Events in Bicocca

SEMINAR: Design patterns demystified

Prof. Paris Avgeriou - University of Groningen, The Netherlands

University of Milano-Bicocca
Building U14, Sala Seminari
Milano - Italy, 29 January 2016, 14.30

Design patterns are one of the success stories in the software-intensive industry where they have been adopted and integrated in daily practice. This is largely due to the fact that we hold a collective belief that patterns “do good” to a system design, architecture, and implementation. Paradoxically, there is not much evidence to support this belief. More specifically, we cannot say how much, when exactly and under what conditions are patterns actually “good”. In this talk, we will try to provide some answers to these questions by discussing the effect of patterns on stability, i.e. the ability of a software system to resist to the “ripple effect”.

SEMINAR: In the relationships between code smells and design patterns

Prof. Bartosz Walter - Poznan University of Technology, Poland

University of Milano-Bicocca
Building U24, Room C01
Milano - Italy, 27 January 2016, 14.30

Design patterns represent recommended generic solutions to various design problems, whereas code smells are symptoms of design issues that could hinder further maintenance of a software system. We can intuitively expect that both concepts are mutually exclusive, and the presence of patterns is correlated with the absence of code smells. However, the existing experimental evidence supporting this claim is still insufficient, and studies separately analyzing the impact of smells and patterns on code quality, deliver diverse results. We analyze 9 design patterns and 7 code smells in two medium-size, long- evolving, open source Java systems. In particular, we explore how the presence of design patterns impacts the presence of code smells, analyze if this link evolves over time, and extract association rules that describe their individual relationships.

SEMINAR: Multi-criteria approach to code smell detection

Prof. Bartosz Walter - Poznan University of Technology, Poland

University of Milano-Bicocca
Building U14, Room T023
Milano - Italy, 26 January 2016, 14.30

Bad smells are indicators of inappropriate code design and implementation. They suggest a need for refactoring, i.e. restructuring the program towards better readability, understandability and eligibility for changes. Smells are defined only in terms of general, subjective criteria, which makes them difficult for automatic identification. Existing approaches to smell detection are based mainly on human intuition, usually supported by code metrics. Unfortunately, these models do not comprise the full spectrum of possible smell symptoms and still are uncertain. Therefore, we define a multi-criteria approach for detecting smells. It learns from programmer's preferences, and then combines the signals coming from different sensors in the code and computes their utility functions. The final result reflects the intensity of an examined smell, which allows the programmer to make a ranking of most onerous odors.

SEMINAR: Valutazione Empirica di Metodi a Supporto del Refactoring: La Storia Infinita

Prof. Rocco Oliveto, Università del Molise

University of Milano-Bicocca
Building U14, Sala Seminari
Milano - Italy, September 18, 2015, 14.30

Era il 2008 quando decisi di iniziare a lavorare sul refactoring.

Ricordo ancora lo scetticismo con cui il mio tutor - Prof. Andrea De Lucia - accolse la mia idea. Andrea aveva lavorato per tanti anni su re-engineering e non credeva si potesse ancora tirare fuori qualcosa di innovativo sul refactoring. Oggi, a distanza di qualche anno, posso affermare che si sbagliava. Grazie ad uno degli studenti di dottorato più talentuosi al mondo - Gabriele Bavota - negli ultimi 5 anni abbiamo pubblicato circa 20 articoli sull’argomento. Tra questi c’è un articolo, pubblicato su Empirical Software Engineering, che forse fornisce le più preziose “lesson learned” al lettore ma che sicuramente, durante il suo processo di revisione, ha fatto crescere tantissimo noi stessi.

Il processo di revisione di tale articolo, durato un anno, ci ha fatto capire le minacce che si nascondono dietro la validazione empirica di un metodo a supporto del refactoring e come, con diverse strategie di validazione, è possibile mitigarle. In questo seminario, quindi, avrò il piacere di portare la mia esperienza personale sull’attività di ricerca relativa all’attività di software refactoring, fornendo una panoramica sull’argomento e soffermando l’attenzione proprio sulla validazione empirica dei metodi a supporto di tale attività.

SEMINAR: Software Protection

Paolo Falcarin, University of East London, London, UK

University of Milano-Bicocca
Building U6, Room U6-10
Milano - Italy, December 2, 2014, 10.30

Software Protection is crucial for many individuals and companies that produce or use software; these may be software vendors, or any service industry relying on software applications. Software protection is crucial to mitigate attacks such as reverse engineering, piracy, and tampering of software artefacts.

Software engineers need to be aware of these threats, and companies need to organize appropriately to defend companies’ or individuals’ assets such as service keys, intellectual properties, and program execution correctness. Effective deployment of protection techniques can mean the difference between business survival and failure.

A computer system's security can be compromised in many ways. A denial-of-service attack can make a server inoperable, or an eavesdropper can reap financial rewards by intercepting the communication link between a customer and the bank through a man-in-the-middle (MITM) attack.

What all MITM scenarios have in common is that the adversary is an untrusted entity that attacks a system from the outside. If we remove this assumption and if we allow anyone operating a computer system (from system administrators down to ordinary users) to compromise that system's security, we find ourselves in a more complex scenario that has received comparatively little attention. Methods for protecting against such Man-At-The-End (MATE) attacks are variously known as software hardening, tamper-proofing techniques, digital asset protection, or, more commonly, software protection.

This talk will provide an overview on software protection research, with particular emphasis on the EU-FP7 project ASPIRE (Advanced Software Protection: Integration Research and Exploitation), aiming at developing algorithms that protect the integrity of data and software applications deployed on mobile devices.

SEMINAR: Dal reverse engineering allo yacht off-shore - ovvero come diventare ricchi, rischiando “solo” un po’ di galera :)

Alessio L.R. Pennasilico, Comitato Tecnico Scientifico CLUSIT

University of Milano-Bicocca
Building U6, Room U6-10
Milano - Italy, December 16, 2014, 10.30

Verranno analizzati i rischi informatici che oggi più spesso devono essere affrontati, cercando di capire quanto denaro circola nei circuiti della criminalità grazie alla non corretta gestione di questi rischi, da parte di aziende e privati e perché questo denaro sia in quantità sufficiente a renderci tutti bersagli appetibili…

SEMINAR: Applicazione di principi e tecniche di software engineering nella realta’ dei progetti industriali

Gualtiero Bazzana, Alten Italia

University of Milano-Bicocca
Building U6, Room U6-10
Milano - Italy, November 25, 2014, 10.30

L’intervento affronterà il tema dell’effettiva applicazione dei principi di software engineering nel contesto dei progetti svolti nelle aziende italiane ed internazionali, contemperando la teoria con i vincoli di budget e time-to-market.

In particolare verranno sviluppati i seguenti temi:

  • Le aree che vengono individuate per la definizione della maturità dei processi nelle software producing units (modello CMMI).
  • Adozione di tali pratiche al variare del settore economico.
  • Fattori che influenzano la produttività e il technical debt nei progetti software.

Official seminar announcement

SEMINAR: Dal reverse engineering allo yacht off-shore [ovvero come diventare ricchi, rischiando “solo” un po’ di galera :)]

Alessio L.R. Pennasilico, Direttivo Clusit, Security Evangelist Alba ST

University of Milano-Bicocca
Building U14, Sala Seminari
Milano - Italy, December 13, 2013, 09.30

Verranno analizzati i rischi informatici che oggi più spesso devono essere affrontati, cercando di capire quanto denaro circola nei circuiti della criminalità grazie alla non corretta gestione di questi rischi, da parte di aziende e privati e perché questo denaro sia in quantità sufficiente a renderci tutti bersagli appetibili…

SEMINAR: Shifting the paradigm of code smell analysis: The role of individual, aggregated, and interconnected code smells on maintainability

Aiko Yamashita, Simula Research Lab, Oslo

University of Milano-Bicocca
Building U6, Room T023
Milano - Italy, December 3, 2013, 13.30

An advantage of code smells over traditional software measures is that the former are associated with an explicit set of refactorings to improve the existing design. Research in the past decade on code smells has emphasized the formalization and automated detection of code smells, but much less on empirical validations on how good code smells are for evaluating maintainability. This talk summarizes the main findings from a study conducted at Simula Research Lab, which aimed at investigating the strengths and limitations of code smells for evaluating software maintainability. The study comprised an outsourced maintenance project involving four Java web systems with equivalent functionality but dissimilar implementation, six software professionals, and two software companies. The results show that the usefulness of code smells differs according to the granularity level (e.g., whether the assessment is done at file or system level) and the particular operationalization of maintainability (e.g., maintainability can be measured via maintenance effort, or problems encountered during maintenance, etc).

Official Seminar announcement

SEMINAR: Mezzi elettronici di pagamento: uno scenario in continua evoluzione

Stefano Zireddu, American Express

University of Milano-Bicocca
Building U6, Room U6-10
Milano - Italy, November 14, 2013, 10.30

Il tema della giornata sarà incentrato sulla stretta correlazione tra monetica e minaccia informatica passando attraverso una panoramica dei mezzi elettronici di pagamento, immaterialità del dato, problematiche di information sharing e best practices adottate.

Official Seminar announcement

SEMINAR: Model-Driven Maintenance vs. Code-Centric Maintenance: Two Experiments Using UniMod

Filippo Ricca e Maurizio Leotta. Università di Genova, Dipartimento di Informatica e Scienze dell'Informazione

University of Milano Bicocca, Italy
Building U14, Aula T024
Milano - Italy, January 16, 2013

Model-driven techniques are very popular in academy but their adoption into industry seems to be slow. One of the problems is that the main claimed advantages of Model driven development necessitate empirical evidence to convince decision makers. In this seminar we will present our work where we tested one of the claimed benefits of Model-driven development, i.e., improvement in maintainability, through two experiments with 21 BSc students and 11 PhD students respectively. In these experiments, UniMod, a specific implementation of executable UML, is compared with code-centric programming, in a software maintenance scenario. Results indicate a relevant reduction in time to accomplish the maintenance tasks with no significant impact on correctness when UniMod is used instead of code-centric programming. However, the benefits of UniMod in terms of time reduction vary in a substantial way depending on the developers’ experience. PhD students benefited more than BSc students from UniMod.

SEMINAR: How Do Classes Choose Their Parents? (Preferential Attachment to the Trial)

Professor Yossi Gil. Department of Computer Science, The Technion—Israel Institute of Technology, Haifa, Israel

University of Milano Bicocca, Italy
Building U14, Sala Seminari
Milano - Italy, June 1, 2012

Previous research repeatedly discovered a power-law distribution of object-oriented software metrics. The classical process of preferential attachment was proposed as a possible explanation. In this presentation, I will describe research in progress which tries to evaluate this conjecture: we focus on the famous Number of Children (NOC) object-oriented software metric, that is, the number of immediate sub-classes a given class has. We examine the history of development of several software artifacts in attempt to asses hypothesis underlying preferential attachment, namely that the number of existing children a class already has, determines the probability it is selected as a parent again. Each history is converted to a large system of high-degree polynomial equations whose solution provides the desired probabilities. We describe a numerical method for solving this system, and employing it, we are able to reason about dependencies. Our finding give empirical support for the preferential attachment hypothesis. However we identify a number of equal or better predictors of this probability, including the class's age, i.e., how recently it was changed. The strongest and unequivocal predictor turns out to be the total number of changes the class went through.

Official seminar page

SEMINAR: Business Agility. L’IT come abilitante alla prontezza di risposta all’esigenza di business

Stefano Panero, Blue Reply

University of Milano Bicocca, Italy
Building U14, room T023
Milano - Italy, Dicember 6, 2011

La capacità di adattare il proprio business ai cambiamenti del mercato diventa ogni giorno più importante. L’evoluzione delle esigenze di business, che avviene sempre più rapidamente, impatta i processi e il sistema informativo che ne permette l’esecuzione. Soluzioni tecnologicamente innovative, basate su paradigmi SOA e BPM, permettono di implementare l’ammodernamento dei sistemi in modo incrementale, massimizzando il ritorno di investimento, avvicinando temporalmente i benefici e gestendo la complessità nel tempo. Approccio, benefici, difficoltà e rischi di applicazioni reali di soluzioni abilitatrici di una vera Business Agility.

Official seminar page

SEMINAR: Software Protection: overview of state of the art and current research

Paolo Falcarin, Senior Lecturer, School of Architecture, Computing and Engineering (ACE), University of East London

University of Milano Bicocca, Italy
Building U14, room T023
Milano - Italy, November 24, 2011

Typical system security scenarios assume that the adversary is an untrusted entity that attacks a system from the outside, and the computers under attack are operated by benign and trusted users. But if we remove this assumption, if we allow anyone, from system administrators down to ordinary users,—to compromise that system's security, we find ourselves in a scenario that has received comparatively little attention. Attacks by a trusted user on a computer system, called a man-at-the-end (MATE) scenario, can take many forms. in a tampering attack, an adversary violates the integrity of a piece of software under his control, perhaps by modifying it in ways the software vendor didn't intend. In a malicious reverse-engineering attack, he violates the vendor's confidentiality rights by extracting intellectual property from the software, such as algorithms or crypto-keys; finally, in a cloning attack, he violates copyright laws by making and distributing illegal copies of the software. This seminar will describe current methods for protecting against MATE attacks and it will overview current research in these topics.

Official seminar page

The 6th Workshop of the Italian Eclipse Community

University of Milano Bicocca, Italy
Milano - Italy, September 22-23, 2011

Eclipse was initially designed as an integrated development environment (IDE) for object-oriented application development. Today Eclipse is an open source community whose projects are focused on building an open development platform comprised of extensible frameworks, tools and runtimes for building, deploying and managing software across the lifecycle. This workshop is the sixth yearly meeting of the Italian Eclipse Community which includes universities, public institutions and industries, researchers and practitioners, students and professionals, all joined by the interest in promoting, experimenting, extending, and supporting the Eclipse platform.

Go to the official site of Eclipse-IT 2011 >

Other Events

Workshop - MaLTeSQE’16: Machine Learning Techniques for Software Quality Evaluation

MaLTeSQE’16: Machine Learning Techniques for Software Quality Evaluation

15-17 September 2016
Wrocław, Poland

Co-located with: XVIII KKIO Software Engineering Conference

In recent years we have been observing a rising interest in adopting various approaches to support machine learning and decision-making processes in several areas of software engineering. These models and algorithms help to reduce effort and risk related to human judgment in favor of automated systems, which are able to make informed decisions based on available data and evaluated with objective criteria.

Software quality is the area that deserves particular attention. At all levels: source code quality, process quality and the quality of entire systems, researchers are still looking for new, more effective methods of assessing various qualitative characteristics.

The aim of the workshop is to provide an overview of emerging trends in applying machine learning approaches to software quality evaluation.

Topics of interest include, but are not limited to:

  • Application of machine-learning in software evaluation
  • Analysis of multi-source data
  • Knowledge acquisition from software repositories
  • Adoption and validation of machine learning models and algorithms in software engineering
  • Decision support and analysis in software engineering
  • Predicting models in software engineering

Co-Chairs: Francesca Arcelli Fontana, Bartosz Walter, Marco Zanoni

Important dates:

  • Submission of papers: 29.03.2016
  • Notification of acceptance: 09.05.2015
  • Camera-ready papers: 23.05.2016
  • Registration early (due): 30.06.2016
  • Registration late (due): 15.08.2016
  • Conference: 15-17.09.2016

Event leaflet: PDF