Kiev Gama

Rafa Prado, Wendy Galeno, Kiev Gama et al.

Hackathons are fun! People go there to learn, meet new colleagues, intensively work on a collaborative project, and mix pizza with energy drinks. However, for transgender community and other minorities, hackathons can have an uncomfortable atmosphere. Some transgender and non-conforming people that, although enjoying hackathons, decided not to participate anymore, afraid of LGBQTPhobia and other discomforts. In this paper we surveyed 44 trans and cis hackathons participants and interviewed seven transgender ones. By understanding their needs and challenges, we introduce five recommendations to make hackathons more inclusive.

Abasi-amefon Obot Affia-Jomants, Kiev Gama, James D. Herbsleb et al.

Hackathons and similar time-bounded events are a global phenomenon. Their proliferation in various domains and their usefulness for a variety of goals has led to the emergence of different formats. While there are a multitude of guidelines available on how to prepare and run a hackathon, most of them focus on a particular format that was created for a specific purpose within a domain for a certain type of participant. This makes it difficult, in particular, for novice organizers to decide how to run an event that fits their needs. To address this gap we developed the original version of this planning kit in 2020 which focused on in-person events that were the dominant form of hackathons then. That planning kit was organized around 12 key decisions that organizers need to take when preparing for, running, and following up on a hackathon. Fast forward to 2025, after going through a global pandemic that forced all events to move online, we now see different forms of events - in-person, online, and hybrid - taking place across the globe, and while they can be all valuable, they have different affordances and require different considerations when planning. To account for these differences, we decided to update the original planning kit by adding a section that discusses the affordances and requirements of in-person, online, and hybrid events to each of the 12 decisions. In addition, we modified the original example timelines to include different forms and types of events. We also updated the planning kit in general based on insights we gained through continuing to organize and study hackathons. The main planning kit is available online while this report is meant to be a downloadable and citable resource.

Alexandre Vianna, Waldemar Ferreira, Kiev Gama

[Background] Nowadays, there is a massive growth of data volume and speed in many types of systems. It introduces new needs for infrastructure and applications that have to handle streams of data with low latency and high throughput. Testing applications that process such data streams has become a significant challenge for engineers. Companies are adopting different approaches to dealing with this issue. Some have developed their own solutions for testing, while others have adopted a combination of existing testing techniques. There is no consensus about how or in which contexts such solutions can be implemented. [Aims] To the best of our knowledge, there is no consolidated literature on that topic. The present paper is an attempt to fill this gap by conducting an exploratory study with practitioners. [Method] We used qualitative methods in this research, in particular interviews and survey. We interviewed 12 professionals who work in projects related to data streams, and also administered a questionnaire with other 105 professionals. The interviews went through a transcription and coding process, and the questionnaires were analysed to reinforce findings. [Results] This study presents current practices around software testing in data stream processing applications. These practices involve methodologies, techniques, and tools. [Conclusions] Our main contribution is a compendium of alternatives for many of the challenges that arise when testing streaming applications from a state-of-the-practice perspective.

Davino Mauro Junior, Kiev Gama, Atul Prakash

Internet of Things is growing rapidly, with many connected devices now available to consumers. With this growth, the IoT apps that manage the devices from smartphones raise significant security concerns. Typically, these apps are secured via sensitive credentials such as email and password that need to be validated through specific servers, thus requiring permissions to access the Internet. Unfortunately, even when developers are well-intentioned, such apps can be non-trivial to secure so as to guarantee that user's credentials do not leak to unauthorized servers on the Internet. For example, if the app relies on third-party libraries, as many do, those libraries can potentially capture and leak sensitive credentials. Bugs in the applications can also result in exploitable vulnerabilities that leak credentials. This paper presents our work in-progress on a prototype that enables developers to control how information flows within the app from sensitive UI data to specific servers. We extend FlowFence to enforce fine-grained information flow policies on sensitive UI data.

Herbertt Diniz, Kiev Gama, Robson Fidalgo

Complex Event Processing (CEP) is one technique used to the handling data flows. It allows pre-establishing conditions through rules and firing events when certain patterns are found in the data flows. Because the rules for defining such patterns are expressed with specific languages, users of these technologies must understand the underlying expression syntax. To reduce the complexity of writing CEP rules, some researchers are employing Domain Specific Modeling Language (DSML) to provide modelling through visual tools. However, existing approaches are ignoring some user design techniques that facilitate usability. Thus, resulting tools eventually has become more complexes for handling CEP than the conventional usage. Also, research on DSML tools targeting CEP does not present any evaluation around usability. This article proposes a DSML combined with visual notations techniques to create CEP rules with a more intuitive development model adapted for the non-expert user needs. The resulting tool was evaluated by non-expert users that were capable of easily creating CEP rules without prior knowledge of the underlying expression language.