129,518 research outputs found
Towards Guidelines for Preventing Critical Requirements Engineering Problems
Context] Problems in Requirements Engineering (RE) can lead to serious
consequences during the software development lifecycle. [Goal] The goal of this
paper is to propose empirically-based guidelines that can be used by different
types of organisations according to their size (small, medium or large) and
process model (agile or plan-driven) to help them in preventing such problems.
[Method] We analysed data from a survey on RE problems answered by 228
organisations in 10 different countries. [Results] We identified the most
critical RE problems, their causes and mitigation actions, organizing this
information by clusters of size and process model. Finally, we analysed the
causes and mitigation actions of the critical problems of each cluster to get
further insights into how to prevent them. [Conclusions] Based on our results,
we suggest preliminary guidelines for preventing critical RE problems in
response to context characteristics of the companies.Comment: Proceedings of the 42th Euromicro Conference on Software Engineering
and Advanced Applications, 201
Preventing Incomplete/Hidden Requirements: Reflections on Survey Data from Austria and Brazil
Many software projects fail due to problems in requirements engineering (RE).
The goal of this paper is analyzing a specific and relevant RE problem in
detail: incomplete/hidden requirements. We replicated a global family of RE
surveys with representatives of software organizations in Austria and Brazil.
We used the data to (a) characterize the criticality of the selected RE
problem, and to (b) analyze the reported main causes and mitigation actions.
Based on the analysis, we discuss how to prevent the problem. The survey
includes 14 different organizations in Austria and 74 in Brazil, including
small, medium and large sized companies, conducting both, plan-driven and agile
development processes. Respondents from both countries cited the
incomplete/hidden requirements problem as one of the most critical RE problems.
We identified and graphically represented the main causes and documented
solution options to address these causes. Further, we compiled a list of
reported mitigation actions. From a practical point of view, this paper
provides further insights into common causes of incomplete/hidden requirements
and on how to prevent this problem.Comment: in Proceedings of the Software Quality Days, 201
Supporting Defect Causal Analysis in Practice with Cross-Company Data on Causes of Requirements Engineering Problems
[Context] Defect Causal Analysis (DCA) represents an efficient practice to
improve software processes. While knowledge on cause-effect relations is
helpful to support DCA, collecting cause-effect data may require significant
effort and time. [Goal] We propose and evaluate a new DCA approach that uses
cross-company data to support the practical application of DCA. [Method] We
collected cross-company data on causes of requirements engineering problems
from 74 Brazilian organizations and built a Bayesian network. Our DCA approach
uses the diagnostic inference of the Bayesian network to support DCA sessions.
We evaluated our approach by applying a model for technology transfer to
industry and conducted three consecutive evaluations: (i) in academia, (ii)
with industry representatives of the Fraunhofer Project Center at UFBA, and
(iii) in an industrial case study at the Brazilian National Development Bank
(BNDES). [Results] We received positive feedback in all three evaluations and
the cross-company data was considered helpful for determining main causes.
[Conclusions] Our results strengthen our confidence in that supporting DCA with
cross-company data is promising and should be further investigated.Comment: 10 pages, 8 figures, accepted for the 39th International Conference
on Software Engineering (ICSE'17
On Evidence-based Risk Management in Requirements Engineering
Background: The sensitivity of Requirements Engineering (RE) to the context
makes it difficult to efficiently control problems therein, thus, hampering an
effective risk management devoted to allow for early corrective or even
preventive measures. Problem: There is still little empirical knowledge about
context-specific RE phenomena which would be necessary for an effective
context- sensitive risk management in RE. Goal: We propose and validate an
evidence-based approach to assess risks in RE using cross-company data about
problems, causes and effects. Research Method: We use survey data from 228
companies and build a probabilistic network that supports the forecast of
context-specific RE phenomena. We implement this approach using spreadsheets to
support a light-weight risk assessment. Results: Our results from an initial
validation in 6 companies strengthen our confidence that the approach increases
the awareness for individual risk factors in RE, and the feedback further
allows for disseminating our approach into practice.Comment: 20 pages, submitted to 10th Software Quality Days conference, 201
Model-driven Enterprise Systems Configuration
Enterprise Systems potentially lead to significant efficiency gains but require a well-conducted configuration process. A promising idea to manage and simplify the configuration process is based on the premise of using reference models for this task. Our paper continues along this idea and delivers a two-fold contribution: first, we present a generic process for the task of model-driven Enterprise Systems configuration including the steps of (a) Specification of configurable reference models, (b) Configuration of configurable reference models, (c) Transformation of configured reference models to regular build time models, (d) Deployment of the generated build time models, (e) Controlling of implementation models to provide input to the configuration, and (f) Consolidation of implementation models to provide input to reference model specification. We discuss inputs and outputs as well as the involvement of different roles and validation mechanisms. Second, we present an instantiation case of this generic process for Enterprise Systems configuration based on Configurable EPCs
Screening of energy efficient technologies for industrial buildings' retrofit
This chapter discusses screening of energy efficient technologies for industrial buildings' retrofit
A safety analysis approach to clinical workflows : application and evaluation
Clinical workflows are safety critical workflows as they have the potential to cause harm or death to patients. Their safety needs to be considered as early as possible in the development process. Effective safety analysis methods are required to ensure the safety of these high-risk workflows, because errors that may happen through routine workflow could propagate within the workflow to result in harmful failures of the system’s output. This paper shows how to apply an approach for safety analysis of clinic al workflows to analyse the safety of the workflow within a radiology department and evaluates the approach in terms of usability and benefits. The outcomes of using this approach include identification of the root causes of hazardous workflow failures that may put patients’ lives at risk. We show that the approach is applicable to this area of healthcare and is able to present added value through the detailed information on possible failures, of both their causes and effects; therefore, it has the potential to improve the safety of radiology and other clinical workflows
Security and computer forensics in web engineering education
The integration of security and forensics into Web Engineering curricula is imperative! Poor security in web-based applications is continuing to cost organizations millions and the losses are still increasing annually. Security is frequently taught as a stand-alone course, assuming that security can be 'bolted on' to a web application at some point. Security issues must be integrated into Web Engineering processes right from the beginning to create secure solutions and therefore security should be an integral part of a Web Engineering curriculum. One aspect of Computer forensics investigates failures in security. Hence, students should be aware of the issues in forensics and how to respond when security failures occur; collecting evidence is particularly difficult for Web-based applications
- …