E/VPL a system for modelling and enacting software processes

This research addresses the technical issues involved in specifying and mechanically supporting software development processes and is related to the view of processes as “software”, i.e. as a specifiable and executable entity. Software processes can be described using textual and graphical techniques. This allows interested parties to agree that it reflects the true process, to reason about the process and to identify potential improvements. In designing new or improved processes, an ability to simulate these processes is invaluable. Such simulations, based on the process descriptions, allow one to step through the process tasks in an interactive manner. Thus one can evaluate the effectiveness of processes, assess their behaviour and ask “what-if ’ questions based upon proposed modifications. Simulations with the help of quantitative data, can be run for statistical purposes, where parameters can be varied. Process descriptions can be used as a basis for process automation, as they contain much of the information needed to build a process-centred environment However, many currently available tools, whose origins lie in process definition, allow simulation, but do not generally support real-time execution of process descriptions. This thesis reviews the current state-of-the-art in automated systems that enact software development processes and proposes a system called Enhanced Visual Process Language (E/VPL), which is a graphically-oriented process modelling system. A prototype system has been constructed to implement E/VPL and is evaluated to assess its potential as a process modelling system

Software engineering risk management : a method, improvement framework, and empirical evaluation

This dissertation presents a method for software risk management, its improvement framework, and results from its empirical evaluations. More specifically, our objectives were: Develop a comprehensive, theoretically sound, and practical method for software engineering risk management. Develop a framework and supporting software tools for the continuous improvement of software engineering risk management and for improving knowledge about risks. Evaluate the method in practice to provide information on its feasibility, effectiveness, advantages and disadvantages, and to improve it. Although risk management has been considered an important issue in software development and significant contributions to risk management have been made over the past decade, risk management is rarely actively and explicitly applied in practice. Furthermore, most risk management approaches in software engineering use simplistic approaches and fail to account for the biases common in risk perception. We have developed a method, called Riskit, that complements existing risk management approaches by supporting qualitative and structured analysis of risks through a graphical modeling formalism. The method supports multiple stakeholder views to risks by considering their potential utility losses. The Riskit method is comprehensive, i.e., it supports all aspects of risk analysis and risk management planning in a software development project. We propose that our method has a sound theoretical foundation, avoids common biases in risk evaluations, and results in a more thorough understanding of the risks than traditional approaches. Associated with the method, we have also developed a risk management improvement framework that supports continuous, systematic improvement of the risk management process. The improvement framework is based on the Quality Improvement Paradigm, and is supported by the eRiskit application. The eRiskit application supports the management of risks while simultaneously acting as a risk management repository that captures risk management data for improvement purposes. The eRiskit application also acted as a proof of concept for the correctness of the underlying concepts in the Riskit method. We have validated the feasibility and effectiveness of the Riskit method in a series of empirical studies. The empirical studies were designed to provide characterization information and feedback on the method, as well as to act as initial validation of the method. The empirical evaluations showed that the method is feasible in industrial context and it seemed to improve participants' confidence in risk management results. In addition, our research indicates that industry needs sound, systematic, yet cost effective methods for risk management, a common and customized approach to improve communications within an organization, and support and enforcement of the common approach.reviewe