- Lectureredit
El distanciamiento social causado por la actual pandemia se ha hecho parte de la vida cotidiana de las personas, obligando a que las instituciones publicas y privadas opten por la modalidad de teletrabajo para cumplir sus actividades.... more
El distanciamiento social causado por la actual pandemia se ha hecho parte de la vida cotidiana de las personas, obligando a que las instituciones publicas y privadas opten por la modalidad de teletrabajo para cumplir sus actividades. Esto hace necesaria la practica de politicas adecuadas de Ciberseguridad a toda persona que envia o recibe informacion por medio de Internet. En el presente trabajo se presenta una propuesta de politicas de ciberseguridad orientadas a personas que realizan teletrabajo. Para evaluar la propuesta antes mencionada se realizo un estudio de caso con personas que hacen teletrabajo y que pertenecen al rectorado de la Escuela Superior Politecnica de Chimborazo (ESPOCH). los resultados del estudio de caso sugieren que la implementacion de politicas de ciberseguridad para el teletrabajo permite el uso adecuado de la informacion del Rectorado de la ESPOCH.
Research Interests: Humanities and Persona
Nowadays the interoperability of web applications is carried out by the use of data exchange formats such as XML and JavaScript Object Notation (JSON). Due to its simplicity, JSON objects are the most common way for sending information... more
Nowadays the interoperability of web applications is carried out by the use of data exchange formats such as XML and JavaScript Object Notation (JSON). Due to its simplicity, JSON objects are the most common way for sending information over the HTTP protocol. With the aim of adding a security mechanism to JSON objects, in this work we propose an encryption approach for cipher JSON objects through the use of chaotic synchronization. Synchronization ability between two chaotic systems offers the possibility of securing information between two points. Our approach includes mechanisms for diffusing and confusing JSON objects (plaintext), which yields a proper ciphertext. Our approach can be applied as an alternative to the existing securing JSON approaches such as JSON Web Encryption (JWE).
Research Interests:
In an iterative and incremental development environment software regression testing plays an important role; it helps to ensure the reliability in the building process of a software product. The optimization of a regression test depends... more
In an iterative and incremental development environment software regression testing plays an important role; it helps to ensure the reliability in the building process of a software product. The optimization of a regression test depends on the size of the test suite to be executed. Regression testing helps to verify existing modifications (fixing bugs) or verify new features added to a software product. When regression testing is applied to database applications it is necessary to consider aspects of the database along with the product code in order to guarantee a proper verification of the product. In this paper we present an approach for conducting regression tests on database applications under an iterative and incremental development setting.
Research Interests:
Research Interests:
... Natalia Juristo and Omar S. Gómez * Facultad de Informática, Universidad Politécnica de Madrid, Boadilla del Monte 28660, Madrid, Espa˜na natalia@fi.upm.es, ogomez@ieee.org Abstract. ... [11], Jørgensen [12], Pickard et al. [13],... more
... Natalia Juristo and Omar S. Gómez * Facultad de Informática, Universidad Politécnica de Madrid, Boadilla del Monte 28660, Madrid, Espa˜na natalia@fi.upm.es, ogomez@ieee.org Abstract. ... [11], Jørgensen [12], Pickard et al. [13], Shull et al. [14] and Juristo et al. ...
Research Interests:
Software regression testing techniques verify previous functionalities each time software modifications occur or new characteristics are added. With the aim of gaining a better understanding of this subject, in this work we present a... more
Software regression testing techniques verify previous functionalities each time software modifications occur or new characteristics are added. With the aim of gaining a better understanding of this subject, in this work we present a survey of software regression testing techniques applied in the last 15 years; taking into account its application domain, kind of metrics they use, its application strategies and the phase of the software development process where they are applied. From an outcome of 460 papers, a set of 25 papers describing the use of 31 software testing regression techniques were identified. Results of this survey suggest that at the time of applying a regression testing techniques, metrics like cost and fault detection efficiency are the most relevant. Most of the techniques were assessed with instrumented programs (experimental cases) under academic settings. Conversely, we observe a minimum set of software regression techniques applied in industrial settings, main...
Research Interests:
This paper presents an experience report about an experiment that evaluates duration and effort of pair and solo programming. The experiment was performed as part of a course on Design of Experiments (DOE) in Software Engineering (SE) at... more
This paper presents an experience report about an experiment that evaluates duration and effort of pair and solo programming. The experiment was performed as part of a course on Design of Experiments (DOE) in Software Engineering (SE) at Autonomous University of Yucatan (UADY). A total of 21 junior student subjects enrolled in the bachelor's degree program in SE participated in the experiment. During the experiment, subjects (7 pairs and 7 solos) wrote two small programs in two sessions. Results show a significant difference (at alpha=0.1) in favor of pair programming regarding duration (28% decrease), and a significant difference (at alpha=0.1) in favor of solo programming with respect to effort (30% decrease). With only a difference of 1%, our results regarding duration and effort are practically the same as those reported by Nosek in 1998.
Research Interests:
El Proceso Software Personal (En Inglés, Personal Software Process o PSP) es un proceso individual cuyo objetivo es ayudar a los ingenieros en software a medir y mejorar su productividad personal. El PSP suele enseñarse exclusivamente a... more
El Proceso Software Personal (En Inglés, Personal Software Process o PSP) es un proceso individual cuyo objetivo es ayudar a los ingenieros en software a medir y mejorar su productividad personal. El PSP suele enseñarse exclusivamente a profesionales, no obstante éste ha comenzado a incluirse como parte de cursos universitarios. En este trabajo se presenta un estudio sobre PSP efectuado en un entorno académico donde se analizan los siguientes indicadores: precisión en las estimaciones de tamaño y esfuerzo, calidad del producto así como productividad. Los resultados aquí reportados sugieren una mejoría parcial con respecto a la precisión de las estimaciones, una reducción sustantiva en la densidad de defectos de acuerdo a un factor de 6.6 y una productividad media de 53 líneas de código fuente por hora.
Domain-Specific Languages (DSLs) are programming languages designed specifically to express solutions to problems in a particular domain. It is said they foster productivity and quality. In this work we describe CRUDyLeaf, a DSL focused... more
Domain-Specific Languages (DSLs) are programming languages designed specifically to express solutions to problems in a particular domain. It is said they foster productivity and quality. In this work we describe CRUDyLeaf, a DSL focused on the generation of Spring Boot REST APIs from entity CRUD operations. Spring Boot is an open source Java-based framework used to implement the REST architecture style. It has gained popularity among developers mainly because it allows to build stand-alone and production ready software applications (avoiding the use of an application server). Through seven proposed stages (domain immersion, golden application implementation, syntax definition, meta model generation, code generator implementation, deployment, and refinement) we describe the development of this DSL. We also exemplify and evaluate the proposed DSL. Our findings suggest a yield automation rate of 32.1 LOC (Lines Of Code) for each LOC written in this DSL, among other observed benefits.
Research Interests:
Research Interests:
Background. Common approaches to software verification include static testing techniques, such as code reading, and dynamic testing techniques, such as black-box and white-box testing. Objective. With the aim of gaining a better... more
Background. Common approaches to software verification include static testing techniques, such as code reading, and dynamic testing techniques, such as black-box and white-box testing. Objective. With the aim of gaining a better understanding of software testing techniques, a controlled experiment replication and the synthesis of previous experiments which examine the efficiency of code reading, black-box and white-box testing techniques were conducted. Method. The replication reported here is composed of four experiments in which instrumented programs were used. Participants randomly applied one of the techniques to one of the instrumented programs. The outcomes were synthesized with seven experiments using the method of network meta-analysis (NMA). Results. No significant differences in the efficiency of the techniques were observed. However, it was discovered the instrumented programs had a significant effect on the efficiency. The NMA results suggest that the black-box and white...
Research Interests:
Actualmente, la gestion de proyectos de desarrollo de software en las micro, pequenas y medias empresas esta atravesando un proceso de cambio gracias a la introduccion de nuevos enfoques y modelos agiles que se integran a los procesos... more
Actualmente, la gestion de proyectos de desarrollo de software en las micro, pequenas y medias empresas esta atravesando un proceso de cambio gracias a la introduccion de nuevos enfoques y modelos agiles que se integran a los procesos existentes permitiendo mejorar los tiempos, calidad, productividad y costos asociados. Sin embargo, la falta de comprension y de una solucion que soporte la integracion adecuada con los procesos existentes de una organizacion, trae consigo una serie de obstaculos que entorpecen su implementacion exitosa. En este sentido, se realiza una revision sistematica alrededor de la implementacion de metodologias agiles y otros modelos en MiPyMEs. El objetivo es conocer lo que se ha realizado y logrado en este tipo de empresas respecto a las metodologias agiles principalmente y otros modelos desde el punto de vista de: tendencias, propuestas, experiencias, factores de exito, entre otros.
Domain-Specific Languages (DSLs) are programming languages designed specifically to express solutions to problems in a particular domain. It is said they foster productivity and quality. In this work we describe CRUDyLeaf, a DSL focused... more
Domain-Specific Languages (DSLs) are programming languages designed specifically to express solutions to problems in a particular domain. It is said they foster productivity and quality. In this work we describe CRUDyLeaf, a DSL focused on the generation of Spring Boot REST APIs from entity CRUD operations. Spring Boot is an open source Java-based framework used to implement the REST architecture style. It has gained popularity among developers mainly because it allows to build stand-alone and production ready software applications (avoiding the use of an application server). Through seven proposed stages (domain immersion, golden application implementation, syntax definition, meta model generation, code generator implementation, deployment, and refinement) we describe the development of this DSL. We also exemplify and evaluate the proposed DSL. Our findings suggest a yield automation rate of 32.1 LOC (Lines Of Code) for each LOC written in this DSL, among other observed benefits.
Research Interests:
El libro que ahora nos ocupa, titulado “Ingenieria de Software e Ingenieria del Conocimiento: dos disciplinas interrelacionadas” surge con los aportes de una gran cantidad de grupos iberoamericanos que presentan conclusiones importantes... more
El libro que ahora nos ocupa, titulado “Ingenieria de Software e Ingenieria del Conocimiento: dos disciplinas interrelacionadas” surge con los aportes de una gran cantidad de grupos iberoamericanos que presentan conclusiones importantes sobre estas dos disciplinas. Se presentan proyectos en diferentes temas, como entornos virtuales de aprendizaje, transferencia del conocimiento, modelos y metodologias del software como PSP y Scrum, elementos de ingenieria de requisitos, arquitecturas y lenguajes, ademas de varias tecnicas y estrategias de ensenanza y tendencias modernas como Semat. Todos estos temas se conjugan y, en ocasiones, sus limites se hacen borrosos entre las dos disciplinas que dan nombre a este libro, entregando en 22 Capitulos aportes de gran relevancia para el entorno cientifico Iberoamericano. Confiamos en que las contribuciones que se incluyen en este libro susciten nuevas maneras de aproximar aun mas la Ingenieria de Software y la Ingenieria del Conocimiento, como are...
Research Interests:
Augmented Reality (AR) is a technology that has been seen to have potential in the educational sector for some years due to the tremendous positive impact that it could generate when used in teaching and learning processes. However, to... more
Augmented Reality (AR) is a technology that has been seen to have potential in the educational sector for some years due to the tremendous positive impact that it could generate when used in teaching and learning processes. However, to achieve this, it is essential to consider educational and technological aspects to develop appropriate applications that provide the student and the teacher with innovative teaching methods. For this reason, this study presents a Systematic Review of Literature (SRL) under the protocol proposed by Kitchenham & Stuart (2007) to collect relevant information that provides new research opportunities. This review focuses on augmented reality's technological aspect since the authors previously conducted an initial study considering the educational aspect. As part of this SRL, four sources of information were consulted: IEEE, ACM, Springer, and Elsevier, from which forty-two primary studies were analyzed that describe educational initiatives that incorpo...
Research Interests:
The verification of a previously observed finding is important. Being able to verify a finding provides some guarantee that it is not product of chance but that the observed phenomenon is stable or regular. The most well done way of... more
The verification of a previously observed finding is important. Being able to verify a finding provides some guarantee that it is not product of chance but that the observed phenomenon is stable or regular. The most well done way of verifying experimental findings is through replication. But, is this the only method for verifying the observations of an experiment? We have studied different ways of verifying experimental findings that are used in other disciplines. From the 18 replication classifications that we located, we have identified three methods for verifying a finding. Each of these methods fulfil a particular verification purpose.
Usability in the software arena is a hot topic that has attracted the attention of researchers. Usability has been studied in different application contexts. In the context of Higher Education Institutions, some usability aspects have... more
Usability in the software arena is a hot topic that has attracted the attention of researchers. Usability has been studied in different application contexts. In the context of Higher Education Institutions, some usability aspects have started to be incorporated into university websites. In this work, we present a merged interaction design pattern oriented to improve the usability experience of prospective students. The assessment of the pattern was done through a pretest-posttest intervention study, using a sample of 266 prospective students. Our results suggest that the use of an interaction design pattern has significantly improved the usability experience of the participants in this study.
Research Interests:
This paper presents an experiment that evaluates the usefulness, usability and time spent developing a learning object (LO) of two tools that support the creation of LO’s (exeLearning and Reload Editor). 21 professors from upper secondary... more
This paper presents an experiment that evaluates the usefulness, usability and time spent developing a learning object (LO) of two tools that support the creation of LO’s (exeLearning and Reload Editor). 21 professors from upper secondary educational institution from Mexico (CONALEP) were randomly assigned to each tool; performing same tasks under controlled conditions. By a small difference, results suggest that Reload Editor is significantly more useful than exe-Learning. Regarding time spent developing a LO, results suggest a significant difference of 33% in favor of Reload Editor. Finally, results suggest that both tools are perceived with the same level of usability.
The main objective of this work is to examine possible effects of using freshman student subjects in software engineering experiments. Particularly in this work we report the effectiveness measured as percentage of observed and observable... more
The main objective of this work is to examine possible effects of using freshman student subjects in software engineering experiments. Particularly in this work we report the effectiveness measured as percentage of observed and observable defects of two software testing techniques: Black-box and white-box. Regarding observed defects, both techniques show an effectiveness around of 4%. With respect of observable defects by test cases, black-box testing is slightly more effective (21%) than white-box testing (16%), although this difference is not significant. We observe a considerable lack of technical skills of subjects for applying both software testing techniques. Due to observed findings, we suggest to employ students with more technical skills for carrying out software engineering experiments. ----- El objetivo de este trabajo se centra en investigar los efectos que conlleva realizar experimentos en ingenier\'ia de software (IS) empleando como sujetos experimentales a estudia...
Research Interests:
Background: Software Engineering (SE) is a young discipline aiming at the systematic application of tools, methods and practices to develop and maintain software products on time, under budget and with a certain degree of quality.... more
Background: Software Engineering (SE) is a young discipline aiming at the systematic application of tools, methods and practices to develop and maintain software products on time, under budget and with a certain degree of quality. Research in SE has gradually attracted the attention of various Mexican higher-education institutions and some Mexican research centers. Objective: This study aims to survey the existing SE research conducted in Mexico to identify areas of research and research gaps. Method: A systematic mapping study was performed to find relevant papers on the topic in a structured and repeatable manner. Results: From a total of 380 documents retrieved by the defined search string, 206 relevant papers were selected. Taking as reference the Knowledge Areas (KAs) of the Software Engineering Body of Knowledge (SWEBOK V3.0), we observe that more than half (69%) of the Mexican states have at least one published paper in one of the KAs. The knowledge areas KA02 (software desig...
El Proceso Software Personal (En Inglés, Personal Software Process o PSP) es un proceso individual cuyo objetivo es ayudar a los ingenieros en software a medir y mejorar su productividad personal. El PSP suele enseñarse exclusivamente a... more
El Proceso Software Personal (En Inglés, Personal Software Process o PSP) es un proceso individual cuyo objetivo es ayudar a los ingenieros en software a medir y mejorar su productividad personal. El PSP suele enseñarse exclusivamente a profesionales, no obstante éste ha comenzado a incluirse como parte de cursos universitarios. En este trabajo se presenta un estudio sobre PSP efectuado en un entorno académico donde se analizan los siguientes indicadores: precisión en las estimaciones de tamaño y esfuerzo, calidad del producto así como productividad. Los resultados aquí reportados sugieren una mejoría parcial con respecto a la precisión de las estimaciones, una reducción sustantiva en la densidad de defectos de acuerdo a un factor de 6.6 y una productividad media de 53 líneas de código fuente por hora.
El aprendizaje de Ciberseguridad por su naturaleza cambiante exige de procesos cognitivos tanto teóricos como prácticos, particularmente, los prácticos requieren de entornos hiperrealistas que no pongan en riesgo infraestructura real o... more
El aprendizaje de Ciberseguridad por su naturaleza cambiante exige de procesos cognitivos tanto teóricos como prácticos, particularmente, los prácticos requieren de entornos hiperrealistas que no pongan en riesgo infraestructura real o acarreen situaciones de índole legal, estas plataformas que contienen dichos entornos, son conocidos como ciber-rangos, debido a su complejidad pueden ser costosos y difíciles de implementar por lo que gran parte de los esfuerzos para su aprendizaje y enseñanza han estado enfocados en la utilización de distintas tecnologías que mejoren estos aspectos, así se ha empezado a utilizar la virtualización por contenedores que presenta ligereza y flexibilidad en su aplicación. En este artículo se presentan los resultados de una Revisión Sistemática de la Literatura realizada para identificar y caracterizar estudios primarios vinculados con la tecnología de contenedores aplicados a la enseñanza de la ciberseguridad. Los resultados obtenidos muestran que existe...
Agile software development has been widespread adopted. One well-known agile approach is eXtreme Programming (XP) where pair programming (PP) is a relevant practice. Although various aspects of PP have been studied, we have not found,... more
Agile software development has been widespread adopted. One well-known agile approach is eXtreme Programming (XP) where pair programming (PP) is a relevant practice. Although various aspects of PP have been studied, we have not found, under a traditional model of PP, studies that examine the impact of using an IDE tool support. In an attempt to obtain a better understanding of the impact of using an IDE, we present the results of a controlled experiment that expose the influence on quality, measured as the number of defects injected per hour, of pair and solo programmers with and without the use of an IDE. Our findings suggest that the use of an IDE results in significantly higher defect injection rates (for both pairs and solos) when the programming task is not very complicated. Nevertheless, defect injection rates seem to decrease when pairs work on more complicated programming assignments irrespective of the tool support used. Quality is affected in a similar manner when either pair or solo programming is used.
Research Interests:
Research Interests:
Research Interests:
Research Interests:
The use of collaborative virtual environments facilitates communication, coordination and cooperation within a group of people. In the field of Information and Communications Technology (ICT), collaborative virtual environments have been... more
The use of collaborative virtual environments facilitates communication, coordination and cooperation within a group of people. In the field of Information and Communications Technology (ICT), collaborative virtual environments have been developed to support the learning of programming. With the aim of fostering software testing education by alternative means, we present findings from the use of a collaborative virtual environment used for software testing training. Particularly, we report an empirical study (controlled experiment) which assesses the effectiveness of detecting defects in instrumented programs with and without the support of an collaborative virtual environment (CVE). The CVE was used as part of a programming course at under-graduate level. The results suggest an equivalent effectiveness in defect detection for both types of participants, those who used the CVE and those who worked in a traditional manner. It was observed that with regard to effectiveness, for this type of task (the detection of defects), working virtually through a CVE versus working in a tradition manner (at the same time and in the same place) yields equivalent results. When collaborative work cannot be done in a traditional way, the use a CVE is an alternative approach equally effective for collaborating and learning on software testing.
In today's business environment, a key factor for decision making is the IT projects portfolio management (ITPPM). IT projects must be aligned with the objectives, goals and strategies, which is achieved through the appropriate... more
In today's business environment, a key factor for decision making is the IT projects portfolio management (ITPPM). IT projects must be aligned with the objectives, goals and strategies, which is achieved through the appropriate application of a methodology for ITPPM. The experienced application of a methodology depends on the experience of the managers of ITPPM, considering that the application of methodologies generates best practices, it becomes necessary to study some of the more representative methodologies and obtain the best practices that allow novice administrators to initiate their portfolio management activities in information technology projects. In this article, three methodologies are studied, from which best practices are obtained, as results; a hierarchy of best practices is obtained so that project managers can be guided or introduced in their field.
Research Interests:
Research Interests:
Background: Although most Computer Science (CS) programs offered by higher education institutions usually include a software engineering course, some works report a lack of formal training in software testing. Aim: With the aim of... more
Background: Although most Computer Science (CS) programs offered by higher education institutions usually include a software engineering course, some works report a lack of formal training in software testing. Aim: With the aim of studying the possible impact of knowledge acquired from CS programs on software testing, this paper reports an investigation composed of four experiments. The experiments conducted in Spain, Mexico and Ecuador examine the quality of test cases (TC) generated using black-box and white-box methods. The subjects of the experiments were undergraduate and graduate students who were exposed to different levels of CS knowledge. Method: We pool together the data from the four experiments and apply logistic regression to investigate possible relations of the quality of test cases with students' level of exposure to CS knowledge. Results: The quality of test cases generated by students depend significantly on the amount of CS program studied. The odds of generating test cases that reveal failures against those that do not reveal decrease when students are exposed to a low level of CS knowledge. Conclusions: Software testing plays a key role in what is an increasingly complex process of developing and maintaining software products today. The results of our empirical study provide evidence in favor of greater formal training in software testing as part of CS programs.
Research Interests:
Research Interests:
The main objective of this work is to examine possible effects of using freshman student subjects in software engineering experiments. Particularly in this work we report the effectiveness measured as percentage of observed and observable... more
The main objective of this work is to examine possible effects of using freshman student subjects in software engineering experiments. Particularly in this work we report the effectiveness measured as percentage of observed and observable defects of two software testing techniques: Black-box and white-box. Regarding observed defects, both techniques show an effectiveness around of 4%. With respect of observable defects by test cases, black-box testing is slightly more effective (21%) than white-box testing (16%), although this difference is not significant. We observe a considerable lack of technical skills of subjects for applying both software testing techniques. Due to observed findings, we suggest to employ students with more technical skills for carrying out software engineering experiments. ----- El objetivo de este trabajo se centra en investigar los efectos que conlleva realizar experimentos en ingeniería de software (IS) empleando como sujetos experimentales a estudiantes d...