Scheda programma d'esame
ADVANCED SOFTWARE ENGINEERING
(SOFTWARE ENGINEERING)
ANTONIO BROGI
Anno accademico2021/22
CdSINFORMATICA E NETWORKING
Codice290AA
CFU9
PeriodoPrimo semestre
LinguaInglese

ModuliSettore/iTipoOreDocente/i
INGEGNERIA DEI SERVIZI SOFTWAREINF/01LEZIONI72
ANTONIO BROGI unimap
STEFANO FORTI unimap
Obiettivi di apprendimento
Learning outcomes
Conoscenze

Gli studenti acquisiranno conoscenze su varie tecniche avanzate di ingegneria del software, tra cui architetture basate su microservizi, test, principi agili, virtualizzazione basata su container, modellazione dei processi aziendali e sicurezza.

Knowledge

Students will acquire knowledge on various advanced software engineering techniques, including microservice-based architectures, testing, agile principles, container-based virtualisation, business process modeling and security.

Modalità di verifica delle conoscenze

Valutazione continua ed esame orale.

Assessment criteria of knowledge

Continuous assessment and oral exam.

Capacità

Alla fine del corso, gli studenti saranno in grado di affrontare la progettazione, il test e l'implementazione di applicazioni basate su microservizi.

Skills

At the end of the course, students will be able to face the design, testing and deployment of microservice-based applications.

Modalità di verifica delle capacità

Valutazione continua ed esame orale.

Assessment criteria of skills

Continuous assessment and oral exam.

Comportamenti

Gli studenti sperimenteranno il lavoro di squadra nello sviluppo del software nelle lezioni di laboratorio e con i compiti a casa. Sperimenteranno anche come presentare oralmente le metodologie e i risultati dell'ingegneria del software.

Behaviors

Students will experiment teamwork in software development in lab classes and with homework assignments. They will also experiment how to orally present software engineering methodologies and results.

Modalità di verifica dei comportamenti

Valutazione continua ed esame orale.

Assessment criteria of behaviors

Continuous assessment and oral exam.

Indicazioni metodologiche

Lezioni (con supporti visivi come diapositive e clip), laboratori "hands-on", compiti a casa, apprendimento attivo. Uso di Moodle per condividere materiale didattico e gestire forum interattivi.

Teaching methods

Lectures (with visual aids like slides and clips), “hands-on” labs, homework assignments, active learning. Use of Moodle for sharing teaching material and running interactive forums.

Programma (contenuti dell'insegnamento)

RESTful services

REST, OpenAPI.                                                                                                                                                   Microservices

Motivations, definition, properties. Design principles, architectural smells, refactorings. A toolchain for microservices. Use cases. Flask microservices. Containerisation with Docker.                                                                

Software testing

Development, release, and user testing. Test-driven development.                                           

User stories

Agile principles. User stories, examples.                                                                                                                

Business process modelling

Business process models, BPMN, workflow nets, Camunda.                                                                                

Security and microservices

Challenges of securing microservices. Smells and refactorings for microservices security. Static vulnerability analysis. Authentication and authorization. API vulnerabilities and penetration testing.                                                                                                              

Splitting the monolith

Code splitting, data splitting.                                             

Cloud-IoT continuum

Motivations, Fog computing, research challenges. Declarative application placement. Security assessment of application deployments. Continuous reasoning. Secure FaaS orchestration.                                                                  

Syllabus

RESTful services

REST, OpenAPI.                                                                                                                                                   Microservices

Motivations, definition, properties. Design principles, architectural smells, refactorings. A toolchain for microservices. Use cases. Flask microservices. Containerisation with Docker.                                                                

Software testing

Development, release, and user testing. Test-driven development.                                           

User stories

Agile principles. User stories, examples.                                                                                                                

Business process modelling

Business process models, BPMN, workflow nets, Camunda.                                                                                

Security and microservices

Challenges of securing microservices. Smells and refactorings for microservices security. Static vulnerability analysis. Authentication and authorization. API vulnerabilities and penetration testing.                                                                                                              

Splitting the monolith

Code splitting, data splitting.                                             

Cloud-IoT continuum

Motivations, Fog computing, research challenges. Declarative application placement. Security assessment of application deployments. Continuous reasoning. Secure FaaS orchestration.                                                                                              

Bibliografia e materiale didattico

 Slide e 

[1]     D. Neri, J. Soldani, O. Zimmermann, A. Brogi. Design principles, architectural smells and refactorings for microservices: a multivocal review. Software-Intensive Cyber-Physical Systems, 35:3-15. 2020.

[2]     I. Sommerville. Software engineering. Pearson. 2016. [Chapter 8]

[3]     V. Monochristou, M. Vlachopoulou. Requirements specification using user stories. In Agile software development quality assurance. 2007.

[4]     OMG. BPMN 2.0 by example. 2010. [Section 5]

[5]     A. Brogi, S. Forti. Workflow nets. Teaching note. 2020.

[6]     P. Siriwardena, N. Dias. Microservices security in action. Manning. 2020. [Section 1.2 and Chapter 13]

[7]     F. Ponce, J. Soldani, H. Astudillo, A. Brogi. Smells and Refactorings for Microservices Security: A Multivocal Literature Review. 2021.

[8]     S. Newman. Building microservices. O’Reilly. 2015. [Chapter 5]

[9]     S. Forti, G.L. Ferrari, A. Brogi. Secure Cloud-Edge Deployments, with Trust. Future Generation Computer Systems, 102, pages 775-788. 2020.

[10]   S. Forti, G. Bisicchia, A. Brogi.  Declarative Continuous Reasoning in the Cloud-IoT Continuum. Journal of Logic and Computation. 2021. In press.

Bibliography

 Slides and

[1]     D. Neri, J. Soldani, O. Zimmermann, A. Brogi. Design principles, architectural smells and refactorings for microservices: a multivocal review. Software-Intensive Cyber-Physical Systems, 35:3-15. 2020.

[2]     I. Sommerville. Software engineering. Pearson. 2016. [Chapter 8]

[3]     V. Monochristou, M. Vlachopoulou. Requirements specification using user stories. In Agile software development quality assurance. 2007.

[4]     OMG. BPMN 2.0 by example. 2010. [Section 5]

[5]     A. Brogi, S. Forti. Workflow nets. Teaching note. 2020.

[6]     P. Siriwardena, N. Dias. Microservices security in action. Manning. 2020. [Section 1.2 and Chapter 13]

[7]     F. Ponce, J. Soldani, H. Astudillo, A. Brogi. Smells and Refactorings for Microservices Security: A Multivocal Literature Review. 2021.

[8]     S. Newman. Building microservices. O’Reilly. 2015. [Chapter 5]

[9]     S. Forti, G.L. Ferrari, A. Brogi. Secure Cloud-Edge Deployments, with Trust. Future Generation Computer Systems, 102, pages 775-788. 2020.

[10]   S. Forti, G. Bisicchia, A. Brogi.  Declarative Continuous Reasoning in the Cloud-IoT Continuum. Journal of Logic and Computation. 2021. In press.

Indicazioni per non frequentanti

Tutto il materiale didattico e le informazioni sono disponibili nel sito Moodle dedicato al corso. 

Non-attending students info

Students can take the course also without attending to classes and labs.

All teaching material and information are available in the Moodle site devoted to the course.

Modalità d'esame

Valutazione continua ed esame orale.

Assessment methods

Continuous assessment and oral exam.

Ultimo aggiornamento 13/12/2021 12:22