Student Projects, Academic Year 2021-2022

Below is a list of project topics for Masters and Bachelors theses offered by the Software Engineering & Information Systems Research Group for students who intend to defend in June 2022. The projects are divided into:

Software Engineering Masters topics (30 ECTS)
IT Conversion Masters topics (15 ECTS)
Bachelor Thesis Projects (9 ECTS)

If you're interested in any of these projects, please contact the corresponding supervisor.

NB: If you want to look for thesis topics offered by other groups within the Chair of Software Engineering and Information Systems, please consult their respective group pages. You find the links to the individual research groups here: https://www.cs.ut.ee/en/research/research-groups
(This web-page even includes links to research groups in other Chairs of the Institute of Computer Science.)

Master Thesis Projects

Fostering civic engagement through hackathons

Alexander Nolte (alexander [dot] nolte [ät] ut [dot] ee)

Hackathons started out as time-bounded competitive events during which young developers formed ad-hoc teams and worked on software projects for pizza and the potential prospect of a future job. Since those humble beginnings hackathons have become a global phenomenon with thousands of individuals participating in hundreds of events every weekend. In addition to corporations and entrepreneurs, hackathons have also been embraced by civic engagement groups to draw attention to and tackle societal issues.

The aim of this thesis is to address the question whether and how short-term events like hackathons can have sustainable lasting impact. To answer this question, you will collaborate with the US based non-profit organization Democracylab (https://www.democracylab.org/). They organize regular hackathons for civic engagement groups, volunteers and tech savvy individuals related to various societal issues ranging from providing support to elderly people to addressing climate change and beyond.

You will use a combination of interview, survey and archival data analysis methods to study how organizers and participants perceive these hackathons and what they currently do to create and sustain impact. Based on your findings you will propose suggestions to participants and organizers to foster the impact of civic hackathons.

How did participants like my hackathon? A benchmarking tool

Supervisor: Alexander Nolte (alexander [dot] nolte [ät] ut [dot] ee)

Hackathons and similar time-bounded events have become a global phenomenon with thousands of individuals participating in hundreds of events every weekend. They are organized by corporations, (higher) education institutions, civic engagement groups, (online) communities and others with the aim to create innovative technologies, tackle civic, environmental and public health issues, spread knowledge and expand communities.

Despite their widespread adoption organizers often still struggle to answer seemingly simple questions such as “How did participants like my hackathon?”, “Did they achieve what they wanted to achieve?” and “How does my hackathon compare to other similar events?”. There are existing survey instruments that can help organizers answer these questions. These instruments are however not widely accessible, sometimes time consuming to set up, and they do not allow them to compare their hackathon to other (similar) events.

The aim of this thesis is to develop a web-based application for hackathon organizers to (1) run a survey for their event, (2) provide basic statistics and (3) compare their hackathon to similar events. For this you will utilize existing survey scales and an existing database of survey responses. The application itself will be built on common survey tools such as GoogleForms, Qualtrics or Limesurvey and will be embedded into an existing website for hackathon organizers (https://hackathon-planning-kit.org/).

Web-based viewer for Fractal Enterprise models (This topic is BOOKED)

Ilia Bider

The goal of this project is to develop a user-friendly viewer of a package of diagrams created using a “heavy-weight” tool. The viewer is aimed to be used by business people to view and navigate through a package of enterprise models provided by a modeling expert.

Though this issue is general, the thesis will be focused on a specific modeling technique - Fractal Enterprise Model (FEM), and a specific tool – FEM toolkit. The latter was developed based on the ADOxx modeling environment. ADOxx has been used by different research and professional groups for creating tools for other modeling techniques, which makes the topic general. The FEM toolkit allows to export the diagrams in a graphical format, i.e. as pictures, and in XML format in which the positions, sizes, and properties of all elements are defined. A simple version of a FEM viewer can be built based on these two exports. The first one is used to show the diagram itself in the WEB environment, the second one is used to define areas of the picture that correspond to the individual elements of the diagrams. These areas can be used to arrange navigation and show properties. The more complex version can employ a graphical package to rebuild diagrams in a native WEB environment. Presumably, the viewer can be build using some higher-level platform/library, like https://vuejs.org/ or https://reactjs.org/. The details and the scope of work will be decided during the project.

The thesis work would first consist of clarifying the requirements for the tool, making engineering decisions (i.e. which technology stack to use and the general architecture of the tool) and then implementing the software. The analysis and implementation process, as well as the resulting software product would have to described in the thesis.

References:

Overview of FEM and FEM toolkit see in https://www.fractalmodel.org/
ADOxx: https://www.adoxx.org

Case Study in Using Fractal Enterprise Model for Depicting the Operational Activity of an Organization

Ilia Bider

This is a "placeholder" Masters project topic, which needs to be negotiated individually. Dependent on the case organization it can be used for various programs including Software Engineering, IT Conversion Master, Innovation and Technology Management. The master’s thesis would include understanding and modeling a (business) organization or a part of it (e.g. a department, service) with a modelling technique called Fractal Enterprise Model. Fractal Enterprise Model (FEM) is a relatively new advanced modeling technique that competes with other techniques used for Enterprise Architecture/Modeling world. It shows connection between different components (processes and assets) in an organization and can be used for business analysis and design on various levels, including the strategic one, like Business Model Innovation (BMI).

The topics of your project can range from figuring out the ways FEM can be used in a case organization to using it for a specific task, e.g. finding a cause for a problem, suggesting alternative solutions for a known problem, developing a new Business Model for the organization, or creating a capability map of the organization. The choice of the task depends on the needs of the organization, and on the student’s priorities. Ideally, your project should be connected to some problem/challenge/task that is already understood by the managers in a case organization, as beside your own time you might need to ask for engaging other people in the organization, e.g. for conducting interviews. A successfully completed project may result in a published paper later. Students who have full-time or part-time jobs and who can find a topic connected to their work place will particularly benefit for taking this topic.

Note: FEM is taught in the spring course called Enterprise Modeling. However, going through this course is not mandatory for taking this topic.

References

https://www.fractalmodel.org/ - a site that has many resources related to FEM, including video recordings
Bider I., Chalak A. (2019) Evaluating Usefulness of a Fractal Enterprise Model Experience Report – an example of a publish paper resulted from MS thesis project
Bider, I., Lodhi, A. Moving from Manufacturing to Software Business: A Business Model Transformation Pattern – an example related to Business Model Innovation

Automatic generation of smart contracts from XML-based language

Vimal Kumar Dwivedi (vital [dot] kumar [dot] dwivedi [ät] ut [dot] ee)

Smart Contracts are a means of facilitating, verifying and enforcing digital agreements. Blockchain technology, which includes an inherent consensus mechanism and programming languages, enables the concept of smart contracts. However, smart contracts written in an existing language, such as Solidity, Vyper, and others, are difficult for domain stakeholders and programmers to understand in order to develop code efficiently and without error, owing to a conceptual gap between the contractual provisions and the respective code. Our study addresses the problem by creating smart legal contract markup language (SLCML), an XML-based smart-contract language with pattern and transformation rules that automatically convert XML code to the Solidity language. In particular, XML schema (SLCML schema) that is used to instantiate any type of business contract understandable to IT and non-IT practitioners is developed that is processed by computers. With the proposal of thesis, we expect a translaator that can translate SLCML contract into blockchain programming language (for instance Solidity).

References:

V. Dwivedi, A. Norta, A. Wulf, B. Leiding, S. Saxena and C. Udokwu, "A Formal Specification Smart-Contract Language for Legally Binding Decentralized Autonomous Organizations," in IEEE Access, vol. 9, pp. 76069-76082, 2021, doi: 10.1109/ACCESS.2021.3081926.
V K Dwivedi and A Norta. 2019. A legally relevant socio-technical language development for smart contracts. In Proceedings - 2018 IEEE 3rd International Workshops on Foundations and Applications of Self* Systems, FAS*W 2018. Institute of Electrical and Electronics Engineers Inc., 11–13. https://doi.org/10.1109/FAS-W.2018.00016
Vimal Dwivedi, & Norta, A. (2021). Auto-Generation of Smart Contracts from a Domain-Specific XML-Based Language. Unpublished. https://doi.org/10.13140/RG.2.2.34511.61609

An integrated approach for analyzing cyber-security attacks for safety-critical Cyber-Physical Systems (CPSs)

Mohamad Gharib (mohamad [dot] gharib [ät] ut [dot] ee)

The increased digitization of traditional Physical Systems (PSs) gave birth to the so called Cyber-Physical Systems (CPSs), which integrate sensing, computational, and control capabilities into traditional PSs combined with network connectivity. Consequently, traditional security solutions, although well established and consolidated, might not be effective to protect CPSs against human planned, malicious, complex attacks, which are the typical modern cyber-security attacks. This is quite clear with the increasing number of cyber-security attacks that now can target some of the safety-critical functionalities of CPSs. For instance, modern automotive vehicles have been proven vulnerable to hacking attacks aiming at getting control over the safety-critical functions of the vehicle [1]. An example is the hijacking of the steering and braking units in a Ford Escape [2]. Similarly, hackers were able to remotely hijack a Tesla Model S from a distance of around 12 miles [3]. Chrysler announced a recall for 1.4 million vehicles after a pair of hackers demonstrated that they could remotely hijack a Jeep’s digital systems over the Internet [4]. These are just a few examples of how attackers can exploit weaknesses in the design of safety-critical CPSs and use these weaknesses to conduct their attacks.

This thesis aims at proposing an approach that can identify potential cyber-security attack(s) that the safety-critical functionality of concern might be subject to, analyze how each identified attack may succeed (e.g., attack method/means, attacker’s capabilities), the potential consequences in case such attack success. Then, identify countermeasures to prevent or at least mitigate/minimize the consequences of the attack.

References:
Application domain can be the automotive domain, or any other safety-critical CPS domain such as Industrial Internet of Things (IIoT), Smart Cities, etc.

M. Dibaei, X. Zheng, K. Jiang, R. Abbas, S. Liu, Y. Zhang, Y. Xiang, and S. Yu, “Attacks and defences on intelligent connected vehicles: a survey,” Digital Communications and Networks, 2020.
A. Greenberg, “Hackers Reveal Nasty New Car Attacks-With Me Behind The Wheel (Video),” p. 1, 2013. https://cutt.ly/4jIQVlX
O. Solon, “Team of hackers take remote control of Tesla Model S from 12 miles away — Technology — The Guardian,” 2016. https://cutt.ly/hjIQZ7P
A. Greenberg, “The Jeep Hackers Are Back to Prove Car Hacking Can Get Much Worse,” 2016. https://www.wired.com/2016/08/jeep-hackers-return-high-speed-steering-acceleration-hacks/

Case Study in Software Testing or Software Analytics (focus on software quality)

Supervisor: Dietmar Pfahl (dietmar dot pfahl ät ut dot ee)

This is a "placeholder" Masters project topic, which needs to be negotiated individually. If you work in a IT company and you are actively engaged in a software testing or software analytics, or if you can convince your hierarchy to put in time and resources into such a project in the near-term, we can make a case study out of it. We will sit down and formulate concrete hypotheses or questions that you investigate as part of this project, and we will compare your approach and results against state-of-the-art practices. I am particularly interested in supervising theses topics related to mutation testing, testing of embeded software, testing safety-critical systems, security testing of mobile apps, anlysis of project repositories to make software development processes more efficient and effective, but I welcome other topic areas.

The method applied is a case study. Case studies follow a systematic approach as outlined in: Guidelines for conducting and reporting case study research in software engineering by Per Runeson and Martin Höst Important elements of the thesis are literature study, measurement and interviews with experts in the target company.

Safety Analysis of Autonomous Vehicle Systems Software (in collaboration with the Autonomous Driving Lab)

Supervisor: Dietmar Pfahl (dietmar dot pfahl ät ut dot ee)

This is a project topic for a MSc in Software Engineering student with interest in a good knowledge of machine learning. /to be completed soon/

References (as a starting point):

xxx
Piazzesi N., Hong M., Ceccarelli A. (2021) Attack and Fault Injection in Self-driving Agents on the Carla Simulator – Experience Report. In: Habli I., Sujan M., Bitsch F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2021. Lecture Notes in Computer Science, vol 12852. Springer, Cham. https://doi.org/10.1007/978-3-030-83903-1_14

Implementation of JIT (just in time) visualisation of changes in source code (already booked)

Kristiina Rahkema (kristiina [dot] rahkema [ät] ut [dot] ee)

Visualisation techniques are used to give an overview of the whole software project, by emphasising different aspects about of the source code. Source code evolution visualisations are normally run on the whole project and then used to get an overview of the project's evolution from start to finish. They might for example emphasise changing class sizes, connections between classes or the authors of commits.

The aim of this thesis is to build a visualisation tool that shows changes made by the developer immediately highlighting where the changes are currently being made and how they affect the project. Such a visualisation could for example be used when teaching about software architecture. One possible way how to do this would be to build upon the language server protocol.

Analysis of dependency graphs of third party libraries in different package managers (already booked)

Kristiina Rahkema (kristiina [dot] rahkema [ät] ut [dot] ee)

Third party libraries are used extensively by developers to avoid rewriting solutions to common problems, such as handling network requests or parsing json. These dependencies are often managed using package managers such as maven, cocapods or npm. Libraries.io provides an open dataset that contains data about 32 package managers, 33 million project repositories.

The aim of this thesis is to analyse and compare the dependency graphs of these package managers provided in the libraries.io dataset. One of the goals is to analyse how potential vulnerabilities in these third party libraries could spread through the dependency graph by affecting its direct and transitive dependents. The libraries.io open dataset has been used for analysing library dependencies for some of these package managers [1], but it has not been used on all of the included package managers and the spread of vulnerabilities through direct and transitive dependencies has not been analysed.

References:

Decan, Alexandre, Tom Mens, and Philippe Grosjean. "An empirical comparison of dependency network evolution in seven software packaging ecosystems." Empirical Software Engineering 24.1 (2019): 381-416.

Anonymizing Datasets for Process Mining with Differential Privacy]]

Gamal Elkoumy (gamal [dot] elkoumy [ät] ut [dot] ee)

Process Mining is a family of techniques that helps organizations enhance the efficiency, compliance, and quality of their business processes. The applicability of process mining techniques hinges on the availability of event logs capturing the execution of a business process. In some cases, event logs contain private information about individuals, which endangers individuals' privacy. Despite the benefits of analyzing event logs, data protection regulations restrict the use of such kinds of data. One way of circumventing these restrictions is to anonymize the event log to the extent that no individual can be singled out using the anonymized log.

In this Masters thesis, you will apply a well-known family of privacy-preserving techniques, namely 'differential privacy, to develop a tool to anonymize datasets for process mining. You will specifically focus on anonymize the dataset so that an attacker cannot guess which worker (employee) in a company performance a given task recorded in the dataset. The project will give you useful knowledge about how datasets need to be anonymized in order to fulfill strict privacy requirements, including those captured in the European General Data Protection Regulation (GDPR). This topic is suitable for a Masters of data science interested in privacy aspects, for a student in software engineering wanting to build a tool that can be used in practice, or for a cyber-security student interested in developing skills in privacy-enhancing technologies. Students in the Masters of Computer Science are also welcome to apply!

References:

Fahrenkrog-Petersen, Stephan A., Han van der Aa, and Matthias Weidlich. "PRETSA: event log sanitization for privacy-aware process discovery." 2019 International Conference on Process Mining (ICPM). IEEE, 2019.
Rafiei, Majid, and Wil MP van der Aalst. "Group-based privacy preservation techniques for process mining." Data & Knowledge Engineering (2021): 101908.

Development of the Rules Mining (RuM) toolset

Supervisors: Fabrizio Maggi and Anti Alman (firstname [dot] lastname [ät] ut [dot] ee)

Rule mining is focused on the analysis and optimization of business processes using rules that the process is expected to fulfil. In this project, you will work on extending the Rules Mining toolset (RuM), which is developed at University of Tartu in collaboration with other universities. We invite you to have a look at the website. If you are interested in this topic, we can offer you to develop several new features of RuM for your Masters thesis, like for example a module for detecting and visualizing violations of business rules in a user-friendly manner. Knowledge of Java is required.

Extending the Nirdizati Predictive Process Monitoring Engine

Supervisor: Fabrizio Maggi (firstname [dot] lastname [ät] ut [dot] ee)

Predictive process monitoring is concerned with leveraging historical process execution data to predict how running (uncompleted) cases will unfold up to their completion. Historical data is given as input to a machine learning method to train a predictive model that is queried at runtime to predict a process outcome. A predictive model can also be used to provide, together with predictions, also recommendations to the user on what to do to minimize the probability of a negative process outcome. In this thesis project, we will work on the development of Nirdizati (http://nirdizati.org/nirdizati-research/) a predictive process monitoring web application for validating and comparing the performance of different predictive models on the same dataset. If you are interested in this topic, a thesis project can be developed in different directions and can be focused on engineering tasks related to the development of existing predictive process monitoring approaches in Nirdizati or research tasks related to the development of novel predictive process monitoring approaches in the same application. Knowledge of Python and of data science is required.

Other Master Thesis Projects

Additional topics proposed by other groups in the Institute of Computer Science are available here.

Conversion Master Thesis Projects

Case Study in Software Testing or Software Analytics (focus on software quality)

Supervisor: Dietmar Pfahl (dietmar dot pfahl ät ut dot ee)

Emerging Technologies for the Financial Sector

Fredrik Milani

New technologies provide value when used to improve processes or products. However, how new technologies can innovate, enhance, or significantly improve existing processes and products is not always clear. This thesis topic explores one emerging technology to understand better how it can deliver value for the financial sector. The work required for this thesis predominantly includes (1) research on the technology (what it is, how it works, its capabilities, use cases, etc.) and (2) conducting 5-8 interviews with people within the financial sector to learn about potential use cases within the financial sector. Examples of emerging technologies can be, for instance, quantum computing, metaverse, NFTs, edge computing, IoT platform, etc.

Bachelor Thesis Projects

Lab Package Development & Evaluation for the Course 'Software Testing' (LTAT.05.006)

Supervisor: Dietmar Pfahl (dietmar dot pfahl at ut dot ee)

The course Software Testing (MTAT.03.159) has a series of practice sessions in which 2nd and 3rd year BSc students learn a specific test technique. We would like to improve existing labs and add new labs.

This topic is intended for students who have already taken this software testing course and who feel that they can contribute to improving it and by the same token complete their Bachelors project. The scope of the project can be negotiated with the supervisor to fit the size of a Bachelors project.

The tasks to do for this project are as follows:

Selection of a test-related topic for which a lab package should be developed (see list below)
Development of the learning scenario (i.e., what shall students learn, what will they do in the lab, what results shall they produce, etc.)
Development of the materials for the students to use
Development of example solutions (for the lab supervisors)
Development of a grading scheme
Evaluation of the lab package

Topics for which lab packages should be developed (in order of urgency / list can be extended based on student suggestions):

Automated Unit & Systems Testing
Visual GUI Testing
Issue Reporting
Continuous Integration & Testing
Mobile App Testing (focus on security)
Other topics that you find interesting and would like to discuss with me regarding their suitability

Web-based viewer for Fractal Enterprise models (This topic is BOOKED)

Ilia Bider

The goal of this project is to develop a user-friendly viewer for diagrams produced by an existing enterprise modeling tool called FEM toolkit. This latter tool was developed based on the ADOxx modeling environment. ADOxx has been used by different research and professional groups for creating tools for other modeling techniques, which makes the topic general. The FEM toolkit allows to export the diagrams in a graphical format, i.e. as pictures, and in XML format in which the positions, sizes, and properties of all elements are defined. A simple version of a FEM viewer can be built based on these two exports. The first one is used to show the diagram itself in the WEB environment, the second one is used to define areas of the picture that correspond to the individual elements of the diagrams. These areas can be used to arrange navigation and show properties. The more complex version can employ a graphical package to rebuild diagrams in a native WEB environment. Presumably, the viewer can be build using some higher-level platform/library, like https://vuejs.org/ or https://reactjs.org/. The details and the scope of work will be decided during the project.

References:

Overview of FEM and FEM toolkit see in https://www.fractalmodel.org/
ADOxx: https://www.adoxx.org