Prof. Washizaki presented our paper titled GO-MUC: A Strategy Design Method Considering Requirements of User and Business by Goal-Oriented Measurement, at CHASE2016 ICSE Workshop Austin.


Chihiro Uchida, Kiyoshi Honda, Hironori Washizaki, Yoshiaki Fukazawa, Kentaro Ogawa, Tomoaki Yagi, Mikako Ishigaki, Masashi Nakagawa, “GO-MUC: A Strategy Design Method Considering Requirements of User and Business by Goal-Oriented Measurement,” 9th International Workshop on Cooperative and Human Aspects of Software Engineering (CHASE 2016), short paper, collocated with ICSE 2016, Autin, Texas, USA, May 16, 2016.

Poster-CHASE2016

A Metamodel for Security and Privacy Knowledge in Cloud Services, accepted at IEEE Services 2016 as Poster Paper.


Hironori Washizaki, Sota Fukumoto, Misato Yamamoto, Masatoshi Yoshizawa, Yoshiaki Fukazawa, Shinpei Ogata, Eduardo B. Fernandez, Nobukazu Yoshioka, Takehisa Kato, Haruhiko Kaiya, Hideyuki Kanuka, Yuki Kondo, Takao Okubo, Atsuo Hazeyama, “A Metamodel for Security and Privacy Knowledge in Cloud Services,” 12th IEEE World Congress on Services (IEEE SERVICES 2016), Poster Paper, June 27 – July 2, 2016, San Francisco, USA. (to appear)

It is important to ensure security and privacy in cloud services. Although there are many security and privacy patterns and much non-pattern-based knowledge such as practices and principles in cloud services, it is difficult to select and combine the right ones due to the large number of those items and the nature of the layered cloud stack. In this paper, we propose a metamodel for handling security and privacy in cloud service development and operation. The metamodel is expected to be utilized for building a knowledge base to accumulate, classify and reuse existing cloud security and privacy patterns and practices in a consistent and uniform way. Moreover the metamodel and knowledge base are expected to be utilized for designing and maintaining architectures for cloud service systems incorporating security and privacy.

Requirements Analysis for Privacy Protection and Third Party Awareness using Logging Models, accepted at SoMeT 2016 (CORE Rank B).


Haruhiko Kaiya, Nobukazu Yoshioka, Takao Okubo, Hironori Washizaki and Atsuo Hazeyama, “Requirements Analysis for Privacy Protection and Third Party Awareness using Logging Models,” 15th International Conference on Intelligent Software Methodologies, Tools and Techniques (SOMET 2016), September 12-14, 2016, Larnaca, Cyprus.

Prof. Washizaki presented our paper titled “Pairwise Coverage-based Testing with Selected Elements in a Query for Database Applications” at IWCT 2016 (ICST Workshop)


Koji Tsumura, Hironori Washizaki, Yoshiaki Fukazawa, Keishi Oshima, Ryota Mibe, “Pairwise Coverage-based Testing with Selected Elements in a Query for Database Applications,” 5th International Workshop on Combinatorial Testing (IWCT 2016), collocated with ICST 2016, Chicago, USA, April 10, 2016.

http://www.slideshare.net/hironoriwashizaki/pairwise-coveragebased-testing-with-selected-elements-in-a-query-for-database-applications

Because program behaviors of database applications depend on the data used, code coverages do not effectively test database applications. Additionally, test coverages for database applications that focus on predicates in Structured Query Language (SQL) queries are not useful if the necessary predicates are omitted. In this paper, we present two new database applications using Plain Pairwise Coverage (PPC) and Selected Pairwise Coverage (SPC) for SQL queries called Plain Pairwise Coverage Testing (PPCT) and Selected Pairwise Coverage Testing (SPCT), respectively. These coverages are based on pairwise testing coverage, which employs selected elements in the SQL SELECT query as parameters. We also implement a coverage calculation tool and conduct case studies on two open source software systems. PPCT and SPCT can detect many bugs, which are not detected by existing test methods based on predicates in the query. Furthermore, the case study suggests that SPCT can detect bugs more efficiently than PPCT and the costs of SPCT can be further reduced by ignoring records filtered out by the conditions of the query.

Prof. Washizaki gave an invited talk titled “TESEM: A Tool for Verifying Security Design Pattern Applications” at ICST Workshop InSTA 2016.


Hironori Washizaki, “TESEM: A Tool for Verifying Security Design Pattern Applications,” Invited Talk, 3rd International Workshop on Software Test Architecture (InSTA 2016, ICST 2016 Workshop), 10 April 2016, Chicago, U.S.A.

http://www.slideshare.net/hironoriwashizaki/tesem-a-tool-for-verifying-security-design-pattern-applications

Because software developers are not necessarily security experts, identifying potential threats and vulnerabilities in the early stage of the development process is often insufficient. Even if these issues are addressed at an early stage, it does not guarantee that the final software product actually satisfies security requirements. To realize secure design and implementation, we propose extended security patterns, which include requirement- and design-level patterns as well as a new model testing and model-based code testing process. Our approach is implemented in a tool called TESEM, Test Driven Secure Modeling Tool, which supports pattern applications by creating a script to execute model testing automatically (ARES’13, IJSSE’14, ICST’15). Moreover we recently extended the tool to support testing of security design patterns implementation by preparing testcase templates (ARES’14). By using the tool, developers can specify threats and vulnerabilities in the target design and implementation according to security design patterns, verify whether the security patterns are properly applied, and assesses whether these vulnerabilities are resolved.

Modeling Cloud Ecosystems, accepted at Future Internet (DBLP Indexed), Special Issue of Security in Cloud Computing and Big Data


Eduardo Fernandez, Nobukazu Yoshioka, Hironori Washizaki, Madiha Syed, “Modeling cloud ecosystems,” Future Internet, Special Issue of Security in Cloud Computing and Big Data, 2016. (to appear)(DBLP Indexed)

Clouds do not work in isolation but interact with other clouds and with a variety of associated systems. An ecosystem is the expansion of a software product architecture to include systems outside the product which interact with the product. A powerful representation when building or using cloud ecosystems and similar complex systems is the use of architectural models based on patterns. We have described a cloud ecosystem in the form of a pattern diagram where its components are patterns and reference architectures. We have recently expanded these models to cover fog systems and containers. We intend to use this architecture to answer a variety of questions about the security of this system as well as a reference to design interacting combinations of heterogeneous components.

Prof. Washizaki presented our paper titled “How Are Effective Combinations of Personal Characteristic types different in Controlled Project Based Learning Courses?” at CSEE&T 2016 (CORE Rank C).


Prof. Washizaki presented our paper titled “How Are Effective Combinations of Personal Characteristic types different in Controlled Project Based Learning Courses?” at CSEE&T 2016 (CORE Rank C).

Yusuke Sunaga, Masashi Shuto, Hironori Washizaki, Katsuhiko Kakehi, Yoshiaki Fukazawa, Shoso Yamato, Masashi Okubo, “How Are Effective Combinations of Personal Characteristic types different in Controlled Project-Based Learning Courses?,” Proceedings of the 29th IEEE Conference on Software Engineering Education and Training (CSEE&T 2016), short paper, Dallas, USA, April 5-6, 2016. (CORE Rank C)

http://www.slideshare.net/hironoriwashizaki/how-are-effective-combinations-of-personal-characteristic-types-different-in-controlled-projectbased-learning-courses-cseet-2016

~JISX25051:2016リリース記念セミナー~「世界最高基準を目指す日本のソフトウェア品質」3月29日 100名超の参加があり盛況裡に終了しました。


~JISX25051:2016リリース記念セミナー~「世界最高基準を目指す日本のソフトウェア品質」は3月29日に100名超の参加があり盛況裡に終了しました。多くの皆様にご参加いただき有難うございました。講演資料・パネル資料の幾つかを掲載しましたので、プログラム中の講演タイトルから参照ください。

http://www.washi.cs.waseda.ac.jp/?page_id=2636

CesYwvfWwAAhv1k