A Pre-conceptual-schema-based method for eliciting requirements in the context of ISO/IEC 29110

Standards such as the ISO/IEC 29110 have been adopted and practiced by Very Small Entities (VSE) for improving quality of the software process. The basic profile established in the management and engineering guide of such standard includes a set of best practices for enhancing the process in terms of time, efficiency, budget, and documentation. On the other hand, pre-conceptual schemas are knowledge representations created for modeling a domain in a graphical, easy, and intuitive environment. The amount of VSEs adopting the basic profile has increased, since most of the projects developed by VSEs are suitable for this process model. What-to-do is described in detailed standard processes, leaving the how-to-do-it choice at discretion of the organization willing to implement such a standard. Consequently, the processes detailed in the ISO/IEC 29110 lack prescription of a particular method and VSEs face a compliance problem when implementing and developing the standard activities. Such a fact could lead to possible misunderstanding of the standard by VSEs, failing to achieve the expected quality and moving away from the project objectives, especially in first-time implementations. In this M.Sc. Thesis, we propose a method based on the ISO/IEC 29110 for eliciting requirements in very small entities by using executable pre-conceptual schemas. Besides, we validate the proposed method by conducting a case study in a research project financed by a governmental entity. By developing such a method, we intend to consolidate an alternative to VSEs when implementing the basic profile of the ISO/IEC 29110 in early stages.Resumen: Estándares tales como la norma ISO/IEC 29110 se implementan y practican en pequeñas organizaciones (Very Small Entities, abreviado VSE) para mejorar la calidad del proceso de software. El perfil básico establecido en la guía de administración e ingeniería de dicha norma incluye un conjunto de buenas prácticas para mejorar el proceso en términos de tiempo, eficiencia, presupuesto y documentación. Por otro lado, los esquemas preconceptuales son representaciones de conocimiento creadas para modelar un dominio en un entorno gráfico, fácil e intuitivo. La cantidad de VSEs que adoptan el perfil básico viene aumentando, ya que la mayoría de los proyectos que desarrollan las VSEs son adecuados para este modelo de proceso. En los procesos detallados en los estándares se describe "qué hacer", dejando el "cómo hacer" a discreción de la organización dispuesta a implementar dicho estándar. En consecuencia, los procesos detallados en la norma ISO/IEC 29110 carecen de la prescripción de un método en particular; por lo tanto, las VSEs enfrentan problemas al implementar y desarrollar las actividades del estándar. Este hecho puede llevar a una posible interpretación errónea de la norma en las VSEs, al no lograr la calidad esperada e impedirles lograr los objetivos del proyecto, especialmente en primeras implementaciones. En esta Tesis de Maestría se propone un método basado en la norma ISO/IEC 29110 para educir requisitos en pequeñas organizaciones mediante el uso de esquemas preconceptuales ejecutables. Además, se valida el método propuesto realizando un caso de estudio en un proyecto de investigación que financia una entidad gubernamental. Al desarrollar un método de esta índole, se pretende consolidar una alternativa para VSEs al implementar el perfil básico de la norma ISO/IEC 29110 en etapas iniciales.Maestrí

Software and systems engineering lifecycle processes and the ISO/IEC 29110 standards and guides

This special issue was motivated by the need to promote and disseminate recent advances in the field of Software and Systems Engineering Process Lifecycle Management as applied to Very Small Entities utilizing the Management and Engineering guides of the ISO/IEC 291110 standard, both at academic and industry level. Very Small Entities (VSEs) are enterprises, organizations (e.g. public or non-profit), departments or projects having up to 25 people

Un Análisis de Viabilidad del proceso de gestión de proyectos del Estándar ISO/IEC 29110: Un Estudio de Caso en una Compañía Automotora Ecuatoriana

Software process standards such as the ISO/IEC 29110 have been implemented by Very Small Entities (VSE) in order to develop quality software and achieve improvements in terms of time, budget, documentation, and other subjects. The generic profile group established in such a standard includes a set of profiles with situational factors of occurrence applicable to some VSEs. However, documented case studies of the ISO/IEC 29110 implementation in Latin America companies are limited, causing uncertainty about the viability of such a standard in VSEs established in the region. Different conditions of each environment—company type, size, country, etc.—can influence the implementation of a software project. Such a fact can affect the possibility of quality improvement by using the standard. In this paper we aim to implement the project management process included in the basic profile of the ISO/IEC 29110 in an automotive Ecuadorian company. We intend to provide VSEs a preliminary judgment in terms of time and cost overruns when developing a first-time implementation of the project management process. Besides, we summarize a set of lessons learned acquired during such an implementation. Finally, the findings of this study will allow VSEs to decide whether is convenient to implement this standard in such an environment.Estándares de procesos de software tales como ISO/ IEC 29110 se implementan en organizaciones pequeñas (en inglés, Very Small Entities, VSE) con el fin de desarrollar software de calidad y lograr mejoras en términos de tiempo, presupuesto, documentación y otros campos. El grupo de perfiles genéricos establecido en dicha norma incluye un conjunto de perfiles con factores situacionales de ocurrencia aplicables a algunas VSEs. Sin embargo, los casos de estudio documentados sobre la implementación de ISO/IEC 29110 en empresas de América Latina son limitados, generando incertidumbre sobre la viabilidad de tal estándar en VSEs establecidas en la región. Las diferentes condiciones de cada entorno (tipo de empresa, tamaño, país, etc.) pueden influir en la implementación de un proyecto de software. Este hecho puede afectar la posibilidad de mejora de la calidad mediante el uso de la norma. En este estudio se pretende implementar el proceso de gestión de proyectos incluido en el perfil básico de la norma ISO/IEC 29110 en una empresa automotriz ecuatoriana. Se procura proporcionar a las VSEs un juicio preliminar en términos de tiempo y sobrecostos al desarrollar una implementación por primera vez del proceso de gestión de proyectos. Además, se resume un conjunto de lecciones aprendidas durante dicha implementación. Finalmente, los hallazgos de este estudio permitirán a las VSEs decidir si es conveniente implementar este estándar en dicho entorno

Un Análisis de Viabilidad del proceso de gestión de proyectos del Estándar ISO/IEC 29110: Un Estudio de Caso en una Compañía Automotora Ecuatoriana

Software process standards such as the ISO/IEC 29110 have been implemented by Very Small Entities (VSE) in order to develop quality software and achieve improvements in terms of time, budget, documentation, and other subjects. The generic profile group established in such a standard includes a set of profiles with situational factors of occurrence applicable to some VSEs. However, documented case studies of the ISO/IEC 29110 implementation in Latin America companies are limited, causing uncertainty about the viability of such a standard in VSEs established in the region. Different conditions of each environment—company type, size, country, etc.—can influence the implementation of a software project. Such a fact can affect the possibility of quality improvement by using the standard. In this paper we aim to implement the project management process included in the basic profile of the ISO/IEC 29110 in an automotive Ecuadorian company. We intend to provide VSEs a preliminary judgment in terms of time and cost overruns when developing a first-time implementation of the project management process. Besides, we summarize a set of lessons learned acquired during such an implementation. Finally, the findings of this study will allow VSEs to decide whether is convenient to implement this standard in such an environment.Estándares de procesos de software tales como ISO/ IEC 29110 se implementan en organizaciones pequeñas (en inglés, Very Small Entities, VSE) con el fin de desarrollar software de calidad y lograr mejoras en términos de tiempo, presupuesto, documentación y otros campos. El grupo de perfiles genéricos establecido en dicha norma incluye un conjunto de perfiles con factores situacionales de ocurrencia aplicables a algunas VSEs. Sin embargo, los casos de estudio documentados sobre la implementación de ISO/IEC 29110 en empresas de América Latina son limitados, generando incertidumbre sobre la viabilidad de tal estándar en VSEs establecidas en la región. Las diferentes condiciones de cada entorno (tipo de empresa, tamaño, país, etc.) pueden influir en la implementación de un proyecto de software. Este hecho puede afectar la posibilidad de mejora de la calidad mediante el uso de la norma. En este estudio se pretende implementar el proceso de gestión de proyectos incluido en el perfil básico de la norma ISO/IEC 29110 en una empresa automotriz ecuatoriana. Se procura proporcionar a las VSEs un juicio preliminar en términos de tiempo y sobrecostos al desarrollar una implementación por primera vez del proceso de gestión de proyectos. Además, se resume un conjunto de lecciones aprendidas durante dicha implementación. Finalmente, los hallazgos de este estudio permitirán a las VSEs decidir si es conveniente implementar este estándar en dicho entorno

Um Deployment Package de implementação dos processos do perfil básico da norma ISO/IEC 29110

TCC(graduação) - Universidade Federal de Santa Catarina. Centro Tecnológico. Sistemas de Informação.O mercado de software tem crescido a cada ano, clientes mais exigentes e o aumento da concorrência são reflexos deste crescimento, neste mercado competitivo a qualidade cabe como um fator importante para destacar empresas no mercado. Considerando estes fatores, surge a necessidade das empresas gerenciarem o processo de desenvolvimento de software para gerar produtos com qualidade, e assim aumentar as chances de permanência e possivelmente destaque no mercado. Como alternativa de solução, normas e modelos de referência para qualidade têm sido desenvolvidas no intuito de proporcionar as melhores práticas a partir da definição de processos, que seguidos visam fornecer qualidade no processo de desenvolvimento do software e consequentemente no produto final. Considerando que micro e pequenas empresas constituem grande parcela do mercado de software, surge a necessidade de normas que atendam especificamente este perfil. Com este propósito foi desenvolvida a norma ISO/IEC 29110 especialmente para atender as necessidades das micro e pequenas empresas e assim proporcionar qualidade em seus processos. Entretanto, essas entidades, de forma geral, não possuem uma cultura de aderência a normas e isso dificulta o processo de adoção, para este obstáculo existem guias que facilitam a implantação de normas, fornecendo um detalhamento sobre os processos e formas de implementação nos negócios. Este trabalho pretendeu auxiliar as micro e pequenas empresas facilitando o processo de implementação da norma ISO/IEC 29110, teve como o objetivo o desenvolvimento de um guia de referência de processo para fornecer técnicas, ferramentas e melhores práticas na forma de um Deployment Package. O DP foi desenvolvido utilizando a ferramenta EPF e avaliado por meio de painel de especialistas. Os resultados iniciais obtidos da avaliação indicam que o DP pode ser facilmente utilizado como material de apoio à implantação dos processos, influenciando na adequação e implementação na organização, com o objetivo de tornar o processo mais simples e eficiente.The software market has been growing each year, more demanding customers and increased competition are reflections of this growth, in this competitive market the quality is an important factor to highlight companies in the market. Considering these factors, there is a need for companies to manage the software development process to produce products with quality, thereby increasing the chances of permanence and possibly prominence in the market. As an alternative solution, process reference models and standards have been developed in order to provide best practices which aim to provide quality in the software development process and consequently in the final product. Whereas micro and small enterprises constitute a large portion of the software market, there is a need for standards that specifically meet this profile. With this purpose the ISO/IEC 29110 was developed specifically to meet the needs of micro and small enterprises and thus provide quality in their processes. However, these companies generally do not have a culture of adherence to standards and this complicates the process of adoption, to overcome these obstacles there are guides that facilitate the implementation of standards, providing a breakdown of the processes and ways of implementation. This work aims to assist micro and small enterprises by facilitating the ISO/IEC 29110 implementation, has the objective of developing a process reference guide that provides techniques, tools and best practices in the form of a Deployment Package (DP). The DP is developed using EPF tool and evaluated by an expert panel. The initial results obtained from the evaluation indicate that the DP can easily be used as material to support for processes implementation, influencing the adequacy and standard adoption by organizations, with the aim to make processes simple and efficient

The Evolution of the ISO/IEC 29110 Set of Standards and Guides

While the quality of products is a competitive advantage for very small software development organizations, the usage of Software and Systems Engineering standards amongst such very small organizations is extremely low. A key factor in the literature explaining this lack of quality standards adoption is the perception by small and very small organizations that such standards have been developed for large multi-national companies and not with small and very small organizations in mind. The ISO/IEC 29110 standard is unique amongst software and systems engineering standards, in that the working group (ISO/IEC JTC1/SC7 WG 24) mandated to develop a new standard approached industry to conduct a needs assessment and gather actual requirements for a new standard as part of the standards development process. This paper presents a historical perspective behind the development of the ISO/IEC 29110 systems and software engineering standard and its constituent components, including the rationale behind its development and the innovative design of implementation guides to assist very small companies in adopting the standards. Further this paper will present an overview of the various parts of the ISO/IEC 29110 family and briefly present the plans for the future evolution of this series of standards

A software development methodology for solo software developers: leveraging the product quality of independent developers

Software security for agile methods, particularly for those designed for individual developers, is still a major concern. With most software products deployed over the Internet, security as a key component of software quality has become a major problem. In addressing this problem, this research proposes a solo software development methodology (SSDM) that uses as minimum resources as possible, at the same time conforming to the best practice for delivering secure and high-quality software products. Agile methods have excelled on delivering timely and quality software. At the same time research also shows that most agile methods do not address the problem of security in the developed software. A metasynthesis of SSDMs conducted in this thesis confirmed the lack practices that promote security in the developed software product. On the other hand, some researchers have demonstrated the feasibility of incorporating existing lightweight security practices into agile methods. This research uses Design Science Research (DSR) to build, demonstrate and evaluate a lightweight SSDM. Using an algorithm adapted for the purpose, the research systematically integrates lightweight security and quality practices to produce an agile secure-solo software development methodology (Secure-SSDM). A multiple-case study in an academic and industry setting is conducted to demonstrate and evaluate the utility of the methodology. This demonstration and evaluation thereof, indicates the applicability of the methodology in building high-quality and secure software products. Theoretical evaluation of the agility of the Secure-SSDM using the four-dimensional analytical tool (4-DAT) shows satisfactory compliance of the methodology with agile principles. The main contributions in this thesis are: the Secure-SSDM, which entails description of the concepts, modelling languages, stages, tasks, tools and techniques; generation of a quality theory on practices that promote quality in a solo software development environment; adaptation of Keramati and Mirian-Hosseinabadi’s algorithm for the purposes of integrating quality and security practices. This research would be of value to researchers as it introduces the security component of software quality into a solo software development environment, probing more research in the area. To software developers the research has provided a lightweight methodology that builds quality and security into the product using minimum resources.School of ComputingD. Phil. (Computer Science