Abu Bakar Sultan

OBSTACLES IN MOVING TO AGILE SOFTWARE DEVELOPMENT METHODS; AT A GLANCE

It is only less than a decade that agile SD methods were introduced and got popular steadily. The defined values in these methods and their outcomes have motivated many software producers to use these methods. Since migration from traditional sof tware development methods to agile methods is growing highly, managers of the companies should be aware of problems, hindrances and challenges they may face with during the agile transformation process. This study focused on challenges which companies may face with and it is necessary that ma nagers think about solving them. Classifying them into four main categories; organization and management, people, process and tools are the areas that challenges have been seen in recent studies.

Current state of research on cross-site scripting (XSS) – A systematic literature review

Context: Cross-site scripting (XSS) is a security vulnerability that affects web applications. It occurs due to improper or lack of sanitization of user inputs. The security vulnerability caused many problems for users and server applications. Objective: To conduct a systematic literature review on the studies done on XSS vulnerabilities and attacks. Method: We followed the standard guidelines for systematic literature review as documented by Barbara Kitchenham and reviewed a total of 115 studies related to cross-site scripting from various journals and conference proceedings. Results: Research on XSS is still very active with publications across many conference proceedings and journals. Attack prevention and vulnerability detection are the areas focused on by most of the studies. Dynamic analysis techniques form the majority among the solutions proposed by the various studies. The type of XSS addressed the most is reflected XSS. Conclusion: XSS still remains a big problem for web applications, despite the bulk of solutions provided so far. There is no single solution that can effectively mitigate XSS attacks. More research is needed in the area of vulnerability removal from the source code of the applications before deployment.

The impact of inadequate and dysfunctional training on Agile transformation process: A Grounded Theory study

Context Training is an essential facilitator in moving from traditional to Agile software development. Objective This paper addresses the importance of adequate and functional training in Agile transformation process, the causes of inadequate and dysfunctional training, and the heuristic strategies that can be used in software companies for dealing with this phenomenon. Method A Grounded Theory study was conducted with participation of 35 Agile experts from 13 different countries. Results This research discovered that inadequate and dysfunctional training was one of the critical issues that affected Agile transformation process. This study shows that comprehensive and functional training is not often provided to support Agile transformation. This paper shows the primary causes of inadequate and dysfunctional training, its adverse consequences on the transformation process, and the heuristic and ad-hoc treatments as the strategies used by Agile teams to cope with this challenge. Conclusion Comprehensive training is important in Agile transformation process. Inadequate and dysfunctional training causes several challenges and problems for software companies and development teams when moving to Agile. Several ad-hoc strategies identified by this study can be employed to help software teams and companies facing similar problems.

Shuffling Algorithms for Automatic Generator Question Paper System

Examination process is important activities for educational institutions to evaluate student performance. Thus the quality of the exam questions would determine the quality of the students produced by the institutions. Preparing exam questions is challenges, tedious and time consuming for the instructors. Usually the instructors keeping their own test bank in some form to help them prepare future exams. Current technologies help the instructors to store the questions in computer databases. The issue arise is how the current technologies would also help the instructors to automatically generate the different sets of questions from time to time without concern about repetition and duplication from the pass exam while the exam bank growing. This paper describes the usage of shuffling algorithm in an Automatic Generator Question paper System (GQS) as a randomization technique for organising sets of exam paper. The results indicate shuffling algorithm could be used to overcome randomization issue for GQS.

Exploring Key Factors of Pilot Projects in Agile Transformation Process Using a Grounded Theory Study

Changing development approach from disciplined to agile methods is an organizational mutation that requires many issues to be considered to increase its chance of success. Selecting an appropriate pilot project as initial project that is going to be done through an Agile method is a critical task. Due to the impact of such a pilot project on successful Agile transformation, understanding its critical factors helps organizations choose the most suitable project to start Agile transition. Conducting a Grounded Theory, showed that organization should considered some key factors of a pilot: Criticality, Duration, Size and Required resources. Besides these factors, the results showed that organization should be aware of the risk of successful pilot project in their next Agile projects. The study also showed that pilot selection mostly is done by Agile coaches or is forced by customer.

An Exploratory Study on Managing Agile Transition and Adoption

Software companies are replacing traditional software development methods with Agile methods due to coping with inherent problems of traditional methods. Due to the different nature of traditional and Agile methods, adaptation to Agile methods is not a simple process and needs to be managed in a sustainable way. In recent years, several studies have conducted on investigation of Agile migration journey, but less effort on identifying the serious managerial attentions in Agile transition process. Conducting a Grounded Theory in context of Agile software development, showed various aspects of the transition to be considered in order to having a successful change management process. This paper shows the important role of the emergent managerial attentions on success of Agile transition and adoption process.

Knowledge Management and Usability Model for Knowledge Management System

Many studies and works have been done to produce a Knowledge Management System (KMS) in which employees of any organization can access the organization’s sources of information and solutions. However, there is still no standard knowledge measurement and usability model that can assist KMS user to select or evaluate the appropriate KMS. The aim of this paper is to analyze how the ISO Consolidated Usability Model suggested by Abran, Khelifi, Suryn and Seffah can be used in measuring knowledge and evaluating usability for any Knowledge Management System. The methodology used is a user-satisfaction questionnaire developed based on the ISO Consolidated Usability Model.

Metaheuristic approaches for optimizing agricultural land areas

Metaheuristic approaches are the most selected technique to find optimization solution intelligently in many areas of timetabling and scheduling, space allocation, decision making and others. These approaches have promised a better solution in single objective optimization problem. However, there is no revealed discussion on the issue that has more than one problem. In agricultural land use planning, we found that there are two related problems need to be solved intelligently before obtaining the main objective of optimal solution for the land. The problems are i) to allocate the resources into agricultural land optimally, then ii) to arrange the plant in the planting area in order to find an optimal layout. The solution of the both problems will utilize the land and consequently maximize number of plant to be planted in an area respectively. This paper is preliminary investigation towards optimizing agricultural land, in order that we focus on the understanding of the issues in agricultural land and solution methods by referring to the similarity of the previous researches. We also promote the solutions idea and show the complexity of the problems, and finally find that the metaheuristic approaches are a necessity.

New Real-Coded Genetic Algorithm Operators for Minimization of Molecular Potential Energy Function

The global minimum of the potential energy of a molecule corresponds to its most stable conformation and it dictates most of its properties. Due to the extensive search space and the massive number of local minima that propagate exponentially with molecular size, determining the global minimum of a potential energy function could prove to be significantly challenging. This study demonstrates the application of newly designed real-coded genetic algorithm (RCGA) called RX-STPM, which incorporates the use of Rayleigh crossover (RX) and scale-truncated Pareto mutator (STPM) as defined earlier for minimizing molecular potential energy functions. Computational results for problems with up to 100 degrees of freedom are compared with five other existing methods from the literature. The numerical results indicate the underlying reliability (robustness) and efficiency of the proposed approach compared to other existing algorithms with low computational costs.

Prevention of attack on Islamic websites by fixing SQL injection vulnerabilities using co-evolutionary search approach

In recent times, there is an alarming increase in web application attacks, with significant cases, specifically, targeting Islamic websites. Since 2004, SQL Injection Vulnerabilities (SQLIVs) remains the most serious software security loopholes via which web applications are exploited. Fixing SQLIVs prior to deployment would provide very effective means of protection against such exploits. Ideally, SQLIVs fixing includes four main phases: SQLIVs detection, fix generation, fix application, and fix effectiveness verification. Most existing research works address different phases separately. There is no single research that addresses the four phases in a seamless integrated automation. This paper presents instances of attack on Islamic websites, and then propose framework for seamless integrated and automated SQLIVs fixing for web application, as part of an ongoing research work. The framework employs Evolutionary Programming to establish competitive co-evolution of web applications and test sets, in which fitness of evolved web applications is evaluated based on their ability to defend test attacks and pass legitimate input tests.