Journal of Software-Evolution and Process最新文献

筛选
英文 中文
On the importance of CI/CD practices for database applications 数据库应用程序 CI/CD 实践的重要性
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-08-11 DOI: 10.1002/smr.2720
Jasmin Fluri, Fabrizio Fornari, Ela Pustulka
{"title":"On the importance of CI/CD practices for database applications","authors":"Jasmin Fluri,&nbsp;Fabrizio Fornari,&nbsp;Ela Pustulka","doi":"10.1002/smr.2720","DOIUrl":"10.1002/smr.2720","url":null,"abstract":"<p>Continuous integration and continuous delivery (CI/CD) automate software integration and reduce repetitive engineering work. While the use of CI/CD presents efficiency gains, in database application development, this potential has not been fully exploited. We explore the state of the art in this area, with a focus on current practices, common software tools, challenges, and preconditions that apply to database applications. The work is grounded in a synoptic literature review and contributes a novel generic CI/CD pipeline for database system application development. Our generic pipeline was tailored to three industrial development use cases in which we measured the benefits of integration and deployment automation. The measurements demonstrate clearly that introducing CI/CD had significant benefits. It reduced the number of failed deployments, improved their stability, and increased the number of deployments. Interviews with the developers before and after the implementation of the CI/CD show that the pipeline brings clear benefits to the development team (i.e., a reduced cognitive load). These findings put current database release practices driven by business expectations, such as fixed release windows, in question.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2720","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141939967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
IABC-TCG: Improved artificial bee colony algorithm-based test case generation for smart contracts IABC-TCG:基于人工蜂群算法的智能合约测试用例生成改进版
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-08-08 DOI: 10.1002/smr.2719
Shunhui Ji, Jiahao Gong, Hai Dong, Pengcheng Zhang, Shaoqing Zhu
{"title":"IABC-TCG: Improved artificial bee colony algorithm-based test case generation for smart contracts","authors":"Shunhui Ji,&nbsp;Jiahao Gong,&nbsp;Hai Dong,&nbsp;Pengcheng Zhang,&nbsp;Shaoqing Zhu","doi":"10.1002/smr.2719","DOIUrl":"10.1002/smr.2719","url":null,"abstract":"<p>With the widespread application of smart contracts, there is a growing concern over the quality assurance of smart contracts. The data flow testing is an important technology to ensure the correctness of smart contracts. We propose an approach named IABC-TCG (Improved Artificial Bee Colony-Test Case Generation) to generate test cases for the data flow testing of smart contracts. With a dominance relations-based fitness function, an improved artificial bee colony algorithm is used to generate test cases, in which the bee colony search coefficient is adaptively adjusted to improve the effectiveness and efficiency of the search. In addition, an improved test case selection and updation strategy is used to avoid unnecessary test cases. The experimental results show that IABC-TCG achieves 100% coverage for all the test requirements on a dataset of 30 smart contracts and outperforms the baseline approaches in terms of the number of test cases and the execution time. Performing tests with the generated test cases, IABC-TCG can find more errors with less test cost.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141927488","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Identification and prioritization of the challenges faced by vendor organizations in the shape of cyber security: A FUZZY-AHP -based systematic approach 确定供应商组织在网络安全方面面临的挑战并排定优先次序:基于 FUZZY-AHP 的系统方法
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-08-06 DOI: 10.1002/smr.2717
Abdul Wahid Khan, Shah Zaib, Meshari D. Alanazi, Shabana Habib
{"title":"Identification and prioritization of the challenges faced by vendor organizations in the shape of cyber security: A FUZZY-AHP -based systematic approach","authors":"Abdul Wahid Khan,&nbsp;Shah Zaib,&nbsp;Meshari D. Alanazi,&nbsp;Shabana Habib","doi":"10.1002/smr.2717","DOIUrl":"10.1002/smr.2717","url":null,"abstract":"<p>The goal of this research study was to identify and prioritize the significant cybersecurity challenges that vendor firms encounter during software development. Using Systematic Literature Reviews (SLRs), 13 significant challenges were found, including “Security issues/Access of Cyberattacks”, “Lack of Right Knowledge”, “Cost Security Issues”, and “Lack of Confidentiality and Trust” among others. To address these concerns, a multifaceted strategy that prioritizes continuing education, training, and investment in cybersecurity measures, as well as cross-industry cooperation and coordination with government entities, is required. These challenges were ranked using the Fuzzy Analytic Hierarchy Process (F-AHP). We obtained the following results after applying the Fuzzy Analytic Hierarchy Process: CSC1 (Cyber Security Challenge-1) “Security Issues/Access of Cyber Attacks”, CSC2 “Lack of Right Knowledge”, and CSC3 “Framework” are the top most critical cyber security challenges, with weightages of 0.1687, 0.1672, and 0.1194, respectively. This study lays the groundwork for future research and assists vendor organizations in addressing the cybersecurity concerns they face during software development. The study also emphasizes the significance of addressing cybersecurity during the software development process in order to avoid the financial and reputational losses associated with cyber intrusions.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141939968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Organizing Graphical User Interface tests from behavior-driven development as videos to obtain stakeholders' feedback 将行为驱动开发的图形用户界面测试制作成视频,以获取利益相关者的反馈意见
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-08-05 DOI: 10.1002/smr.2721
Jianwei Shi, Jonas Mönnich, Jil Klünder, Kurt Schneider
{"title":"Organizing Graphical User Interface tests from behavior-driven development as videos to obtain stakeholders' feedback","authors":"Jianwei Shi,&nbsp;Jonas Mönnich,&nbsp;Jil Klünder,&nbsp;Kurt Schneider","doi":"10.1002/smr.2721","DOIUrl":"10.1002/smr.2721","url":null,"abstract":"<p>Demonstrating software early and responding to feedback is crucial in agile development. However, it is difficult for stakeholders who are not on-site customers but end users, marketing people, or designers, and so forth to give feedback in an agile development environment. Successful graphical user interface (GUI) test executions can be documented and then demonstrated for feedback. In our new concept, GUI tests from behavior-driven development (BDD) are recorded, augmented, and demonstrated as videos. A GUI test is divided into several GUI unit tests, which are specified in Gherkin, a semi-structured natural language. For each GUI unit test, a video is generated during test execution. Test steps specified in Gherkin are traced and highlighted in the video. Stakeholders review these generated videos and provide feedback, for example, on misunderstandings of requirements or on inconsistencies. To evaluate the impact of videos in identifying inconsistencies, we asked 22 participants to identify inconsistencies between (1) given requirements in regular sentences and (2) demonstrated behaviors from videos with Gherkin specifications or from Gherkin specifications alone. Our results show that participants tend to identify more inconsistencies from demonstrated behaviors, which are not in accordance with given requirements. They tend to recognize inconsistencies more easily through videos than through Gherkin specifications alone. The types of inconsistency are threefold: The mentioned feature can be incorrectly implemented, not implemented, or an unspecified new feature. We use a fictitious example showing how this feedback helps a product owner and her team manage requirements. We conclude that GUI test videos can help stakeholders give feedback more effectively. By obtaining early feedback, inconsistencies can be resolved, thus contributing to higher stakeholder satisfaction.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2721","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141939974","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Unveiling the impact of unchanged modules across versions on the evaluation of within-project defect prediction models 揭示不同版本中不变模块对项目内缺陷预测模型评估的影响
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-08-02 DOI: 10.1002/smr.2715
Xutong Liu, Yufei Zhou, Zeyu Lu, Yuanqing Mei, Yibiao Yang, Junyan Qian, Yuming Zhou
{"title":"Unveiling the impact of unchanged modules across versions on the evaluation of within-project defect prediction models","authors":"Xutong Liu,&nbsp;Yufei Zhou,&nbsp;Zeyu Lu,&nbsp;Yuanqing Mei,&nbsp;Yibiao Yang,&nbsp;Junyan Qian,&nbsp;Yuming Zhou","doi":"10.1002/smr.2715","DOIUrl":"10.1002/smr.2715","url":null,"abstract":"<div>\u0000 \u0000 \u0000 <section>\u0000 \u0000 <h3> Background</h3>\u0000 \u0000 <p>Software defect prediction (SDP) is a topic actively researched in the software engineering community. Within-project defect prediction (WPDP) involves using labeled modules from previous versions of the same project to train classifiers. Over time, many defect prediction models have been evaluated under the WPDP scenario.</p>\u0000 </section>\u0000 \u0000 <section>\u0000 \u0000 <h3> Problem</h3>\u0000 \u0000 <p>Data duplication poses a significant challenge in current WPDP evaluation procedures. Unchanged modules, characterized by identical executable source code, are frequently present in both target and source versions during experimentation. However, it is still unclear how and to what extent the presence of unchanged modules affects the performance assessment of WPDP models and the comparison of multiple WPDP models.</p>\u0000 </section>\u0000 \u0000 <section>\u0000 \u0000 <h3> Method</h3>\u0000 \u0000 <p>In this paper, we provide a method to detect and remove unchanged modules from defect datasets and unveil the impact of data duplication in WPDP on model evaluation.</p>\u0000 </section>\u0000 \u0000 <section>\u0000 \u0000 <h3> Results</h3>\u0000 \u0000 <p>The experiments conducted on 481 target versions from 62 projects provide evidence that data duplication significantly affects the reported performance values of individual learners in WPDP. However, when ranking multiple WPDP models based on prediction performance, the impact of removing unchanged instances is not substantial. Nevertheless, it is important to note that removing unchanged instances does have a slight influence on the selection of models with better generalization.</p>\u0000 </section>\u0000 \u0000 <section>\u0000 \u0000 <h3> Conclusion</h3>\u0000 \u0000 <p>We recommend that future WPDP studies take into consideration the removal of unchanged modules from target versions when evaluating the performance of their models. This practice will enhance the reliability and validity of the results obtained in WPDP research, leading to improved understanding and advancements in defect prediction models.</p>\u0000 </section>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141939969","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Selection of agile project management approaches based on project complexity 根据项目复杂性选择敏捷项目管理方法
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-07-31 DOI: 10.1002/smr.2716
Fernando Pinciroli
{"title":"Selection of agile project management approaches based on project complexity","authors":"Fernando Pinciroli","doi":"10.1002/smr.2716","DOIUrl":"10.1002/smr.2716","url":null,"abstract":"<p>Managing software development projects is a complex endeavor due to the constant emergence of unforeseen events that deviate from initial expectations. A competent project leader is not just someone who follows the planned course but also adept at handling and minimizing inconveniences, ultimately striving to achieve results that align as closely as possible with the desired outcome. However, individuals involved in technological development often cling to familiar tools that have previously yielded positive outcomes, even when those tools may not be the best fit for the current project context. The Agile Manifesto has significantly transformed project management, infusing the discipline with a fresh perspective. Nevertheless, there remain several challenges to overcome. In this article, we aim to provide a guide that addresses these difficulties and minimizes their impact. We explore the selection of key factors that adequately describe a project's complexity, which can subsequently be used in conjunction with the Cynefin framework to categorize management strategies, techniques, and tools based on their applicability to specific complexities. Additionally, we offer insights on adapting project management approaches throughout the project life cycle in response to changes in reality, utilizing the dynamics outlined by the Cynefin framework. Finally, we present suitable strategies, techniques, and tools for agile project management based on the complexity context assigned by the Cynefin framework.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141867837","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Evolution of secure development lifecycles and maturity models in the context of hosted solutions 托管解决方案中安全开发生命周期和成熟度模型的演变
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-07-30 DOI: 10.1002/smr.2711
Felix Lange, Immanuel Kunz
{"title":"Evolution of secure development lifecycles and maturity models in the context of hosted solutions","authors":"Felix Lange,&nbsp;Immanuel Kunz","doi":"10.1002/smr.2711","DOIUrl":"10.1002/smr.2711","url":null,"abstract":"<p>Organizations creating software commonly utilize software development lifecycles (SDLCs) to structure development activities. Secure development lifecycles (SDLs) integrate into SDLCs, adding security or compliance activities. They are widely used and have been published by industry leaders and in literature. These SDLs, however, were mostly designed before or while <i>cloud services</i> and other <i>hosted solutions</i> became popular. Such offerings widen the provider's responsibilities, as they not only deliver software but operate and decommission it as well. SDLs, however, do not always account for this change. Security maturity models (SMMs) help to assess SDLs and identify improvements by introducing a baseline to compare against. Multiple of these models were created after the advent of hosted solutions and are more recent than commonly referenced SDLs. Recent SMMs and SDLs may therefore support hosted solutions better than older proposals do. This paper compares a set of current and historic SDLs and SMMs in order to review their support for hosted solutions, including how support has changed over time. Security, privacy, and support for small or agile organizations are considered, as all are relevant to hosted solutions. The SDLs analyzed include Microsoft's SDL, McGraw's Touchpoints, the Cisco's SDL, and Stackpole and Oksendahl's SDL<sup>2</sup>. The SMMs reviewed are OWASP's Software Assurance Maturity Model 2 and DevSecOps Maturity Model. To assess the support for hosted solutions, the security and privacy activities foreseen in each SDLC phase are compared, before organizational compatibility, activity relevance, and efficiency are assessed. The paper further demonstrates how organizations may select and adjust a suitable proposal. The analyzed proposals are found to not sufficiently support hosted solutions: Important SDLC phases, such as solution retirement, are not always sufficiently supported. Agile practices, such as working in sprints, and small organizations are often not sufficiently considered as well. Efficiency is found to vary based on the application context. A clear improvement trend from before the proliferation of hosted solutions cannot be identified. Future work is therefore found to be required.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-07-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2711","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141867836","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SGDL: Smart contract vulnerability generation via deep learning SGDL:通过深度学习生成智能合约漏洞
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-07-20 DOI: 10.1002/smr.2712
Hanting Chu, Pengcheng Zhang, Hai Dong, Yan Xiao, Shunhui Ji
{"title":"SGDL: Smart contract vulnerability generation via deep learning","authors":"Hanting Chu,&nbsp;Pengcheng Zhang,&nbsp;Hai Dong,&nbsp;Yan Xiao,&nbsp;Shunhui Ji","doi":"10.1002/smr.2712","DOIUrl":"10.1002/smr.2712","url":null,"abstract":"<p>The growing popularity of smart contracts in various areas, such as digital payments and the Internet of Things, has led to an increase in smart contract security challenges. Researchers have responded by developing vulnerability detection tools. However, the effectiveness of these tools is limited due to the lack of authentic smart contract vulnerability datasets to comprehensively assess their capacity for diverse vulnerabilities. This paper proposes a <span>D</span>eep <span>L</span>earning-based <span>S</span>mart contract vulnerability <span>G</span>eneration approach (SGDL) to overcome this challenge. SGDL utilizes static analysis techniques to extract both syntactic and semantic information from the contracts. It then uses a classification technique to match injected vulnerabilities with contracts. A generative adversarial network is employed to generate smart contract vulnerability fragments, creating a diverse and authentic pool of fragments. The vulnerability fragments are then injected into the smart contracts using an abstract syntax tree to ensure their syntactic correctness. Our experimental results demonstrate that our method is more effective than existing vulnerability injection methods in evaluating the contract vulnerability detection capacity of existing detection tools. Overall, SGDL provides a comprehensive and innovative solution to address the critical issue of authentic and diverse smart contract vulnerability datasets.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141741766","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Aligning technical knowledge to an industry domain in global software development: A systematic mapping 在全球软件开发过程中将技术知识与行业领域相结合:系统制图
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-07-15 DOI: 10.1002/smr.2713
Vitor de Campos, José Maria N. David, Victor Ströele, Regina Braga
{"title":"Aligning technical knowledge to an industry domain in global software development: A systematic mapping","authors":"Vitor de Campos,&nbsp;José Maria N. David,&nbsp;Victor Ströele,&nbsp;Regina Braga","doi":"10.1002/smr.2713","DOIUrl":"10.1002/smr.2713","url":null,"abstract":"<p>Finding software developers with expertise in specific technologies that align with industry domains is an increasingly critical requirement. However, due to the ever-changing nature of the technology industry, locating these professionals has become a significant challenge for companies and institutions. This research presents a comprehensive overview of studies exploring suitable recommendation systems that can assist companies in addressing this pressing need. To conduct this study, we employ a hybrid systematic mapping approach with an initial number of 1,251 studies and a final selection of 21 studies. Our work focuses on collecting data on key technologies, methodologies, and data sets utilized in proposed recommendation systems, to design a new recommendation system that can effectively identify specialists capable of aligning specific technical knowledge with industry domains. The outcomes of this study include insights into the current research trends in this field, alongside a practical overview of considerations necessary for developing a recommendation system that successfully meets the criteria for aligning technical skills with industry domains. By following a hybrid systematic mapping methodology and presenting the outcomes in the form of insights, this research addresses the challenge of finding software developers with domain-specific expertise in a rapidly changing technology industry, laying the groundwork for aligning technical skills with industry domains.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 12","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141646757","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Metrics for software process simulation modeling 软件过程模拟建模的衡量标准
IF 1.7 4区 计算机科学
Journal of Software-Evolution and Process Pub Date : 2024-07-11 DOI: 10.1002/smr.2676
Bohan Liu, He Zhang, Liming Dong, Zhiqi Wang, Shanshan Li
{"title":"Metrics for software process simulation modeling","authors":"Bohan Liu,&nbsp;He Zhang,&nbsp;Liming Dong,&nbsp;Zhiqi Wang,&nbsp;Shanshan Li","doi":"10.1002/smr.2676","DOIUrl":"10.1002/smr.2676","url":null,"abstract":"<p>Software process simulation (SPS) has become an effective tool for software process management and improvement. However, its adoption in industry is less than what the research community expected due to the burden of measurement cost and the high demand for domain knowledge. The difficulty of extracting appropriate metrics with real data from process enactment is one of the great challenges. We aim to provide evidence-based support of the process metrics for software process (simulation) modeling. A systematic literature review was performed by extending our previous review series to draw a comprehensive understanding of the metrics for process modeling following our proposed ontology of metrics in SPS. We identify 131 process modeling studies that collectively involve 1975 raw metrics and classified them into 21 categories using the coding technique. We found product and process external metrics are not used frequently in SPS modeling while resource external metrics are widely used. We analyze the causal relationships between metrics. We find that the models exhibit significant diversity, as no pairwise relationship between metrics accounts for more than 10% SPS models. We identify 17 data issues may encounter in measurement and 10 coping strategies. The results of this study provide process modelers with an evidence-based reference of the identification and the use of metrics in SPS modeling and further contribute to the development of the body of knowledge on software metrics in the context of process modeling. Furthermore, this study is not limited to process simulation but can be extended to software process modeling, in general. Taking simulation metrics as standards and references can further motivate and guide software developers to improve the collection, governance, and application of process data in practice.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"36 11","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-07-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141609839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信