Search results
1 – 10 of over 11000Joe Garcia, Russell Shannon, Aaron Jacobson, William Mosca, Michael Burger and Roberto Maldonado
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software…
Abstract
Purpose
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.
Design/methodology/approach
An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.
Findings
Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.
Practical implications
A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.
Originality/value
Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.
Details
Keywords
- Software development
- Blockchain
- Cybersecurity
- Operational flight program
- Secure development environment
- Secure virtual machine
- Zero trust
- Embedded systems
- Mission-critical systems
- OFP
- DevOps
- DevSecOps
- Software support activity
- SSA
- SDE
- Permissioned blockchain
- Cryptocurrency
- Time-limited authorization for developer action
- TADA
- Code signing
- Trusted software guard
- SGX
- Trusted eXecution technology
- TXT
- Trusted platform module
- Self-hosting
- Controlled access blockchain
- CABlock
- Role-based access control
- RBAC
Tommie L. Ellis, Robert A. Nicholson, Antoinette Y. Briggs, Scott A. Hunter, James E. Harbison, Paul S. Saladna, Michael W. Garris, Robert K. Ohnemus, John E. O’Connor and Steven B. Reynolds
Rising operational costs and software sustainment concerns have driven the Air Force to move to newer technology to ensure that the Air Force Standard Base Supply System (SBSS…
Abstract
Purpose
Rising operational costs and software sustainment concerns have driven the Air Force to move to newer technology to ensure that the Air Force Standard Base Supply System (SBSS) can continue to provide affordable and sustainable mission support in the years to come. This paper aims to summarize the successful software modernization effort the Air Force undertook to achieve that objective.
Design/methodology/approach
The paper describes the preliminary system updates that were required to isolate the SBSS software from all internal and external system and user interfaces in preparation for the subsequent successful code roll effort. Once the legacy SBSS component was fully isolated, the SBSS software modernization objective was achieved via a “code roll” conversion of the SBSS software from legacy COBOL to Java code, and movement of the integrated logistics system-supply application from a proprietary information technology (IT) platform to an open IT operating environment.
Findings
The SBSS system modernization yielded immediate and significant IT operational cost reductions and provided an important foundation for achieving Air Force logistics system consolidation and cloud computing objectives going forward.
Originality/value
The SBSS modernization experience should be useful in assisting similar data system software modernization efforts.
Details
Keywords
Siddarth Nair, Abhishek Kaushik and Harnaik Dhoot
Skills form an integral part of an organization for its efficient functioning. This research study investigates mechanisms to actively persuade employees and organizations to…
Abstract
Skills form an integral part of an organization for its efficient functioning. This research study investigates mechanisms to actively persuade employees and organizations to change their attitudes and perspectives towards skills through the design and implementation of a skill-based system. The aim of the project is to know if we can create a skill-focused climate in a software organization through a software system proposed by the researcher and if such a system will help in utilizing in-house employees for new opportunities rather than hiring new employees. Feedback was collected on the proposed skill-based system from software professionals and human resource managers through an online survey. Findings reveal that the proposed skill-based system will create a skill-focused climate in a software organization and also help in better utilization of internal employees for new skill requirements rather than directly hiring external employees.
Details
Keywords
Sung Min Kim, Gopesh Anand, Eric C. Larson and Joseph Mahoney
Enterprise systems are commonly implemented by firms through outsourcing arrangements with software vendors. However, deriving benefits from these implementations has proved to be…
Abstract
Purpose
Enterprise systems are commonly implemented by firms through outsourcing arrangements with software vendors. However, deriving benefits from these implementations has proved to be a challenge, and a great deal of variation has been observed in the extent of value generated for client and vendor firms. This research examines the role of co-specialization as a strategy to make the most out of outsourced enterprise systems. The authors develop hypotheses relating resource co-specialization with two indicators of success for implementation of enterprise software: (1) exchange success and (2) firm growth.
Design/methodology/approach
The hypotheses are tested using a unique panel data set of 175 firms adopting Advanced Planning and Scheduling (APS) software, a type of enterprise system used for managing manufacturing and logistics. The authors identify organizational factors that support co-specialization and then examine how co-specialization is associated with enterprise software implementation success, controlling for the endogenous choice to co-specialize.
Findings
The empirical results suggest that resource co-specialization is positively associated with implementation success and that the two resource co-specialization pathways that are examined complement each other in providing performance benefits.
Originality/value
This paper contributes to the research literature on outsourcing. The study also provides a new empirical test using a unique data set of 175 firms adopting APS Software.
Details
Keywords
Ia Williamsson and Linda Askenäs
This study aims to understand how practitioners use their insights in software development models to share experiences within and between organizations.
Abstract
Purpose
This study aims to understand how practitioners use their insights in software development models to share experiences within and between organizations.
Design/methodology/approach
This is a qualitative study of practitioners in software development projects, in large-, medium- or small-size businesses. It analyzes interview material in three-step iterations to understand reflexive practice when using software development models.
Findings
The study shows how work processes are based on team members’ experiences and common views. This study highlights the challenges of organizational learning in system development projects. Current practice is unreflective, habitual and lacks systematic ways to address recurring problems and share information within and between organizations. Learning is episodic and sporadic. Knowledge from previous experience is individual not organizational.
Originality/value
Software development teams and organizations tend to learn about, and adopt, software development models episodically. This research expands understanding of how organizational learning takes place within and between organizations with practitioners who participate in teams. Learnings show the potential for further research to determine how new curriculums might be formed for teaching software development model improvements.
Details
Keywords
Christian Barth and Stefan Koch
In the last years the penetration of enterprise resource planning (ERP) systems within small, medium and large organizations increased steadily. Organizations are forced to adapt…
Abstract
Purpose
In the last years the penetration of enterprise resource planning (ERP) systems within small, medium and large organizations increased steadily. Organizations are forced to adapt their systems and perform ERP upgrades in order to react to rapidly changing business environments, technological enhancements and rising pressure of competition. The purpose of this paper is to focus on the critical success factors for such projects.
Design/methodology/approach
The paper is based on a literature review and qualitative interviews with CEOs, CIOs, ERP consultants and project managers who recently carried out ERP upgrade projects in their respective organizations.
Findings
This paper identifies 14 critical success factors for ERP upgrade projects. Amongst others, effective project management, external support, the composition of the ERP team and the usage of a multiple system landscape play a key role for the success of the ERP upgrade. Furthermore, a comparison to the critical success factors for ERP implementation projects was conducted, and even though there are many similarities between these types of projects, several differences emerged.
Originality/value
ERP upgrade projects have a huge impact on organizations, but their success and antecedents for it are currently under-researched.
Details
Keywords
Jun Lin, Han Yu, Zhengxiang Pan, Zhiqi Shen and Lizhen Cui
Today’s software engineers often work in teams to develop complex software systems. Therefore, successful software engineering in practice require team members to possess not only…
Abstract
Purpose
Today’s software engineers often work in teams to develop complex software systems. Therefore, successful software engineering in practice require team members to possess not only sound programming skills such as analysis, design, coding and testing but also soft skills such as communication, collaboration and self-management. However, existing examination-based assessments are often inadequate for quantifying students’ soft skill development. The purpose of this paper is to explore alternative ways for assessing software engineering students’ skills through a data-driven approach.
Design/methodology/approach
In this paper, the exploratory data analysis approach is adopted. Leveraging the proposed online agile project management tool – Human-centred Agile Software Engineering (HASE), a study was conducted involving 21 Scrum teams consisting of over 100 undergraduate software engineering students in multi-week coursework projects in 2014.
Findings
During this study, students performed close to 170,000 software engineering activities logged by HASE. By analysing the collected activity trajectory data set, the authors demonstrate the potential for this new research direction to enable software engineering educators to have a quantifiable way of understanding their students’ skill development, and take a proactive approach in helping them improve their programming and soft skills.
Originality/value
To the best of the authors’ knowledge, there has yet to be published previous studies using software engineering activity data to assess software engineers’ skills.
Details
Keywords
Sudhaman Parthasarathy and S.T. Padmapriya
Algorithm bias refers to repetitive computer program errors that give some users more weight than others. The aim of this article is to provide a deeper insight of algorithm bias…
Abstract
Purpose
Algorithm bias refers to repetitive computer program errors that give some users more weight than others. The aim of this article is to provide a deeper insight of algorithm bias in AI-enabled ERP software customization. Although algorithmic bias in machine learning models has uneven, unfair and unjust impacts, research on it is mostly anecdotal and scattered.
Design/methodology/approach
As guided by the previous research (Akter et al., 2022), this study presents the possible design bias (model, data and method) one may experience with enterprise resource planning (ERP) software customization algorithm. This study then presents the artificial intelligence (AI) version of ERP customization algorithm using k-nearest neighbours algorithm.
Findings
This study illustrates the possible bias when the prioritized requirements customization estimation (PRCE) algorithm available in the ERP literature is executed without any AI. Then, the authors present their newly developed AI version of the PRCE algorithm that uses ML techniques. The authors then discuss its adjoining algorithmic bias with an illustration. Further, the authors also draw a roadmap for managing algorithmic bias during ERP customization in practice.
Originality/value
To the best of the authors’ knowledge, no prior research has attempted to understand the algorithmic bias that occurs during the execution of the ERP customization algorithm (with or without AI).
Details