Home Prospective Students Potential Projects

1. Integration of development, operations and business of software (DevOps/BizOps)

In the era of digitization, where an increasing number of companies rely on digital and new technologies, software plays a crucial role either as a business tool, but also as the actual product. Given the nature of modern software (modular, distributed) and the volatility of the system's environment, the management of change becomes a critical ability of a digital business. Nevertheless, it is often the case that the business dimension of software is not taken into consideration when deciding and planning for software change. This may result in suboptimal business decisions in the long-term or even in the short-term, and possibly lead to the failure of the business venture. This is especially true for small-to-medium companies (SMEs), whose size implies that even small decisions can have a large impact on their economics.

DevOps/BizOps integration: The goal of this project is first to identify the correlation of technical parameters (such as software design and architecture, performance, deployment) with business parameters (such as price, user utility, cost, advertisement). This will be achieved by studying the history of software systems both in terms of the evolution of their features, but also with respect to their price, market share, SLAs and other business indexes. Additionally, developers and project manager will be interviewed to understand their habits on software change decisions and to what degree they consider the economics of software either as constraints or as goals.

DevOps/BizOps hybrid models: The next goal of this project is to formally capture the correlation between technical and business parameters of software change in hybrid models. These models will help in understanding the impact of technical or business change to the other aspect of the software systems. They may also allow for simulation to assess the long-term impact of change and guide the strategic planning of the digital business.

2. Autonomic management systems for runtime software and business adaptation (MAPE-K for DevOps/BizOps)

Self-adaptive digital systems have been established as the prevalent solution to address the volatility of the execution environment of software systems. Especially for web and cloud software systems, autoscaling provides a perfect example of self-adaptive mechanism, with particular focus on performance. While autonomic software management already exists for technical aspects of the software (performance, automated patching etc.), it is not the same for its business aspect (e.g., adaptive pricing). On one hand, this is because it is more challenging to change economic parameters as easily and as fast as technical parameters. On the other hand, software economics are not governed by the same conservation laws as technical adaptation, which makes it a more open problem. Nevertheless, the fast pace of software change and the volatility of modern software may dictate that software economics should become more adaptive to allow digital businesses to survive.

Multi-objective optimization for runtime adaptation: To allow for the best management and optimal decision-making processes that will consider all aspects of a software system, we need complex optimization systems that will span multiple objectives, including performance, functionality, cost, revenue, security and others. In addition, given the modularity and distributed nature of modern systems, optimization will need to be achieved within the context of the ecosystem and consider notions such as clients, competitors, legal and business environment and so on. Relying on hybrid models, which can capture both technical and economic aspects of software, the goal of this project is to develop multi-objective optimizers to guide the runtime management of software applications. Besides the guarantee for optimal decisions around software changes, the benefit of optimizers is their transparency, which can help decision-makers to understand why a specific decision is optimal or not. This can lead to fine-tuning and even better configuration of the management system.

Hybrid controllers for distributed software systems: Control theory is experiencing an increase in popularity concerning the management of digital and software systems. However, there are several challenges in controlling automatically economic systems because of their open nature and lack of conservation laws. It is the argument of this work that economic indexes of software systems can be bounded based on technical bounds, which are more straightforward to define. Controllers are known for their high degree of automation, for their robustness and their adaptability in the face of external change and for their ability to handle multiple inputs (adaptation commands) and control multiple outputs. This last ability is what makes controllers ideal for the problem of managing both technical and economic parameters of the system. The ability to design adaptive controllers is important for highly volatile environments, as the ones software operates in. Finally, automation may slightly decrease the transparency gained from mutli-objective optimizers, but also reduces the necessary maintenance of the management system.

3. DevOps IDE for IoT software systems

Internet-of-Things systems are characterized by inherent modularity and heterogeneity with concerns spanning across software, hardware, data and network. This makes the management of change of individual components, but also of the entire system, a challenging task, especially when one has to consider the multiple stakeholders of the IoT system. Therefore, it is necessary to adopt end-to-end analytics processes spanning the entire length of the system, but also across all phases of software development, to maintain high quality, availability and good business partnership in all states of the system (development and runtime operations). These challenges may be aggravated by the lack of integrated tools to allow developers the ability for end-to-end analytics, involving other components of the system as well, and provide them with a more systemic view of the IoT infrastructure. Existing IDEs, like NodeRED and Eclipse-IoT, provide good environments for the development of IoT components and systems, but they don’t provide functionality for the runtime management of the system with respect to performance or profitability, neither do they include capabilities to manage change with respect to the system.

Study and understand the impact of change in IoT systems: At first, this project aims at identifying the habits and strategies of developers when dealing with change; what tools they use, what parameters they consider to make decisions, if they consider other stakeholders of the system, what aspects of the system they consider more important. The survey will involve interviews with IoT developers, but also the study of real IoT systems (source code and bug repositories, mailing lists, changesets and business announcements) to evaluate the impact of change historically for these projects. This will give us a complete picture about the needs and challenges of IoT developers and what tools are missing from existing development environments.

Complement the functionality of IDEs for IoT: Based on the identified needs and limitations, the subsequent goal of this project is to extend existing IDEs with DevOps tools. The focus will be on runtime management tools and controllers and tools that enhance the management capabilities for business and economic parameters. Another goal is to visualize and make explicit the externalities (i.e., the interdependencies) of change and annotate them with information about their business and economic impact, in an effort to provide developers with a wealth of information, which will lead to more globally optimal decisions. Finally, these extensions will be heavily tested with real developers to quantify their value and enumerate their benefits in addressing change.

4. DevOps for Security

With the rise of web technologies and digital business, security has become of paramount importance for the success and survival of companies. While securing the periphery of a software system (network and infrastructure) is critical, the data and software do not remain immune to security vulnerabilities. Attacks are becoming more sophisticated and are trying to exploit application-specific vulnerabilities. In the face of modular architectures and constant change, maintaining the security at the application level is crucial.

Currently, security is either assessed with application-specific static analysis or it is guaranteed with application-agnostic dynamic analysis on the periphery. The limitations of these approaches are obvious; the uncertainty of what can happen at runtime will result in incomplete results from the static analysis and security will have to be guaranteed on the application level as well. In the spirit of DevOps, the goal of this work is to combine the static analysis of the application (at development time) with dynamic monitoring and analysis (at operations time) to more accurately identify security vulnerabilities and better address security threats.

A complete DevOps approach for security: In addition to bridging the gap between static and dynamic analysis, this project also contributes in closing the loop; beyond the analysis of the application, the management system should also design plans of action and be able to decide on the best, according to the given setting. Next, the management system should also execute the decided plan to address the security concerns identified during the analysis. After the execution, the state and the models of the application and of the management system should be updated accordingly, guaranteeing the ability to manage the application in the longer term.

5. Correlation of Technical Debt with Financial Debt

Technical debt refers to problems in non-functional requirements of a software system (e.g., design or security), which can hinder the maintenance and future development of the system. Technical debt may be introduced either by pure negligence, bad practices or knowingly due to other priorities (e.g., fast releases). Regardless of the reason behind technical debt, it is important to consider whether and when to resolve technical debt. In this context, we need to be able to evaluate the cost of a delay in resolving the debt and also to predict the cost of further delays. While technical debt has mostly been studied in terms of technical parameters (quality degradation, maintenance effort etc.), it becomes evident that there are clear economic extensions, not only with respect to cost, but also concerning the ability to generate revenue, for example when we are not able to properly extend the system’s functionality due to the debt. The primary goal of this project is to identify and quantify this correlation.

Formalize the relationship between technical and financial debt: Beyond the realization of the obvious relationship between the two kinds of debt, it is also necessary to formalize this relationship in mathematical models. The anticipation is that this will help developers understand the impact of technical debt and aid them in its resolution.

A decision-support system for the resolution of technical debt: The second goal of the project is to build decision-support systems based on the mathematical models to answer the questions of whether and when to resolve technical debt based on its economic impact.

Copyright © 2019 Marios Fokaefs's Home Page. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.