Learn More
Building secure systems is difficult for many reasons. This paper deals with two of the main challenges: (i) the lack of security expertise in development teams, and (ii) the inadequacy of existing methodologies to support developers who are not security experts. The security standard ISO 14508 (Common Criteria) together with secure design techniques such(More)
The experience factory concept enables systematic learning and continuous improvement in software development. As with most learning initiatives, it is hard to establish. In our experience, there is a great deal of uncertainty and skepticism about the mission and contents of an experience factory. The starting phase is especially endangered through pitfalls(More)
Software development and acquisition require knowledge and experience in many areas of software engineering. Experience helps people to make decisions under uncertainty, and to find better compromises. Experience-based process improvement considers experience as a prerequisite for competent behavior in software development. There is usually a repository to(More)
Application frameworks for visual design environments usually offer a wide range of features and easy-to-use mechanisms to develop applications. We observed that sometimes those features deceive application designers: Tempted by the desire to make rapid progress, designers go into too much detail about easy things too early in the process, like graphical(More)
Adapting new software processes and practices in organizational and academic environments requires training the developers and validating the applicability of the newly introduced activities. Investigating process conformance during training and understanding if programmers are able and willing to follow the specific steps are crucial to evaluating whether(More)