Considerations about Continuous Experimentation for Resource-Constrained Platforms in Self-Driving Vehicles

Autonomous vehicles are slowly becoming reality thanks to the efforts of many academic and industrial organizations. Due to the complexity of the software powering these systems and the dynamicity of the development processes, an architectural solution capable of supporting long-term evolution and maintenance is required. Continuous Experimentation (CE) is an already increasingly adopted practice in software-intensive web-based software systems to steadily improve them over time. CE allows organizations to steer the development efforts by basing decisions on data collected about the system in its field of application. Despite the advantages of Continuous Experimentation, this practice is only rarely adopted in cyber-physical systems and in the automotive domain. Reasons for this include the strict safety constraints and the computational capabilities needed from the target systems. In this work, a concept for using Continuous Experimentation for resource-constrained platforms like a self-driving vehicle is outlined.Comment: Copyright 2017 Springer. Paper submitted and accepted at the 11th European Conference on Software Architecture. 8 pages, 1 figure. Published in Lecture Notes in Computer Science vol 10475 (Springer), https://link.springer.com/chapter/10.1007/978-3-319-65831-5_

Spotify tailoring for promoting effectiveness in cross-functional autonomous squads

Organisations tend to tailor agile methods to scale employed practices to have cross-functional autonomous teams while promoting sustainable creative and productive development at a constant pace. Thus, it is important to investigate how organisations tailor agile practices to get the balance right between teams' autonomy and alignment. Spotify model is originally introduced to facilitate the development of music streaming services in a very large-scale project with a Business-to-Consumer (B2C) model. However, developing a large-scale mission-critical project with a Business-to-Business (B2B) model is not essentially supported by the Spotify model. Thus, embracing Spotify model for such projects should be concerned about the question of how Spotify practices are adjusted to promote the effectiveness of cross-functional autonomous squads in a mission-critical project with B2B model? In this paper, we conduct a longitudinal embedded case study, which lasted 21 months during which 14 semi-structured interviews were conducted. The Grounded Theory (GT) is adopted to analyse the collected data. As a result, we identify practices and processes that promote effectiveness in cross-functional autonomous squads, which have never been discussed in terms of Spotify model before. We also present Spotify Tailoring by highlighting modified and newly introduced practices by the organisation in which the case study was conducted

DevOps in Practice -- A preliminary Analysis of two Multinational Companies

DevOps is a cultural movement that aims the collaboration of all the stakeholders involved in the development, deployment and operation of soft-ware to deliver a quality product or service in the shortest possible time. DevOps is relatively recent, and companies have developed their DevOps prac-tices largely from scratch. Our research aims to conduct an analysis on practic-ing DevOps in +20 software-intensive companies to provide patterns of DevOps practices and identify their benefits and barriers. This paper presents the preliminary analysis of an exploratory case study based on the interviews to relevant stakeholders of two (multinational) companies. The results show the benefits (software delivery performance) and barriers that these companies are dealing with, as well as DevOps team topology they approached during their DevOps transformation. This study aims to help practitioners and researchers to better understand DevOps transformations and the contexts where the practices worked. This, hopefully, will contribute to strengthening the evidence regarding DevOps and supporting practitioners in making better informed decisions about the return of investment when adopting DevOps.Comment: 8 pages, 1 figure, 2 tables, conferenc

HAVOSS: A Maturity Model for Handling Vulnerabilities in Third Party OSS Components

Security has been recognized as a leading barrier for IoT adoption. The growing number of connected devices and reported software vulnerabilities increases the importance firmware updates. Maturity models for software security do include parts of this, but are lacking in several aspects. This paper presents and evaluates a maturity model (HAVOSS) for handling vulnerabilities in third party OSS and COTS components. The maturity model was designed by first reviewing industry interviews, current best practice guidelines and other maturity models. After that, the practices were refined through industry interviews, resulting in six capability areas covering in total 21 practices. These were then evaluated based on their importance according to industry experts. It is shown that the practices are seen as highly important, indicating that the model can be seen as a valuable tool when assessing strengths and weaknesses in an organization's ability to handle firmware updates

Enterprise agility: A Balancing Act - a local government case study

Austerity and financial constraints have been threatening the public sector in the UK for a number of years. Foreseeing the threat of continued budget cuts, and addressing the situation many local councils face, requires internal transformations for financial stability without losing the key focus on public service. Agile transformations have been undertaken by organisations wanting to learn from the software development community and bringing agile principles into the wider organisation. This paper describes and analyses an ongoing behaviour-led transformation in a district council in the UK. It presents the results of the analysis of 19 interviews with internal stakeholders at the council, of observations of meetings among senior and middle management in a five-month period. The paper explores the successes and the challenges encountered towards the end of the transformation process and reflects on balancing acts to address the challenges, be-tween: disruption and business as usual, empowerment and goal setting, autonomy and processes and procedures, and behaviours and skills. Based on our findings, we suggest that behaviours on their own cannot guarantee a sustained agile culture, and that this is equally important for enterprise agility and for large-scale agile software development transformations

REI:An integrated measure for software reusability

To capitalize upon the benefits of software reuse, an efficient selection among candidate reusable assets should be performed in terms of functional fitness and adaptability. The reusability of assets is usually measured through reusability indices. However, these do not capture all facets of reusability, such as structural characteristics, external quality attributes, and documentation. In this paper, we propose a reusability index (REI) as a synthesis of various software metrics and evaluate its ability to quantify reuse, based on IEEE Standard on Software Metrics Validity. The proposed index is compared with existing ones through a case study on 80 reusable open-source assets. To illustrate the applicability of the proposed index, we performed a pilot study, where real-world reuse decisions have been compared with decisions imposed by the use of metrics (including REI). The results of the study suggest that the proposed index presents the highest predictive and discriminative power; it is the most consistent in ranking reusable assets and the most strongly correlated to their levels of reuse. The findings of the paper are discussed to understand the most important aspects in reusability assessment (interpretation of results), and interesting implications for research and practice are provided

Identifying Potential Risks and Benefits of Using Cloud in Distributed Software Development

Cloud-based infrastructure has been increasingly adopted by the industry in distributed software development (DSD) environments. Its proponents claim that its several benefits include reduced cost, increased speed and greater productivity in software development. Empirical evaluations, however, are in the nascent stage of examining both the benefits and the risks of cloud-based in-frastructure. The objective of this paper is to identify potential benefits and risks of using cloud in a DSD project conducted by teams based in Helsinki and Ma-drid. A cross-case qualitative analysis is performed based on focus groups con-ducted at the Helsinki and Madrid sites. Participants’ observations are used to supplement the analysis. The results of the analysis indicated that the main ben-efits of using cloud are rapid development, continuous integration, cost savings, code sharing, and faster ramp-up. The key risks determined by the project are dependencies, unavailability of access to the cloud, code commitment and inte-gration, technical debt, and additional support costs. The results revealed that if such environments are not planned and set up carefully, the benefits of using cloud in DSD projects might be overshadowed by the risks associated with it.Peer reviewe

A Case Study on Artefact-based RE Improvement in Practice

Most requirements engineering (RE) process improvement approaches are solution-driven and activity-based. They focus on the assessment of the RE of a company against an external norm of best practices. A consequence is that practitioners often have to rely on an improvement approach that skips a profound problem analysis and that results in an RE approach that might be alien to the organisational needs. In recent years, we have developed an RE improvement approach (called \emph{ArtREPI}) that guides a holistic RE improvement against individual goals of a company putting primary attention to the quality of the artefacts. In this paper, we aim at exploring ArtREPI's benefits and limitations. We contribute an industrial evaluation of ArtREPI by relying on a case study research. Our results suggest that ArtREPI is well-suited for the establishment of an RE that reflects a specific organisational culture but to some extent at the cost of efficiency resulting from intensive discussions on a terminology that suits all involved stakeholders. Our results reveal first benefits and limitations, but we can also conclude the need of longitudinal and independent investigations for which we herewith lay the foundation

Learning in the Large - An Exploratory Study of Retrospectives in Large-Scale Agile Development

Many see retrospectives as the most important practice of agile software development. Previous studies of retrospectives have focused on pro- cess and outcome at team level. In this article, we study how a large-scale agile development project uses retrospectives through an analysis of retrospective reports identifying a total of 109 issues and 36 action items as a part of a longitudinal case study. We find that most of the issues identified relate to team-level learning and improvement, and discuss these findings in relation to current advice to improve learning outcome in large-scale agile development.Learning in the Large - An Exploratory Study of Retrospectives in Large-Scale Agile DevelopmentpublishedVersio

Data Pipeline Management in Practice: Challenges and Opportunities

Data pipelines involve a complex chain of interconnected activities that starts with a data source and ends in a data sink. Data pipelines are important for data-driven organizations since a data pipeline can process data in multiple formats from distributed data sources with minimal human intervention, accelerate data life cycle activities, and enhance productivity in data-driven enterprises. However, there are challenges and opportunities in implementing data pipelines but practical industry experiences are seldom reported. The findings of this study are derived by conducting a qualitative multiple-case study and interviews with the representatives of three companies. The challenges include data quality issues, infrastructure maintenance problems, and organizational barriers. On the other hand, data pipelines are implemented to enable traceability, fault-tolerance, and reduce human errors through maximizing automation thereby producing high-quality data. Based on multiple-case study research with five use cases from three case companies, this paper identifies the key challenges and benefits associated with the implementation and use of data pipelines