Sustainability evaluation of software architectures

Long-living software systems are sustainable if they can be cost-efficiently maintained and evolved over their entire life-cycle. The quality of software architectures determines sus-tainability to a large extent. Scenario-based software archi-tecture evaluation methods can support sustainability anal-ysis, but they are still reluctantly used in practice. They are also not integrated with architecture-level metrics when evaluating implemented systems, which limits their capabil-ities. Existing literature reviews for architecture evaluation focus on scenario-based methods, but do not provide a criti-cal reflection of the applicability of such methods for sustain-ability evaluation. Our goal is to measure the sustainabil-ity of a software architecture both during early design us-ing scenarios and during evolution using scenarios and met-rics, which is highly relevant in practice. We thus provide a systematic literature review assessing scenario-based meth-ods for sustainability support and categorize more than 40 architecture-level metrics according to several design prin-ciples. Our review identifies a need for further empirical research, for the integration of existing methods, and for the more efficient use of formal architectural models. 1

Evolution of security engineering artifacts: a state of the art survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers the state of the art on evolution of security requirements, security architectures, secure code, security tests, security models, and security risks as well as security monitoring. For each of these artifacts the authors give an overview of evolution and security aspects and discuss the state of the art on its security evolution in detail. Based on this comprehensive survey, they summarize key issues and discuss directions of future research

Software evolution: hypergraph based model of solution space andhmeta-search

A hypergraph based model of software evolution is proposed. The model uses software assets, and any other higher order patterns, as reusable components. We will use software product lines and software factories concepts as the engineering state-of-the-art framework to model evolution. Using those concepts, the solution space is sliced into sub-spaces using equivalence classes and their corresponding isomorphism. Any valid graph expansions will be required to retain information by being sub-graph isomorphic, forming a chain to a solution. We are also able to traverse the resulting modelled space. A characteristic set of operators and operands is used to find solutions that would be compatible. The result is in a structured manner to explore the combinatorial solution space, classifying solutions as part of families hierarchies. Using a software engineering interpretation a viable prototype implementation of the model has been created. It uses configuration files that are used as design-time instruments analogous to software factory schemas. These form configuration layers we call fragments. These fragments convert to graph node metadata to later allow complex graph queries. A profusion of examples of the modelling and its visualisation options are provided for better understanding. An example of automated generation of a configuration, using current Google Cloud assets, has been generated and added to the prototype. It illustrates automation possibilities by using harvested web data, and later, creating a custom isomorphic relation as a configuration. The feasibility of the model is thus demonstrated. The formalisation adds the rigour needed to further facilitate automation of software craftsmanship. Based on the model operation, we propose a concept of organic growth based on evolution. Evolution events are modelled after incremental change messages. This is communication efficient and it is shown to adhere to the Representational State Transfer architectural style. Finally, The Cloud is presented as an evolved solution part of a family, from the original concept of The Web

Assessing the impact of global variables on program dependence and dependence clusters

This paper presents results of a study of the effect of global variables on the quantity of dependence in general and on the presence of dependence clusters in particular. The paper introduces a simple transformation-based analysis algorithm for measuring the impact of globals on dependence. It reports on the application of this approach to the detailed assessment of dependence in an empirical study of 21 programs consisting of just over 50K lines of code. The technique is used to identify global variables that have a significant impact upon program dependence and to identify and characterize the ways in which global variable dependence may lead to dependence clusters. In the study, over half of the programs include such a global variable and a quarter have one that is solely responsible for a dependence cluster

A review of software change impact analysis

Change impact analysis is required for constantly evolving systems to support the comprehension, implementation, and evaluation of changes. A lot of research effort has been spent on this subject over the last twenty years, and many approaches were published likewise. However, there has not been an extensive attempt made to summarize and review published approaches as a base for further research in the area. Therefore, we present the results of a comprehensive investigation of software change impact analysis, which is based on a literature review and a taxonomy for impact analysis. The contribution of this review is threefold. First, approaches proposed for impact analysis are explained regarding their motivation and methodology. They are further classified according to the criteria of the taxonomy to enable the comparison and evaluation of approaches proposed in literature. We perform an evaluation of our taxonomy regarding the coverage of its classification criteria in studied literature, which is the second contribution. Last, we address and discuss yet unsolved problems, research areas, and challenges of impact analysis, which were discovered by our review to illustrate possible directions for further research

Change-centric improvement of team collaboration

In software development, teamwork is essential to the successful delivery of a final product. The software industry has historically built software utilizing development teams that share the workplace. Process models, tools, and methodologies have been enhanced to support the development of software in a collocated setting. However, since the dawn of the 21st century, this scenario has begun to change: an increasing number of software companies are adopting global software development to cut costs and speed up the development process. Global software development introduces several challenges for the creation of quality software, from the adaptation of current methods, tools, techniques, etc., to new challenges imposed by the distributed setting, including physical and cultural distance between teams, communication problems, and coordination breakdowns. A particular challenge for distributed teams is the maintenance of a level of collaboration naturally present in collocated teams. Collaboration in this situation naturally d r ops due to low awareness of the activity of the team. Awareness is intrinsic to a collocated team, being obtained through human interaction such as informal conversation or meetings. For a distributed team, however, geographical distance and a subsequent lack of human interaction negatively impact this awareness. This dissertation focuses on the improvement of collaboration, especially within geographically dispersed teams. Our thesis is that by modeling the evolution of a software system in terms of fine-grained changes, we can produce a detailed history that may be leveraged to help developers collaborate. To validate this claim, we first c r eate a model to accurately represent the evolution of a system as sequences of fine- grained changes. We proceed to build a tool infrastructure able to capture and store fine-grained changes for both immediate and later use. Upon this foundation, we devise and evaluate a number of applications for our work with two distinct goals: 1. To assist developers with real-time information about the activity of the team. These applications aim to improve developers’ awareness of team member activity that can impact their work. We propose visualizations to notify developers of ongoing change activity, as well as a new technique for detecting and informing developers about potential emerging conflicts. 2. To help developers satisfy their needs for information related to the evolution of the software system. These applications aim to exploit the detailed change history generated by our approach in order to help developers find answers to questions arising during their work. To this end, we present two new measurements of code expertise, and a novel approach to replaying past changes according to user-defined criteria. We evaluate the approach and applications by adopting appropriate empirical methods for each case. A total of two case studies – one controlled experiment, and one qualitative user study – are reported. The results provide evidence that applications leveraging a fine-grained change history of a software system can effectively help developers collaborate in a distributed setting

On the Stability of Software Clones: A Genealogy-Based Empirical Study

Clones are a matter of great concern to the software engineering community because of their dual but contradictory impact on software maintenance. While there is strong empirical evidence of the harmful impact of clones on maintenance, a number of studies have also identified positive sides of code cloning during maintenance. Recently, to help determine if clones are beneficial or not during software maintenance, software researchers have been conducting studies that measure source code stability (the likelihood that code will be modified) of cloned code compared to non-cloned code. If the presence of clones in program artifacts (files, classes, methods, variables) causes the artifacts to be more frequently changed (i.e., cloned code is more unstable than non-cloned code), clones are considered harmful. Unfortunately, existing stability studies have resulted in contradictory results and even now there is no concrete answer to the research question "Is cloned or non-cloned code more stable during software maintenance?" The possible reasons behind the contradictory results of the existing studies are that they were conducted on different sets of subject systems with different experimental setups involving different clone detection tools investigating different stability metrics. Also, there are four major types of clones (Type 1: exact; Type 2: syntactically similar; Type 3: with some added, deleted or modified lines; and, Type 4: semantically similar) and none of these studies compared the instability of different types of clones. Focusing on these issues we perform an empirical study implementing seven methodologies that calculate eight stability-related metrics on the same experimental setup to compare the instability of cloned and non-cloned code in the maintenance phase. We investigated the instability of three major types of clones (Type 1, Type 2, and Type 3) from different dimensions. We excluded Type 4 clones from our investigation, because the existing clone detection tools cannot detect Type 4 clones well. According to our in-depth investigation on hundreds of revisions of 16 subject systems covering four different programming languages (Java, C, C#, and Python) using two clone detection tools (NiCad and CCFinder) we found that clones generally exhibit higher instability in the maintenance phase compared to non-cloned code. Specifically, Type 1 and Type 3 clones are more unstable as well as more harmful compared to Type 2 clones. However, although clones are generally more unstable sometimes they exhibit higher stability than non-cloned code. We further investigated the effect of clones on another important aspect of stability: method co-changeability (the degree methods change together). Intuitively, higher method co-changeability is an indication of higher instability of software systems. We found that clones do not have any negative effect on method co-changeability; rather, cloning can be a possible way of minimizing method co-changeability when clones are likely to evolve independently. Thus, clones have both positive and negative effects on software stability. Our empirical studies demonstrate how we can effectively use the positive sides of clones by minimizing their negative impacts