Takanobu KOBORI, Hironori WASHIZAKI, Yoshiaki FUKAZAWA, Daisuke HIRABAYASHI, Katsutoshi SHINTANI, Yasuko OKAZAKI, and Yasuhiro KIKUSHIMA, “Exhaustive and efficient identification of rationales using GQM+Strategies with stakeholder relationship analysis,” IEICE Transactions on Information and Systems, Vol.E99-D, 2016. (SCIE, DBLP indexed) (to appear)

To achieve overall business goals, GQM+Strategies is one approach that aligns business goals at each level of an organization to strategies and assesses the achievement of goals. Strategies are based on rationales (contexts and assumptions). Because extracting all rationales is an important process in the GQM+Strategies approach, we propose the Context-Assumption-Matrix (CAM), which refines the GQM+Strategies model by extracting rationales based on analyzing the relationships between stakeholders, and the process of using GQM+Strategies with CAM effectively. To demonstrate the effectiveness of the CAM and the defined process, we conducted three experiments involving students majoring in information sciences at two different Japanese universities. Moreover, we applied the GQM+Strategies approach with CAM to the Recruit Sumai Company in Japan. The results reveal that compared to GQM+Strategies alone, GQM+Strategies with CAM can extract rationales of the same quality more efficiently and exhaustively.

From Faculty of Computer Science, Universitas Indonesia, Prof. Eko K. Budiardjo visited us on June 17. We agreed about possible future collaboration.

2016年6月11日にM0渡邊君が、HCD-Netフォーラム2016にて以下のポスター発表を行いました。

内田 ちひろ、本田 澄、渡邊　泰宏、鷲崎 弘宜、深澤良彰、小川 健太郎、八木 智章、石垣 光香子、中川　雅史、”GO-MUC (Goal-Oriented Measurement for Usability and Conflict): ゴール指向によるユーザ・ビジネス要求を満たす戦略立案支援”、 HCD-Netフォーラム2016, ポスター, 東海大学高輪キャンパス, 2016年6月11日

Hironori Washizaki, Yann-Gael Gueheneuc, Foutse Khomh, “A Taxonomy for Program Metamodels in Program Reverse Engineering,” 32nd IEEE International Conference on Software Maintenance and Evolution (ICSME), October 2-10, Raleigh, North Carolina, USA. (to appear)

Metamodels are frequently used during program reverse engineering activities to describe and analyze constituents and relations between the constituents of a program for supporting program comprehension, maintenance, and extension. Reverse engineering tools often define their own metamodels according to their own purposes and intended features. These metamodels have all advantages, and limitations that might have been solved by others. Although there are some existing works on the evaluation and comparison of these metamodels and tools, none of them consider all the possible characteristics and limitations to provide a comprehensive guidance for classification, comparison, reuse and extension of program metamodels. To guide practitioners and researchers to classify, compare, reuse, and extend program metamodels and their corresponding reverse engineering tools according to their goals, we first establish a conceptual framework with definitions of program metamodels and related concepts. Based on this framework, we provide a comprehensive taxonomy named Program Metamodel TAxonomy (ProMeTA), which incorporates characteristics that are newly identified into those that have already been stated in previous works identified by a systematic literature survey on program metamodels, while keeping the orthogonality of the entire taxonomy. We validate the taxonomy in terms of its orthogonality and usefulness through the classification of popular metamodels.

Masatoshi Yoshizawa, Hironori Washizaki, Yoshiaki Fukazawa, Takao Okubo, Haruhiko Kaiya and Nobukazu Yoshioka, “Implementation Support of Security Design Patterns Using Test Templates,” Information, Special Issue on Evaluating the Security of Complex Systems (DBLP Indexed), 2016. (to appear)

Security patterns are intended to support software developers as the patterns encapsulate security expert knowledge. However, these patterns may be inappropriately applied because most developers are not security experts, leading to threats and vulnerabilities. Here we propose a support method for security design patterns in the implementation phase of software development. Our method creates a test template from a security design pattern, consisting of an “aspect test template” to observe the internal processing and a “test case template”. Providing design information creates a test from the test template with a tool. Because our test template is reusable, it can easily perform a test to validate a security design pattern. In an experiment involving four students majoring in information sciences, we confirm that our method can realize an effective test, verify pattern applications, and support pattern implementation.

情報科学国際交流財団 SSR 産学戦略的研究フォーラムにおいて前年度のクラウドセキュリティ＆プライバシメタモデル研究に続き、研究課題「複雑なネットワークソフトウェアシステムにおけるセキュリティ＆プライバシ・エコシステムの調査研究」（代表: 鷲崎弘宜・早稲田大学）が採択されました。期間は1年間です。

国内外の研究組織、ならびに、協賛企業の方々と共同で、前年度の成果を発展応用しつつ、ネットワークソフトウェアシステムの企画から開発、運用に到るライフサイクル中のセキュリティ＆プライバシに関わる様々な成果物や知識等を統合再利用して新たなソフトウェアシステムを進化的に生み出し、またその運用における新たなリスクや攻撃・対策を、当該および他のソフトウェアシステムの企画・開発・運用へ役立てる共存・循環・進化型の「ソフトウェアシステム・セキュリティ＆プライバシ・エコシステム（生態系）」を実現します。

Pablo Alejandro QUEZADA SARMIENTO from GRUPO DE INVESTIGACIÒN : GITE -UTPL joined our lab to proceed with his Ph.D. thesis until middle of August 2016. Welcome!

鷲崎弘宜, “クラウドサービスの開発運用においてセキュリティとプライバシを扱うためのメタモデルと応用”, SSR平成27年度成果報告会, 2016年6月1日

Kiyoshi Honda, Nobuhiro Nakamuray, Hironori Washizaki and Yoshiaki Fukazawa, “Case Study: Project Management Using Cross Project Software Reliability Growth Model,” IEEE International Workshop on Trustworthy Computing, collocated with QRS 2016, Vienna, Austria, August 1-3, 2016 (to appear)

We propose a method to compare software products developed by the same company in the same domain. Our method, which measures the time series of the number of detected faults, employs software reliability growth models (SRGMs). SRGMs describe the relations between faults and the time necessary to detect them. Although several researchers have studied cross project defect predictions to determine defect locations using the features of previous software product’s code such as lines of codes and complexities, past works on SRGMs did not compare products or develop comparison methods. Herein we propose a method to compare SRGMs across products. To provide managers and developers insight on advances of its products, our method is applied to the datasets for nine projects developed by Sumitomo Electric Industries, Ltd. SRGMs based on person hours are between 13% and 97% more precise than those based on calendar time.

Kiyoshi Honda, Nobuhiro Nakamuray, Hironori Washizaki and Yoshiaki Fukazawa, “Case Study: Project Management Using Cross Project Software Reliability Growth Model,” Poster, The 2016 IEEE International Conference on Software Quality, Reliability & Security (QRS 2016)(CORE Rank B), Vienna, Austria, August 1-3, 2016 (to appear)

We propose a method to compare software products developed by the same company in the same domain. Our method, which measures the time series of the number of detected faults, employs software reliability growth models (SRGMs). SRGMs describe the relations between faults and the time necessary to detect them. Although several researchers have studied cross project defect predictions to determine defect locations using the features of previous software product’s code such as lines of codes and complexities, past works on SRGMs did not compare products or develop comparison methods. Herein we propose a method to compare SRGMs across products. To provide managers and developers insight on advances of its products, our method is applied to the datasets for nine projects developed by Sumitomo Electric Industries, Ltd. SRGMs based on person hours are between 13% and 97% more precise than those based on calendar time.