Du kan finne mer informasjon på min engelske profilside.
Emneord:
Det digitale samfunn,
DigiTech
Publikasjoner
-
-
Akbarzadeh, Aida; Chockalingam, Sabarathinam; Ramaj, Xhesika; Amro, Lama Mohammad Saed; Sanchez Gordon, Mary Luz & Gkioulos, Vasileios
[Vis alle 10 forfattere av denne artikkelen]
(2024).
Workshop on Cybersecurity of Critical Infrastructures,
Privacy and Identity Management. Sharing in a Digital World.
Springer Nature.
ISSN 978-3-031-57978-3.
s. 325–339.
doi:
10.1007/978-3-031-57978-3_21.
Vis sammendrag
This paper reports the presentation and discussion during the Cybersecurity of Critical Infrastructures workshop organized as a part of the 18 th IFIP Summer School on Privacy and Identity Management. Furthermore, this paper also pointed to several promising future research directions. This workshop was primarily aimed at empowering PhD candidates, MSc students, and early-career researchers with insights into Critical Infrastructure (CI) security. The workshop provided participants with guidance on navigating the intricacies of safeguarding CIs, such as those in the energy and oil and gas sectors. It encompasses various aspects, from familiarizing participants with cybersecurity standards and frameworks to understanding tools and approaches that adversaries might leverage to target a system. Additionally, it also addresses how to mitigate socio-legal implications and security issues, particularly in relation to human factors. This initiative embraced a holistic approach to cybersecurity education, covering vital components like rigorous risk management, comprehensive cybersecurity training and awareness programs. This in turn would equip participants with some essential knowledge and skills to fortify critical operations against the ever-evolving cyber threat landscape.
-
Ramaj, Xhesica; Sánchez-Gordón, Mary; Colomo-Palacios, Ricardo & Gkioulos, Vasileios
(2024).
Training and Security Awareness Under the Lens of Practitioners: A DevSecOps Perspective Towards Risk Management.
I Moallem, Abbas (Red.),
HCI for Cybersecurity, Privacy and Trust: 6th International Conference, HCI-CPT 2024, Held as Part of the 26th HCI International Conference, HCII 2024, Washington, DC, USA, June 29–July 4, 2024, Proceedings, Part II.
Springer Nature.
ISSN 978-3-031-61381-4.
s. 84–97.
doi:
10.1007/978-3-031-61382-1_6.
-
Waqas, Muhammad; Ali, Zohaib; Sánchez-Gordón, Mary & Holone, Monica Kristiansen
(2024).
Using LowCode and NoCode Tools in DevOps: A Multivocal Literature Review.
I Mejia, Jezreel; Muñoz, Mirna; Alvaro, Rocha; Hernández Pérez, Yasmin & Avila-George, Himer (Red.),
New Perspectives in Software Engineering.
Springer Nature.
ISSN 978-3-031-50589-8.
s. 71–87.
doi:
https:/doi.org/10.1007/978-3-031-50590-4_5.
-
Sánchez-Gordón, Mary; Colomo-Palacios, Ricardo; Guevara-Vega, Cathy & Quiña-Mera, Antonio
(2023).
The Effect of Stereotypes on Perceived Competence of Indigenous Software Practitioners: A Professional Photo.
arXiv.org.
ISSN 2331-8422.
doi:
10.48550/arXiv.2308.14695.
-
Sánchez-Gordón, Mary; Sanchez-Gordon, Sandra & Colomo-Palacios, Ricardo
(2023).
A Perspective on the Role of Human Behaviors in Software Development: Voice and Silence.
arXiv.org.
ISSN 2331-8422.
doi:
10.48550/arXiv.2304.12903.
-
Sánchez-Gordón, Mary; Tovar, Edmundo; Colomo-Palacios, Ricardo; Piedra, Nelson & Castro, Manuel
(2023).
Educating Augmented Programmers.
Computer.
ISSN 0018-9162.
56(12),
s. 100–104.
doi:
10.1109/MC.2023.3313325.
-
Esnoul, Coralie; Sanchez Gordon, Mary Luz; Jee, Eunkyoung; Colomo-Palacios, Ricardo; Chockalingam, Sabarathinam & Simensen, John Eidar
[Vis alle 7 forfattere av denne artikkelen]
(2023).
Report on the 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS - 2023).
Software engineering notes.
ISSN 0163-5948.
48(4),
s. 41–45.
doi:
10.1145/3617946.3617954.
Vis sammendrag
Critical Infrastructures (CIs) are vital for modern societies, encompassing diverse sectors such as healthcare, banking, emergency services, energy, water distribution, oil and gas, and transportation. Over time, these CIs have become increasingly reliant on technology to ensure their seamless operations. The reliable and secure operation of these CIs holds paramount importance for a nation's economy and the well-being of society. This paper presents the findings and discussions from the 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS - 2023). The main purpose of this EnCyCriS workshop is to collect contributions from practitioners and researchers working on challenges and solutions for engineering and cybersecurity of critical systems in the Fourth Revolution (4IR). The 2023 edition has accepted and presented six papers. In addition, there was a keynote talk from a Senior Research Scientist in safety and security of digital technologies within safety critical industries in addition to an open discussion about the "Future of IT and OT". This workshop was co-located with the 45th International Conference on Software Engineering (ICSE - 2023), which took place on 20th May 2023.
-
Ramaj, Xhesika; Colomo-Palacios, Ricardo; Sanchez Gordon, Mary Luz & Gkioulos, Vasileios
(2023).
Towards a DevSecOps-Enabled Framework for Risk Management of Critical Infrastructures.
I Yilmaz, Murat; Clarke, Paul; Riel, Andreas & Messnarz, Richard (Red.),
Systems, Software and Services Process Improvement: 30th European Conference, EuroSPI 2023, Grenoble, France, August 30 – September 1, 2023, Proceedings, Part I.
Springer Publishing Company.
ISSN 978-3-031-42306-2.
s. 47–58.
doi:
10.1007/978-3-031-42307-9_4.
-
Kvalvik, Petter; Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2023).
What Does Data Valuation Literature Tell Us About Methods and Dimensions? Implications for City Data Marketplaces.
I Sætra, Henrik Skaug (Red.),
Technology and Sustainable Development: The Promise and Pitfalls of Techno-Solutionism.
Routledge.
ISSN 978-1-032-35056-1.
s. 215–228.
doi:
10.1201/9781003325086-16.
-
Khakpour, Alireza; Colomo-Palacios, Ricardo; Martini, Antonio & Sánchez-Gordón, Mary
(2023).
The Use of Domain-Specific Languages for Visual Analytics: A Systematic Literature Review.
Technologies.
ISSN 2227-7080.
11(2).
doi:
10.3390/technologies11020037.
Fulltekst i vitenarkiv
Vis sammendrag
Visual Analytics (VA) is a multidisciplinary field that requires various skills including but not limited to data analytics, visualizations, and the corresponding domain knowledge. Recently, many studies proposed creating and using Domain-Specific Languages (DSLs) for VA in order to abstract complexities and assist designers in developing better VAs for different data domains. However, development methods and types of DSLs vary for different applications and objectives. In this study, we conducted a systematic literature review to overview DSL methods and their intended applications for VA systems. Moreover, the review outlines the benefits and limitations of each of these methods. The aim is to provide decision support for both the research and development communities
to choose the most compatible approach for their application. We think the communication of this research delivers a broad figure of previous relevant research and assists with the transfer and adaptation of the results to other domains.
-
Oruma, Samson Ogheneova; Sánchez-Gordón, Mary; Colomo-Palacios, Ricardo; Gkioulos, Vasileios & Hansen, Joakim Klevmo
(2022).
A Systematic Review on Social Robots in Public Spaces: Threat Landscape and Attack Surface.
Computers.
ISSN 2073-431X.
11(12).
doi:
10.3390/computers11120181.
Fulltekst i vitenarkiv
-
Matthies, Christoph; Sánchez-Gordón, Mary; Jørgensen, Jens Bæk & Prechelt, Lutz
(2022).
"Communication Is a Scarce Resource!'': A Summary of CHASE'22 Conference Discussions.
arXiv.org.
ISSN 2331-8422.
doi:
10.48550/arXiv.2207.00054.
Vis sammendrag
Background: Software Engineering regularly views communication between project participants as a tool for solving various problems in software development. Objective: Formulate research questions in areas related to CHASE. Method: A day-long discussion of five participants at the in-person day of the 15th International Conference on Cooperative and Human Aspects of Software Engineering (CHASE 2022) on May 23rd 2022. Results: It is not rare in industrial SE projects that communication is not just a tool or technique to be applied but also represents a resource, which, when lacking, threatens project success. This situation might arise when a person required to make decisions (especially regarding requirements, budgets, or priorities) is often unavailable. It may be helpful to frame communication as a scarce resource to understand the key difficulty of such situations. Conclusion: We call for studies that focus on the allocation and management of scarce communication resources of stakeholders as a lens to analyze software engineering projects.
-
-
Ramaj, Xhesika; Sanchez Gordon, Mary Luz; Gkioulos, Vasileios; Chockalingam, Sabarathinam & Colomo-Palacios, Ricardo
(2022).
Holding on to Compliance While Adopting DevSecOps: An SLR.
Electronics.
ISSN 2079-9292.
11(22),
s. 1–19.
doi:
10.3390/electronics11223707.
Fulltekst i vitenarkiv
Vis sammendrag
The software industry has witnessed a growing interest in DevSecOps due to the premises of integrating security in the software development lifecycle. However, security compliance cannot be disregarded, given the importance of adherence to regulations, laws, industry standards, and frameworks. This study aims to provide an overview of compliance aspects in the context of DevSecOps and explore how compliance is ensured. Furthermore, this study reveals the trends of compliance according to the extant literature and identifies potential directions for further research in this context. Therefore, we carried out a systematic literature review on the integration of compliance aspects in DevSecOps, which rigorously followed the guidelines proposed by Kitchenham and Charters. We found 934 articles related to the topic by searching five bibliographic databases (163) and Google Scholar (771). Through a rigorous selection process, we selected 15 papers as primary studies. Then, we identified the compliance aspects of DevSecOps and grouped them into three main categories: compliance initiation, compliance management, and compliance technicalities. We observed a low number of studies; therefore, we encourage further efforts into the exploration of compliance aspects, their automated integration, and the development of metrics to evaluate such a process in the context of DevSecOps.
-
Rafi, Saima; Akbar, Muhammad Azeem; Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2022).
DevOps Practitioners’ Perceptions of the Low-code Trend.
I Madeiral, Fernanda; Lassenius, Casper; Conte, Tayana & Männistö, Tomi (Red.),
Proceedings of the 16th ACM / IEEE International Symposium on Empirical Software Engineering and Measurement.
Association for Computing Machinery (ACM).
ISSN 978-1-4503-9427-7.
s. 301–306.
doi:
https:/doi.org/10.1145/3544902.3546635.
Vis sammendrag
Background: DevOps is currently one of the main trends in software development. Low-Code is also an emerging tendency that, combined with DevOps, may offer significant value to software businesses by improving the process. However, how DevOps practices and low-code are combined is little known. Aim: This study aims to understand the practitioner's perspectives on low-code trends. Method: Twelve interviews with IT professionals who deal with low-code in the context of DevOps were conducted. Then, a grounded theory approach was used to theme the interview quotes into emergent categories. Results: The main result of this exploratory study reveals that such an approach is the most common response to the skill shortages of software professionals. Conclusion: This study suggests the emergence of DevOps and low-code could significantly contribute to the development of quality products with low-cost and time.
-
Demi, Selina; Colomo-Palacios, Ricardo; Sánchez-Gordón, Mary; Velasco, Carlos & Cano, Ramón
(2022).
A Neural Blockchain for Requirements Traceability: BC4RT Prototype.
I Yilmaz, Murat; Clarke, Paul; Messnarz, Richard & Wöran, Bruno (Red.),
Systems, Software and Services Process Improvement: 29th European Conference, EuroSPI 2022, Proceedings.
Springer.
ISSN 978-3-031-15559-8.
s. 45–59.
doi:
https:/doi.org/10.1007/978-3-031-15559-8_4.
-
Ramaj, Xhesika; Sánchez-Gordón, Mary; Chockalingam, Sabarathinam & Colomo-Palacios, Ricardo
(2022).
Unveiling the Safety Aspects of DevSecOps: Evolution, Gaps and Trends.
Recent Advances in Computer Science and Communications.
ISSN 2666-2558.
doi:
10.2174/2666255816666220804143918.
Vis sammendrag
Background: The popularity of DevSecOps is on the rise because it promises to integrate a greater degree of security into software delivery pipelines. However, there is also an unacceptable risk related to safety that cannot be overlooked, given the importance of this aspect in many industries.
Objective: The objective of this study is to provide an overview of the safety aspects reported in the literature on DevSecOps. This study also characterizes such aspects and identifies the gaps that may lead to future research work.
Method: A systematic literature review was conducted using five well-known academic databases. The search was executed in September 2021 and March 2022 to identify relevant studies.
Results: The search returned 114 academic studies. After the screening process, five primary studies published between 2019 and 2021 were selected. These studies were analyzed thoroughly to identify the safety aspects. Then, we categorized them into three main groups: (i) risk-related safety aspects, (ii) human-related aspects, and (iii) management aspects.
Conclusion: Safety is an important characteristic that is becoming more critical as the number of critical systems grows. This review reveals that only a scarce number of studies are focusing on safety in DevSecOps. However, those studies gave us some insights into this topic. Therefore, our main observation is that this topic has not yet been completely explored in the academic literature. This review can encourage reflection and discussion between the safety and security communities.
-
-
-
Mendoza-González, Ricardo; Luján-Mora, Sergio; Otón-Tortosa, Salvador; Sánchez-Gordón, Mary; Rodríguez-Díaz, Mario Alberto & Reyes-Acosta, Ricardo Emmanuel
(2022).
Guidelines to Establish an Office of Student Accessibility Services in Higher Education Institutions.
Sustainability.
ISSN 2071-1050.
14(5).
doi:
10.3390/su14052635.
Fulltekst i vitenarkiv
Vis sammendrag
The objective of this paper is to propose a set of guidelines to establish an office of Student Accessibility Services (SAS) in Higher Education Institutions (HEIs). The proposed guidelines help to integrate disjointed knowledge to facilitate its interpretation and implementation during deployment of basic support services in favor of students with disability. These guidelines can help to mitigate complexity in providing SAS for the first time in HEIs. These guidelines cover both the design and implementation of an office of SAS and its management. Knowledge was found through a multivocal literature review (MLR), which allowed to capture not only academic approaches but also vantage points and experiences from practice. Key concepts and aspects were organized into eight components (five related to the design and implementation, and three associated with the management context). An expert appraisal method was used as a proof of concept, which complemented a previously performed preliminary implementation example. Obtained results demonstrated the pertinence of the conceptual proposal and confirmed guidelines capability for full implementation in a real-world scenario.
-
Timbi-Sisalima, Cristian; Sánchez-Gordón, Mary; Hilera-González, José Ramón & Otón-Tortosa, Salvador
(2022).
Quality Assurance in E-learning: A Proposal from Accessibility to Sustainability.
Sustainability.
ISSN 2071-1050.
14(5).
doi:
10.3390/su14053052.
Fulltekst i vitenarkiv
Vis sammendrag
Given the importance of developing and offering accessible education for all, indispensable aspects of education for sustainable development (ESD) are needed. This study addresses that need by proposing a quality self-assessment for virtual education from an accessibility perspective. This proposal is based on previous literature about quality assurance in e-learning that considered accessibility and its application in the field of higher education. The bibliographic review was conducted by following Multivocal Literature Review (MLR) guidelines. The initial search returned 999 items from 5 academic databases and 32,200 professional sources from Google. After reviewing the sources, 37 of them were included. Then, the accessibility criteria were identified and integrated into an evaluation model. Such a model is divided into four dimensions: (1) organization, (2) student body, (3) teaching, and (4) infrastructure. The model also includes a set of standards (16), requirements (48), and evidence (63) that apply to each dimension. Moreover, self-assessment guidelines for accessible virtual education were proposed. They included a conceptual and theoretical framework, a self-assessment model, and a methodology for applying the model. The methodology included five phases: planning, model tuning or refinement of the model, evaluation, results, and continuous improvement. As future work, the implementation and validation of the guidelines will be carried out.
-
Rijal, Laxmi; Colomo-Palacios, Ricardo & Sánchez-Gordón, Mary
(2022).
AIOps: A Multivocal Literature Review.
I Misra, Sanjay; Tyagi, Amit Kumar; Piuri, Vincenzo & Garg, Lalit (Red.),
Artificial Intelligence for Cloud and Edge Computing.
Springer.
ISSN 978-3-030-80820-4.
s. 31–50.
doi:
https:/doi.org/10.1007/978-3-030-80821-1_2.
-
Sandeep, R.C.; Sánchez-Gordón, Mary; Colomo-Palacios, Ricardo & Kristiansen, Monica Lind
(2022).
Effort Estimation in Agile Software Development: A Exploratory Study of Practitioners’ Perspective.
I Przybyłek, Adam; Jarzębowicz, Aleksander; Luković, IVan & Ng, Yen Ying (Red.),
Lean and Agile Software Development: 6th international conference, LASD 2022, virtual event, January 22, 2022, proceedings.
Springer.
ISSN 978-3-030-94237-3.
s. 136–149.
doi:
https:/doi.org/10.1007/978-3-030-94238-0_8.
-
Ingavélez‑Guerra, Paola; Otón‑Tortosa, Salvador; Hilera‑González, José & Sánchez-Gordón, Mary
(2021).
The use of accessibility metadata in e‑learning environments:
a systematic literature review.
Universal Access in the Information Society.
ISSN 1615-5289.
22(2),
s. 445–461.
doi:
10.1007/s10209-021-00851-x.
Fulltekst i vitenarkiv
-
Demi, Selina; Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2021).
A Blockchain-enabled Framework for Requirements Traceability.
I Yilmaz, Murat; Clarke, Paul & Messnarz, Richard (Red.),
Systems, Software and Services Process Improvement: 28th European Conference, EuroSPI 2021, Proceedings.
Springer.
ISSN 978-3-030-85520-8.
s. 3–13.
doi:
https:/doi.org/10.1007/978-3-030-85521-5_1.
-
Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2021).
A Framework for Intersectional Perspectives in Software Engineering.
I Hoda, Rashina & Fagerholm, Fabian (Red.),
2021 IEEE/ACM 13th International Workshop on Cooperative and Human Aspects of Software Engineering: CHASE 2021: [Proceedings].
IEEE (Institute of Electrical and Electronics Engineers).
ISSN 978-1-6654-1409-8.
s. 121–122.
doi:
10.1109/CHASE52884.2021.00025.
-
Sánchez-Gordón, Mary; Colomo-Palacios, Ricardo & Mendoza-González, Ricardo
(2021).
Design Thinking in Practice.
IT Professional Magazine.
ISSN 1520-9202.
23(4),
s. 95–100.
doi:
10.1109/MITP.2020.2993113.
Vis sammendrag
Technology companies are under enormous pressure to remain competitive. In this situation, the time it takes to reach the market for an innovative idea about a product or service is crucial. Large corporations in the IT industry, such as SAP, Google, IBM, Microsoft, Apple, and startups acknowledge that Design Thinking (DT)-along with other approaches-is one promising avenue to become more innovative and helps to accelerate the process. This article presents a brief overview of DT as well as what, in practice, technology companies are actually implementing under the rubric of “Design Thinking” and the challenges reported on a survey conducted among professionals in this field.
-
Demi, Selina; Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2021).
What have we learnt from the challenges of (semi-) automated requirements traceability? A discussion on blockchain applicability.
IET Software.
ISSN 1751-8806.
15(6),
s. 391–411.
doi:
10.1049/sfw2.12035.
Fulltekst i vitenarkiv
Vis sammendrag
Over the last 3 decades, researchers have attempted to shed light into the requirements traceability problem by introducing tracing tools, techniques, and methods with the vision of achieving ubiquitous traceability. Despite the technological advances, requirements traceability remains problematic for researchers and practitioners. This study aims to identify and investigate the main challenges in implementing (semi-)automated requirements traceability, as reported in the recent literature. A systematic literature review was carried out based on the guidelines for systematic literature reviews in software engineering, proposed by Kitchenham. We retrieved 4530 studies by searching five major bibliographic databases and selected 70 primary studies. These studies were analysed and classified according to the challenges they present and/or address. Twenty-one challenges were identified and were classified into five categories. Findings reveal that the most frequent challenges are technological challenges, in particular, low accuracy of traceability recovery methods. Findings also suggest that future research efforts should be devoted to the human facet of tracing, to explore traceability practices in organisational settings, and to develop traceability approaches that support agile and DevOps practices. Finally, it is recommended that researchers leverage blockchain technology as a suitable technical solution to ensure the trustworthiness of traceability information in interorganisational software projects.
-
Demi, Selina; Colomo-Palacios, Ricardo & Sánchez-Gordón, Mary
(2021).
Software Engineering Applications enabled by Blockchain Technology: A Systematic Mapping Study.
Applied Sciences.
ISSN 2076-3417.
11(7).
doi:
10.3390/app11072960.
Fulltekst i vitenarkiv
Vis sammendrag
The novel, yet disruptive blockchain technology has witnessed growing attention, due to
its intrinsic potential. Besides the conventional domains that benefit from such potential, such as
finance, supply chain and healthcare, blockchain use cases in software engineering have emerged
recently. In this study, we aim to contribute to the body of knowledge of blockchain-oriented software
engineering by providing an adequate overview of the software engineering applications enabled by
blockchain technology. To do so, we carried out a systematic mapping study and identified 22 primary
studies. Then, we extracted data within the research type, research topic and contribution type facets.
Findings suggest an increasing trend of studies since 2018. Additionally, findings reveal the potential
of using blockchain technologies as an alternative to centralized systems, such as GitHub, Travis
CI, and cloud-based package managers, and also to establish trust between parties in collaborative
software development. We also found out that smart contracts can enable the automation of a variety
of software engineering activities that usually require human reasoning, such as the acceptance
phase, payments to software engineers, and compliance adherence. In spite of the fact that the field
is not yet mature, we believe that this systematic mapping study provides a holistic overview that
may benefit researchers interested in bringing blockchain to the software industry, and practitioners
willing to understand how blockchain can transform the software development industry.
-
Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2021).
Managing software development risk: Risks of introducing the role of agile coach – a multivocal literature review.
I Engemann, Kurt J. & O'Connor, Rory V. (Red.),
Project Risk Management: Managing Software Development Risk.
Walter de Gruyter (De Gruyter).
ISSN 978-3-11-064823-2.
s. 25–47.
doi:
10.1515/9783110652321-003.
Vis sammendrag
Managing risk is essential for every organization. However, significant opportunities may be lost by concentrating on the negative aspects of risk without bearing in mind the positive attributes. The objective of Project Risk Management: Managing Software Development Risk is to provide a distinct approach to a broad range of risks and rewards associated with the design, development, implementation and deployment of software systems.
The traditional perspective of software development risk is to view risk as a negative characteristic associated with the impact of potential threats. The perspective of this book is to explore a more discerning view of software development risks, including the positive aspects of risk associated with potential beneficial opportunities. A balanced approach requires that software project managers approach negative risks with a view to reduce the likelihood and impact on a software project, and approach positive risks with a view to increase the likelihood of exploiting opportunities.
Project Risk Management: Managing Software Development Risk explores software development risk both from a technological and business perspective. Issues regarding strategies for software development are discussed and topics including risks related to technical performance, outsourcing, cybersecurity, scheduling, quality, costs, opportunities and competition are presented. Bringing together concepts across the broad spectrum of software engineering with a project management perspective, this volume represents both a professional and scholarly perspective on the topic.
Separates risk into two viewpoints: Positive Risk - an opportunity to the project – and Negative Risk - a threat to the project, which is a unique approach.
-
Sánchez-Gordón, Mary
(2021).
Connecting the Dots Between Human Factors and Software Engineering.
I Peña Pérez Negrón, Adriana & Muñoz, Mirna (Red.),
Latin American Women and Research Contributions to the IT Field.
IGI Global.
ISSN 9781799875529.
s. 263–279.
doi:
10.4018/978-1-7998-7552-9.ch012.
-
Lie, Martin Forsberg; Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2020).
DevOps in an ISO 13485 regulated environment: A multivocal literature review.
International Symposium on Empirical Software Engineering and Measurement.
ISSN 1949-3770.
doi:
10.1145/3382494.3410679.
-
-
Lie, Martin Forsberg; Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2020).
DevOps in an ISO 13485 Regulated Environment: A Multivocal
Literature Review.
I Baldassarre, Teresa & Lanubile, Filippo (Red.),
Proceedings of the 14th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement.
Association for Computing Machinery (ACM).
ISSN 978-1-4503-7580-1.
doi:
https:/doi.org/10.1145/3382494.3410679.
-
Sánchez-Gordón, Mary; Rijal, Laxmi & Colomo-Palacios, Ricardo
(2020).
Beyond Technical Skills in Software Testing: Automated versus Manual Testing.
I Rothermel, Gregg & Bae, Doo-Hwan (Red.),
ICSEW'20: Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops.
ACM Publications.
ISSN 978-1-4503-7963-2.
s. 161–164.
doi:
https:/doi.org/10.1145/3387940.3392238.
-
Demi, Selina; Colomo-Palacios, Ricardo; Johansen, Stig Henning & Sánchez-Gordón, Mary
(2020).
Mapping human values and scrum roles: a study on students' preferences.
I Rothermel, Gregg & Bae, Doo-Hwan (Red.),
ICSEW'20: Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops.
ACM Publications.
ISSN 978-1-4503-7963-2.
s. 570–576.
doi:
https:/doi.org/10.1145/3387940.3391467.
Vis sammendrag
Despite the long tradition on the study of human values, the impact of this field in the software engineering domain is rarely studied. To these regards, this study focuses on applying human values to agile software development process, more specifically to scrum roles. Thus, the goal of the study is to explore possible associations between human values and scrum roles preferences among students. Questionnaires are designed by employing the Short Schwartz's Value Survey and are distributed among 57 students. The results of the quantitative analysis process consisting of descriptive statistics, linear regression models and Pearson correlation coefficients, revealed that values such as power and self-direction influence the preference for the product owner role, the value of hedonism influences the preference for scrum masters and self-direction is associated with team members' preference.
-
Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2020).
Security as Culture: A Systematic Literature Review of DevSecOps.
I Rothermel, Gregg & Bae, Doo-Hwan (Red.),
ICSEW'20: Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops.
ACM Publications.
ISSN 978-1-4503-7963-2.
s. 266–269.
doi:
https:/doi.org/10.1145/3387940.3392233.
-
Sánchez-Gordón, Mary; Colomo-Palacios, Ricardo; Sanchez, Alex & Sanchez-Gordon, Sandra
(2020).
Integrating Approaches in Software Development: A Case Analysis in a Small Software Company.
I Yilmaz, Murat; Niemann, J.; Clarke, Paul & Messnarz, Richard (Red.),
Systems, Software and Services Process Improvement.
Springer.
ISSN 978-3-030-56440-7.
s. 95–106.
doi:
https:/doi.org/10.1007/978-3-030-56441-4_7.
-
Sanchez-Gordon, Sandra; Luján-Mora, Sergio & Sánchez-Gordón, Mary
(2020).
E-Government Accessibility in Ecuador: A Preliminary Evaluation.
I Terán, Luis; Pincay, Jhonny & Portmann, Edy (Red.),
2020 Seventh International Conference on eDemocracy & eGovernment (ICEDEG)
.
IEEE (Institute of Electrical and Electronics Engineers).
ISSN 978-1-7281-5882-2.
s. 50–57.
doi:
10.1109/ICEDEG48599.2020.9096766.
Vis sammendrag
The National Council for Equal Disabilities of Ecuador reports that there are 471,020 citizens with disabilities registered in the country. This represents the 2.75% of the population. From them, 290,148 are adult citizens who are potential beneficiaries of accessible public websites. In 2016, the Ecuadorian Institute for Standardization published the Ecuadorian technical regulation RTE INEN 288 that applies to web content published on public and private Ecuadorian websites that provide public services. The regulation establishes that the level of conformity A of the Web Content Accessibility Guidelines (WCAG) version 2.0 must have been fully satisfied by 2018 and the level AA should be complied by August 2020. Soon, this regulation should be updated to the current version 2.1 published in June 2018. This study presents the results of a preliminary evaluation carried out with a sample of the five most visited Ecuadorian e-Government websites that provide online services to citizens. Two automated web accessibility evaluation tools were used: WAVE and Cynthia Says. The results reveal that all the evaluated websites have accessibility issues and fail to comply with the Ecuadorian regulation. The three most recurrent accessibility errors were a lack of alternative texts (WCAG Success Criteria 1.1.1 Non-text Content, Level A) and empty links (WCAG Success Criteria 2.4.4 Link Purpose, Level A). Overall, 74.8% of the issues found corresponded to Level A while 25.2% corresponded to Level AA.
-
Castillo-Salinas, Luis; Sanchez-Gordon, Sandra; Villarroel-Ramos, Jorge & Sánchez-Gordón, Mary
(2020).
Evaluation of the implementation of a subset of ISO/IEC 29110 software implementation process in four teams of undergraduate students of Ecuador. An empirical software engineering experiment.
Computer Standards & Interfaces.
ISSN 0920-5489.
70.
doi:
10.1016/j.csi.2020.103430.
Vis sammendrag
The competitiveness of software development companies depends on their ability to offer software products with quality attributes within approved budget and schedule. Most Very Small Entities (VSEs) that develop software do not see the benefits of implementing software standards. Consequently, they limit their potential to be recognised as quality software development entities. In this study, the authors present results obtained through the application of empirical software engineering in an experiment in which the ISO/IEC TR 29110–5–1–2 “Software engineering – Lifecycle profiles for Very Small Entities (VSEs) – Part 5–1–2: Management and engineering guide: Generic profile group: Basic profile” was used. The guide includes two processes: Project Management (PM) process and Software Implementation (SI) process. The objective of the project was the development of a software product for the scheduling of medical appointments for the Student Wellness Center of a university of Ecuador. Four teams of undergraduate students were involved. Two of them (controlled teams) implemented a subset of the SI process, while the other two (non-controlled teams) had freedom to choose development activities that were subsequently mapped with the activities of the standard. All teams developed the software product using the SCRUM framework within the same timeframe. Although the experiment was focused on the SI process, the teams also used a tailored version of the PM process defined by the professors. The experiment execution encountered several difficulties. For example, the timeframe of six weeks established in the design of the experiment was too short since students worked part time in the project. All the teams experienced this difficulty, especially when they had to construct and test the software components. Overall, the teams that used the ISO/IEC TR 29110–5–1–2 guide achieved better scores in the quality evaluation of their software processes.
-
Otón Tortosa, Salvador; Ingavélez-Guerra, Paola Cristina; Sanchez-Gordon, Sandra & Sánchez-Gordón, Mary
(2020).
Evolution of Accessibility Metadata in Educational Resources.
I Mendoza-González, Ricardo; Luna-García, Huizilopoztli & Mendoza-González, Alfredo (Red.),
UXD and UCD Approaches for Accessible Education.
IGI Global.
ISSN 9781799823254.
s. 1–20.
doi:
10.4018/978-1-7998-2325-4.ch001.
-
Khakpour, Alireza; Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2020).
What We Know About the Greenability of Reality Technologies: A Systematic Literature Review.
I Vanessa, Ratten (Red.),
Entrepreneurship and Organizational Change.
Springer Nature.
ISSN 978-3-030-35414-5.
s. 89–113.
doi:
https:/doi.org/10.1007/978-3-030-35415-2_5.
-
Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2019).
Developing SPI culture in the SME arena: An exploratory study.
I Walker, Alistair; O'Connor, Rory V. & Messnarz, Richard (Red.),
Systems, Software and Services Process Improvement.
Springer.
ISSN 978-3-030-28004-8.
s. 222–234.
doi:
https:/doi.org/10.1007/978-3-030-28005-5_17.
-
Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2019).
Taking the emotional pulse of software engineering - A systematic literature review of empirical studies.
Information and Software Technology.
ISSN 0950-5849.
115,
s. 23–43.
doi:
10.1016/j.infsof.2019.08.002.
-
Sanchez-Gordon, Sandra; Sánchez-Gordón, Mary Luz; Yilmaz, Murat & O'Connor, Rory V.
(2019).
Integration of accessibility design patterns with the software implementation process of ISO/IEC 29110.
Journal of Software: Evolution and Process (JSEP).
ISSN 2047-7473.
31(1).
doi:
10.1002/smr.1987.
Vis sammendrag
The Web Content Accessibility Guidelines was developed by World Wide Web Consortium with a goal of providing a single shared standard for web content accessibility that meets the needs of individuals, organizations, and governments. Given that there is a large percentage of very small entities that develop software who also utilize the ISO/IEC software process standard, the purpose of this study is the development of software design patterns for users with visual disabilities. As a result, four accessibility design patterns are defined: Authentication adapter, Blindness adapter, Dichromatic color vision adapter, and Blurry vision adapter. These patterns will help to improve the design of the web applications built using them while being compliant with the ISO/IEC 29110 standard. The use of design patterns also enables the transfer of design experience to programming practices and improves the software documentation. To validate the set of patterns, an online course for Spanish speakers was developed, and the evaluation was carried out using simulators, automated tools, experts, and users. Simulators and automated tools showed no accessibility errors and experts evaluated 10 heuristics principles and did not identify any severity issues. Taken together, our results provide positive evidence that users with visual disabilities could benefit from the proposed features.
-
Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2018).
A Multivocal Literature Review on the use of DevOps for e-learning systems.
I Garcia-Penalvo, Francisco José (Red.),
Proceedings of the Sixth International Conference on Technological Ecosystems for Enhancing Multiculturality (TEEM 2018).
Association for Computing Machinery (ACM).
ISSN 978-1-4503-6518-5.
s. 883–888.
doi:
10.1145/3284179.3284328.
Vis sammendrag
DevOps is an approach to reduce software development times by integrating a set of tools in order to get a better and automated transition towards production. DevOps is highly connected to tools and to Cloud Computing. On the other hand, e-Learning tools are also evolving towards the cloud. In this scenario, the connection of this two research fields seems to be promising. However, to the best of authors' knowledge the interaction of both has not been studied in deep. To bridge this gap, in this paper, a multivocal literature review is presented. By means of this systematic approach, authors analyze scientific and professional literature on the topic. Results reveal a nascent but still modest interest in DevOps in e-Learning solutions. Authors believe that the increasing adoption of cloud e-Learning solutions and the increasing pressure to deploy new versions of software with boost the interest in this research field.
-
Sanchez Gordon, Mary Luz & Colomo-Palacios, Ricardo
(2018).
Characterizing DevOps Culture: A Systematic Literature Review.
I Stamelos, I; O'Connor, Rory; Rout, Terry & Dorling, Alec (Red.),
Software Process Improvement and Capability Determination: 18th International Conference, SPICE 2018, Thessaloniki, Greece, October 9–10, 2018, Proceedings.
Springer.
ISSN 978-3-030-00622-8.
s. 3–15.
doi:
10.1007/978-3-030-00623-5_1.
Vis sammendrag
Time and quality pressures are affecting software process in all its stages. One of the proposed solutions to these pressures is DevOps. DevOps is aimed to increase the frequency, quality and speed of deploying software from development into production by means of new organizational structures and processes with a high degree of automation. Several authors underlined the fact, that beyond the tool chain, DevOps is a culture shift. However, to date the characterization of DevOps culture remains unclear. In this paper, authors tackle this problem by means of a Systematic Literature Review. Results provide a deeper understanding of the phenomena from human factor´s perspective.
-
Sánchez-Gordón, Mary & Colomo-Palacios, Ricardo
(2018).
From Certifications to International Standards in Software Testing: Mapping from ISQTB to ISO/IEC/IEEE 29119-2.
I Larrucea, Xabier; O'Connor, Rory & Messnarz, Richard (Red.),
Systems, Software and Services Process Improvement : 25th European Conference, EuroSPI 2018, Bilbao, Spain, September 5-7, 2018, Proceedings.
Springer.
ISSN 978-3-319-97924-3.
s. 43–55.
doi:
10.1007/978-3-319-97925-0_4.
Vis sammendrag
In today’s software development industry, software testing allows one to ensure the quality but it cannot be done exhaustively and it requires selective and careful planning. That means a test process which is not only time-consuming but also useful and crucial because today, more than ever software is becoming part of our personal and professional life. Software testing is gradually gaining relevance among software practitioners and researchers. Due to that, several organizations, which offer personal certifications, have emerged and international standards have been developed. However, there is still a need to support software practitioners in gaining awareness and understanding about them. The aim of this study is to perform a mapping from all major activities of ISTQB Foundation Level Certification (CTFL), to corresponding processes of ISO/IEC/IEEE 29119-2. Thus an analysis has performed to identify the differences and overlap between the two approaches, which allows a better understanding of them. The findings show that the test process of ISTQB CTFL is largely covered by the ISO/IEC/IEEE 29119-2. In addition, a tailored conformance was also outlined to ISO/IEC/IEEE 29119-2.
Se alle arbeider i Cristin
-
Sánchez-Gordón, Mary
(2024).
Ingenieria de Software: Un Enfoque en Aspectos Humanos.
-
Sánchez-Gordón, Mary
(2023).
Prólogo.
I Otón Tortosa, Salvador; Paola, Ingavélez‑Guerra & Pérez, Angel A. (Red.),
Tecnologías y accesibilidad en la educación superior virtual: Guías para favorecer la inclusión y la accesibilidad.
Editorial Universitaria Abya-Yala.
ISSN 978-9978-10-797-3.
s. 17–19.
doi:
http:/doi.org/10.17163/abyaups.8.
-
-
Sánchez-Gordón, Mary
(2022).
Aspectos Humanos y Sociales de la Ingeniería de Software.
-
Sánchez-Gordón, Mary
(2022).
Ingeniería de Software en la Sociedad.
-
Sánchez-Gordón, Mary; Sanchez-Gordon, Sandra & Colomo-Palacios, Ricardo
(2022).
Vote Item: Is “Compassionate Software Development” a Topic Worth Researching?
I Prechelt, Lutz & Rodríguez-Pérez, Gema (Red.),
CHASE '22: Proceedings of the 15th International Conference on Cooperative and Human Aspects of Software Engineering
.
Association for Computing Machinery (ACM).
ISSN 978-1-4503-9342-3.
s. 107–108.
doi:
10.1145/3528579.3529176.
-
Se alle arbeider i Cristin
Publisert 30. juli 2018 14:15
- Sist endret 11. jan. 2022 15:19