Damian Andrew Tamburri

Damian Andrew Tamburri
Eindhoven University of Technology | TUE · Jheronimus Academy of Data Science

Information Management and Software Engineering, Ph.D.

About

157
Publications
65,120
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,070
Citations
Introduction
Damian is an Associate Professor at the Eindhoven University of Technology and the Jheronimus Academy of Data Science, in s'Hertogenbosch, The Netherlands. Damian Lectures in Big Data Architectures and Machine-Learning, using these techniques also in his Social Software and Data Engineering research. He is now IEEE Software editorial board member, Voting and high-standing member of the TOSCA TC as well as secretary of the IFIP TC2, TC6, and TC8 WG on “Service-Oriented Computing”.
Additional affiliations
April 2014 - January 2015
Vrije Universiteit Amsterdam
Position
  • PostDoc Position
June 2012 - July 2012
Vrije Universiteit Amsterdam
Position
  • Academic Writing
January 2012 - present
Education
August 2009 - December 2010
Vrije Universiteit Amsterdam
Field of study
  • Software Engineering
July 2008 - December 2010
Università degli Studi dell'Aquila
Field of study
  • Computer Science
June 2007 - August 2007
Borland Academy
Field of study
  • Model-Driven Architectures

Publications

Publications (157)
Article
Full-text available
Social debt is analogous to technical debt in many ways: it represents the state of software development organisations as the result of “accumulated” decisions. In the case of social debt, decisions are about people and their interactions. Our objective was to study the causality around social debt in practice. In so doing, we conducted exploratory...
Conference Paper
Full-text available
“Social debt” in software engineering informally refers to unforeseen project cost connected to a “suboptimal” development community. The causes of suboptimal development communities can be many, ranging from global distance to organisational barriers to wrong or uninformed socio-technical decisions (i.e., decisions that influence both social and t...
Article
Software development is increasingly carried out by developer communities in a global setting. One way to prepare for development success is to uncover and harmonize these communities to exploit their collective, collaborative potential. A proposed decision tree can help practitioners do this.
Article
Full-text available
Software engineering evolved from a rigid process to a dynamic interplay of people (e.g. stakeholders or developers). Organizational and social literature call this interplay an organizational social structure (OSS). Software practitioners still lack a systematic way to select, analyze and support OSSs best fitting their problems (e.g. software dev...
Article
Full-text available
Many architectural languages have been proposed in the last fifteen years, each one with the chief aim of becoming the ideal language for specifying software architectures. What is evident nowadays, instead, is that architectural languages are defined by stakeholder concerns. Capturing all such concerns within a single, narrowly focused notation is...
Article
The increasing heterogeneity of the VM offerings on public IaaS clouds} gives rise to a very large number of deployment options for constructing distributed, multi-component cloud applications. However, selecting an appropriate deployment variant, i.e., a valid combination of deployment options, to meet required performance levels is non-trivial. T...
Article
Full-text available
Travel time information is used as input or auxiliary data for tasks such as dynamic navigation, infrastructure planning, congestion control, and accident detection. Various data-driven Travel Time Prediction (TTP) methods have been proposed in recent years. One of the most challenging tasks in TTP is developing and selecting the most appropriate p...
Preprint
Full-text available
Data originating from open-source software projects provide valuable information to enhance software quality. In the scope of Software Defect Prediction, one of the most challenging parts is extracting valid data about failure-prone software components from these repositories, which can help develop more robust software. In particular, collecting d...
Article
Full-text available
The open-source phenomenon has reached unimaginable proportions to a point in which it is virtually impossible to find large applications that do not rely on open-source as well. However, such proportions may turn into a risk if the organizational and socio-technical aspects (e.g., the contribution and release schemes) behind open-source communitie...
Article
Software engineering projects are now more than ever a community effort. In the recent past, researchers have shown that their success not only depends on source code quality, but also on other aspects like the balance of power distance, culture, and global engineering practices, and more. In such a scenario, understanding the characteristics of th...
Chapter
Data Markets are becoming increasingly popular but are very challenging to deploy and maintain successfully. We discuss some of the challenges related to the success of data markets, focusing particularly on the diverse challenge of assessing data quality. We introduce a novel, holistic approach whereby a blockchain-based smart contract called a Qu...
Chapter
Quantum computing is quickly turning from a promise to reality, witnessing the launch of several cloud-based services that provide access to quantum resources, simulators, runtimes, and programming tools, all through the cloud. Unfortunately, however, existing solutions typically implicitly assume intimate knowledge about quantum computing concepts...
Article
Full-text available
IoT-based applications need to be dynamically orchestrated on cloud-edge infrastructures for reasons such as performance, regulations, or cost. In this context, a crucial problem is facilitating the work of DevOps teams in deploying, monitoring, European Commission grant no. 825480 (H2020), SODALITE. and managing such applications by providing nece...
Chapter
Three of the key impediments that need to be addressed to unlock the true potential of smart contract-based applications include: (i) a lack of operational capabilities to leverage trustworthiness, (ii) limited ability for reuse in volatile and heterogenous application contexts, and (iii) inherent coding complexity that hinders not only involvement...
Conference Paper
Full-text available
Background: Technical Debt is a consolidated notion in software engineering research and practice. However, the estimation of its impact (interest of the debt) is still imprecise and requires heavy empirical and experimental inquiry. Objective: We aim at developing a data-driven approach to calculate the interest of Technical Debt in terms of delay...
Article
Full-text available
This paper describes a large-scale empirical study investigating the relevance of socio-technical congruence over key basic software quality metrics, namely, bugs and churn. That is, we explore whether alignment or misalignment of social communication structures and technical dependencies in large software projects influences software quality. To t...
Preprint
Full-text available
We report on a large-scale empirical study investigating the relevance of socio-technical congruence over key basic software quality metrics, namely, bugs and churn. In particular, we explore whether alignment or misalignment of social communication structures and technical dependencies in large software projects influences software quality. To thi...
Preprint
Full-text available
\ell_1$ regularization has been used for logistic regression to circumvent the overfitting and use the estimated sparse coefficient for feature selection. However, the challenge of such a regularization is that the $\ell_1$ norm is not differentiable, making the standard algorithms for convex optimization not applicable to this problem. This paper...
Preprint
Full-text available
The sources of reliable, code-level information about vulnerabilities that affect open-source software (OSS) are scarce, which hinders a broad adoption of advanced tools that provide code-level detection and assessment of vulnerable OSS dependencies. In this paper, we study the extent to which the output of off-the-shelf static code analyzers can b...
Preprint
Full-text available
Quantum computing is quickly turning from a promise to a reality, witnessing the launch of several cloud-based, general-purpose offerings, and IDEs. Unfortunately, however, existing solutions typically implicitly assume intimate knowledge about quantum computing concepts and operators. This paper introduces Quantum Service-Oriented Computing (QSOC)...
Article
Recent advancements in information technology have ushered a new wave of systems integrating Internet technology with sensing, wireless communication, and computational resources over existing infrastructures. As a result, myriad complex, non-traditional Cyber-Physical Systems (CPS) have emerged, characterized by interaction among people, physical...
Preprint
Full-text available
Big Data analytics supported by AI algorithms can support skills localization and retrieval in the context of a labor market intelligence problem. We formulate and solve this problem through specific DataOps models, blending data sources from administrative and technical partners in several countries into cooperation, creating shared knowledge to s...
Article
Full-text available
Context Infrastructure-as-code (IaC) is the DevOps tactic of managing and provisioning software infrastructures through machine-readable definition files, rather than manual hardware configuration or interactive configuration tools. Objective From a maintenance and evolution perspective, the topic has picked the interest of practitioners and acade...
Preprint
Full-text available
The lack of comprehensive sources of accurate vulnerability data represents a critical obstacle to studying and understanding software vulnerabilities (and their corrections). In this paper, we present an approach that combines heuristics stemming from practical experience and machine-learning (ML) - specifically, natural language processing (NLP)...
Chapter
A key focus of the SODALITE project is to assure the quality and performance of the deployments of applications over heterogeneous Cloud and HPC environments. It offers a set of tools to detect and correct errors, smells, and bugs in the deployment models and their provisioning workflows, and a framework to monitor and refactor deployment model ins...
Chapter
Major cybersecurity and threat intelligence analysts agree that online criminal activity is increasing exponentially. Technologies, newspapers, the internet, and social media made the dark web an accessible place to almost everyone. The ease of accessing the dark side of the web makes the problem more critical than ever. For this reason, the Europe...
Chapter
Full-text available
The onset of microservices and serverless computer solutions has forced an ever-increasing demand for tools and techniques to establish and maintain the quality of infrastructure code, the blueprint that drives the operationalization of large-scale software systems. In the EU H2020 project RADON, we propose a machine-learning approach to elaborate...
Article
Full-text available
Significant cybersecurity and threat intelligence analysts agree that online criminal activity is increasing exponentially. To offer an overview of the techniques and indicators to perform cyber crime detection by means of more complex machine- and deep-learning investigations as well as similar threat intelligence and engineering activities over m...
Article
Distributed streaming applications, i.e., applications that process massive streams of data in a distributed fashion, are becoming increasingly popular to tame the velocity and the volume of Big Data . Nevertheless, the widespread adoption of data-intensive processing is still limited by the non-trivial design paradigms involved, which deal with th...
Article
Full-text available
Infrastructure-as-code (IaC) is the DevOps practice enabling management and provisioning of infrastructure through the definition of machine-readable files, hereinafter referred to as IaC scripts. Similarly to other source code artefacts, these files may contain defects that can preclude their correct functioning. In this paper, we aim at assessing...
Chapter
Full-text available
Artificial Intelligence is getting more and more popular, being adopted in a large number of applications and technology we use on a daily basis. However, a large number of Artificial Intelligence applications are produced by developers without proper training on software quality practices or processes, and in general, lack in-depth knowledge regar...
Article
Community smells represent sub-optimal conditions appearing within software development communities (e.g., non-communicating sub-teams, deviant contributors, etc.) that may lead to the emergence of social debt and increase the overall project’s cost. Previous work has studied these smells under different perspectives, investigating their nature, di...
Book
This book is a festschrift in honour of Mike Papazoglou’s 65th birthday and retirement. It includes 20 contributions from leading researchers who have worked with Mike in his more than 40 years of academic research. Topics are as varied as Mike’s and include service engineering, service management, services and human, IoT, and data-driven services.
Chapter
Customer management operations, such as Incident Management (IM), are traditionally performed manually often resulting in time consuming and error-prone activities. Artificial Intelligence (AI) software systems and connected information management can help handle the discontinuities in critical business tasks. AI Incident Management (AIIM) becomes...
Conference Paper
Full-text available
Linguistic anti-patterns are recurring poor practices concerning inconsistencies among the naming, documentation, and implementation of an entity. They impede readability, understandability, and maintainability of source code. This paper attempts to detect linguistic anti-patterns in infrastructure as code (IaC) scripts used to provision and manage...
Conference Paper
Full-text available
Infrastructure-as-Code (IaC) is increasingly adopted. However, little is known about how to best maintain and evolve it. Previous studies focused on defining Machine-Learning models to predict defect-prone blueprints using supervised binary classification. This class of techniques uses both defective and non-defective instances in the training phas...
Preprint
Full-text available
Empirical Standards are brief public document that communicate expectations for a specific kind of study (e.g. a questionnaire survey). The ACM SIGSOFT Paper and Peer Review Quality Initiative generated empirical standards for common research methods in software engineering. These living documents, which should be continuously revised to reflect ev...
Article
Full-text available
Blockchain is a decentralized transaction and data management solution, the technological leap behind the success of Bitcoin and other cryptocurrencies. As the variety of existing blockchains and distributed ledgers continues to increase, adopters should focus on selecting the solution that best fits their needs and the requirements of their decent...
Article
Full-text available
Serverless computing aims at reducing processing and operational units to single event-driven functions for service orchestration and choreography. With its micro-granular architectural characteristics, serverless computing is bound to face considerable architectural issues and challenges in the medium-and long-term; are these bound to become Techn...
Preprint
Full-text available
Linguistic anti-patterns are recurring poor practices concerning inconsistencies among the naming, documentation, and implementation of an entity. They impede readability, understandability, and maintainability of source code. This paper attempts to detect linguistic anti-patterns in infrastructure as code (IaC) scripts used to provision and manage...
Conference Paper
Full-text available
Big Data analytics supported by AI algorithms can support skills localization and retrieval in the context of a labor market intelligence problem. We formulate and solve this problem through specific DataOps models, blending data sources from administrative and technical partners in several countries into cooperation, creating shared knowledge to s...
Chapter
Autoscaling cloud infrastructures still remains a challenging endeavour during orchestration, given the many possible risks, options, and connected costs. In this paper we discuss the options for defining and enacting autoscaling using TOSCA standard templates and its own policy definition specifications. The goal is to define infrastructure bluepr...
Conference Paper
Full-text available
Artificial Intelligence is getting more and more popular, being adopted in a large number of applications and technology we use on a daily basis. However, a large number of Artificial Intelligence applications are produced by developers without proper training on software quality practices or processes, and in general, lack in-depth knowledge regar...
Article
Full-text available
Emerging serverless computing technologies, such as function as a service (FaaS), enable developers to virtualize the internal logic of an application, simplifying the management of cloud-native services and allowing cost savings through billing and scaling at the level of individual functions. Serverless computing is therefore rapidly shifting the...
Preprint
Full-text available
Blockchain is a decentralized transaction and data management solution, the technological leap behind the success of Bitcoin and other cryptocurrencies. As the variety of existing blockchains and distributed ledgers continues to increase, adopters should focus on selecting the solution that best fits their needs and the requirements of their decent...
Article
Full-text available
Forges are online collaborative platforms to support the development of distributed open source software. While once mighty keepers of open source vitality, software forges are rapidly becoming less and less relevant. For example, of the top 10 forges in 2011, only one survives today—SourceForge —the biggest of them all, but its numbers are droppin...
Preprint
Full-text available
Infrastructure-as-code (IaC) is a practice to implement continuous deployment by allowing management and provisioning of infrastructure through the definition of machine-readable files and automation around them, rather than physical hardware configuration or interactive configuration tools. On the one hand, although IaC represents an ever-increasi...
Chapter
This paper explores a novel vision for the disciplined, repeatable, and transparent model-driven development and Machine-Learning operations (ML-Ops) of intelligent enterprise applications.
Conference Paper
Simulating terrorist scenarios in cyber-physical spaces-that is, urban open or (semi-) closed spaces combined with cyber-physical systems counterparts-is challenging given the context and variables therein. This paper addresses the aforementioned issue with AL a framework featuring computer vision and Generative Adversarial Neural Networks (GANs) o...
Conference Paper
Major cybersecurity and threat intelligence analysts agree that online criminal activity is increasing exponentially. Technologies, newspapers, the internet, and social media made the dark web an accessible place to almost everyone. The ease of accessing the dark side of the web makes the problem more critical than ever. For this reason, the Europe...
Preprint
Automated deployment and management of Cloud applications relies on descriptions of their deployment topologies, often referred to as Infrastructure Code. As the complexity of applications and their deployment models increases, developers inadvertently introduce software smells to such code specifications, for instance, violations of good coding pr...
Article
Full-text available
Context. Modern software systems employ large IT infrastructures hosted in on-premise clouds or using “rented” cloud resources from specific vendors. The unifying force across any cloud strategy is incremental product and application improvement against conservation of those resources. This is where monitoring of cloud applications becomes a key as...
Article
Full-text available
Infrastructure-as-code (IaC) is a practice to implement continuous deployment by allowing management and provisioning of infrastructure through the definition of machine-readable files and automation around them, rather than physical hardware configuration or interactive configuration tools. On the one hand, although IaC represents an ever-increasi...
Article
Full-text available
Infrastructure-as-Code (IaC) has recently received increasing attention in the research community, mainly due to the paradigm shift it brings in software design, development, and operations management. However, while IaC represents an ever-increasing and widely adopted practice, concerns arise about the need for instruments that help DevOps enginee...
Preprint
Full-text available
Success and failure in software engineering are still among the least understood phenomena in the discipline. In a recent special journal issue on the topic, Mantyla et al. started discussing these topics from different angles; the authors focused their contributions on offering a general overview of both topics without deeper detail. Recognising t...
Article
Blockchain technology has gained tremendous popularity both in practice and academia. The goal of this article is to develop a coherent overview of the state of the art in blockchain technology, using a systematic (i.e., protocol-based, replicable), multivocal (i.e., featuring both white and grey literature alike) literature review to (1) define bl...
Article
Full-text available
Success and failure in software engineering are still among the least understood phenomena in the discipline. In a recent special journal issue on the topic, Mäntylä et al. started discussing these topics from different angles; the authors focused their contributions on offering a general overview of both topics without deeper detail. Recognizing t...
Preprint
Forming members of an organization into coherent groups or communities is an important issue in any large-scale software engineering endeavour, especially so in agile software development teams which rely heavily on self-organisation and organisational flexibility. To address this problem, many researchers and practitioners have advocated a strateg...
Preprint
Full-text available
A key focus of the SODALITE project is to assure the quality and performance of the deployments of applications over heterogeneous Cloud and HPC environments. It offers a set of tools to detect and correct errors, smells, and bugs in the deployment models and their provisioning workflows, and a framework to monitor and refactor deployment model ins...