A Comparison of the Essence 1.0 and SPEM 2.0 Specifications for Software Engineering Methods

In this paper we present a comparison of the draft Essence 1.0 and Software & Systems Process Engineering Metamodel (SPEM) 2.0 specifications for software engineering methods from the Object Management Group (OMG). The comparison is based on results from the REMICS research project where we are defining an agile methodology for model-driven modernization of legacy applications to service clouds. The initial REMICS Methodology was defined using SPEM. Selected parts of the methodology are now being redefined in Essence to evaluate its applicability, in particular its promise of better support for definition of agile practices and method enactment compared to SPEM. The comparison shows that there are similarities in the authoring capabilities provided by the two specifications, but that there are key differences in the method architecture with respect to support for enactment. Categories and Subject Descriptor

Utilising the Software Engineering Methods and Theory framework to critically evaluate software engineering practice in the South African banking industry

A research report submitted to the Faculty of Engineering and The Built Environment of the University of Witwatersrand, Johannesburg In partial fulfilment of the requirements for the Degree of Master of Science in Engineering September 2015In recent years, software has become the cornerstone of banking and new business products are directly dependant on software. The delivery cycles for new features is now related to market share. This drive to use software as a vehicle for competitive advantage has created an environment in which software development of new business systems are increasingly on the critical path of many projects. An organisation’s portfolio of software intensive projects is situated within this complexity and organisations attempt to mitigate the risks associated with these complexities by implementing software development processes and practices. A key problem facing the modern bank is how to define and build a software development process that caters for both the traditional and increasingly agile genres of software development characteristics in a consistent and manageable way. The banks attempt to address this problem through continuous methodology and process improvements. Comparing and assessing non-standardised software engineering lifecycle models without a common framework is a complex and subjective task. A standardised language is important for simplifying the task for developing new methods and practices or for analysing and documenting existing practices. The Software Engineering Methods and Theory (SEMAT) initiative has developed a standardised kernel of essential concepts, together with a language that describes the essence of software engineering. This kernel, called the Essence, has recently become an Object Management Group (OMG) standard. The Essence kernel, together with its language, can be used as the underpinning theory to analyse an existing method and help provide insights that can drive method enhancements. The research report proposes a simple, actionable analysis framework to assist organisations to assess, review and develop their software engineering methods. The core concepts of the methodology are identified and mapped to the Essence concepts. The governance model of the Essence is mapped to the governance model of the industry model and a set of practices is identified and documented in the Essence language. The mapping and resulting analysis can be used to test the validity of the Essence theory in practice and identify areas for improvement in both the method and the Essence standard. The analysis framework has been applied to an operational software development lifecycle of a large South African bank. A mapping of the Essence concepts to the governance model and method documented in the lifecycle was completed. This mapping revealed that the Essence is a valid tool and can be used to describe a method in practice. Furthermore it is useful as an analysis framework to assess the governance model that manages and measures the progress of an endeavour in the Bank. The case study and resulting analysis demonstrate that the Essence standard can be used to analyse a methodology and identify areas for improvement. The analysis also identified areas for improvement in the Essence specification

Software development in the post-PC era : towards software development as a service

PhD ThesisEngineering software systems is a complex task which involves various stakeholders and requires planning and management to succeed. As the role of software in our daily life is increasing, the complexity of software systems is increasing. Throughout the short history of software engineering as a discipline, the development practises and methods have rapidly evolved to seize opportunities enabled by new technologies (e.g., the Internet) and to overcome economical challenges (e.g., the need for cheaper and faster development). Today, we are witnessing the Post-PC era. An era which is characterised by mobility and services. An era which removes organisational and geographical boundaries. An era which changes the functionality of software systems and requires alternative methods for conceiving them. In this thesis, we envision to execute software development processes in the cloud. Software processes have a software production aspect and a management aspect. To the best of our knowledge, there are no academic nor industrial solutions supporting the entire software development process life-cycle(from both production and management aspects and its tool-chain execution in the cloud. Our vision is to use the cloud economies of scale and leverage Model-Driven Engineering (MDE) to integrate production and management aspects into the development process. Since software processes are seen as workflows, we investigate using existing Workflow Management Systems to execute software processes and we find that these systems are not suitable. Therefore, we propose a reference architecture for Software Development as a Service (SDaaS). The SDaaS reference architecture is the first proposal which fully supports development of complex software systems in the cloud. In addition to the reference architecture, we investigate three specific related challenges and propose novel solutions addressing them. These challenges are: Modelling & enacting cloud-based executable software processes. Executing software processes in the cloud can bring several benefits to software develop ment. In this thesis, we discuss the benefits and considerations of cloud-based software processes and introduce a modelling language for modelling such processes. We refer to this language as EXE-SPEM. It extends the Software and Systems Process Engineering (SPEM2.0) OMG standard to support creating cloudbased executable software process models. Since EXE-SPEM is a visual modelling language, we introduce an XML notation to represent EXE-SPEM models in a machine-readable format and provide mapping rules from EXE-SPEM to this notation. We demonstrate this approach by modelling an example software process using EXE-SPEM and mapping it to the XML notation. Software process models expressed in this XML format can then be enacted in the proposed SDaaS architecture. Cost-e cient scheduling of software processes execution in the cloud. Software process models are enacted in the SDaaS architecture as workflows. We refer to them sometimes as Software Workflows. Once we have executable software process models, we need to schedule them for execution. In a setting where multiple software workflows (and their activities) compete for shared computational resources (workflow engines), scheduling workflow execution becomes important. Workflow scheduling is an NP-hard problem which refers to the allocation of su cient resources (human or computational) to workflow activities. The schedule impacts the workflow makespan (execution time) and cost as well as the computational resources utilisation. The target of the scheduling is to reduce the process execution cost in the cloud without significantly a ecting the process makespan while satisfying the special requirements of each process activity (e.g., executing on a private cloud). We adapt three workflow scheduling algorithms to fit for SDaaS and propose a fourth one; the Proportional Adaptive Task Schedule. The algorithms are then evaluated through simulation. The simulation results show that the our proposed algorithm saves between 19.74% and 45.78% of the execution cost, provides best resource (VM) utilisation and provides the second best makespan compared to the other presented algorithms. Evaluating the SDaaS architecture using a case study from the safety-critical systems domain. To evaluate the proposed SDaaS reference architecture, we instantiate a proof-of-concept implementation of the architecture. This imple mentation is then used to enact safety-critical processes as a case study. Engineering safety-critical systems is a complex task which involves multiple stakeholders. It requires shared and scalable computation to systematically involve geographically distributed teams. In this case study, we use EXE-SPEM to model a portion of a process (namely; the Preliminary System Safety Assessment - PSSA) adapted from the ARP4761 [2] aerospace standard. Then, we enact this process model in the proof-of-concept SDaaS implementation. By using the SDaaS architecture, we demonstrate the feasibility of our approach and its applicability to di erent domains and to customised processes. We also demonstrate the capability of EXE-SPEM to model cloud-based executable processes. Furthermore, we demonstrate the added value of the process models and the process execution provenance data recorded by the SDaaS architecture. This data is used to automate the generation of safety cases argument fragments. Thus, reducing the development cost and time. Finally, the case study shows that we can integrate some existing tools and create new ones as activities used in process models. The proposed SDaaS reference architecture (combined with its modelling, scheduling and enactment capabilities) brings the benefits of the cloud to software development. It can potentially save software production cost and provide an accessible platform that supports collaborating teams (potentially across di erent locations). The executable process models support unified interpretation and execution of processes across team(s) members. In addition, the use of models provide managers with global awareness and can be utilised for quality assurance and process metrics analysis and improvement. We see the contributions provided in this thesis as a first step towards an alternative development method that uses the benefits of cloud and Model-Driven Engineering to overcome existing challenges and open new opportunities. However, there are several challenges that are outside the scope of this study which need to be addressed to allow full support of the SDaaS vision (e.g., supporting interactive workflows). The solutions provided in this thesis address only part of a bigger vision. There is also a need for empirical and usability studies to study the impact of the SDaaS architecture on both the produced products (in terms of quality, cost, time, etc.) and the participating stakeholders

A software development methodology for solo software developers: leveraging the product quality of independent developers

Software security for agile methods, particularly for those designed for individual developers, is still a major concern. With most software products deployed over the Internet, security as a key component of software quality has become a major problem. In addressing this problem, this research proposes a solo software development methodology (SSDM) that uses as minimum resources as possible, at the same time conforming to the best practice for delivering secure and high-quality software products. Agile methods have excelled on delivering timely and quality software. At the same time research also shows that most agile methods do not address the problem of security in the developed software. A metasynthesis of SSDMs conducted in this thesis confirmed the lack practices that promote security in the developed software product. On the other hand, some researchers have demonstrated the feasibility of incorporating existing lightweight security practices into agile methods. This research uses Design Science Research (DSR) to build, demonstrate and evaluate a lightweight SSDM. Using an algorithm adapted for the purpose, the research systematically integrates lightweight security and quality practices to produce an agile secure-solo software development methodology (Secure-SSDM). A multiple-case study in an academic and industry setting is conducted to demonstrate and evaluate the utility of the methodology. This demonstration and evaluation thereof, indicates the applicability of the methodology in building high-quality and secure software products. Theoretical evaluation of the agility of the Secure-SSDM using the four-dimensional analytical tool (4-DAT) shows satisfactory compliance of the methodology with agile principles. The main contributions in this thesis are: the Secure-SSDM, which entails description of the concepts, modelling languages, stages, tasks, tools and techniques; generation of a quality theory on practices that promote quality in a solo software development environment; adaptation of Keramati and Mirian-Hosseinabadi’s algorithm for the purposes of integrating quality and security practices. This research would be of value to researchers as it introduces the security component of software quality into a solo software development environment, probing more research in the area. To software developers the research has provided a lightweight methodology that builds quality and security into the product using minimum resources.School of ComputingD. Phil. (Computer Science