Finnish Enterprise Agile Transformations : A Survey Study

Peer reviewe

Enterprise agile transformation model: Barriers, enablers and best practices to implement Agile Methods

Agile Methods currently represent one of the most discussed topics in organisations and teams working with technological products. However, there are still few scientific studies that clearly explain how an organisation can adopt these methods. This thesis has three main objectives, where was developed a study for each: (i) identify in the literature the best practices to implement and manage an agile project portfolio, (ii) identify the barriers and enablers of an Agile Transformation and (iii) expand a theoretical model that allows organisations to carry out an Agile Transformation. The first study used a qualitative approach to carry out a systematic literature review. The second study used a quantitative approach to identify the barriers and enablers. The third study used a qualitative approach to develop the Enterprise Agile Transformation Model. This thesis concluded that, for the implementation and management of an agile portfolio of projects, there are four relevant dimensions to consider. The key four barriers and five enablers for the success of an Agile Transformation were also identified. The Enterprise Agile Transformation Model considers actions to mitigate barriers and enhance the enablers of an Agile Transformation and provides recommendations to increase the agile maturity of organisations. The academic contribution focuses on filling the gap in the scientific literature on Agile Transformations and Agile Project Portfolio Management. For practice, the contribution involves providing a theoretical model with tools, strategies, and recommendations for the implementation of Agile Methods in organisations.Os Métodos Agile representam atualmente um dos temas mais discutidos nas organizações e equipas que trabalham com produtos tecnológicos. No entanto, ainda existe um conjunto reduzido de estudos científicos que expliquem, de uma forma clara, como uma organização pode adotar estes métodos. Esta tese apresenta três objetivos principais, onde foi desenvolvido um estudo para cada um: (i) identificar na literatura as melhores práticas para implementar e gerir um portefólio de projetos agile, (ii) identificar as barreiras e facilitadores de uma Transformação Agile e (iii) expandir um modelo teórico que permita conduzir as organizações a realizar uma Transformação Agile. O primeiro estudo recorreu à abordagem qualitativa para realizar a revisão sistemática da literatura. O segundo estudo utilizou uma abordagem quantitativa para identificar as barreiras e facilitadores. O terceiro estudo utilizou uma abordagem qualitativa para desenvolver o modelo teórico Enterprise Agile Transformation Model. Esta tese concluiu que, para a implementação e gestão de um portefólio de projetos agile, existem quatro dimensões relevantes a considerar. Foram também identificadas quatro barreiras e cinco facilitadores determinantes para o sucesso de uma Transformação Agile. Já o Enterprise Agile Transformation Model, considera ações para mitigar as barreiras e potenciar os facilitadores de uma Transformação Agile e apresenta recomendações para aumentar a maturidade ágil das organizações. A contribuição académica consiste em colmatar a lacuna existente na literatura científica sobre Transformações Agile e gestão de portefólio de projetos agile. Para a prática, a contribuição passa por dar ferramentas, estratégias e recomendações para a implementação de Métodos Agile nas organizações

“Primus inter Pares”?—The Perception of Emergent Leadership Behavior in Agile Software Development Teams

Despite being a key feature of Agile Software Development (ASD), self-organization within ASD teams has received limited research attention. Hence, this study furthers our understanding of how informal emergent leadership may develop within ASD teams by combining knowledge on ASD teams with extant research on emergent leadership. In an exploratory mixed-method study of two Scrum teams, we observed two specific types of emergent leaders, namely, a “detail-oriented structurer”, and a “big picture coordinator.” For emergent leadership to develop, the Scrum master had to create a “leadership gap.” Given this leadership gap, emergent leadership may develop in a circular manner: specific behaviors of team members and their perceptions may provide the basis for emergent leadership, which combined with implicit leadership theories of team members give rise to a leadership structure. Our results add to research on emergent leadership and increase our understanding of self-organization in ASD teams

Continuous and secure integration framework for smart contracts

En tiempo reciente, el desarrollo de contratos inteligentes ha tenido un auge debido al interés generado por criptomonedas en la tecnología de blockchains. Investigadores han encontrado diferentes usos para los contratos inteligentes gracias a este interés. Debido a esto, se ha logrado evidenciar los problemas de seguridad que se han presentado con múltiples contratos y los problemas que pueden llegar a ocasionarse. Por tanto, decidimos evaluar los esquemas de DevOps actual para buscar adaptarlo a un modelo de trabajo compatible con los contratos inteligentes. Siguiendo múltiples investigaciones realizadas por otros investigadores en fases específicas, logramos identificar las falencias de DevOps en contratos inteligentes. Considerando la información que recolectamos, trabajamos en definir las fases y actividades que deben ir en estas. El resultado es haber logrado proponer un framework adaptable con todos los pasos a considerar durante el desarrollo de contratos inteligentes. Además, dicho framework es probado utilizando tecnologías para demostrar su viabilidad.MaestríaMagister en Ingeniería de Sistemas y Computació

Identifying Agile Practices to Reduce Defects in Medical Device Software Development

Medical Device Software (MDS) defects have caused death of patients and continue to be the major cause of recalls of medical devices in the US and Europe. Despite various approaches proposed to address defects, dealing with defects in MDS is an increasingly difficult task as MDS has become more complex to support a growing number of functions. To increase quality in any software development project, it is essential that defects are identified and addressed quickly in the early stages of the software development life cycle. Agile methods have been advocated to increase software quality by minimising defects through their agile practices. However, agile methods on their own are deficient in satisfying the regulatory requirements for the MDS domain. Instead, the common approach is to integrate agile practices into the plan driven methods. Consequently, frameworks have been developed to help developers in the MDS domain to accrue the benefits of agile development while fulfilling regulatory requirements. Despite the adoption of agile practices in MDS development, it is still unclear as to which agile practice(s) is effective and how it is applied to address MDS defects. The purpose of this research is to identify agile practices that can assist in addressing defects in MDS development. This will help MDS developers to select the appropriate agile practice(s) to address defects

On the real world practice of Behaviour Driven Development

Surveys of industry practice over the last decade suggest that Behaviour Driven Development is a popular Agile practice. For example, 19% of respondents to the 14th State of Agile annual survey reported using BDD, placing it in the top 13 practices reported. As well as potential benefits, the adoption of BDD necessarily involves an additional cost of writing and maintaining Gherkin features and scenarios, and (if used for acceptance testing,) the associated step functions. Yet there is a lack of published literature exploring how BDD is used in practice and the challenges experienced by real world software development efforts. This gap is significant because without understanding current real world practice, it is hard to identify opportunities to address and mitigate challenges. In order to address this research gap concerning the challenges of using BDD, this thesis reports on a research project which explored: (a) the challenges of applying agile and undertaking requirements engineering in a real world context; (b) the challenges of applying BDD specifically and (c) the application of BDD in open-source projects to understand challenges in this different context. For this purpose, we progressively conducted two case studies, two series of interviews, four iterations of action research, and an empirical study. The first case study was conducted in an avionics company to discover the challenges of using an agile process in a large scale safety critical project environment. Since requirements management was found to be one of the biggest challenges during the case study, we decided to investigate BDD because of its reputation for requirements management. The second case study was conducted in the company with an aim to discover the challenges of using BDD in real life. The case study was complemented with an empirical study of the practice of BDD in open source projects, taking a study sample from the GitHub open source collaboration site. As a result of this Ph.D research, we were able to discover: (i) challenges of using an agile process in a large scale safety-critical organisation, (ii) current state of BDD in practice, (iii) technical limitations of Gherkin (i.e., the language for writing requirements in BDD), (iv) challenges of using BDD in a real project, (v) bad smells in the Gherkin specifications of open source projects on GitHub. We also presented a brief comparison between the theoretical description of BDD and BDD in practice. This research, therefore, presents the results of lessons learned from BDD in practice, and serves as a guide for software practitioners planning on using BDD in their projects

Agile Processes in Software Engineering and Extreme Programming

This open access book constitutes the proceedings of the 22nd International Conference on Agile Software Development, XP 2021, which was held virtually during June 14-18, 2021. XP is the premier agile software development conference combining research and practice. It is a unique forum where agile researchers, practitioners, thought leaders, coaches, and trainers get together to present and discuss their most recent innovations, research results, experiences, concerns, challenges, and trends.  XP conferences provide an informal environment to learn and trigger discussions and welcome both people new to agile and seasoned agile practitioners. This year’s conference was held with the theme “Agile Turns Twenty While the World Goes Online”. The 11 full and 2 short papers presented in this volume were carefully reviewed and selected from 38 submissions. They were organized in topical sections named: agile practices; process assessment; large-scale agile; and short contributions

Implications of regulatory policy for building secure agile software in Nigeria: A grounded theory

Nigeria is ranked second worldwide, after India, in reported incidences of cyberattacks. Attackers usually exploit vulnerabilities in software which may not have adequately considered security features during the development process. Agile methods have the potential to increase productivity and ensure faster delivery of software, although they tend to neglect non-functional requirements such as security. The implementation of government policies, such as the Nigeria Data Protection Regulation (NDPR) Act 2019, impacts the security activities carried out by agile teams. Despite its significance, there is a paucity of research on security issues especially in the Agile Software Development (ASD) domain. To address this gap, a grounded theory study was conducted with 15 agile software practitioners in Nigeria. Based on our analysis of the interview transcripts, we developed a grounded theory of the security challenges confronting agile practitioners. The four challenges identified were (a) a lack of collaboration betweensecurity and agile teams; (b) the tendency to use foreign software hosting companies; (c) a poor cybersecurity culture; and (d) the high cost of building secure agile software. We used these challenges to identify gaps within the existing secure ASD and found a lack of indigenous software hosting companies in Nigeria. Our study also revealed tensions between the Nigerian regulatory environment and agile software developers' compliance. While practitioners acknowledged the government's efforts, there were concerns about the practicality of implementing such legislation. We recommend government action to increase awareness of local software hosting companies' capabilities, and closer collaboration between agile and security teams. Thus, the novel contribution of this article is the development of the policy adherence challenges (PAC) model

A software development methodology for solo software developers: leveraging the product quality of independent developers

Software security for agile methods, particularly for those designed for individual developers, is still a major concern. With most software products deployed over the Internet, security as a key component of software quality has become a major problem. In addressing this problem, this research proposes a solo software development methodology (SSDM) that uses as minimum resources as possible, at the same time conforming to the best practice for delivering secure and high-quality software products. Agile methods have excelled on delivering timely and quality software. At the same time research also shows that most agile methods do not address the problem of security in the developed software. A metasynthesis of SSDMs conducted in this thesis confirmed the lack practices that promote security in the developed software product. On the other hand, some researchers have demonstrated the feasibility of incorporating existing lightweight security practices into agile methods. This research uses Design Science Research (DSR) to build, demonstrate and evaluate a lightweight SSDM. Using an algorithm adapted for the purpose, the research systematically integrates lightweight security and quality practices to produce an agile secure-solo software development methodology (Secure-SSDM). A multiple-case study in an academic and industry setting is conducted to demonstrate and evaluate the utility of the methodology. This demonstration and evaluation thereof, indicates the applicability of the methodology in building high-quality and secure software products. Theoretical evaluation of the agility of the Secure-SSDM using the four-dimensional analytical tool (4-DAT) shows satisfactory compliance of the methodology with agile principles. The main contributions in this thesis are: the Secure-SSDM, which entails description of the concepts, modelling languages, stages, tasks, tools and techniques; generation of a quality theory on practices that promote quality in a solo software development environment; adaptation of Keramati and Mirian-Hosseinabadi’s algorithm for the purposes of integrating quality and security practices. This research would be of value to researchers as it introduces the security component of software quality into a solo software development environment, probing more research in the area. To software developers the research has provided a lightweight methodology that builds quality and security into the product using minimum resources.School of ComputingD. Phil. (Computer Science