Search Results

Software security is a complex topic, and for development projects it can be challenging to assess what security is necessary and cost-effective. Agile Software Development (ASD) values self-management. Thus, teams and their Product ...

A proper assessment of potential cyber threats is vital for security decision-making. This becomes an even more challenging task when dealing with new system designs and industry sectors where there is little or no historical data ...

As the field of computing education grows and matures, it has become essential to unite computing education and higher education research. Educational research has highlighted that how students study is crucial to their learning progress, and study ...

This Research Full Paper investigates the relationship between code writing tasks and other tasks like program comprehension and completion. In the context of exams, it is interesting to know whether auto-gradable comprehension and completion tasks can to ...

To combat cybercrime, a clearer understanding of the attacks and the offenders is necessary. When there is little available data about attack incidents, which is usually the case for new technology, one can make estimations about the necessary ...

In these proceedings, we present reports from the Working Groups that worked in the context of the 25th Annual Conference on Innovation & Technology in Computer Science Education (ITiCSE), held virtually at the Norwegian University of Science & ...

We welcome you to the 25th annual conference on Innovation and Technology in Computer Science Education (ITiCSE 2020). ITiCSE 2020 was planned to take place from June 17 to 19 in Trondheim, Norway. However, due to the Covid-19 pandemic a physical ...

While a number of advantages have been discussed on e-learning/e-assessment tools, little research has been reported on programming courses. Today, the different types of questions have been used in exams based on course type, e.g., Text-based ...

Software ecosystems SECOs and open innovation processes have been claimed as a way forward for the software industry. A proper understanding of requirements is as important for SECOs as for more traditional ones. This article presents a mapping study on ...

ContextSoftware testing is the key to ensuring a successful and reliable software product or service, yet testing is often considered uninteresting work compared to design or coding. As any human-based activity, the outcome of the final software product ...

Model driven security has become an active area of research during the past decade. While many research works have contributed significantly to this objective by extending popular modeling notations to model security aspects, there has been little ...

Misuse case maps (MUCM) augment use case maps with misuse case concepts.MUCMs provide integrated views of security issues and software systems architecture.MUCM were evaluated in controlled experiments with complex real-life intrusions.Misuse case maps ...

The last decade has seen an increasing focus on addressing security already during the earliest stages of system development, such as requirements determination. Attack trees and misuse cases are established techniques for representing security threats ...

Requirement defects are more costly to correct the later in the development process they are discovered. The same applies to safety requirements, and defects that remain in the fielded system are then not only costly, but potentially life-threatening. ...

For mobile and multi-channel information systems it is often relevant to model where something is supposed to take place. Traditional business process modeling notations seldom capture location. Examining if there might be any gain in extending ...

Understanding the social engineering threat is important in requirements engineering for security-critical information systems. Mal-activity diagrams have been proposed as being better than misuse cases for this purpose, but without any empirical ...

[Context and motivation] Implicit requirements (ImRs) are defined as requirements of a system which are not explicitly expressed during requirements elicitation, often because they are considered so basic that developers should already know them. Many ...

[Context and motivation] Security engineering is one of the important concerns during system development. It should be addressed throughout the whole system development process. There are several languages for security modelling that help dealing with ...

Migration is a strategy used in preservation systems to make digital objects survive from the continuing evolution of technology. However, it is difficult for custodians to decide an objective migration solution, as heterogeneous data, many system ...

The idea of security aware system development from the start of the engineering process is generally accepted nowadays and is becoming applied in practice. Many recent initiatives support this idea with special focus on security requirements ...