A Controlled Experiment for Evaluating a Metric–Based Reading Technique for Requirements Inspection

Natural language requirements documents are often verified by means of some reading technique. Some recommendations for defining a good reading technique point out that a concrete technique must not only be suitable for specific classes of defects, but also for a concrete notation in which requirements are written. Following this suggestion, we have proposed a metric–based reading (MBR) technique used for requirements inspections, whose main goal is to identify specific types of defects in use cases. The systematic approach of MBR is basically based on a set of rules as ”if the metric value is too low (or high) the presence of defects of type must be checked”. We hypothesised that if the reviewers know these rules, the inspection process is more effective and efficient, which means that the defects detection rate is higher and the number of defects identified per unit of time increases. But this hypotheses lacks validity if it is not empirically validated. For that reason the main goal of this paper is to describe a controlled experiment we carried out to ascertain if the usage of MBR really helps in the detection of defects in comparison with a simple Checklist technique. The experiment result revealed that MBR reviewers were more effective at detecting defects than Checklist reviewers, but they were not more efficient, because MBR reviewers took longer than Checklist reviewers on average.Ministerio de Ciencia y Tecnología TIC 2003-02737-C02-01Ministerio de Ciencia y Tecnología TIC2003-07804-C05-0

Software development: A paradigm for the future

A new paradigm for software development that treats software development as an experimental activity is presented. It provides built-in mechanisms for learning how to develop software better and reusing previous experience in the forms of knowledge, processes, and products. It uses models and measures to aid in the tasks of characterization, evaluation and motivation. An organization scheme is proposed for separating the project-specific focus from the organization's learning and reuse focuses of software development. The implications of this approach for corporations, research and education are discussed and some research activities currently underway at the University of Maryland that support this approach are presented

Creep monitoring using permanently installed potential drop sensors

Creep is the primary life limiting mechanism of static high temperature, high pressure power station components. Creep state evaluation is currently achieved by surface inspection of microstructure during infrequent outages; a methodology which is laborious, time consuming and considered inadequate. The objective of this work is to develop a monitoring technique that is capable of on-load creep damage monitoring. A continuous update of component integrity will enable better informed, targeted inspections and outage maintenance providing increased power generation availability. A low-frequency, permanently installed potential drop system has been previously developed and will be the focus of this thesis. The use of a quasi-DC inspection frequency suppresses the influence of the electromagnetic skin effect that would otherwise undermine the stability of the measurement in the ferromagnetic materials of interest; the use of even low frequency measurements allows phase sensitive detection and greatly enhanced noise performance. By permanently installing the electrodes to the surface of the component the resistance measurement is sensitive to strain. A resistance - strain inversion is derived and validated experimentally; the use of the potential drop sensor as a robust, high temperature strain gauge is therefore demonstrated. The strain rate of a component is known to be an expression of the creep state of the component. This concept was adopted to develop an interpretive framework for inferring the creep state of a component. It is possible to monitor the accumulation of creep damage through the symptomatic relative increase in strain rate. By taking the ratio of two orthogonal strain measurements, instability and drift common to both measurements can be effectively eliminated; an important attribute considering the necessity to monitor very low strain rates over decades in time in a harsh environment. A preliminary study of using the potential drop technique for monitoring creep damage at a weld has been conducted. Welds provide a site for preferential creep damage accumulation and therefore will frequently be the life limiting feature of power station components. The potential drop technique will be sensitive to both the localised strain that is understood to act as precursor to creep damage at a weld and also the initiation and growth of a crack. Through the course of this project, two site trials have been conducted in power stations. A measurement system and high temperature hardware that is suitable for the power station environment has been developed. The focus of this thesis is the effective transfer of the technique to industry; the realisation of this is detailed in the final chapter.Open Acces

An Efficient Approach for Reviewing Security-Related Aspects in Agile Requirements Specifications of Web Applications

Defects in requirements specifications can have severe consequences during the software development lifecycle. Some of them may result in poor product quality and/or time and budget overruns due to incorrect or missing quality characteristics, such as security. This characteristic requires special attention in web applications because they have become a target for manipulating sensible data. Several concerns make security difficult to deal with. For instance, security requirements are often misunderstood and improperly specified due to lack of security expertise and emphasis on security during early stages of software development. This often leads to unspecified or ill-defined security-related aspects. These concerns become even more challenging in agile contexts, where lightweight documentation is typically produced. To tackle this problem, we designed an approach for reviewing security-related aspects in agile requirements specifications of web applications. Our proposal considers user stories and security specifications as inputs and relates those user stories to security properties via Natural Language Processing. Based on the related security properties, our approach identifies high-level security requirements from the Open Web Application Security Project (OWASP) to be verified, and generates a reading technique to support reviewers in detecting defects. We evaluate our approach via three experiment trials conducted with 56 novice software engineers, measuring effectiveness, efficiency, usefulness, and ease of use. We compare our approach against using: (1) the OWASP high-level security requirements, and (2) a perspective-based approach as proposed in contemporary state of the art. The results strengthen our confidence that using our approach has a positive impact (with large effect size) on the performance of inspectors in terms of effectiveness and efficiency.Comment: Preprint accepted for publication at the Requirements Engineering journal. arXiv admin note: text overlap with arXiv:1906.1143

Collected software engineering papers, volume 12

This document is a collection of selected technical papers produced by participants in the Software Engineering Laboratory (SEL) from November 1993 through October 1994. The purpose of the document is to make available, in one reference, some results of SEL research that originally appeared in a number of different forums. This is the 12th such volume of technical papers produced by the SEL. Although these papers cover several topics related to software engineering, they do not encompass the entire scope of SEL activities and interests. Additional information about the SEL and its research efforts may be obtained from the sources listed in the bibliography at the end of this document

Foundations of Empirical Software Engineering: The Legacy of Victor R. Basili

This book captures the main scientific contributions of Victor R. Basili, who has significantly shaped the field of empirical software engineering from its very start. He was the first to claim that software engineering needed to follow the model of other physical sciences and develop an experimental paradigm. By working on this postulate, he developed concepts that today are well known and widely used, including the Goal-Question-Metric method, the Quality-Improvement paradigm, and the Experience Factory. He is one of the few software pioneers who can aver that their research results are not just scientifically acclaimed but are also used as industry standards. On the occasion of his 65th birthday, celebrated with a symposium in his honor at the International Conference on Software Engineering in St. Louis, MO, USA in May 2005, Barry Boehm, Hans Dieter Rombach, and Marvin V. Zelkowitz, each a long-time collaborator of Victor R. Basili, selected the 20 most important research papers of their friend, and arranged these according to subject field. They then invited renowned researchers to write topical introductions. The result is this commented collection of timeless cornerstones of software engineering, hitherto available only in scattered publications

Towards a self-evolving software defect detection process

Software defect detection research typically focuses on individual inspection and testing techniques. However, to be effective in applying defect detection techniques, it is important to recognize when to use inspection techniques and when to use testing techniques. In addition, it is important to know when to deliver a product and use maintenance activities, such as trouble shooting and bug fixing, to address the remaining defects in the software.To be more effective detecting software defects, not only should defect detection techniques be studied and compared, but the entire software defect detection process should be studied to give us a better idea of how it can be conducted, controlled, evaluated and improved.This thesis presents a self-evolving software defect detection process (SEDD) that provides a systematic approach to software defect detection and guides us as to when inspection, testing or maintenance activities are best performed. The approach is self-evolving in that it is continuously improved by assessing the outcome of the defect detection techniques in comparison with historical data.A software architecture and prototype implementation of the approach is also presented along with a case study that was conducted to validate the approach. Initial results of using the self-evolving defect detection approach are promising

Proceedings of the Twenty-Third Annual Software Engineering Workshop

The Twenty-third Annual Software Engineering Workshop (SEW) provided 20 presentations designed to further the goals of the Software Engineering Laboratory (SEL) of the NASA-GSFC. The presentations were selected on their creativity. The sessions which were held on 2-3 of December 1998, centered on the SEL, Experimentation, Inspections, Fault Prediction, Verification and Validation, and Embedded Systems and Safety-Critical Systems