Dr. Marcelo Jenkins Coronas

Formación académica

  • Ph.D., Universidad de Delaware, U.S.A., 1992
  • M.Sc., Universidad de Delaware, U.S.A., 1989
  • Bachiller, Universidad de Costa Rica, 1986

Certificaciones:

  • ASQ Certified Software Quality Engineer (CSQE), 2003

Experiencia laboral

  • Agosto 2017 - Presente:

Puesto actual: Director del Centro de Investigaciones en Tecnologías de la Información y Comunicación (CITIC).

  • Febrero 1986 - Presente:

Puesto actual: Profesor Catedrático Institución: Escuela de Computación e Informática, Universidad de Costa Rica  Funciones:  1.Profesor del Programa de Maestría en Computación e Informática  2.Investigador en Ingeniería de software   3.Ex-Director del Programa de Maestría en Computación e Informática  4.Ex-Director la Escuela de Ciencias de la  Computación e Informática

  • Mayo 2015 - Mayo 2017:

Puesto: Ministro: Institución: Ministerio de Ciencia y Tecnología. Con permiso otorgado por la Universidad de Costa Rica.

  • Noviembre 1992 - Abril 2015:

Puesto: Consultor en informática Funciones:  1.Definición de estrategias empresariales de tecnología de información   2.Reingeniería de procesos administrativos utilizando tecnología de información   3.Implantación de sistemas de aseguramiento de la calidad para  el desarrollo de software 4.Especificación e implantación de estándares para desarrollo de software 5.Capacitación de personal en calidad de  software 6.Evaluación de nuevas tecnologías de información  7.Planificación y dirección de proyectos de tecnología de información 8.Ingeniería de procesos de software

  • Agosto 1984 - Marzo 1986:

Puesto: Analista/Programador  Empresa: INDECA Ltda.  Funciones:  1.Desarrollo de sistemas de información administrativos

Proyectos

Proyecto sombrilla

Número de proyecto: 
834-00-000
Vigencia:
De 01/Mar/2017 hasta 02/Mar/2017

Publicaciones

Evaluation of a model-based testing platform for Java applications

Descripción:

Model-based testing (MBT) automates the design and generation of test cases from a model. This process includes model building, test selection criteria, test case generation, and test case execution stages. Current tools support this process at various levels of automation, most of them supporting three out of four stages. Among them is MBT4J, a platform that extends ModelJUnit with several techniques, offering a high level of automation for testing Java applications. In this study, the authors evaluate the efficacy of the MBT4J platform, in terms of the number of test cases generated, errors detected, and coverage metrics. A case study is conducted using two open-source Java systems from public repositories, and 15 different configurations. MBT4J was able to automatically generate five models from the source code. It was also able to generate up to 2025 unique test cases for one system and up to 1044 for the other, resulting in 167 and 349 failed tests, respectively. Transition and transition pair coverage reached 100% for all models. Code coverage ranged between 72 and 84% for the one system and between 59 and 76% for the other. The study found that Greedy and Random were the most effective testers for finding errors.

Tipo de publicación: Journal Article

Publicado en: IET Software

Model-based testing areas, tools and challenges: A tertiary study

Descripción:

Context: Model-based testing is one of the most studied approaches by secondary studies in the area of software testing. Aggregating knowledge from secondary studies on model- based testing can be useful for both academia and industry. 

Objective: The goal of this study is to characterize secondary studies in model-based testing, in terms of the areas, tools and challenges they have investigated. 

Method: We conducted a tertiary study following the guidelines for systematic mapping studies. Our mapping included 22 secondary studies, of which 12 were literature surveys and 10 systematic reviews, over the period 1996–2016. 

Results: A hierarchy of model-based testing areas and subareas was built based on existing taxonomies as well as data that emerged from the secondary studies themselves. This hierarchy was then used to classify studies, tools, challenges and their tendencies in a unified classification scheme. We found that the two most studied areas are UML models and transition-based notations, both being modeling paradigms. Regarding tendencies of areas in time, we found two areas with constant activity through time, namely, test objectives and model specification. With respect to tools, we only found five studies that compared and classified model-based testing tools. These tools have been classified into common dimensions that mainly refer to the model type and phases of the model-based testing process they support. We reclassified all the tools into the hierarchy of model-based testing areas we proposed, and found that most tools were reported within the modeling paradigm area. With regard to tendencies of tools, we found that tools for testing the functional behavior of software have prevailed over time. Another finding was the shift from tools that support the generation of abstract tests to those that support the generation of executable tests. For analyzing challenges, we used six categories that emerged from the data (based on a grounded analysis): efficacy, availability, complexity, professional skills, investment, cost & effort, and evaluation & empirical evidence. We found that most challenges were related to availability. Besides, we too classified challenges according to our hierarchy of model-based testing areas, and found that most challenges fell in the model specification area. With respect to tendencies in challenges, we found they have moved from complexity of the approaches to the lack of approaches for specific software domains. 

Conclusions: Only a few systematic reviews on model-based testing could be found, therefore some areas still lack secondary studies, particularly, test execution aspects, language types, model dynamics, as well as some modeling paradigms and generation methods. We thus encourage the community to perform further systematic reviews and mapping studies, following known protocols and reporting procedures, in order to increase the quality and quantity of empirical studies in model-based testing.

Tipo de publicación: Journal Article

Publicado en: CLEI Electronic Journal

Identifying implied security requirements from functional requirements

Descripción:

The elicitation of software security requirements in early stages of software development life cycle is an essential task. Using security requirements templates could help practitioners to identify implied software security requirements from functional requirements in the context of a software system. In this paper, we replicated a previous study that analyzed the effectiveness of security requirements templates to support the identification of security requirements. Our objective was to evaluate this approach and compare the applicability of the previous findings. We conducted the first replication of the controlled experiment in 2015, and subsequently conducted two differentiated replications in 2018. We evaluated the responses of 33 participants in terms of quality, coverage, relevance and efficiency and discussed insights regarding the impact of context factors. Participants were divided into treatment (security requirements templates) and control groups (no templates). Our findings support some previous results: treatment group performed significantly better than the control group in terms of the coverage of the identified security requirements. Besides, the requirements elicitation process performed significantly better in relevance and efficiency metrics in two of the three replications. Security requirements templates supported participants to identify a core set of the security requirements and participants were favorable towards the use of templates in identifying security requirements.

Tipo de publicación: Conference Paper

Publicado en: 14th Iberian Conference on Information Systems and Technologies (CISTI)

A survey of software testing practices in Costa Rica

Descripción:

Software testing is an essential activity in software development projects for delivering high quality products. In a previous study, we reported the results of a survey of software engineering practices in the Costa Rican industry. To analyze more in depth the specific software testing practices among practitioners, we replicated a previous survey conducted in South America. Our objective was to characterize the state of the practice based on practitioners use and perceived importance of software testing practices. This survey evaluated 42 testing practices grouped in three categories: processes, activities and tools. A total of 92 practitioners responded to the survey. The participants indicated that: (1) task for recording of the results of tests, documentation of test procedures and cases, and re-execution of tests when the software is modified are useful and important for software testing practitioners. (2) Acceptance and system testing are the two most useful and important testing types. (3) Tools for recording defects and the effort to fix them (bug tracking) and the availability of a test database for reuse are useful and important. Regarding the use of practices, the participants stated that (4) Planning and designing of software testing before coding and evaluating the quality of test artifacts are not a regular practice. (5) There is a lack of measurement of defect density and test coverage in the industry; and (6) tools for automatic generation of test cases and for estimating testing effort are rarely used. This study gave us a first glance at the state of the practice in software testing in a thriving and very dynamic industry that currently employs most of our computer science professionals. The benefits are twofold: for academia, it provides us with a road map to revise our academic offer, and for practitioners it provides them with a first set of data to benchmark their practices. © XXII Ibero-American Conference on Software Engineering, CIbSE 2019. All rights reserved.

Tipo de publicación: Conference Paper

Publicado en: XXII Ibero-American Conference on Software Engineering, CIbSE 2019

Characterization of DevOps practices in software development organizations: A systematic mapping

Descripción:

DevOps is a set of software engineering practices that combine efforts from development and operations areas, with the aim of improving delivery time and software quality. The goal of this study is to characterize DevOps practices used by organizations that develop software. For this, we performed a systematic literature mapping covering the period 2015-2019. In total, 42 primary articles were included and analyzed. We identified and classified a total of 20 DevOps practices, 18 criteria to evaluate DevOps practices, 16 benefits and 19 challenges related to DevOps’ adoption. Our results show the need for more empirical studies in organizations, which directly address issues like evaluation criteria to assess the operation of DevOps practices.

Tipo de publicación: Journal Article

Publicado en: Revista Ibérica de Sistemas e Tecnologias de Informação

Decision support systems that use artificial intelligence for precision agriculture: a systematic literature mapping

Descripción:

Decision support systems for agriculture allow to optimize crop processes by using the least amount of resources (land, water and fertilizers). In this study, we characterized decision support systems that use artificial intelligence (AI) techniques for precision agriculture processes. A total of 12 artificial intelligence techniques and 73 input variables were identified, with climate variables being the most used. Keywords: decision support systems; artificial intelligence; precision agriculture; greenhouses.

Tipo de publicación: Journal Article

Publicado en: Revista Ibérica de Sistemas e Tecnologias de Informação

Use of data mining and machine learning techniques for fraud detection in financial statements: A systematic mapping study

Descripción:

Fraud detection in financial statements is a constant and laborious task in the audit area. Traditionally, this task has been performed by experts, limiting its scope due to restrictions in manual processing capacity. In recent years, there has been an increase in the use of data mining and machine learning techniques to review in a comprehensive and automated way the organizations’ financial statements. The objective of this study was to analyze data mining and machine learning techniques used in financial fraud detection, in order to characterize the reported algorithms and the metrics used to evaluate their effectiveness. For this, a systematic mapping study of 67 studies was carried out. Our results show that since 2015 there was an upturn in the amount of studies that use these techniques for fraud detection in financial statements, where vector support machines are the most used technique, with 19 studies, followed by artificial neural networks, with 15 studies, and decision trees, with 11 studies. Effectiveness was assessed by the degree of precision with which the implemented techniques detected real fraud cases, obtaining values between 70% and 99.9%.

Tipo de publicación: Journal Article

Publicado en: Revista Ibérica de Sistemas e Tecnologias de Informação

An empirical analysis of IFPUG FPA and cosmic FFP measurement methods

Descripción:

The accuracy of functional size measuring is critical in software project management, because it is one of the key inputs for effort and cost estimation models. The functional size measurement (FSM) process is performed based on standardized methods; however, the accuracy of the FSM results is still based mostly on the knowledge of the measurers. In this paper, an empirical study was conducted to analyze the accuracy, reproducibility, and acceptance properties of the IFPUG FPA and COSMIC FFP functional size measurement methods. Results show that the performance of participants in measuring the requirement specifications using IFPUG FPA and COSMIC FFP did not differ significantly in terms of accuracy and reproducibility. Likewise, acceptance properties such as perceived ease of use, perceived usefulness, and intention to use did not present significant differences. Our results suggest that novice measurers could apply both methods with similar results.

Tipo de publicación: Conference Paper

Publicado en: Advances in Intelligent Systems and Computing

Characterization of software testing practices: A replicated survey in Costa Rica

Descripción:

Software testing is an essential activity in software development projects for delivering high quality products. In a previous study, we reported the results of a survey of software engineering practices in the Costa Rican industry. To make a more in depth analysis of the specific software testing practices among practitioners, we replicated a previous survey conducted in South America. Our objective was to characterize the state of the practice based on practitioners use and perceived importance of those practices. This survey evaluated 42 testing practices grouped in three categories: processes, activities and tools. A total of 92 practitioners responded to the survey. The participants indicated that: (1) tasks for recording of the results of tests, documentation of test procedures and cases, and re-execution of tests when the software is modified are useful and important for software testing practitioners. (2) Acceptance and system testing are the two most useful and important testing types. (3) Tools for recording defects and the effort to fix them (bug tracking) and the availability of a test database for reuse are useful and important. Regarding use and implementation of practices, the participants stated that (4) Planning and designing of software testing before coding and evaluating the quality of test artifacts are not a regular practice. (5) There is a lack of measurement of defect density and test coverage in the industry; and (6) tools for automatic generation of test cases and for estimating testing effort are rarely used. This study gave us a first glance at the state of the practice in software testing in a thriving and very dynamic industry that currently employs most of our computer science professionals. The benefits are twofold: for academia, it provides us with a road map to revise our academic offer, and for practitioners it provides them with a first set of data to benchmark their practices.

Tipo de publicación: Journal Article

Publicado en: Journal of Software Engineering Research and Development

Current Use and Perceived Usefulness of Mobile Technologies in the Practice of Dietetics in Costa Rica

Descripción:

Over the past 15 years, there has been an increase in the use of information and communication technologies in the field of health (eHealth), in particular regarding mobile technologies (mHealth). However, little is known about how nutritionists have adopted such technologies in their practice in Costa Rica. The objective of this study was to identify how nutritionists use mobile technologies, as well as the perceived usefulness of different services that could be incorporated in their practice. We conducted an online survey, and the responses of 185 nutritionists were analyzed. Of the sample, 69.7% perceived that the use of mobile devices in nutrition is "very important" and "very useful" (77.3%) as a support to the nutrition care process. Although 79.5% showed their willingness to offer personalized mobile services, the use of such services in practice is scarce. According to our results, there are opportunities for the implementation of mobile technology services in areas such as the electronic health file, the self-monitoring of goal progress by the patient, as well as notifications and reminders by the nutritionist.

Tipo de publicación: Conference Paper

Publicado en: 2019 IV Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

A Case Study on Teaching a Software Estimation Course

Descripción:

This paper describes a case study in designing and implementing a graduate-level course on software project estimation. The course’s objective was to introduce modern project estimation theory and practice through the process of learning through experience and reflection. We describe the goals and purpose that guided the course’s design and summarize our experience from teaching it for the first time in the 2018 spring semester. Our case study shows that a graduate-level course on software estimation can introduce several size and effort estimation methods, and that there are some affordable tools that can be used in academia. At the end students rated well our course and all of them would recommend it to a friend.

Tipo de publicación: Conference Paper

Publicado en: Learning and Analytics in Intelligent Systems

Tools for the evaluation of web accessibility: A systematic literature mapping

Descripción:

In recent years, different tools have been proposed to automate the evaluation of the web contents accessibility criteria proposed by the World Wide Web Consortium (W3C). These tools can verify that a website complies with web accessibility standards such as WCAG, but the results of the evaluation may depend on the tool used. This study identifies and characterizes web accessibility assessment tools through a systematic literature mapping. A total of 50 articles were analyzed. We report the accessibility criteria evaluated by each tool as well as the main challenges related to the evaluations.

Tipo de publicación: Conference Paper

Publicado en: 2019 IV Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Una Combinación de Estrategias para una Mejora de Procesos de Software: Reporte de Experiencia en una Institución del Sector Público

Descripción:

Software processes improvement is the sequence of tasks and techniques that are carried out for the planning and application of the activities necessary for the effective process definition in a technology unit. Models such as the CMMI and standards such as ISO/IEC 15504 establish the quality requirements quality models that serve as guidelines for performing process improvement. However, the implementation of a process improvement initiative in a public sector institution, with limited resources, a rigid structure, and legislation to comply with, must be carried out according to the specific characteristics of the technology unit as to be accepted by the development teams. This article presents a report on the experience of applying a combination of strategies to carry out a process improvement project focused on quality management in a technology unit of a public educational. Our objective is to provide evidence and discuss the lessons learned related to the combination of strategies and models in the planning and implementation of process improvement. Our study shows how the IDEAL model and the GQM, NTCGR, COBIT, SQA, BPMN and TAM strategies were combined to define and implement a program for achieving continuous process improvement in the institution.

Tipo de publicación: Conference Paper

Publicado en: 2018 7th International Conference On Software Process Improvement (CIMPS)

MBT4J: Automating the Model-Based Testing Process for Java Applications

Descripción:

Model-based testing is a process that can reduce the cost of software testing by automating the design and generation of test cases but it usually involves some time-consuming manual steps. Current model-based testing tools automate the generation of test cases, but offer limited support for the model creation and test execution stages. In this paper we present MBT4J, a platform that automates most of the model-based testing process for Java applications, by integrating several existing tools and techniques. It automates the model building, test case generation, and test execution stages of the process. First, a model is extracted from the source code, then an adapter—between this model and the software under test—is generated and finally, test cases are generated and executed. We performed an evaluation of our platform with 12 configurations using an existing Java application from a public repository. Empirical results show that MBT4J is able to generate up to 2,438 test cases, detect up to 289 defects, and achieve a code coverage ranging between 72% and 84%. In the future, we plan to expand our evaluation to include more software applications and perform error seeding in order to be able to analyze the false positive and negative rates of our platform. Improving the automation of oracles is another vein for future research.

Tipo de publicación: Conference Paper

Publicado en: Advances in Intelligent Systems and Computing

Evaluating hyper-parameter tuning using random search in support vector machines for software effort estimation

Descripción:

Studies in software effort estimation (SEE) have explored the use of hyper-parameter tuning for machine learning algorithms (MLA) to improve the accuracy of effort estimates. In other contexts random search (RS) has shown similar results to grid search, while being less computationally-expensive. In this paper, we investigate to what extent the random search hyper-parameter tuning approach affects the accuracy and stability of support vector regression (SVR) in SEE. Results were compared to those obtained from ridge regression models and grid search-tuned models. A case study with four data sets extracted from the ISBSG 2018 repository shows that random search exhibits similar performance to grid search, rendering it an attractive alternative technique for hyper-parameter tuning. RS-tuned SVR achieved an increase of 0.227 standardized accuracy (SA) with respect to default hyper-parameters. In addition, random search improved prediction stability of SVR models to a minimum ratio of 0.840. The analysis showed that RS-tuned SVR attained performance equivalent to GS-tuned SVR. Future work includes extending this research to cover other hyper-parameter tuning approaches and machine learning algorithms, as well as using additional data sets.

Tipo de publicación: Conference Paper

Publicado en: Proceedings of the 16th ACM International Conference on Predictive Models and Data Analytics in Software Engineering

Técnicas de ajuste de hiperparámetros de algoritmos de aprendizaje automático para la estimación de esfuerzo: un mapeo de literatura

Descripción:

Distintos algoritmos de aprendizaje automático (ML) han sido utilizados para apoyar los procesos de estimación de esfuerzo de desarrollo del software (EES). Sin embargo, el desempeño de estos algoritmos puede verse impactado por varios factores, uno de los cuales es la escogencia de los hiperparámetros. En los últimos años, el ajuste de hiperparámetros ha surgido como un área de investigación de interés para la EES que busca optimizar el desempeño de los modelos de ML. En este trabajo, realizamos un mapeo sistemático de literatura para caracterizar las técnicas de ajuste automático de hiperparámetros de algoritmos de ML utilizados en el contexto de la EES. Presentamos los resultados de 67 estudios identificados entre el 2010 y el 2019 y clasificamos las técnicas de ajuste de hiperparámetros, los algoritmos de ML y los conjuntos de datos dónde se han aplicado. Asimismo, reportamos los retos reportados como mapa de ruta para futuras investigaciones en el área.

Tipo de publicación: Journal Article

Publicado en: Revista Ibérica de Sistemas e Tecnologias de Informação

Hyper-Parameter Tuning of Classification and Regression Trees for Software Effort Estimation

Descripción:

Classification and regression trees (CART) have been reported to be competitive machine learning algorithms for software effort estimation. In this work, we analyze the impact of hyper-parameter tuning on the accuracy and stability of CART using the grid search, random search, and DODGE approaches. We compared the results of CART with support vector regression (SVR) and ridge regression (RR) models. Results show that tuning improves the performance of CART models up to a maximum of 0.153 standardized accuracy and reduce its stability radio to a minimum of 0.819. Also, CART proved to be as competitive as SVR and outperformed RR.

Tipo de publicación: Book Chapter

Publicado en: Advances in Intelligent Systems and Computing

Measuring Students’ Source Code Quality in Software Development Projects Through Commit-Impact Analysis

Descripción:

Evaluating the quality of software engineering projects in university courses is challenging because it evolves over time and is a time consuming task. Students applying software quality principles need early and constant feedback on their projects to improve their technical competence as software developers. We conducted a case study to explore whether student’ changes have an impact on the project quality by mining a Git repository. We analyzed a total of 2253 changes (commits) from an undergraduate software engineering project to understand the impact on quality of each change measuring metrics (complexity, duplication, maintainability, and security) mined from the repository. This analysis allowed us to identify from students’ contributions challenges and improvement opportunities in engineering practices. As future work, we plan to analyze more projects and extend our analysis with more software metrics.

Tipo de publicación: Book Chapter

Publicado en: Advances in Intelligent Systems and Computing

Measuring students' contributions in software development projects using Git metrics

Descripción:

Many courses in the software engineering area are centered around team-based project development. Evaluating these projects is a challenge due to the difficulty of measuring individual student contributions versus team contributions. The adoption of distributed version control systems like Git enables the measurement of students' and teams' contributions to the project. In this work, we analyze the contributions within five software development projects from undergraduate courses that used project-based learning. For this, we generate visualizations of aggregated Git metrics using inequality indexes and inter-decile ratios, which offer insights into the practices and processes followed by students and teams throughout the project development. This approach allowed us to identify both inequality among students' contributions and development processes with a non-steady pace, rendering a useful feedback tool for instructors and students during the development of the project. Further studies can be conducted to assess the complexity and value of students' contributions by analyzing their source code commits and other software artifacts.

Tipo de publicación: Conference Paper

Publicado en: 2020 XLVI Latin American Computing Conference (CLEI)

Agent-Oriented Approaches for Model-Based Software Testing: A Mapping Study

Descripción:

Automated software testing reduces manual work, increases test coverage, and improves error detection. Model-Based Testing (MBT) is a testing approach that automatically executes test cases generated from a model representing the system behavior. The parallelization of MBT process stages, such as model creation and exploration, or test case generation and execution, could improve its scalability to handle complex systems. Agent-Oriented Software Testing (AOST) refers to the use of intelligent agents focusing on the automation of complex testing tasks. AOST could improve the testing process by providing a high level of decomposition, independence, parallel activation, intelligence, autonomy, sociality, mobility, and adaptation. In this work, we conducted a systematic mapping study of the existing AOST approaches for MBT. We identified 36 primary studies over the period 2002–2020. We classified agent approaches according to the MBT process stages, and tasks and roles covered as part of their implementation. We found 25 implementations of AOST approaches in the test case generation stage, 20 in the test execution, 10 in the model construction, and 3 in the test criteria selection. Studies reported the test generator role 25 times, test executor role 20 times, and the monitor-coordinator of activities 12 times. Additional studies to understand the benefits of agent-oriented approaches for model-based testing are required.

Tipo de publicación: Book Chapter

Publicado en: Advances in Intelligent Systems and Computing

Comparison of End-to-End Testing Tools for Microservices: A Case Study

Descripción:

Microservices has emerged as a architectural style that provides several benefits but also poses some challenges. One such challenge is testability, since an application may have hundreds or thousands of services operating together, and each of them needs to be tested as they evolve. To overcome this challenge, test automation is key, and together with it, the use of effective and efficient testing tools. Hence, we aim to contribute to this area by evaluating two tools that support end-to-end (E2E) testing of microservices. E2E tests allow to verify if the system works well as a whole (particularly relevant for systems made up of microservices). In this work, we first surveyed E2E testing tools reported in academic literature and by industry practitioners. Then, we applied the IEEE 14102-2010 standard to evaluate those tools. The two top-rated tools, Jaeger and Zipkin, were selected for further evaluation of their effectiveness and efficiency. Results from our case study reveal that Jaeger is more efficient and effective than Zipkinin terms of execution and failure detection times, as well as information provided to detect faults, severity and coverage.

Tipo de publicación: Book Chapter

Publicado en: Advances in Intelligent Systems and Computing

Blockchain para la seguridad de la Internet de las Cosas: un estudio terciario

Descripción:

La Internet de las cosas (IoT) y Blockchain son dos tecnologías que han tenido un crecimiento acelerado en los últimos años. Su integración permite aprovechar las cualidades de seguridad de Blockchain en el contexto de los datos producidos por la IoT. El objetivo de este estudio terciario es sintetizar el conocimiento existente sobre Blockchain aplicado a la seguridad de la IoT. Para ello se realizó un mapeo sistemático de literatura sobre 45 estudios secundarios publicados entre el 2017 y el 2019. Se identificaron 25 áreas, 17 usos, 41 frameworks, 38 beneficios y 40 desafíos. Los resultados indican que el área de aplicación más reportada es la Internet de la salud, el uso más común es el almacenamiento de datos, y el framework más usado es Ethereum. El mayor beneficio es la seguridad de los datos y el principal desafío es la escalabilidad.

Tipo de publicación: Journal Article

Publicado en: Revista Ibérica de Sistemas e Tecnologias de Informação

A comparative study on measuring software functional size to support effort estimation in agile

Descripción:

Software effort estimation models based on functional size allow software organizations to plan their development projects. A large number of organizations have adopted agile processes, but there is little evidence on the adoption of functional sizing methods to support software effort estimation in agile contexts. In this study, we compare four functional size estimation methods as the basis for effort estimation in the context of a startup company that develops mobile applications using an agile methodology. Measurements of software size, expressed in User Story Points (USP), Use Case Points (UCP), IFPUG Function Points (UFP), and COSMIC Function Points (CFP), were taken for a set of requirements from one project in the company. Effort estimation models were then derived from these measurements, using regression, and their accuracy was determined by the Mean Magnitude of Relative Error (MMRE) and Mean Balanced Relative Error (MBRE). We obtained the following MMRE results for each functional sizing method: 0,86 for UCP, 0,36 for USP, 0,36 for UFP and 0,22 for CFP, and the following MBRE results: 0,98 for UCP, 0,45 for USP, 0,53 for UFP and 0,35 for CFP. The effort estimation model based on COSMIC function points turned out to be the most accurate in the context of the software organization under study. Additionally, convertibility models between sizing measurements were generated to allow the organization to convert its historical measurements into any other software size measure, without having to perform the counting process of the target method.

Tipo de publicación: Conference Paper

Publicado en: CIbSE

Técnicas de aprendizaje automático para mejorar el rendimiento de aplicaciones web: un mapeo sistemático de literatura

Descripción:

La proliferación de las aplicaciones web ha generado una cultura cada vez más demandante por parte de los usuarios. Se estima que un usuario promedio espera solo dos segundos antes de abandonar una aplicación web, si esta no responde dentro de ese lapso. Por esta razón, la creación de sitios web eficientes se ha convertido en una prioridad para los desarrolladores. El objetivo de este estudio es identificar las principales técnicas de aprendizaje automático utilizadas para mejorar el rendimiento de las aplicaciones web, sus indicadores de desempeño, usos, y capas de aplicación. Para esto se realizó un mapeo sistemático de literatura que identificó 37 estudios primarios. Los resultados indican que los árboles de decisión son el algoritmo más explorado para mejorar el rendimiento de las aplicaciones, seguido por las redes neuronales y las máquinas de soporte vectorial. Los indicadores más utilizados para medir el rendimiento de las aplicaciones web fueron el uso de caché, el tiempo del primer byte y el tiempo de carga de página. El principal uso de aprendizaje automático reportado está en la predicción efectiva de futuras acciones de un usuario durante su interacción con una aplicación web para aśı pre cargar recursos necesarios en memoria antes que sean requeridos. Las capas de infraestructura y back-end fueron las que más reportaron el uso de aprendizaje automático para mejorar el rendimiento.

Tipo de publicación: Conference Paper

Publicado en: CIbSE

Herramientas para pruebas automatizadas de seguridad en aplicaciones Web: Un mapeo sistemático de la literatura

Descripción:

Las herramientas utilizadas para automatizar las pruebas de seguridad en aplicaciones Web son esenciales para detectar vulnerabilidades y prevenir ataques cibernéticos. En este estudio identificamos herramientas reportadas entre el 2006 y el 2019 para probar la seguridad de aplicaciones Web. Cada una de las herramientas es clasificada en términos de los tipos de vulnerabilidades que prueban. Para ello, realizamos un mapeo sistemático de la literatura en el que se analizaron 63 estudios primarios, de los cuales identificamos 66 herramientas utilizadas para realizar pruebas automatizadas de seguridad. Las herramientas se clasificaron según los tipos de la metodoloǵıa de pruebas de seguridad para determinar vulnerabilidades del proyecto abierto de seguridad en aplicaciones Web (OWASP). La categoŕıa de pruebas para detectar vulnerabilidades más común fue la de Input Validation Testing (4.8) con 55 herramientas, seguido de las pruebas de Configuration and Deployment Management Testing (4.3), Session Management Testing (4.7), y Client Side Testing (4.12) con 15 herramientas utilizadas cada una. Los tipos de pruebas más reportados fueron los de la categoŕıa Input Validation Testing (4.8). En este caso SQL Injection (4.8.5) con 40 herramientas, Cross-Site Scripting (4.8.2) con 30 herramientas, y Testing for HTTP Incoming Requests (4.8.17) con 19 herramientas utilizadas.

Tipo de publicación: Conference Paper

Publicado en: CIbSE

Automatic Classification of Web News: A Systematic Mapping Study

Descripción:

The number of news articles published on the Web has had a dramatic increase. News websites are overwhelmed daily with articles, and their processing and classification is a challenge. Reading news from the web has become an important citizen’s information source, and its classification can show relevant information about social or cultural patterns on society. In this context, techniques that can automatically analyze and classify news articles are essential. In particular, data mining and machine learning techniques have been applied for the classification of web news, as they can detect structural patterns based on documents characteristics. Their use requires specialized text processing and summarizing techniques. The objective of this study is to characterize data mining and machine learning techniques used for the web news classification, the datasets used, and the evaluation metrics. We performed a systematic literature mapping of 51 primary studies published between 2000 and 2019. We found that the most used techniques fall into these paradigms: clustering, support vector machines and generative models. Also, 33 studies used online data extracted from Internet’s news web pages, while 25 downloaded a previously published dataset. The most common metric is the F-measure, with 25 reports. In summary, several data mining and machine learning techniques have been applied to the automatic classification of web news, showing some trends regarding the techniques, datasets, and metrics.

Tipo de publicación: Book Chapter

Publicado en: Advances in Intelligent Systems and Computing

Estimation for a student collaboration hours management system at the University of Costa Rica: a case study

Descripción:

Software estimation is a tool that seeks to provide organizations with a means to know the risks, costs and benefits that software development implies. The goal of this study is to estimate the effort required for a student collaboration hours management system in the context of the University of Costa Rica. For this, the IFPUG function point count standard and estimation models such as COCOMO II, the regression technique, the analogy technique and the comparison technique were used. The results show that the COCOMO II estimation method has the highest values of effort and duration and the analog technique the lowest values. For the regression and comparison techniques, the values were similar, located between the values obtained with COCOMO II and analogy, therefore, it was considered as a good estimation option for the system.

Tipo de publicación: Conference Paper

Publicado en: 2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Using git metrics to measure students' and teams' code contributions in software development projects

Descripción:

Many software engineering courses are centered around team-based project development. Analyzing the source code contributions during the projects’ development could provide both instructors and students with constant feedback to identify common trends and behaviors that can be improved during the courses. Evaluating course projects is a challenge due to the difficulty of measuring individual student contributions versus team contributions during the development. The adoption of distributed version control sys-tems like git enable the measurement of students’ and teams’ contributions to the project.In this work, we analyze the contributions within eight software development projects,with 150 students in total, from undergraduate courses that used project-based learning.We generate visualizations of aggregated git metrics using inequality measures and the contribution per module, which offer insights into the practices and processes followed by students and teams throughout the project development. This approach allowed us to identify inequality among students’ contributions, the modules where students con-tributed, development processes with a non-steady pace, and integration practices render-ing a useful feedback tool for instructors and students during the project’s development.Further studies can be conducted to assess the quality, complexity, and ownership of the contributions by analyzing software artifacts.

Tipo de publicación: Journal Article

Publicado en: CLEI Electronic Journal

Desarrollo y evaluación de un prototipo de aplicación móvil para la administración de traslados de pacientes COVID-19

Descripción:

En este artículo presentamos un prototipo de una aplicación móvil para la administración de los traslados de pacientes COVID-19 realizados por el equipo PRIME del centro médico CEACO en Costa Rica. Describimos el diseño de la aplicación, los aspectos técnicos relacionados con su implementación, y los resultados de la evaluación de la experiencia de usuario realizada por los miembros del equipo PRIME. La evaluación del prototipo muestra la utilidad de la aplicación móvil para apoyar los procesos del equipo PRIME y los resultados del estudio de experiencia de usuario indican una percepción muy positiva para las categorías de atracción, trasparencia, eficiencia, controlabilidad y estimulación.

Tipo de publicación: Journal Article

Publicado en: Revista Ibérica de Sistemas e Tecnologias de Informação

Data Mining and Machine Learning Techniques for Bank Customers Segmentation: A Systematic Mapping Study

Descripción:

Data mining and machine learning techniques analyze and extract useful information from data sets in order to solve problems in different areas. For the banking sector, knowing the characteristics of customers entails a business advantage since more personalized products and services can be offered. The goal of this study is to identify and characterize data mining and machine learning techniques used for bank customer segmentation, their support tools, together with evaluation metrics and datasets. We performed a systematic literature mapping of 87 primary studies published between 2005 and 2019. We found that decision trees and linear predictors were the most used data mining and machine learning paradigms in bank customer segmentation. From the 41 studies that reported support tools, Weka and Matlab were the two most commonly cited. Regarding the evaluation metrics and datasets, accuracy was the most frequently used metric, whereas the UCI Machine Learning repository from the University of California was the most used dataset. In summary, several data mining and machine learning techniques have been applied to the problem of customer segmentation, with clear tendencies regarding the techniques, tools, metrics and datasets.

Tipo de publicación: Book Chapter

Publicado en: Advances in Intelligent Systems and Computing

Students Projects' Source Code Changes Impact on Software Quality Through Static Analysis

Descripción:

Monitoring and examining source code and quality metrics is an essential task in software development projects. Still, it is challenging to evaluate for educational projects due to the time and effort required by instructors, and constant change during the software project evolution. In this paper, we used an automated approach to analyze source code and quality metrics’ evolution and impact in software engineering projects using static code analysis on each software change (commits and merges). We examined five undergraduate software engineering projects’ changed modules, compilability, and source code and quality metrics (size, complexity, duplication, maintainability, and security). In total, we assessed 12,103 changes from 103 students contributing to the projects. Our approach allowed us to identify students’ project trends in the impact of the source code changes, providing insights into behaviors such as technology knowledge deficiencies, issues in continuous integration practices, and software quality degradation. We believe that the early, constant feedback on student software engineering project quality can help instructors improve their courses and students enhance their development practices. Tracking of source code evolution could be done via static analysis and instructors could use the analysis results for teaching.

Tipo de publicación: Book Chapter

Publicado en: Communications in Computer and Information Science

Technical Debt Measurement during Software Development using Sonarqube: Literature Review and a Case Study

Descripción:

Technical debt comprises the construction of poor software during the development process, potentially leading to several problems for organizations. For this reason, it is convenient to measure it and apply timely strategies to prevent unwanted consequences. Technical debt identification and measurement may be supported by static analysis tools, such as Sonarqube. This paper aims to analyze, evaluate, and apply the technical debt metrics proposed by Sonarqube. We present a literature review about technical debt measurement with this tool and describe the results of a case study. Based on the literature review and the case study results, we analyze the advantages, disadvantages, and limitations of using Sonarqube for technical debt measurement. We conclude that there are several threats to the validity on the proposed metrics, which may lead to inaccurate results. However, Sonarqube can still support technical debt management during the software development process.

Tipo de publicación: Conference Paper

Publicado en: 2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Agent-based tool for model-based test case generation and execution

Descripción:

Model-Based Testing (MBT) aims to automate test case generation and execution from abstract models representing the behavior of the system under test (SUT). MBT stages parallelization and monitoring could improve the overall process performance in complex systems and resource shortages. Agent-based software testing (ABST) consists of intelligent agents applied to complex software testing tasks. ABST approaches could enhance software testing due to multi-agent systems autonomy, independence, parallel activation, and decision-making features. This study presents an agent-based tool for MBT case generation and execution. The tool comprises two components: the MBT component based on the MBT4J tool and a JADE multi-agent component. The multi-agent component implements a coordinator agent (CA), a monitor agent (MA), and several test case generation and execution agents (TGEA). The responsibilities of agents include test case planning, generation and execution, and results synthesis. The results suggest that low levels of TGEA achieve acceptable coverage metrics in straightforward models. Productivity provides the best results in the first execution cycles.

Tipo de publicación: Conference Paper

Publicado en: 2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Application of Process Metrics for Software Testing: A Case Study

Descripción:

In-process tracking and measurements play a critical role in software development, particularly for software testing. The in-process data and reports focus on design review and code inspection data, including testing data. These in-process metrics are effective for managing software testing and the in-process quality status of the project. These metrics have been used in the IBM Rochester software development laboratory and have been the main differentiator between other software testing metrics which lack usefulness and real-world industry implementation. In this study, three in-process metrics are applied to a small security application project within a private company which underwent a team resource change during the lifetime of the project. It was obtained great insight with the progress comparison between the changes occurring in the project and after its completion. This turned out to be an excellent proof of concept for applying this type of metrics in such challenging environments. Additionally, some recommendations based on the results are proposed for other organizations to encourage the application of these metrics within their projects.

Tipo de publicación: Conference Paper

Publicado en: 2021 IEEE V Jornadas Costarricenses de Investigación en Computación e Informática (JoCICI)

Use of CMMI-DEV 2.0 for continuous process improvement in an agile organization: a case study

Descripción:

The use of practices that strengthen the software development process has benefited from standards that guide organizations either to self-assess themselves and set an improvement goal, or to adopt the practices that contribute the most to their business. This article describes the use of the CMMI-DEV 2.0 model for the improvement of the process of a financial software project. The methodology used to evaluate the current process against the practices of the model is described, and a series of proposed improvement opportunities that could be implemented in each category are listed. The case study described in this article may be of interest to organizations that are interested in improving their software process.

Tipo de publicación: Conference Paper

Publicado en: 2022 17th Iberian Conference on Information Systems and Technologies (CISTI)

Desarrollo de un prototipo de herramienta para automatizar el conteo de puntos de función SNAP de la interfaz gráfica

Descripción:

El principal objetivo de medir el proceso de desarrollo de software es apoyar la toma de decisiones gerenciales. Estimar el tamaño, esfuerzo y tiempo que se necesita para producir un software es una tarea importante dentro de todo proceso de medición. Las estimaciones incorrectas pueden causar pérdidas económicas importantes a las empresas que desarrollen software . Un enfoque automático de medición de tamaño del software no funcional podría apoyar el proceso de estimación generando datos históricos en un menor tiempo, mejorando eventualmente la calidad de las estimaciones. En este trabajo se presentan los resultados de la creación y evaluación de un prototipo de herramienta de software que, calcula automáticamente el tamaño de los requisitos no funcionales (NFR por sus siglas en inglés) de la subcategoría de Interfaz de Usuario 2.1 del método SNAP (Software Non-functional Assessment Process). Para su desarrollo e implementación se utilizó la metodología Ciencias del Diseño basándose en el Modelo del Ciclo de Diseño, se seleccionó un conjunto de proyectos web, de los cuales se obtuvieron los requerimientos no funcionales. Posteriormente, se realizó un conteo manual de dichos requerimientos y se evaluó la exactitud de la herramienta en comparación con el conteo manual. Los resultados presentan un nivel de exactitud del 100% en el conteo de puntos SNAP para la categoría 2.1 interfaz gráfica. Sin embargo, hay ciertas diferencias en la detección correcta de propiedades de la interfaz de usuario que, aunque no afectaron a la exactitud final de la estimación, sí son incorrectas. Este trabajo aporta evidencia de la viabilidad del uso de un prototipo de herramienta de software que, por medio de reglas de mapeo aplicadas en el código ya desarrollado en HTML y CSS, puede automatizar el conteo de puntos SNAP para la subcategoría 2.1 interfaz gráfica.

Tipo de publicación: Conference Paper

Publicado en: V Congreso Internacional en Inteligencia Ambiental, Ingeniería de Software, Salud Electrónica y Móvil - AmITIC 2022

How Have We Researched Developers’ Contributions in Software Engineering? A Systematic Mapping Study

Descripción:

Developers contribute to different technical and non-technical tasks throughout the software development life cycle, such as implementing and refactoring code, reviewing changes, documenting, testing, communicating, and collaborating. Contribution assessment research can help understand development phenomena better, motivate developers, and improve software engineering projects in industrial, open-source, and academic settings. As the body of work grows, it becomes worthwhile to aggregate evidence to standardize classifications, consolidate findings, and identify research gaps. This paper characterizes how software engineering research has studied developers’ contributions to projects. We conducted a systematic mapping study of 166 primary papers that assessed developer contributions characterizing the contribution types, research topics, research design practices, measurement constructs, assessment approaches, contexts under study, threats to validity, and challenges. Our findings show that contribution research is broad in software engineering but mainly focused on product-related contributions that mine measures from activities. Yet, research needs to consider more comprehensive construct measures and robust approaches to recognize the multi-faceted, nuanced, and complex nature of development work, without overlooking contributions. At the same time, there is a need for approach applicability to help future research and technology transfer. Researchers, tool designers, and adopters can leverage our results to motivate future software contribution-related work.

Tipo de publicación: Journal Article

Development of a prototype tool to automate the counting of SNAP function points of the graphical interface

Descripción:

In this work we present the results of the creation and evaluation of a tool prototype that automatically calculates the size of the non-functional requirements (NFR) of the User Interface 2.1 subcategory of the SNAP (Software Non-functional Requirements) method. Assessment Process). We evaluated the accuracy of the tool compared to manual counting and results show an accuracy level of 100% in SNAP point counting for category 2.1 graphical interface, although with some differences in the correct detection of user interface properties. This work demonstrates the feasibility of a software tool to automate the counting of SNAP points.

Tipo de publicación: Conference Paper

Publicado en: 2022 V Congreso Internacional en Inteligencia Ambiental, Ingeniería de Software y Salud Electrónica y Móvil (AmITIC)

Plataformas de telerehabilitación para el cáncer de mama: un mapeo de literatura

Descripción:

El cáncer ha emergido como un problema de salud pública. Uno de los tipos más comunes de cáncer en mujeres es el de mama. Los tratamientos modernos de cáncer han mejorado dramáticamente las tasas de supervivencia y han cambiado la naturaleza del cuidado del cáncer. La telerehabilitación es una herramienta innovadora que ha demostrado mejoras en la eficiencia de los servicios de salud. Dadas las limitaciones de acceso a los servicios de rehabilitación, la telerehabilitación presenta oportunidades para ampliar la cobertura de estos servicios. La caracterización de las plataformas de servicios de telerehabilitación para el cáncer de mama permite identificar el alcance de los servicios de estas plataformas en la atención de pacientes y los posibles retos asociados a su uso. En este trabajo se realiza un mapeo de literatura que caracteriza las plataformas de servicios de telerehabilitación para el cáncer de mama. El artículo presenta la caracterización de las plataformas reportadas en 22 estudios identificados entre el 2014 y el 2021, identificando las funcionalidades que ofrecen, cómo han sido implementadas y evaluadas, y los retos reportados como mapa de ruta para futuras investigaciones.

Tipo de publicación: Conference Paper

Publicado en: 2023 18th Iberian Conference on Information Systems and Technologies (CISTI)