enterprise software

Designing and operating large-scale business systems with enterprise requirements such as multi-tenancy, integration (APIs, ESB), SSO/IAM (SAML, OAuth), RBAC, audit/compliance (SOX, GDPR), scalability, high availability, and hardened deployment patterns including network segmentation, intrusion detection, and patch/upgrade strategies.

enterprisesoftware

12-Month Skill Trend

Momentum and market value over time
Trending
Score
+20 in 12 mo
96
12 mo agoNow
Career
Value
+$12K in 12 mo
$42K/year
12 mo agoNow

Recommended Survey Paper

Quick overview of the field
View more

Must-Read Papers

Most classic and influential ideas
View more

This study addresses critical challenges faced by regulated enterprises—including cross-system data inconsistencies, reconciliation difficulties, asset record drift, and overreliance on manual audits—by proposing the GERA framework. GERA innovatively integrates deterministic reconciliation, robust anomaly detection based on Z-Score and its variants, governance-driven semantic standardization, and NIST CSF 2.0 security controls within a four-layer architecture comprising ingestion, staging, core modeling, and semantic services. Empirical validation across banking, broadband service providers, and technology firms demonstrates that the framework significantly enhances reconciliation automation and audit readiness, effectively mitigating 39% of compliance deficiencies identified during PCAOB inspections.

Audit ReadinessCross-System ReconciliationData Fragmentation

This study addresses the lack of systematic guidance for enterprise software teams in choosing between monolithic and microservices architectures. The work proposes a decision-making framework that integrates technical and organizational factors, evaluating the trade-offs of each architecture across dimensions such as scalability, reliability, deployment efficiency, and organizational complexity. The assessment is grounded in system scale, business requirements, operational maturity, and long-term maintainability. Through architectural pattern analysis, a structured evaluation model, and multiple case studies, the authors develop a practical selection methodology tailored to real-world engineering contexts. This approach offers enterprises clear architectural evolution pathways and actionable guidelines aligned with their developmental stages, thereby significantly enhancing the rationality and sustainability of system design decisions.

MicroservicesMonolithic ArchitectureOrganizational Complexity

Facing the dual challenges of cloud-first business model expansion and increasingly stringent global data compliance requirements, this paper proposes an ISO/IEC 27001/27017/27018 certification service framework tailored for mid-sized, high-growth technology enterprises. Methodologically, it introduces a modular audit template, a certification-readiness toolkit, and a cross-mapped control framework integrating SOC 2 and CIS controls—enabling standardized, replicable, and rapid delivery. The approach encompasses compliance gap analysis, risk-based audit design, client empowerment workshops, and a digital readiness assessment tool. Within one year, the framework successfully enabled certification for over 20 clients, generating >$1M in revenue and achieving 150% client growth. Results demonstrate its efficacy in enhancing compliance efficiency, reducing implementation costs, and strengthening trust-based service branding. This work establishes a scalable, transferable practice paradigm for SMEs seeking internationally recognized cybersecurity certifications.

Addressing growing demand for formalized information security frameworksDeveloping repeatable, scalable solutions for diverse industry verticalsScaling ISO compliance practices for cybersecurity certifications

Conventional requirements engineering tools lack direct access to SysML architecture models, leading to redundant requirement definitions, semantic fragmentation, and broken traceability. Method: This paper proposes an executable, structured requirements metamodel that integrates INCOSE requirements writing practices with SysML modeling capabilities. Strictly aligned with ISO/IEC/IEEE 29148 and INCOSE guidelines, it leverages a SysML Profile extension, an MBSE integration framework, and a compliance rule engine to enable native interoperability between requirements and architecture models. Contribution/Results: The metamodel was deployed and validated on two real-world NASA JPL space systems. It significantly improves requirement semantic completeness and verifiability, enhances coverage of the NASA Systems Engineering Handbook checklist, and—critically—provides the first empirical evidence of rapid improvement in requirements expression quality. The evaluation also identifies key bottlenecks in current toolchains regarding automated support for such integrated practices.

Applying INCOSE and ISO standards to enhance requirement definition and V&VAssessing the profile's real-world value in NASA projects despite automation challengesIntegrating requirements engineering with SysML-based MBSE to avoid duplication

SiriusBI: Building End-to-End Business Intelligence Enhanced by Large Language Models

Nov 09, 2024
JJ
Jie Jiang
🏛️ TEG | Tencent Inc. | Peking University

Contemporary BI systems face three critical challenges in the LLM era: legacy functionalities inadequately support dynamic analytical requirements; single-turn SQL generation impedes iterative, clarifying multi-turn interactions; and cross-domain adaptation incurs prohibitively high customization costs. To address these, we propose SiriusBI—the first end-to-end, LLM-augmented BI system designed for industrial deployment. It introduces an application-oriented multi-turn dialogue query module, a dual-path SQL generation mechanism balancing accuracy and deployment efficiency, and a full-stack BI orchestration engine spanning data preparation, analysis, and visualization. Built on a cloud-native microservice architecture, SiriusBI has been deployed across Tencent’s financial, advertising, and cloud business units, achieving SQL accuracy rates of 97%, 89%, and 91%, respectively. As a standalone cloud service, it supports dozens of external enterprises, demonstrating industrial-grade practicality, robustness, and scalability.

High costs hinder cross-domain adaptation in BI solutionsLegacy BI systems lack functionality for LLM-era demandsSingle-round SQL generation fails in multi-round clarification

Latest Papers

What's happening recently
View more

This study addresses the lack of systematic methodologies for selecting data architectures in modern organizations grappling with vast, heterogeneous data environments. To this end, it proposes the DATER conceptual framework, which establishes a unified taxonomy of technical requirements and systematically examines the historical evolution, core characteristics, and applicability boundaries of six prominent data architectures: data warehouses, data lakes, lakehouses, data fabrics, and data meshes. Through conceptual modeling and multidimensional comparative analysis, the framework clarifies overlaps and distinctions among these architectures, articulating their respective strengths and limitations. By offering a structured evaluation tool, DATER significantly enhances the strategic alignment and contextual appropriateness of data architecture design for both researchers and practitioners.

data architecturedata integrationdata management

This work addresses the lack of user-centric integration in existing decentralized identity systems, which obscures the delineation of responsibilities and dependencies among stakeholders concerning security and privacy. To bridge this gap, the paper proposes the first role-oriented, structured architectural model grounded in self-sovereign identity principles. It decomposes complex non-functional requirements into 24 distinct attributes and systematically assigns them across four key roles: data owner, issuer, verifier, and system. By integrating requirements engineering with trust modeling, the approach achieves a coherent alignment between user-centered needs and system design. This unified framework provides both theoretical grounding and architectural support for developing decentralized identity systems that are more secure, transparent, and user-controllable.

actor-orientedDecentralized Identityrequirements engineering

In multi-stakeholder platforms, software architecture decisions often implicitly entrench conflicting requirements without systematic support for mapping governance principles to technical design. This work proposes the first governance-architecture alignment framework, explicitly linking five core governance principles to the space of architectural decisions, thereby rendering implicit governance stances identifiable and contestable. The framework also exposes how default technical choices can obscure underlying value commitments. Feasibility is preliminarily demonstrated through a constructive case study of a pig-farming knowledge platform in Rwanda. Future work will employ pre- and post-intervention user judgment studies to evaluate the framework’s impact on actual governance outcomes.

architectural decisionsgovernancemulti-stakeholder platforms

Enterprise multi-agent systems often suffer from governance failures and uncontrolled complexity due to the absence of design principles centered on capability alignment. This work proposes the CEAD architecture, which introduces capability alignment as a foundational design paradigm, prioritizing agent design as the primary abstraction. CEAD explicitly defines capability boundaries, autonomy allocation, interaction protocols, tool permissions, stateful memory, and human-agent collaboration mechanisms, integrating the benefits of service-oriented architecture without conflating services with agents. Empirical evaluation on enterprise-scale tasks involving tens of thousands of operations demonstrates that CEAD achieves a safety success rate of 70.6%, substantially outperforming both monolithic single-agent systems (45.2%) and ungoverned ensembles of micro-agents (23.1%), thereby validating its effectiveness in enhancing system reliability and governability.

agent designcapability alignmententerprise architecture

This work addresses the lack of reproducible evaluation methodologies in decentralized identity (DI) and self-sovereign identity (SSI) systems, which stems from the failure to translate their core security and privacy principles into explicit functional requirements. For the first time, this study systematically operationalizes SSI principles through requirements engineering and formal modeling techniques, yielding a verifiable set of functional requirements and a comprehensive functional model that spans common use cases. The resulting requirements specification and formal model establish a foundational framework for DI/SSI system evaluation, thereby filling a critical gap in the current landscape and providing a rigorous basis for future system development and reproducible assessments.

Decentralized IdentityEvaluation FrameworkFunctional Requirements

Hot Scholars

LW

Laurie Williams

North Carolina State University, Computer Science, Distinguished Univ Prof, IEEE Fellow, ACM Fellow
Software EngineeringSoftware SecurityAgile Software DevelopmentEmpirical Software Engineering
YA

Yasemin Acar

Paderborn University & The George Washington University
MC

Michel Cukier

Professor, University of Maryland
DependabilitySecurity
WE

William Enck

Professor of Computer Science, North Carolina State University
securitysystems securitynetwork securityaccess control
DW

Dominik Wermke

NC State University
Usable Security and PrivacyHuman-Centered SecuritySoftware Supply Chain Security