Bio

Marco di Biase is a Researcher at Software Improvement Group in Amsterdam, working with Delft University of Technology in the context of the European SENECA project focusing on software product quality.

Current Research

Software development is all about the product, people, and processes. In this scenario, most projects use code review as a way to improve the final quality of their codebases. Although been proven to be useful, research still lacks knowledge on how it can be effectively applied in real-world scenarios, and how this affects other important parameters in the development phase. By analyzing software products and mining both their review data and linked information about development, the aim is to get a better insight on how code review can affect the product, the people, and the process. Furthermore, the target is to assess if and where the review process has some issues, which are its causes and to what extent this impacts different software metrics.

Publications

• Marco di Biase, Magiel Bruntink, Alberto Bacchelli. A security perspective on code review: The case of Chromium. In Proceedings of SCAM 2016 (16th IEEE International Working Conference on Source Code Analysis and Manipulation), pp. 21-30. 2016

Bio

My name is Davide Spadini and I am 26 years old. I am an Italian PhD student at the University of Technology of Delft and I am currently working as a researcher at SIG in Amsterdam. During my master at Trento and my bachelor in Verona, two beautiful cities in north Italy, I specialized on Distributed Systems and Algorithms. During my master thesis I collaborated with the Hive-Streaming company located in Stocholm, developing a peer-to-peer Peer Sampling Service (PSS). Now, with this project, I am working in the cloud field to understand what can be improved in terms of testing.

Current Research

Mock or Not to Mock
In general software testers need to test classes that include a lot of dependencies. To not rely on these dependencies, which slow down the testing process, devs use mock objects. We want to present a qualitative and quantitave study that investigate how mocks are currently used in open-source projects. We analyze how the usage of mocking frameworks affect test quality and conduct qualitative research to understand why/what/when developers use mocks.

Qualitative study on "Collaborative Testing"
With this research I want to investigate what can be improved in terms of testing in the cloud, especially taking in consideration the aspect of collaboration. I am doing a qualitative research study interviewing developers from various companies, asking how they test in the cloud and which tool they use to collaborate withing their team.

Publications/Events

- Testdag: introduction on "collaborative testing"
- BENEVOL: "Studying the co-evolution of production and testing code in open-source projects that use Mockito"

Bio

Luca Pascarella is a PhD candidate of the European SENECA project. He started his PhD at University Delft University of Technology (TU Delft) in The Netherlands in January 2016. The main focus of his research is how data can help the development of software, especially in the cloud.

Current Research

Researchers are investigating a large number of approaches to support quality of software products. One of the latest deep improvements comes with the practice of Modern Code Review. It is systematic examination aimed to discover mistakes, improve the overall quality of software, and enhance transfer knowledge. Although code review has been proven to be useful in its base nature, some improvements may be applied to enhance the quality of the software and obtain better benefits from that process. In this track, we tackle aspects of the code review and connected topics to improve this process.

Publications

• Classifying code comments in Java open-source software systems

  Luca Pascarella and Alberto Bacchelli
  In Proceedings of MSR 2017 (14th International Conference on Mining Software Repositories), 2017 ACM SIGSOFT Distinguished Paper Award

• Investigating Type Declaration Mismatches in Python

  Luca Pascarella, Achyudh Ram, Azqa Nadeem, Dinesh Bisesser, Norman Knyazev, and Alberto Bacchelli
  In Proceedings of MaLTeSQuE 2018 (Workshop on Machine Learning Techniques for Software Quality Evaluation), 2018

• Re-evaluating Method-Level Bug Prediction

  Luca Pascarella, Fabio Palomba, and Alberto Bacchelli
  In Proceedings of SANER 2018 (25th International Conference on Software Analysis, Evolution and Reengineering), 2018

• Self-Reported Activities of Android Developers

  Luca Pascarella, Franz-Xaver Geiger, Fabio Palomba, Dario Di Nucci, Ivano Malavolta, and Alberto Bacchelli
  In Proceedings of MOBILESoft 2018 (5th IEEE/ACM International Conference on Mobile Software Engineering and Systems), May 27-28 2018 | Gothenburg, Sweden

• A Graph-based Dataset of Commit History of Real-World Android apps

  Franz-Xaver Geiger, Ivano Malavolta, Luca Pascarella, Fabio Palomba, Dario Di Nucci, and Alberto Bacchelli
  In Proceedings of MSR 2018 (15th International Conference on Mining Software Repositories), May 27-28 2018 | Gothenburg, Sweden

• How Is Video Game Development Different from Software Development in Open Source?

  Luca Pascarella, Fabio Palomba, Massimiliano Di Penta, and Alberto Bacchelli
  In Proceedings of MSR 2018 (15th International Conference on Mining Software Repositories), May 27-28 2018 | Gothenburg, Sweden

• Classifying code comments in Java Mobile Applications

  Luca Pascarella
  In Proceedings of MOBILESoft 2018 (5th IEEE/ACM International Conference on Mobile Software Engineering and Systems). Student Research Competition, May 27-28 2018 | Gothenburg, Sweden

Bio

TBD

Current Research

TBD

Publications

TBD

Bio

TBD

Current Research

TBD

Publications

TBD

Bio

Ahmed Zerouali is currently working within the European SENECA project as a Software Researcher at Bitergia. He is a PhD candidate at the University of Mons/Universidad Rey Juan Carlos.

Current Research

Software development practices have evolved quite a lot since the early days of programming. Most software projects today, especially in the open source software community, are using distributed and agile development practices. In addition, heavily rely on reusing external software libraries to realise part of their functionality, rather than needing to implement these functionalities themselves. The goal of this research is to empirically study how software library are used in open source projects, and to recommend improvements in such library usage by providing automated tools to support developers of software projects and software libraries.

Publications

• SATToSE2017: Zerouali, A. Analysis And Observations Of The Evolution Of Testing Library Usage.
• Zerouali, A., and Mens, T. (2017, February). Analyzing the evolution of testing library usage in open source Java projects. In Software Analysis, Evolution and Reengineering (SANER), 2017 IEEE 24th International Conference on (pp. 417-421). IEEE.
• Zerouali, A., and Mens, T. (2017, July). An empirical comparison of the development history of cloudstack and eucalyptus. In Proceedings of the 2017 International Conference on Smart Digital Environment (pp. 116-121). ACM.

Bio

Dorealda Dalipaj is a Researcher and PHD candidate, working within the European SENECA project, at Universidad Rey Juan Carlos, Madrid. For more than 8 years she has been working for ICT companies designing and managing infrastructure projects and ICT solutions, both in Italy and Albania. Her latest position was Lecturer in a private university of Albania, where she collaborated with a NGO ICT institution as Board Member. Her expertise concerns Aplication Development/Support and Technology Planning/Management. Various carried out projects included CMS, LMS and LCMS Systems.

Current Research

When looking at the performance in software development, several parameters are of relevance like effort in development and maintenance, effort in code review, time in fixing errors, time to design and implement new specifications, etc. In the case of a cloud software, where continuous deployment and continuous development are common, time-to-deployment is usually a very important metric. It involves changes to the source code that fix bugs or implement new features. In this research line, we are interested in exploring those metrics, and what impacts them, with the scope of to raising specific indicators that characterize performance in these processes. The reasons that guided the choice is that software product line development is still a time and effort consuming activity, partly due to the complicated mapping between model and implementation.

Publications

• Dorealda Dalipaj, Jesus M. Gonzalez-Barahona, Daniel Izquierdo-Cortazar. Software engineering artifact in software development process – linkage between issues and code review processes. In the Proceedings of the 15th International Conference on Intelligent Software Methodologies, Tools and Techniques (SOMET), 2016. Volume 286 of the series Frontiers in Artificial Intelligence and Applications, pp 115-122.
• Dorealda Dalipaj. A Quantitative Analysis of Performance in the Key Parameter in Code Review – Individuation of Defects. In the Proceedings of the Doctoral Consortium at the 12th International Conference on Open Source Systems (OSS), 2016. In the series Skövde University Studies in Informatics, ISSN ISSN 1653-2325 ; 2016:1, pp 14-24.
• Gema Rodriguez-Perez , Jesus M. Gonzalez-Barahona, Gregorio Robles, Dorealda Dalipaj, Nelson Sekitoleko. BugTracking: A Tool to Assist in the Identification of Bug Reports. In the Proceedings of the 12th International Conference on Open Source Systems - Integrating Communities. Volume 472 of the series IFIP Advances in Information and Communication Technology, pp 192-198.

Bio

Tushar Sharma is currently a researcher and PhD candidate, within the SENECA project, at Athens University of Economics and Business, Athens, Greece. Earlier, he worked with Siemens Research and Technology Center, Bangalore, India for more than 7 years. The topics related to software design, refactoring, code and design quality, technical debt, change impact analysis, and infrastructure as code (IaC) define his career interests. He has co-authored three books including "Refactoring for Software Design Smells: Managing Technical Debt". He is an IEEE senior member.

Current Research

An increasing number of artifacts are now being produced in digital form. Apart from software code, examples include books, ledgers, microchips, 3D printed objects, and films. The quality of an artifact's digital representation can affect both its external quality and the efficiency of associated processes, especially if it is frequently used, reused, or edited. Towards this goal, the fellow is exploring diverse alternatives to propose an internal quality assessment models. Developing a quality model for diverse digital artifacts presents a unique challenge as the model must be applicable to heterogeneous domains yet must handle the intricate domain details affecting the quality of the artifact. Initial exploration has revealed a few alternatives; specifically, quality analysis approach based on cognition, the theory of "order", and statistical inference. The fellow plans to carry out a deep dive comparative study into each of the alternative approaches. Based on the results of the comparison, the fellow plans to focus on one approach, implement corresponding tool support, and perform a detailed evaluation.

Publications

• Tushar Sharma, Marios Fragkoulis, and Diomidis Spinellis. Does your configuration code smell?. In Proceedings of the 13th International Workshop on Mining Software Repositories (MSR '16). ACM, New York, NY, USA, 189-200. DOI=http://dx.doi.org/10.1145/2901739.2901761

Bio

Stefanos Georgiou is a PhD Candidate in SENECA (Software ENineering in Enterprise Cloud Applications) project. In the context of his European Industrial Doctorate (EID) he is expected to conduct his research at AUEB (Athens University of Economics and Business) and TU Deflt (Delft University) as academic partners and with SLG (Singular Logic) as industrial partner. He holds a BSc in Networks and Systems Programming from University of Cyprus and a MSc in PERCCOM (PERvasive Computing and COMmunications for sustainable development), a joint Master Degree from four different Universities (i.e., University of Lorraine, Lappeenranta University of Technology, Lulea University of Technology, and ITMO University of Saint Petersburg). His research interests lie at Green IT, Cloud Computing, Distributed Applications,Big Data Transfer, and IoT (Internet of Things)

Current Research

Nowadays, Cloud Computing is increasingly adopted by many organizations and scientific domains, following the rising demand for internet services. Its evolution is undoubtedly at its peak and many researchers focus on the study and improvement of cloud technologies from different perspectives. However, the data-centers, which are the primary hosts of Cloud systems and applications, are energy hogs and major drivers for IT’s carbon footprint in the atmosphere. In this line, providing energy-efficient development for Cloud systems is of paramount importance to ensure sustainability in terms of their economic and environmental impact. We aim to provide SE (Software Engineering) patterns and techniques in order to reduce energy dissipation of Cloud-based Systems. The researcher has initially conducted an extensive research and literature review in the field of energy efficient software development in order to identify in more detail the research gap to be addressed during this PhD project. The study showed that the problem of code-level optimization techniques to improve energy efficiency is already extensively covered in the literature, due to its relevance with code-level optimization techniques for performance improvement, which is a problem investigated widely by software engineering researchers in the last years. In this line, the PhD student will focus on investigating SAS (Software Architecture Styles) such as: pipeline, map-reduce, micro-services, OOP, SOA, etc., as a means to improve energy consumption of cloud-based software. Each of the SAS choices has its own benefits, although, their trade-offs can vary significantly over energy consumption. To the best of our knowledge, this topic is poorly covered by the literature and there is significant potential on the expected research outcomes.

Publications

TBD

Bio

Antonios Gkortzis is a PhD Candidate at the SENECA (http://senecaproject.github.io/) project. The reasearch topic of this industrial PhD position is "Secure Systems on Cloud Computing Infrastructures" and is offered by the Athens University of Economics and Bussiness, Singular Logic and the King Juan Carlos University. He holds a BSc in Information Technology Engineering from the Alexandreio Technological Educational Institute of Thessaloniki and a Master Degree in Computing Science (Software Engineering and Distributed Systems) from the University of Gronignen. His main research interests are: Cloud Computing, Security, Software Engineering, Software Quality Assurance and Code Analysis.

Current Research

Virtualization is the main software technology used to support the cloud computing model. Its goal is to manipulate a shared pool of configurable computing resources and allow the coexistence of several isolated systems on a single physical machine1. However, virtualization comes with a number of considerations with respect to security. Compared to the bare metal servers, the use of Virtual Machines (VMs) and light-weight Linux containers increases the attack surface of the system since virtualization technologies provide access for multiple services to the same physical resources. A vulnerability exploited in virtualized/contained multi-tenant systems can cause data-leakage, denial-of-service or violation of privacy3 issues to more than one entities. According to a 2015 survey, conducted by the Cloud Security Alliance, Data Security was the highest rated concerns for businesses that were considering to adopt cloud computing services. Several practical and theoretical techniques have been introduced for mitigating the risks, with most of them focusing on securing the traditional virtual machine host and guest environments, however, there is little evidence in the literature on the security characteristics of both hypervisor and container technologies. In this line, this PhD work focuses on the study and analysis of security characteristics of cloud-based systems utilizing hypervisor and container technologies. In particular, the fellow will investigate the security properties of modern micro-services architectures, running in containerized environments and will analyze their operation and security vulnerabilities in complex service ecosystems, where legacy systems and micro-services co-exist.

Publications

A. Gkortzis, S. Rizou, and D. Spinellis. An empirical analysis of vulnerabilities in virtualization technologies. To be published in the proceedings of the 8th IEEE International Conference on Cloud Computing Technology and Science.

Bad process smells in software development repositories

Similar to how "code smells" help to find constructs in source code that could be more error-prone, "process smells" help to detect patterns in software development processes that could lead to errors. To detect them, information is extracted from software development repositories (source code management systems, issues tracking system, code review system, etc.), and analyzed with statistical and other techniques. The detection of these patterns can lead to take early corrective actions, which are very important specially in systems with high time-to- deploy constraints, such as those related to cloud computing.

Quality assurance of software-defined cloud infrastructure

A driving objective within the cloud computing domain is the full automation of the process of deploying software components onto the underlying computing infrastructure. For example, the "software-defined data center" is a vision where all IT infrastructure components are virtualized and available as services. The deployment of software systems is then a fully automated process, defined in software that brings together the necessary virtual infrastructure components as well as the application components to provision a complete IT system. New tools and languages are under active development to support this vision. The aim of this research is to extend quality assurance techniques available for "traditional" software components to software-defined infrastructure components. For example, techniques for reviewing, testing, and measurement must be rethought, redeveloped, and revalidated to allow assurance of reliability, maintainability, security, portability, etc. specifically on the software that defines cloud infrastructure components and deployment processes.

Characterization of performance in key parameters of software development

Key performance indicators are used by the industry to make decisions. In the specific case of software development, it is also necessary to have this type of indicators to help third parties interested in investing resources/participating or fostering the use of specific technologies, to fully understand the risks associated to that product. This is even more marked in the case of open source projects, where development may be community or company driven and third parties contribute to the source code. Thus, the raise of specific indicators for software development and more specifically in open source projects, will help to facilitate the decision process for stakeholders and improve the attractiveness of those projects offering such information to those stakeholders.

Impact of code review in cloud computing development

Most large software development projects use code review to improve the quality of the code changes merged to the main code base. Yet, little is known on how this process affects to important parameters of development and deployment processes. By analyzing code review repositories, and other repositories with information about development and deployment, we expect to better understand how code review affects to the whole development and deployment process, when bottlenecks are caused, when unnecessary delays are found, how expensive code review is in terms of impact on different metrics, and to which extent it has an overall positive impact.

Improving cloud-related testing practices

Software engineering is a team effort: Sometimes even hundreds of professionals collaborate to devise, build, evaluate, and modify a software system. To support teamwork in software development, industry is creating new integrated development environments (IDEs) in the cloud, which offers a better platform for synchronous development. The current state of the practice is to have a sort of “Google Docs for code.” The aim of this research is to investigate how to use cloud-based IDEs to improve testing practices. Specifically, it will qualitatively and quantitatively investigate how testing is currently performed in cloud-based IDEs. Then it will investigate how to reuse test run information across developers, to better link tests and program components. This will help, for example, to eliminate the unnecessary time spent in the same tests on the same code, thus reducing the time to check the quality of software systems, and—consequently—the development life cycle.

Data driven development software in cloud-related software development projects

The main goal of this line is to define a method to help developers to obtain indicators about how the software development is being undertaken. Typical methods are focused on the quality of the product and its evolution, but not in the community around the product and how developers interact among them. This method should specifically help open source projects to understand, measure and improve their software development process. Once this process will be driven by metrics, it will help, for example, to avoid issues, to detect specific deviations from the arranged issue tracking system policy, and to check the health of the demographics of the community among other facts. This data driven development can lead to faster decision-making process especially in continuous deployment contexts, such as in industries related to cloud computing.

Configuration management and administration of cloud computing systems

Currently cloud computing systems are in the Cambrian explosion phase programming languages and processor architectures were at the dawn of computing. Tens of cloud providers offer services under a variety of models, with their systems requiring configuration and administration in disparate ways. This is the expected outcome of rapid innovation in a new era, but it has costs. Systems and skills built associated with each provider lack portability tying them to a specific one, while the market's fragmentation increases costs and undermines the ability to innovate at higher levels of the infrastructure stack. The aim of the proposed research is to identify the high-level portable building blocks that can be used for building and managing computing systems on the cloud in a way that satisfies sound software engineering principles. These blocks include processes, tools, and techniques for achieving appropriate levels of functionality, reliability, usability, efficiency, maintainability, and portability.

Energy-efficiency of cloud computing systems

Energy consumption attributable to IT systems is significant and increasing at an alarming rate. Decades of resource-agnostic development of software systems have contributed to this trend. Ongoing improvements of energy-efficiency at the hardware and data center level threaten to be canceled out by wasteful software. Cloud computing has been identified as a development that may help to curb this trend, but naive use of cloud infrastructures may actually have the opposite effect, for instance due to increased data traffic, insufficient elasticity, or additional virtualization layers. The aim of this research is to provide software engineers with techniques to measure energy consumption, identify energy leaks, and optimize consumption without compromising competing quality attributes such as performance and reliability. These techniques enable the cloud to realize its energy-saving potential.

Secure systems on cloud computing infrastructures

A basic tenet of IT security is that if an attacker has access to the physical assets of a computing system all bets are off regarding the confidentiality, integrity, and availability associated with the services it provides. This need not be so. It has been for decades a theoretical possibility and a practical reality to communicate reliably over noisy channels, and to perform accurate computations with unreliable building blocks. Recent theoretical advances suggest that performing secure computations on insecure infrastructures is also possible. The aim of this research is to develop and combine theory and practice that will allow the construction of secure systems on top on an inherently insecure cloud computing infrastructure. On the theoretical front the research will explore the limits of what levels of security guarantees can be provided given specific adversary capabilities, while on the practical front the research will examine how these guarantees can be implemented in the form of useful building blocks.