353,655 research outputs found
Methodologies and tools for OSS: current state of the practice
Over the years, the Open Source Software (OSS) development has matured and strengthened, building on some established methodologies and tools. An understanding of the current state of the practice, however, is still lacking. This paper presents the results of a survey of the OSS developer community with a view to gain insight of peer review, testing and release management practices, along with the current tool sets used for testing, debugging and, build and release management. Such an insight is important to appreciate the obstacles to overcome to introduce certification and more rigour into the development process. It is hoped that the results of this survey will initiate a useful discussion and allow the community to identify further process improvement opportunities for producing better quality software
COLLABORATIVE TESTING ACROSS SHARED SOFTWARE COMPONENTS
Large component-based systems are often built from many of the same
components. As individual component-based software systems are
developed, tested and maintained, these shared components are
repeatedly manipulated. As a result there are often significant
overlaps and synergies across and among the different test efforts
of different component-based systems. However, in practice, testers of
different systems rarely collaborate, taking a test-all-by-yourself
approach. As a result, redundant effort is spent testing common
components, and important information that could be used to improve
testing quality is lost.
The goal of this research is to demonstrate that, if done properly,
testers of shared software components can save effort by avoiding
redundant work, and can improve the test effectiveness for each
component as well as for each component-based software system by using
information obtained when testing across multiple components. To
achieve this goal I have developed collaborative testing techniques
and tools for developers and testers of component-based systems with
shared components, applied the techniques to subject systems, and evaluated
the cost and effectiveness of applying the techniques.
The dissertation research is organized in three parts. First, I
investigated current testing practices for component-based software
systems to find the testing overlap and synergy we conjectured exists.
Second, I designed and implemented infrastructure and related tools to
facilitate communication and data sharing between testers. Third, I
designed two testing processes to implement different collaborative
testing algorithms and applied them to large actively developed
software systems.
This dissertation has shown the benefits of collaborative testing
across component developers who share their components. With
collaborative testing, researchers can design algorithms and tools to
support collaboration processes, achieve better efficiency in testing
configurations, and discover inter-component compatibility faults
within a minimal time window after they are introduced
Collaborative Application Security Testing for DevSecOps: An Empirical Analysis of Challenges, Best Practices and Tool Support
DevSecOps is a software development paradigm that places a high emphasis on
the culture of collaboration between developers (Dev), security (Sec) and
operations (Ops) teams to deliver secure software continuously and rapidly.
Adopting this paradigm effectively, therefore, requires an understanding of the
challenges, best practices and available solutions for collaboration among
these functional teams. However, collaborative aspects related to these teams
have received very little empirical attention in the DevSecOps literature.
Hence, we present a study focusing on a key security activity, Application
Security Testing (AST), in which practitioners face difficulties performing
collaborative work in a DevSecOps environment. Our study made novel use of 48
systematically selected webinars, technical talks and panel discussions as a
data source to qualitatively analyse software practitioner discussions on the
most recent trends and emerging solutions in this highly evolving field. We
find that the lack of features that facilitate collaboration built into the AST
tools themselves is a key tool-related challenge in DevSecOps. In addition, the
lack of clarity related to role definitions, shared goals, and ownership also
hinders Collaborative AST (CoAST). We also captured a range of best practices
for collaboration (e.g., Shift-left security), emerging communication methods
(e.g., ChatOps), and new team structures (e.g., hybrid teams) for CoAST.
Finally, our study identified several requirements for new tool features and
specific gap areas for future research to provide better support for CoAST in
DevSecOps.Comment: Submitted to the Empirical Software Engineering journal_v
Cross-factor analysis of software modeling practices versus practitioner demographics in the embedded software industry
Software-intensive embedded systems have evolved to be essential tools of our lives. To cope with growing complexities in embedded software industry, software modeling and model-driven engineering (MDE) have become popular for design, development and testing of these systems. However, the usage of models in embedded software industry and the relevant practices usually vary since challenges, requirements and purposes differ among systems as well as among sectors. To understand the state-of-the-practice of software modeling in embedded systems industry, we designed and conducted a world-wide survey, which accepted 627 responses from 27 different countries. The goal of this paper is to present our work built on this survey to better understand and characterize the cross-factor analysis of software modeling versus practitioner demographics, e.g., degree of using software modeling versus target sectors of the products
Benefits and challenges of Continuous Integration and Delivery : A Case Study
Continuous integration (CI) and continuous delivery (CD) can be seen as an essential part of modern software development. CI/CD consists of always having software in a deployable state. This is accomplished by continuously integrating the code into a main branch, in addition to automatically building and testing it. Version control and dedicated CI/CD tools can be used to accomplish this.
This thesis consists of a case study which aim was to find the benefits and challenges related to the implementation of CI/CD in the context of a Finnish software company. The study was conducted with semi-structured interviews.
The benefits of CD that were found include faster iteration, better assurance of quality, and easier deployments. The challenges identified were related to testing practices, infrastructure management and company culture. It is also difficult to implement a full continuous deployment pipeline for the case project, which is mostly due to the risks involved updating software in business-critical production use.
The results of this study were found to be similar to the results of previous studies. The case company's adoption of modern CI/CD tools such and GitLab and cloud computing are also discussed. While the tools can make the implementation of CI/CD easier, they still come with challenges in adapting them to specific use cases
- …