A Grounded Theoretical and Linguistic Analysis Approach for Non-Functional Requirements Analysis

An important aspect of the requirements engineering process is the specification of traceable, unambiguous and operationalizable non-functional requirements. This remains a non-trivial task due to the lack of well-documented, systematic procedures that facilitate a structured analysis of the qualitative data that is typically the input to this activity. This research investigates the development of a procedural approach that can potentially fill this gap by incorporating procedural perspectives from Grounded Theory Method, Linguistic Analysis and the Non-Functional Requirement Framework, without significantly deviating from existing practice. This paper describes a preliminary version of this procedural approach along with empirical illustrations using data from a redesign initiative of a library website of a public university in the United States. The paper concludes with a preliminary assessment of the approach and a discussion of the contributions of the research the research

Towards Multi-Sourcing Maturity: A Service Integration Capability Model

When outsourcing IT services, many enterprises today resort to multi-sourcing. It allows them to reduce costs and assemble a best-of-breed service portfolio. However, this usually also increases complexity. Despite the economic importance of multi-sourcing, though, there is no systematic understanding of the capabilities required to successfully integrate interdependent services and to manage multi-sourcing. This paper develops a capability model for service integration in a grounded coding approach based on literature and expert interviews. The model identifies six key capabilities and 18 sub-capabilities. We evaluate its applicability and validity via an empirical survey and two in-depth case studies. In addition, provide various insights into the implementation of service integration functions. Our contribution should provide orientation for companies how to direct their transformation efforts. It outlines an agenda for future research and builds a solid foundation for maturity models to improve multi-sourcing readiness – ultimately leading to more effective multi-sourcing solutions

A framework for Operational Security Metrics Development for industrial control environment

Security metrics are very crucial towards providing insights when measuring security states and susceptibilities in industrial operational environments. Obtaining practical security metrics depend on effective security metrics development approaches. To be effective, a security metrics development framework should be scope-definitive, objective-oriented, reliable, simple, adaptable, and repeatable (SORSAR). A framework for Operational Security Metrics Development (OSMD) for industry control environments is presented, which combines concepts and characteristics from existing approaches. It also adds the new characteristic of adaptability. The OSMD framework is broken down into three phases of: target definition, objective definition, and metrics synthesis. A case study scenario is used to demonstrate an instance of how to implement and apply the proposed framework to demonstrate its usability and workability. Expert elicitation has also be used to consolidate the validity of the proposed framework. Both validation approaches have helped to show that the proposed framework can help create effective and efficient ICS-centric security metrics taxonomy that can be used to evaluate capabilities or vulnerabilities. The understanding from this can help enhance security assurance within industrial operational environments

A framework for Operational Security Metrics Development for industrial control environment

Security metrics are very crucial towards providing insights when measuring security states and susceptibilities in industrial operational environments. Obtaining practical security metrics depend on effective security metrics development approaches. To be effective, a security metrics development framework should be scope-definitive, objective-oriented, reliable, simple, adaptable, and repeatable (SORSAR). A framework for Operational Security Metrics Development (OSMD) for industry control environments is presented, which combines concepts and characteristics from existing approaches. It also adds the new characteristic of adaptability. The OSMD framework is broken down into three phases of: target definition, objective definition, and metrics synthesis. A case study scenario is used to demonstrate an instance of how to implement and apply the proposed framework to demonstrate its usability and workability. Expert elicitation has also be used to consolidate the validity of the proposed framework. Both validation approaches have helped to show that the proposed framework can help create effective and efficient ICS-centric security metrics taxonomy that can be used to evaluate capabilities or vulnerabilities. The understanding from this can help enhance security assurance within industrial operational environments

A requirements-based software process maturity model

The requirements phase of software development is an on-going problem for the software engineering community. The many disparate recommendations and best practices found in the literature make it difficult for software organisations to recognise which practices apply to their individual needs. The aim of this thesis is to pull together key solutions into a framework that allows practitioners to assess where their requirements process needs strengthening and to provide a means in which improvements can be achieved. In this thesis I show how I design, develop and validate a model of requirements engineering processes. This requirements capability maturity model (R-CMM) adheres to the characteristics of the Software Engineering Institute's Software Capability Maturity Model (SW-CMM) and is designed to take practitioners from an immature process capability through to an advanced capability. I contribute to the body of knowledge in both software process improvement and requirements engineering (RE) by providing rigorous detail of how a process maturity framework is developed to support RE practices. The model is generic and should apply to many software development organisations. The R-CMM guides users towards a view of RE that is based on goals and is problem driven. The SW-CMM framework is transformed into a simplified model that relates goals and problems to individual RE practises

An integrated procurement assessment model for the measurement of development effectiveness and value for money in international development

This research examines the relationship between project success and procurement performance to identify predictors that contribute to Development Effectiveness (DE) and Value for Money (VFM) in international development. The findings indicate that the existing project evaluation criteria, used by the selected international development organisations, have inconsistencies and do not provide a reliable measurement of DE and VFM. The research contributes to theory on the measurement of DE and VFM in international development projects

A reactive architecture for cloud-based system engineering

PhD ThesisSoftware system engineering is increasingly practised over globally distributed locations. Such a practise is termed as Global Software Development (GSD). GSD has become a business necessity mainly because of the scarcity of resources, cost, and the need to locate development closer to the customers. GSD is highly dependent on requirements management, but system requirements continuously change. Poorly managed change in requirements affects the overall cost, schedule and quality of GSD projects. It is particularly challenging to manage and trace such changes, and hence we require a rigorous requirement change management (RCM) process. RCM is not trivial in collocated software development; and with the presence of geographical, cultural, social and temporal factors, it makes RCM profoundly difficult for GSD. Existing RCM methods do not take into consideration these issues faced in GSD. Considering the state-of-the-art in RCM, design and analysis of architecture, and cloud accountability, this work contributes: 1. an alternative and novel mechanism for effective information and knowledge-sharing towards RCM and traceability. 2. a novel methodology for the design and analysis of small-to-medium size cloud-based systems, with a particular focus on the trade-off of quality attributes. 3. a dependable framework that facilitates the RCM and traceability method for cloud-based system engineering. 4. a novel methodology for assuring cloud accountability in terms of dependability. 5. a cloud-based framework to facilitate the cloud accountability methodology. The results show a traceable RCM linkage between system engineering processes and stakeholder requirements for cloud-based GSD projects, which is better than existing approaches. Also, the results show an improved dependability assurance of systems interfacing with the unpredictable cloud environment. We reach the conclusion that RCM with a clear focus on traceability, which is then facilitated by a dependable framework, improves the chance of developing a cloud-based GSD project successfully

Der Entwicklungsaufwand der Anwendungsintegration. Eine empirische Untersuchung der Einflussfaktoren

In den vergangenen Jahren hat die Anwendungsintegration zunehmend an praktischer Bedeutung gewonnen. Gleichwohl ist die wissenschaftliche Auseinandersetzung mit dieser spezifischen Ausprägung der Softwareentwicklung erst wenig fortgeschritten. Unter anderem sind keine geeigneten Methoden zur Schätzung des Entwicklungsaufwands der Anwendungsintegration verfügbar. Diese unzureichende methodische Unterstützung der Aufwandschätzung wird als wichtiger Grund dafür angesehen, dass viele Integrationsvorhaben durch große Termin- und Kostenüberschreitungen gekennzeichnet sind. Die Frage, welche Faktoren in die Aufwandschätzung einbezogen werden müssen, konnte bislang aufgrund des Mangels angemessener empirischer oder theoretischer Erkenntnisse nicht zuverlässig beantwortet werden. Diese Arbeit leistet einen Beitrag zur Behebung dieses Mangels. In einer empirischen Untersuchung wurden erstmals die Erfahrungswerte und Einschätzungen kompetenter Praktiker zu den maßgeblichen Einflussfaktoren auf den Entwicklungsaufwand der Anwendungsintegration in systematischer Weise erhoben und inhaltlich ausgewertet. Durch die angewandte Forschungsmethode, eine qualitative und idiographische Variante der Repertory Grid Technique, konnte ein umfangreicher Katalog persönlicher Konstrukte erhoben werden, der einen wertvollen wissenschaftlichen Beitrag zur Untersuchung der Einflussfaktoren auf den Entwicklungsaufwand der Anwendungsintegration darstellt. Die Untersuchungsergebnisse wurden darüber hinaus in eine Checkliste für die Durchführung von Aufwandschätzungen überführt. Auf diese Weise leistet die vorgelegte Arbeit einen unmittelbaren Beitrag zur Lösung des aufgezeigten Praxisproblems: sie bietet erstmalig eine spezifische Unterstützung zur Schätzung des Entwicklungsaufwands der Anwendungsintegration