Pool Evolution: A Parallel Pattern for Evolutionary and Symbolic Computing

We introduce a new parallel pattern derived from a specific application domain and show how it turns out to have application beyond its domain of origin. The pool evolution pattern models the parallel evolution of a population subject to mutations and evolving in such a way that a given fitness function is optimized. The pattern has been demonstrated to be suitable for capturing and modeling the parallel patterns underpinning various evolutionary algorithms, as well as other parallel patterns typical of symbolic computation. In this paper we introduce the pattern, we discuss its implementation on modern multi/many core architectures and finally present experimental results obtained with FastFlow and Erlang implementations to assess its feasibility and scalability.     

Organizational Learning Mechanisms and Creative Climate: Insights from an Italian Fashion Design Company

This paper investigates the relationship between different types of organizational learning mechanisms and creative climate. In the context of an action research study, this paper focuses on insights from a survey that was administered to all the employees of the Product Design and Development unit of the company. The results demonstrate that the three different types of organizational learning mechanisms considered in the study (cognitive, structural and procedural mechanisms) are associated with creative climate. The study generates new scientific knowledge about the role of organizational learning mechanisms and provides specific recommendations for organizations that aim to enhance creative climate.     

A reflection on information systems strategizing: the role of power and everyday practices

We review the IS strategizing literature and highlight its main strengths and weaknesses. Strengths include an account given to the relevance of tensions between planned and executed strategy, and associated tradeoffs such as rigidity and flexibility, formal and informal strategizing and the exploitation of static resources vis à vis the exploration of novel capabilities. Weaknesses relate to a predominant focus on an organizational level of analysis and a lack of power considerations. In this paper we aim to build on these strengths and to ameliorate these weaknesses by proposing a comprehensive IS strategizing framework that uses extant IS strategizing research as a foundation, rejuvenated by insights from the emerging strategy‐as‐practice literature. The paper extends our understanding of IS strategizing in light of the practice perspective by providing a multilevel account and incorporating power considerations.     

Analyzing execution traces: critical-path analysis and distance analysis

International Journal on Software Tools for Technology Transfer - System designers make trade-offs between metrics of interest such as execution time, functional quality and cost to create a...     

An innovative <Emphasis Type="BoldItalic">H</Emphasis><Subscript><Emphasis Type="BoldItalic">∞</Emphasis></Subscript>–norm based worst case scenario approach for dynamic compliance optimization with applications to viscoelastic beams

A novel frequency–based definition of dynamic compliance is introduced within the framework of H _∞ –norm based structural dynamics in the presence of load uncertainties. The system itself is supposed to depend on a vector of design parameters with respect to which an optimal design is pursued. A three-step worst-case-scenario is then developed that finds the minimum-compliance structure capable of accounting for the entire norm–bounded load sets. Once the problem is initialized, the current worst load is found that is used as input to the minimization of the structural compliance and the procedure is repeated until convergence. Numerical examples are eventually proposed that deal with viscoelastic beams discretized via a truly–mixed finite–element scheme.     

Designing vulnerability testing tools for web services: approach,components, and tools

This paper proposes a generic approach for designing vulnerability testing tools for web services, which includes the definition of the testing procedure and the tool components. Based on the proposed approach, we present the design of three innovative testing tools that implement three complementary techniques (improved penetration testing, attack signatures and interface monitoring, and runtime anomaly detection) for detecting injection vulnerabilities, thus offering an extensive support for different scenarios. A case study has been designed to demonstrate the tools for the particular case of SQL Injection vulnerabilities. The experimental evaluation demonstrates that the tools can effectively be used in different scenarios and that they outperform well-known commercial tools by achieving higher detection coverage and lower false-positive rates.     

On improving resistance to Denial of Service and key provisioning scalability of the DTLS handshake

DTLS is a transport layer security protocol designed to provide secure communication over unreliable datagram protocols. Before starting to communicate, a DTLS client and server perform a specific handshake in order to establish a secure session and agree on a common security context. However, the DTLS handshake is affected by two relevant issues. First, the DTLS server is vulnerable to a specific Denial of Service (DoS) attack aimed at forcing the establishment of several half-open sessions. This may exhaust memory and network resources on the server, so making it less responsive or even unavailable to legitimate clients. Second, although it is one of the most efficient key provisioning approaches adopted in DTLS, the pre-shared key provisioning mode does not scale well with the number of clients, it may result in scalability issues on the server side, and it complicates key re-provisioning in dynamic scenarios. This paper presents a single and efficient security architecture which addresses both issues, by substantially limiting the impact of DoS, and reducing the number of keys stored on the server side to one unit only. Our approach does not break the existing standard and does not require any additional message exchange between DTLS client and server. Our experimental results show that our approach requires a shorter amount of time to complete a handshake execution and consistently reduces the time a DTLS server is exposed to a DoS instance. We also show that it considerably improves a DTLS server in terms of service availability and robustness against DoS attack.     

The shape of feature code: an analysis of twenty C-preprocessor-based systems

Feature annotations (e.g., code fragments guarded by #ifdef C-preprocessor directives) control code extensions related to features. Feature annotations have long been said to be undesirable. When maintaining features that control many annotations, there is a high risk of ripple effects. Also, excessive use of feature annotations leads to code clutter, hinder program comprehension and harden maintenance. To prevent such problems, developers should monitor the use of feature annotations, for example, by setting acceptable thresholds. Interestingly, little is known about how to extract thresholds in practice, and which values are representative for feature-related metrics. To address this issue, we analyze the statistical distribution of three feature-related metrics collected from a corpus of 20 well-known and long-lived C-preprocessor-based systems from different domains. We consider three metrics: scattering degree of feature constants, tangling degree of feature expressions, and nesting depth of preprocessor annotations. Our findings show that feature scattering is highly skewed; in 14 systems (70 %), the scattering distributions match a power law, making averages and standard deviations unreliable limits. Regarding tangling and nesting, the values tend to follow a uniform distribution; although outliers exist, they have little impact on the mean, suggesting that central statistics measures are reliable thresholds for tangling and nesting. Following our findings, we then propose thresholds from our benchmark data, as a basis for further investigations.     

A participative end-user method for multi-perspective business process elicitation and improvement

A business process can be characterized by multiple perspectives (intentional, organizational, operational, functional, interactional, informational, etc). Business process modeling must allow different stakeholders to analyze and represent process models according to these different perspectives. This representation is traditionally built using classical data acquisition methods together with a process representation language such as BPMN or UML. These techniques and specialized languages can easily become hard, complex and time consuming. In this paper, we propose ISEA, a participative end-user modeling approach that allows the stakeholders in a business process to collaborate together in a simple way to communicate and improve the business process elicitation in an accurate and understandable manner. Our approach covers the organizational perspective of business processes, exploits the information compiled during the elicitation of the organizational perspective and touches lightly an interactional perspective allowing users to create customized interface sketches to test the user interface navigability and the coherence within the processes. Thus, ISEA can be seen as a participative end-user modeling approach for business process elicitation and improvement.     

Probabilistic knowledge representation using the principle of maximum entropy and Gröbner basis theory

An often used methodology for reasoning with probabilistic conditional knowledge bases is provided by the principle of maximum entropy (so-called MaxEnt principle) that realises an idea of least amount of assumed information and thus of being as unbiased as possible. In this paper we exploit the fact that MaxEnt distributions can be computed by solving nonlinear equation systems that reflect the conditional logical structure of these distributions. We apply the theory of Gröbner bases that is well known from computational algebra to the polynomial system which is associated with a MaxEnt distribution, in order to obtain results for reasoning with maximum entropy. We develop a three-phase compilation scheme extracting from a knowledge base consisting of probabilistic conditionals the information which is crucial for MaxEnt reasoning and transforming it to a Gröbner basis. Based on this transformation, a necessary condition for knowledge bases to be consistent is derived. Furthermore, approaches to answering MaxEnt queries are presented by demonstrating how inferring the MaxEnt probability of a single conditional from a given knowledge base is possible. Finally, we discuss computational methods to establish general MaxEnt inference rules.