Journal of Software-Evolution and Process最新文献

{"title":"Dissecting Code Features: An Evolutionary Analysis of Kernel Versus Nonkernel Code in Operating Systems","authors":"Yangyang Zhao,&nbsp;Chenglin Li,&nbsp;Zhifei Chen,&nbsp;Zuohua Ding","doi":"10.1002/smr.2752","DOIUrl":"https://doi.org/10.1002/smr.2752","url":null,"abstract":"<div>\u0000 \u0000 <p>Understanding the evolution of software systems is crucial for advancing software engineering practices. Many studies have been devoted to exploring software evolution. However, they primarily treat software as an entire entity and overlook the inherent differences between subsystems, which may lead to biased conclusions. In this study, we attempt to explore variations between subsystems by investigating the code feature differences between kernel and nonkernel components from an evolutionary perspective. Based on three operating systems as case studies, we examine multiple dimensions, including the code churn characteristics and code inherent characteristics. The main findings are as follows: (1) The proportion of kernel code remains relatively small, and exhibits consistent stability across the majority of versions as systems evolve. (2) Kernel code exhibits higher stability in contrast to nonkernel code, characterized by a lower modification rate and finer modification granularity. The patterns of modification activities are similar in both kernel and nonkernel code, with a preference of changing code and a tendency to avoid the combination of adding and deleting code. (3) The cumulative code size and complexity of kernel files show an upward trajectory as the system evolves. (4) Kernel files exhibit a significantly higher code density and complexity than nonkernel files, featuring a greater number of code line, comments, and statements, along with a larger program length, vocabulary, and volume. Conversely, kernel functions prioritize modularity and maintainability, with a significantly smaller size and lower complexity than nonkernel functions. These insights contribute to a deeper understanding of the dynamics within operating system codebases and highlight the necessity of targeted maintenance strategies for different subsystems.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143119356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Better Knowledge Enhancement for Privacy-Preserving Cross-Project Defect Prediction","authors":"Yuying Wang,&nbsp;Yichen Li,&nbsp;Haozhao Wang,&nbsp;Lei Zhao,&nbsp;Xiaofang Zhang","doi":"10.1002/smr.2761","DOIUrl":"https://doi.org/10.1002/smr.2761","url":null,"abstract":"<div>\u0000 \u0000 <p>Cross-project defect prediction (CPDP) poses a nontrivial challenge to construct a reliable defect predictor by leveraging data from other projects, particularly when data owners are concerned about data privacy. In recent years, federated learning (FL) has become an emerging paradigm to guarantee privacy information by collaborative training a global model among multiple parties without sharing raw data. While the direct application of FL to the CPDP task offers a promising solution to address privacy concerns, the data heterogeneity arising from proprietary projects across different companies or organizations will bring troubles for model training. In this paper, we study the privacy-preserving CPDP with data heterogeneity under the FL framework. To address this problem, we propose a novel knowledge enhancement approach named <b>FedDP</b> with two simple but effective solutions: 1. local heterogeneity awareness and 2. global knowledge distillation. Specifically, we employ open-source project data as the distillation dataset and optimize the global model with the heterogeneity-aware local model ensemble via knowledge distillation. Experimental results on 19 projects from two datasets demonstrate that our method significantly outperforms baselines.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143117384","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Quality-in-Use in Practice: A Study for Context-Aware Software Systems in Pervasive Environments","authors":"Sergio Salomón,&nbsp;Rafael Duque,&nbsp;Santos Bringas,&nbsp;Káthia Marçal de Oliveira","doi":"10.1002/smr.2764","DOIUrl":"https://doi.org/10.1002/smr.2764","url":null,"abstract":"<div>\u0000 \u0000 <p>Software quality models have increasingly emphasized human factors and user needs. In 2011, ISO/IEC 25010 introduced the quality-in-use (QinU) model, designed to evaluate software quality as an outcome of a user utilizing a system through the evaluation of five characteristics: effectiveness, efficiency, freedom from risk, satisfaction, and context coverage. As a generic reference, this standard has been customized for various software types (e.g., web portals and artificial intelligence systems). This article presents a customization for context-aware software systems (CASSs), which are software systems that interpret and use context information (regarding the user, the software application features, and the environment) to adapt their functionalities. We are particularly interested in CASS for pervasive, or ubiquitous, environments. To address this goal, each QinU characteristic was analyzed by professionals from the academy and industry, taking into account the CASS features for pervasive/ubiquitous environments. A cyclical process of definition, revision, and improvement based on measurement theory was carried out before empirical validation in case studies. As the main result, a novel set of QinU measures specifically tailored for CASSs in a pervasive environment is provided, considering not only the classic explicit user interactions (e.g., mouse clicks and text input) but also the implicit interactions during everyday activities (e.g., walking or driving), captured through sensors and processed to support the user (e.g., recommending nearby museums and providing driving guidance). This set of measures supports CASS assessment and improvements, offering more accurate and context-sensitive quality measurement.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143117383","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cloud and Edge Computing as Effective Trends in Business Model Innovation: A Bibliometric Review","authors":"Y. Sun","doi":"10.1002/smr.2754","DOIUrl":"https://doi.org/10.1002/smr.2754","url":null,"abstract":"<div>\u0000 \u0000 <p>Developing an information technology (IT) infrastructure for business and organizational operations has gained importance concurrently with the emergence of edge and cloud computing technologies. On the other hand, innovation is crucial for businesses because consumers demand better service and lower ownership costs. Several firms use the cloud as their innovation platform to expand and stay competitive. In the commercial world, cloud computing is swiftly embraced by small, medium, and big businesses in sectors including aerospace, automotive, logistics, financial services, textiles, and health. With all the benefits cloud computing has for business improvement, some issues and problems prevent organizations and companies from migrating to the cloud. Due to these evidentiary gaps, I combined quantitative and qualitative analytical techniques to synthesize the existing literature and identify possible directions for future studies that may have an impact. The primary aim of this research is to provide a bibliometric procedure to review the state of the art on this scope and provide a roadmap for future studies; then, it provides insight into how the adoption and sustained usage of cloud sourcing could and edge encourage the creation of novel business models and impact a company's competitive advantage. The publications were reviewed using a bibliometric approach that divided the papers into four categories: cloud computing data security, business risk management techniques, resource allocation, and business performance. According to the results, adopting cloud and edge computing service delivery models is connected with increased revenue and less capital investment in IT assets for the company. Also, the results showed that one of the main obstacles to implementing cloud and edge computing technology in organizations is low security and lack of sufficient internal resources.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143115639","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Understanding Remote Work Experience: Insights Into Well-Being","authors":"Aurora Vizcaíno,&nbsp;Julio Suárez,&nbsp;Darja Šmite,&nbsp;Félix O. García","doi":"10.1002/smr.2757","DOIUrl":"https://doi.org/10.1002/smr.2757","url":null,"abstract":"<div>\u0000 \u0000 \u0000 <section>\u0000 \u0000 <h3> Background</h3>\u0000 \u0000 <p>After the pandemic, software engineers were forced to work remotely, in many cases without prior experience of doing so.</p>\u0000 </section>\u0000 \u0000 <section>\u0000 \u0000 <h3> Objective</h3>\u0000 \u0000 <p>The objective of this work is to analyze the factors that influence engineers' motivation, stress and performance when working remotely after the pandemic, and to what level.</p>\u0000 </section>\u0000 \u0000 <section>\u0000 \u0000 <h3> Methods</h3>\u0000 \u0000 <p>A significant number (around 1000) of Latin-American software development professionals from different countries who work remotely were surveyed in order to study the factors that affect them and how when they work in this manner. The data collected from the survey were then statistically analyzed using the partial least square-structural equation modeling (PLS-SEM) method.</p>\u0000 </section>\u0000 \u0000 <section>\u0000 \u0000 <h3> Conclusions</h3>\u0000 \u0000 <p>The analysis of the data made it possible to conclude that there are direct negative effects of stress on performance and direct positive effects of motivation on performance. In addition, we found that skills, experience, and teamwork behavior, such as trust, communication, and knowledge sharing, play an important role when working remotely.</p>\u0000 </section>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2757","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143115640","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Strengthening Large-Scale Agile Teams: The Interplay of High-Quality Relationships, Psychological Safety, and Learning From Failures","authors":"Muhammad Ovais Ahmad","doi":"10.1002/smr.2759","DOIUrl":"https://doi.org/10.1002/smr.2759","url":null,"abstract":"<p>Agile methods have become a standard practice within software industry, with organizations increasingly adopting large-scale agile (LSA) frameworks. However, as these frameworks are implemented across multiple teams and organizational functions, new challenges emerge, particularly in maintaining alignment, coherence, and collaboration across teams. One crucial element in addressing these challenges is fostering of a culture of continuous learning and psychological safety, with the objective of optimizing team performance and ensuring project success. Despite the importance of this topic, there is a significant gap in existing literature regarding antecedents of psychological safety and its impact on team learning and performance in LSA environments. This study aims to investigate impact of high-quality relationships and psychological safety on learning from failures and, consequently, on team performance in LSA context. An online survey of 167 software professionals in Sweden was conducted to test a conceptual model that is developed based on existing literature. The hypotheses were analyzed using partial least squares structural equation modeling. The results demonstrate strong positive correlation between the presence of high-quality relationships, psychological safety, and capacity to learn from failures and team performance. Specifically, the formation of high-quality relationships has been demonstrated to significantly enhance psychological safety, which in turn facilitates learning from failures and leads to improved team performance. These findings offer valuable insights for both practitioners and researchers, highlighting the importance of cultivating relational dynamics and a psychologically safe environment in LSA projects. Furthermore, the study offers guidance for future research, regarding the scalability and generalizability of these findings.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2759","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143115671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Fuzzy-AHP Decision-Making Framework for Optimizing Software Maintenance and Deployment in Information Security Systems","authors":"Rafiq Ahmad Khan,&nbsp;Ismail Keshta,&nbsp;Hussein A. Al Hashimi,&nbsp;Alaa Omran Almagrabi,&nbsp;Hathal S. Alwageed,&nbsp;Musaad Alzahrani","doi":"10.1002/smr.2758","DOIUrl":"https://doi.org/10.1002/smr.2758","url":null,"abstract":"<div>\u0000 \u0000 \u0000 <section>\u0000 \u0000 <p>Information System Security (ISS) is the primary economic lever for the global economy. It is the cornerstone for value generation, and its absence undeniably affects technology, people, and finances. The emergence of the worldwide information society has introduced fresh economic and legal challenges attributed to the surge in Internet utilization and advancements in the digital economy. Ensuring the security of advancements within information systems has emerged as a primary concern in propelling the evolution of information processes within the software development industry. This study aims to develop and propose a Fuzzy Analytic Hierarchy Process (Fuzzy-AHP) framework to enhance decision-making for software maintenance and deployment in ISS. This framework aims to provide a systematic, flexible method for evaluating and prioritizing multiple conflicting criteria under conditions of uncertainty. The study initially adopts an empirical survey to identify software security maintenance and deployment risks and their practices for ISS organizations. Then adopts the Fuzzy-AHP method to handle the imprecision of expert judgments and organizes decision-making into a hierarchical structure. The framework is applied to evaluate key criteria related to software maintenance and deployment, including security risks, system performance, operational costs, and compliance requirements. Data from 50 ISS experts were collected and used to validate the framework. The paper identifies 52 security risks in maintenance and deployment (SRMD) processes in ISS and also identified 139 best practices for ensuring security, including regular updates, patch management, and adherence to industry-standard security protocols. The Fuzzy-AHP framework effectively structured the decision-making process by prioritizing criteria and sub-criteria. The results demonstrated that the framework helps mitigate the subjective biases in expert judgment and provides a more balanced assessment of maintenance and deployment strategies. Prioritizing security risks and compliance emerged as key factors in the decision-making process. The proposed Fuzzy-AHP framework provides an innovative and adaptable solution for optimizing ISS organizations' software maintenance and deployment decisions. It addresses the complexity and uncertainty involved in such decisions, offering a transparent and structured approach that improves the accuracy and reliability of outcomes. Future research should focus on empirical validation of the framework in real-world case studies and expand its application to other industries with similar decision-making needs.</p>\u0000 </section>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143115670","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing Literature Quality Assessment Skill in Novice Researchers: A Collaborative Card-Based Learning Approach","authors":"Affan Yasin,&nbsp;Rubia Fatima,&nbsp;Ira Puspitasari,&nbsp;Zheng JiangBin,&nbsp;Zhi Li","doi":"10.1002/smr.2753","DOIUrl":"https://doi.org/10.1002/smr.2753","url":null,"abstract":"<div>\u0000 \u0000 <p>Assessing the quality and credibility of research is crucial across disciplines. However, training early career scholars in systematic quality appraisal poses challenges. The rise of online grey literature increases the need for nuanced evaluation capabilities. This study aims to impart basic literature quality assessment knowledge in early career software engineering researchers using an interactive card-based learning activity. The PRISMA abstract quality checklist was adapted into a physical card deck. Sixteen novice researchers participated in a session using the cards to collaborate, discuss, and analyze a sample review paper abstract based on structured criteria. Quantitative feedback was gathered. Survey results indicated the card activity positively enhanced perceived understanding of quality principles, engagement, and assessment skills. Open-ended feedback highlighted cards improved focus, interactivity, and peer exchanges. This preliminary study provides encouraging evidence that a customized card-based approach can effectively instill foundational skills for assessing abstract quality while increasing motivation and enjoyment. Further research should evaluate long-term retention and optimal instructional design parameters.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143113616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Perspective of Agile Software Developers on Data Privacy","authors":"Mariana Peixoto,&nbsp;Tony Gorschek,&nbsp;Daniel Mendez,&nbsp;Carla Silva,&nbsp;Davide Fucci","doi":"10.1002/smr.2755","DOIUrl":"https://doi.org/10.1002/smr.2755","url":null,"abstract":"<div>\u0000 \u0000 <p>Recent studies have shown that many software developers do not have sufficient knowledge and understanding of how to develop a privacy-friendly system. This may become a challenge in developing systems complying with data protection laws. To address this issue, we investigated the factors that influence developers' decision-making when developing privacy-sensitive systems. We conducted an empirical study by means of a survey with 109 practitioners. Our data analysis is based on the principles of social cognitive theory, which includes personal, behavioral, and external environmental factors. We identified six personal, five behavioral, and five external environment factors that affect how developers make decisions regarding privacy, including confusion between privacy and security and reliance on informal practices and organizational support gaps. These findings contribute to understanding how practitioners and companies consider privacy, showing improvements in formal training and structured support over previous studies yet highlighting persistent challenges in consistent privacy integration.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143118226","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Neural Networks-Based Software Development Effort Estimation: A Systematic Literature Review","authors":"Fatima Ezzahra Boujida,&nbsp;Fatima Azzahra Amazal,&nbsp;Ali Idri","doi":"10.1002/smr.2756","DOIUrl":"https://doi.org/10.1002/smr.2756","url":null,"abstract":"<div>\u0000 \u0000 <p>Software development effort estimation (SDEE) is a key task in managing software projects. Among the existing SDEE models, artificial neural networks (ANN) have garnered considerable attention from the software engineering community because of their ability to learn from previous data and yield acceptable estimates. However, to the best of the authors' knowledge, no systematic literature review (SLR) has been carried out with focus on the use of ANNs in SDEE. This work aims to analyze ANN-based SDEE studies from five view-points: estimation accuracy, accuracy comparison, estimation context, impact of combining ANN-based SDEE models with other techniques, and ANNs parameters. To find relevant ANN-based SDEE studies, we carried out an automated search using four electronic databases. The quality of the relevant papers was assessed to determine the set of papers to include in our review. We identified 65 papers published in the period 1993–2023 with acceptable quality score. The results of our systematic review revealed that ANN-based SDEE models perform better than 11 machine learning (ML) and non-ML SDEE models. Further, the estimation accuracy is improved when neural networks are used in combination with other techniques such as fuzzy clustering techniques. This study found that the use of ANN models in SDEE is promising to get accurate estimates. However, the application of ANN models in industry is still limited. Therefore, it is recommended that practitioners cooperate with researchers to encourage and facilitate the application of ANN models in industry.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143118245","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}