learning, machine learning, distributed traces, graph analysis, time-series analysis, sequence analysis, and log analysis – can be explored to effectively detect, localize, and remediate failures in large-scale cloud infrastructures (>50 regions and AZs). In particular, this lecture will describe how a particular monitoring data structure, called distributed trace, can be analyzed using deep learning to identify anomalies in its spans. This capability empowers operators to quickly identify which components of a distributed system are faulty.
AIOps: Anomalies Detection of Distributed TracesJorge Cardoso
Introduction to the field of AIOps. large-scale monitoring, and observability. Provides an example illustrating how Deep Learning can be used to analyze distributed traces to reveal exactly which component is causing a problem in microservice applications.
Presentation given at the National University of Ireland, Galway (NUI Galway)
on 2019.08.20.
Thanks to Prof. John Breslin
In planet-scale deployments, the Operation and Maintenance (O&M) of cloud platforms cannot be done any longer manually or simply with off-the-shelf solutions. It requires self-developed automated systems, ideally exploiting the use of AI to provide tools for autonomous cloud operations. This talk will explain how deep learning, distributed traces, and time-series analysis (sequence analysis) can be used to effectively detect anomalous cloud infrastructure behaviors during operations to reduce the workload of human operators. The iForesight system is being used to evaluate this new O&M approach. iForesight 2.0 is the result of 2 years of research with the goal to provide an intelligent new tool aimed at SRE cloud maintenance teams. It enables them to quickly detect and predict anomalies thanks to the use of artificial intelligence when cloud services are slow or unresponsive.
Cloud Reliability: Decreasing outage frequency using fault injectionJorge Cardoso
Invited Keynote at the 9th International Workshop on Software Engineering for Resilient Systems, September 4-5, 2017, Geneva, Switzerland
Title: Cloud Reliability: Decreasing outage frequency using fault injection
Abstract: In 2016, Google Cloud had 74 minutes of total downtime, Microsoft Azure had 270 minutes, and 108 minutes of downtime for Amazon Web Services (see cloudharmony.com). Reliability is one of the most important properties of a successful cloud platform. Several approaches can be explored to increase reliability ranging from automated replication, to live migration, and to formal system analysis. Another interesting approach is to use software fault injection to test a platform during prototyping, implementation and operation. Fault injection was popularized by Netflix and their Chaos Monkey fault-injection tool to test cloud applications. The main idea behind this technique is to inject failures in a controlled manner to guarantee the ability of a system to survive failures during operations. This talk will explain how fault injection can also be applied to detect vulnerabilities of OpenStack cloud platform and how to effectively and efficiently detect the damages caused by the faults injected.
Cloud Operations and Analytics: Improving Distributed Systems Reliability usi...Jorge Cardoso
Lecture given at the Technical University of Munich, 12 December 2016, on Cloud Operations and Analytics: Improving Distributed Systems Reliability using Fault Injection.
Presentation at the International Industry-Academia Workshop on Cloud Reliability and Resilience. 7-8 November 2016, Berlin, Germany.
Organized by EIT Digital and Huawei GRC, Germany.
Twitter: @CloudRR2016
Presentation at the International Industry-Academia Workshop on Cloud Reliability and Resilience. 7-8 November 2016, Berlin, Germany.
Organized by EIT Digital and Huawei GRC, Germany.
Twitter: @CloudRR2016
Gartner analyzed data centers for a period of 10 years and found that 47% of all problems were caused by cloud services outages. The duration of outages ranged between 40 minutes and five days. Ponemon Institute studied the financial impact and found that on average outages cost US$ 690.204, with an average downtime cost of US$ 6.828 per minute. These results are important due to the economic impact of unplanned outages on cloud operations which calls for higher platform reliability.
The first part of this talk will present the mechanisms that pioneers, such as Amazon, Google, and Netflix, have already developed to increase the reliability of their cloud platforms. The second part of the talk will describe how Huawei Research is exploring the use of fault-injection mechanisms to effectively increase the reliability of the Open Telekom Cloud platform from Deutsche Telekom.
For more than 10 years, research on service descriptions has mainly studied software-based services and provided languages such as WSDL, OWL-S, WSMO for SOAP, and hREST for REST. Nonetheless, recent developments from service management (e.g., ITIL and COBIT) and cloud computing (e.g. Software-as-a-Service) have brought new requirements to service descriptions languages: the need to also model business services and account for the multi-faceted nature of services. Business-orientation, co- creation, pricing, legal aspects, and security issues are all elements which must also be part of service descriptions. While ontologies such as e  service and e  value provided a first modeling attempt to capture a business perspective, concerns on how to contract services and the agreements entailed by a contract also need to be taken into account. This has for the most part been disregarded by the e-family of ontologies. In this paper, we review the evolution and provide an overview of Linked USDL, a comprehensive language which provides a (multi-faceted) description to enable the commercialization of (business and technical) services over the web.
Ten years of service research from a computer science perspectiveJorge Cardoso
…It has been more than 10 years since a strong research stream on services started from the field of computer science. The main trigger was without a doubt the introduction of the Web Service Description Language (WSDL), a specification to represent a piece of software functionally which could be remotely invoked. Nonetheless, this was only the “tipping point”. The generalized interest on this new development was followed by interesting topics of research on the application of semantics to enhance the description of services, the composition of services into processes, the analysis of the quality of services, the complexity of processes supporting services, and the development of comprehensive service description languages. This seminar will provide an overview of the main research topics around services and will glimpse at a new research field on the analysis of service networks...
Cloud Computing Automation: Integrating USDL and TOSCAJorge Cardoso
-- Presented at CAiSE 2013, Valencia, Spain --
Standardization efforts to simplify the management of cloud applications are being conducted in isolation. The objective of this paper is to investigate to which extend two promising specifications, USDL and TOSCA, can be integrated to automate the lifecycle of cloud applications. In our approach, we selected a commercial SaaS CRM platform, modeled it using the service description language USDL, modeled its cloud deployment using TOSCA, and constructed a prototypical platform to integrate service selection with deployment. Our evaluation indicates that a high level of integration is possible. We were able to fully automatize the remote deployment of a cloud service after it was selected by a customer in a marketplace. Architectural decisions emerged during the construction of the platform and were related to global service identification and access, multi-layer routing, and dynamic binding.
Understanding how services operate as part of large scale global networks, the related risks and gains of different network structures and their dynamics is becoming increasingly critical for society. Our vision and research agenda focuses on the particularly challenging task of building, analyzing, and reasoning about global service networks. This paper explains how Service Network Analysis (SNA) can be used to study and optimize the provisioning of complex services modeled as Open Semantic Service Networks (OSSN), a computer-understandable digital structure which represents connected and dependent services.
Open Semantic Service Networks: Modeling and AnalysisJorge Cardoso
A new interesting research area is the representation and analysis of the networked economy using Open Semantic Service Networks (OSSN). OSSN are represented using the service description language
USDL to model nodes and using the service relationship model OSSR to model edges. Nonetheless, in their current form USDL and OSSR do not provide constructs to capture the dynamic behavior of service networks. To bridge this gap, we used the General System Theory (GST) as a framework guiding the extension of USDL and OSSR to model dynamic OSSN. We evaluated the extensions made by applying USDL and OSSR to two distinct types of dynamic OSSN analysis: 1) evolutionary by using a Preferential Attachment (PA) and 2) analytical by using concepts from System Dynamics (SD). Results indicate that OSSN can constitute the rst stepping stones toward the analysis of global service-based economies.
Modeling Service Relationships for Service NetworksJorge Cardoso
The last decade has seen an increased interest in the study of networks in many fields of science. Examples are numerous, from sociology to biology, and to physical systems such as power grids. Nonetheless, the field of service networks has received less attention. Previous research has mainly tackled the modeling of single service systems and service compositions, often focusing only on studying temporal relationships between services. The objective of this paper is to propose a computational model to represent the various types of relationships which can be established between services systems to model service networks. This work acquires a particular importance since the study of service networks can bring new scientific discoveries on how service-based economies operate at a global scale.
Description and portability of cloud services with USDL and TOSCAJorge Cardoso
The provisioning and management of cloud services are major concerns since they bring clear benefits such as elasticity, flexibility, scalability, and high availability of applications for enterprises. Two emerging contributions set semantics and machine-understandable specifications for the description and portability of cloud-based services: USDL and TOSCA. In this talk we will explain how both can be articulated to work in conjunction. The Unified Service Description Language (USDL) was created for describing business or real world services to allow services to become tradable and consumable on marketplaces. On the other hand, the Topology and Orchestration Specification for Cloud Applications (TOSCA) was standardized to enable the portability of complex cloud applications and their management across different cloud providers.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Epistemic Interaction - tuning interfaces to provide information for AI support
IEEE SE2012 Internet-based self-services
1. Internet-based Self-Services
from Analysis and Design to Deployment
Jorge Cardoso John A. Miller
Dept. Engenharia Informatica/CISUC Computer Science Department
University of Coimbra University of Georgia
Coimbra, Portugal Athens, GA, USA
jcardoso@dei.uc.pt jam@cs.uga.edu
IEEE SE 2012 1st International Conference on Services Economics June 24-29 2012, Hyatt
Regency Waikiki Resort and Spa, Honolulu, Hawaii, USA
2. Roadmap
• Motivation, objectives,
and findings
• SEASIDE
– Service architecture
– Service analysis
– Service design
– Service implementation
– Service deployment
• Conclusions
3. Motivation
• Past research in the field of services
1. Software and IT perspective
2. Business and marketing
3. Service design
• Our goal
– Bridge 1-3
– Investigate a Systematic approach for
Internet-based Self-Service (ISS)
development
4. what is an Internet-based Self-
Service (ISS)
• Subclass of real-
world services
• No direct service
employee
• Driven by self-
service technologies
• The Internet as a
delivery channel
Self-ticket purchasing using the Internet is an
example of an Internet-based self-service
5. Objectives
• Systematic approach
– Guiding framework
– Support analysis, design, implementation
and deployment
• Improve traceability and consistency
• Reduce complexity and development
costs
6. SEASIDE
• Systematic ISS development
• Rely on:
– Enterprise architectures (EA),
– Model-driven development (MDD),
– Model-view-controller pattern (MVC), and
– Platform as a service (PaaS)
SEASIDE = SystEmAtic ServIce DEvelopment
8. ITIL IMS Use Case
– Incident Management
Service (IMS)
• From ITIL
– Blueprint >>
– Resolve incidents
• Disks errors
• Printers not working
ITIL = Information Technology Infrastructure Library
12. SEASIDE:Service architecture
• Adoption of an
enterprise
architecture
• Organize services’
developments
• Control
completeness
– models, interfaces, Zachman enterprise architecture
and linkings
13. SEASIDE:Service architecture
• Service analysis
– Contextual abstraction (mindmaps, nested bullet lists,
etc.)
• Service design
– Logical abstraction (models, MDD)
• Service implementation
– As build abstraction (MVC)
• Service deployment
– Functioning abstraction (PaaS)
16. SEASIDE:Systematic development
• Steps 1-2)
– Construct service models based
on the semantics captured in the
analysis phase
• Steps 3-4)
– Models are serialized to XML.
– Code/instructions are generated
from models using XSLT.
• Step 5)
– Code/instructions are organized
using MVC structure customized
for services
– The service is automatically
deployed into a commercial PaaS
platform
18. Service analysis
• Use weak semantics to identify ISS main concepts
• ITIL IMS case study …
1) Incident. Unplanned interruption of an IT service.
a) Priority. How quickly the service should address the incident.
i) Impact. The effect on the business.
ii) Urgency. The need for a fast resolution.
b) Supervisor. The responsible actor.
2) Solution. Steps to solve the incident.
3) Customer. The actor which submitted the incident.
4) . . . .
20. Service design
• Aggregates several models according to the
service architecture
• ITIL IMS use case …
– E-R models (ER) for modeling data (’what’)
– Service blueprinting (SB) to model functions (’how’)
– Network graphs (NG) to model locations (‘where’)
– Low fidelity prototypes to model user interfaces (UI)
(’who’)
– USDL to model schedules and motivations (’when’
and ’why’)
21. Example:Service blueprint
(1) Sparx Systems’ Enterprise Architect
• BPMN to design (2) Bonita BPMN workflow editor
services’ blueprints
• Mapping between
BPMN and blueprints
• Transform BPMN into
a MVC pattern
XML serialization
22. Example:UI
• Blueprint tasks are Balsamiq mockups
associated with a UI
view
• Low fidelity
prototypes are
created manually
XML serialization
23. Example:Service description
• Enhance service description
with business and operational
aspects
– Quality of service, pricing and
legal aspects among others.
• Transform USDL specification
to:
– UI Views of the MVC and
– Software code in the form of
business rules
– Rules were injected into MVC
controllers to specify the
periods (i.e. days/hours) when
the ITIL IMS was available to
end users
XML serialization
24. USDL
• Unified Service
Description Language
• Master data model for services
• Describe various types of services
– professional to electronic services
• Holistic
– business aspects such as ownership
and provisioning, pricing and legal aspects,
in addition to technical aspects
• http://www.genssiz.org/research/service-modeling/alpha-usdl/
• http://www.linked-usdl.org/
• http://www.internet-of-services.com/
26. Code generation
• The transformation of ISS’ models into
code
– Builds upon our previous work
– Uses XSLT and XPath
• Code organized according to an adapted
version of the MVC pattern
– Called MVC for Services
– Later deployed in a PaaS
27. MVC for Service
• Model
– Code of the data models of the service architecture (i.e.
’what’ dimension).
• View
– Instructions of the UI models of the architecture (i.e.
’who’ dimension).
• Controller
– Code of the blueprint and USDL models of the service
architecture
– i.e. ’how’, ’why’ and ’when’ dimensions
28. MVC for Service
• Controller generated from a service blueprint
• Illustrates the control-flow
de f c r e a t e
@i n c i d e n t = I n c i d e n t . new(@params [ ’ p r i o r i t y ’ ] )
@i n c i d e n t . d a t e = Date . t o d a y
i f @i n c i d e n t . p r i o r i t y == ‘ ‘1 ’ ’
r e d i r e c t t o : a c t i o n => ’ NotifySeniorStaff ’
else
r e d i r e c t t o : a c t i o n => ’ InitialDiagnosis ’
end
end
30. Service deployment using PaaS
• In our experiment we selected the Heroku platform
– Ease of use, automation, and reliability for Web applications
• The following commands were retrieved automatically
executed to deploy the ITIL IMS:
$ heroku create <imservice> –stack cedar
$ git init # Initialize the code repository
$ git commit ... # Several commits were made
$ git push heroku master
• Since the PaaS used MVC, it knew exactly where all the
necessary directories, models, views and controllers of our
ISS were located
31. Conclusions
• Results
– The SEASIDE systematic methodology for ISS
development
• The approach is suitable for
– The ’massification’ of services’
– Reduces development complexity and costs
– Reduces time to market
• Findings
– Applicability of integrating EA, MDD, MVC, and PaaS to
support a step-by-step guidance for ISS development