EVOLVING SOFTWARE PROCESSES The book provides basic building blocks of evolution in software processes, such as DevOps, scaling agile process in GSD, in order to lay a solid foundation for successful and sustainable future processes.
One might argue that there are already many books that include descriptions of software processes. The answer is “yes, but.” Becoming acquainted with existing software processes is not enough. It is tremendously important to understand the evolution and advancement in software processes so that developers appropriately address the problems, applications, and environments to which they are applied. Providing basic knowledge for these important tasks is the main goal of this book.
Industry is in search of software process management capabilities. The emergence of the COVID-19 pandemic emphasizes the industry’s need for software-specific process management capabilities. Most of today’s products and services are based to a significant degree on software and are the results of largescale development programs. The success of such programs heavily depends on process management capabilities, because they typically require the coordination of hundreds or thousands of developers across different disciplines. Additionally, software and system development are usually distributed across geographical, cultural and temporal boundaries, which make the process management activities more challenging in the current pandemic situation.
This book presents an extremely comprehensive overview of the evolution in software processes and provides a platform for practitioners, researchers and students to discuss the studies used for managing aspects of the software process, including managerial, organizational, economic and technical. It provides an opportunity to present empirical evidence, as well as proposes new techniques, tools, frameworks and approaches to maximize the significance of software process management.
Audience
The book will be used by practitioners, researchers, software engineers, and those in software process management, DevOps, agile and global software development.
List of Figures xv List of Tables xvii Foreword xxi Preface xxiii Acknowledgments xxvii Acronyms xxix 1 ReMo: A Recommendation Development Model for Software Process Improvement 1 Sujin Choi, Dae-Kyoo Kim, Sooyong Park 1.1 Introduction 2 1.2 Motivation 3 1.3 Related Work 5 1.4 Recommendation Development Model: ReMo 7 1.4.1 Correlation Analysis 9 1.4.2 Refining Improvement Packages 14 1.4.3 Building Recommendations 21 1.5 Case Studies 25 1.5.1 Phase I 28 1.5.2 Phase II 28 1.5.3 Phase III 28 1.5.4 Phase IV 29 1.6 Evaluation 29 1.6.1 Process Evaluation 30 1.6.2 Outcome Evaluation 32 1.6.3 Threats to Validity 36 1.7 Discussion 37 1.8 Conclusion 38 References 39 2 A Framework for a Sustainable Software Security Program 47 Monica Iovan, Daniela S. Cruzes, Espen A. Johansen 2.1 Introduction 48 2.2 Software Security Best Practices 49 2.2.1 Microsoft Security Development Lifecycle for Agile Development 49 2.2.2 Building Security in Maturity Model 50 2.2.3 OWASP Software Assurance Maturity Model 52 2.2.4 Software Security Services 53 2.3 Software Security in Visma 55 2.4 Top-Down and Bottom-Up Approach of a Sustainable Program 55 2.4.1 Ensuring the Adoption and Implementation of Security Practices 56 2.4.2 Enabling the Adoption and Implementation of Security Practices 57 2.4.3 Empowering the Teams 57 2.4.4 Embedding the Security Activities 58 2.5 Explorability of a Sustainable Software Security Program 58 2.5.1 Researching and Innovating Services 58 2.5.2 Creating New Services 60 2.5.3 Persuasion Focusing on the Types of Software Development Teams 61 2.5.4 Service Onboarding 63 2.6 Exploiting Existing Services 63 2.6.1 Collecting Continuous Feedback 64 2.6.2 Retrofitting the Services 65 2.6.3 Focus on Investment Costs and Benefits 66 2.6.4 Discontinuing a Service 66 2.7 Pitfalls of a Sustainable Software Security Program 67 2.8 Further Reading 68 2.9 Conclusion 68 References 68 3 Linking Software Processes to IT Professionalism Frameworks 71 Luis Fernández-Sanz, Inés López Baldominos, Vera Pospelova 3.1 Introduction 72 3.2 Process Standards 74 3.3 IT Professionalism Standards 75 3.3.1 ESCO 76 3.3.2 European e-Competence Framework 76 3.3.3 Skills Match Framework 77 3.4 Linking Software Processes and IT Professionalism Frameworks 78 3.5 Analysis of Recommended Skills in Processes According to Participating Professional Roles 79 3.6 Conclusions 84 References 84 4 Monitoring and Controlling Software Project Scope Using Agile EVM 89 Avais Jan, Assad Abbas, Naveed Ahmad 4.1 Introduction 90 4.2 Related Work 91 4.2.1 Tools and Techniques Used for Scope Definition 92 4.2.2 Traditional Project Scope Definition 93 4.2.3 Tools and Techniques for Agile Project Scope Definition 94 4.3 EVM Applications and Calculation 94 4.4 Research Methodology 96 4.4.1 Systematic Literature Review 97 4.4.2 Mapping of Factors with A-SPSRI Elements 98 4.5 Quantification of A-SPSRI Elements and Running Simulation 101 4.5.1 Quantification of A-SPSRI Elements 101 4.5.2 Running Simulations and Their Integration with Agile EVM 101 4.5.3 Case Study 1 103 4.5.4 Case Study 2 110 4.6 Experimental Evaluation of Simulated Results 112 4.6.1 Regression Model Interpretation 112 4.6.2 Interpretation 113 4.7 Conclusion 114 References 115 5 Modeling Multi-Release Open Source Software Reliability Growth Process with Generalized Modified Weibull Distribution 123 Vishal Pradhan, Ajay Kumar, Joydip Dhar 5.1 Introduction 124 5.2 Background 126 5.3 Proposed Models 127 5.3.1 Model-1 (General Model) 127 5.3.2 Model-2 (Multi-Release Model) 128 5.4 Performance Evaluation with Data Analysis 128 5.4.1 Dataset and Parameter Estimation 128 5.4.2 Competing Models and Comparison Criteria 129 5.4.3 Least Square Estimation (LSE) 129 5.4.4 Goodness of Fit 130 5.4.5 Comparison of Results 130 5.5 Conclusion 131 References 132 6 Developing a Reference Model for Open Data Capability Maturity Assessment 135 Murat Tahir Çaldağ, Ebru Gökalp 6.1 Introduction 136 6.2 Literature Review 137 6.2.1 Theoretical Background 137 6.2.2 Related Works 137 6.3 Model Development 139 6.3.1 Scope 139 6.3.2 Design 139 6.3.3 Populate 140 6.3.4 Test 140 6.3.5 Deploy and Maintain 140 6.4 Open Data Capability Maturity Model 140 6.4.1 Process Dimension 140 6.4.2 Capability Dimension 143 6.5 Conclusion 144 References 145 7 AHP-Based Prioritization Framework for Software Outsourcing Human Resource Success Factors in Global Software Development 151 Abdul Wahid Khan, Ghulam Yaseen, Muhammad Imran Khan, Faheem Khan 7.1 Introduction 152 7.2 Literature Review 153 7.3 Research Methodology 153 7.3.1 Systematic Literature Review 154 7.3.2 Search String Process 154 7.3.3 Search String Development 155 7.3.4 Selection of Publications 155 7.3.5 Commencement of Data Extraction 157 7.3.6 Result Generated for Research Questions through SLR by Applying Final Search String 158 7.3.7 Categorization of Identified Success Factors 159 7.3.8 Analytical Hierarchical Process (AHP) 160 7.4 Proposed Methodology 162 7.4.1 Questionnaire Development 163 7.4.2 Data Sources 163 7.4.3 Validation of Identified Success Factors 163 7.4.4 Application of AHP to Prioritize Success Factors 164 7.4.5 Comparison of Proposed Framework 169 7.5 Limitations 169 7.6 Implications of the Study 169 7.7 Conclusions and Future Work 170 References 170 8 A Process Framework for the Classification of Security Bug Reports 175 Shahid Hussain 8.1 Introduction 176 8.2 Related Work 177 8.2.1 Text Mining for Security Bug Report Prediction 177 8.2.2 Machine Learning Algorithms-Based Prediction 178 8.2.3 Bi-Normal Separation for Feature Selection 178 8.3 Proposed Methodology 178 8.3.1 Data Gathering and Preprocessing 179 8.3.2 Identifying Security-Related Keywords 179 8.3.3 Scoring Keywords 180 8.3.4 Scoring Bug Reports 181 8.4 Experimental Setup 181 8.4.1 Machine Learning Algorithm 181 8.4.2 Dataset 181 8.4.3 Performance Evaluation 181 8.5 Results and Discussion 182 8.5.1 Response to RQ1 182 8.5.2 Response to RQ2 182 8.6 Conclusion 183 References 183 9 A Systematic Literature Review of Challenges Factors for Implementing DevOps Practices in Software Development Organizations: A Development and Operation Teams Perspective 187 Mohammad Shameem 9.1 Introduction 188 9.2 Research Methodology 189 9.2.1 Stage-1: Planning the Review 189 9.2.2 Stage-2: Conducting the Review 191 9.2.3 Stage-3: Reporting the Review Process 191 9.3 Results 192 9.3.1 RQ1 (Challenges Identified in the Literature) 192 9.3.2 RQ2 (Most Critical Challenges) 192 9.3.3 RQ3 (Development and Operation Analysis) 193 9.4 Discussion and Summary 194 9.5 Threats to Validity 194 9.6 Conclusions and Future Study 195 References 195 10 DevOps’ Culture Challenges Model (DC2M): A Systematic Literature Review Protocol 201 Muhammad Shoaib Khan, Abdul Wahid Khan, Javed Khan 10.1 Introduction 202 10.2 Background 203 10.3 Systematic Literature Review Protocol 204 10.4 Creating the Search String 205 10.5 Search Strategies 205 10.5.1 Trial Search 205 10.5.2 Recognizing Search Terms Attributes 206 10.5.3 Results for a 206 10.5.4 Results for b 206 10.5.5 Results for c 207 10.5.6 Results for d 207 10.6 Final Search String Construction 208 10.7 Selection Criteria and Search Process 209 10.7.1 Inclusion Criteria 209 10.7.2 Exclusion Criteria 209 10.7.3 Selection of Primary Sources 210 10.8 Assessment of Publication Quality 210 10.9 Data Extraction Stage 210 10.9.1 Initiation of Data Extraction Phase 210 10.9.2 Presentation of Data Extraction 211 10.9.3 Data Extraction Process 211 10.9.4 Data Storage 211 10.10 Data Synthesis 212 10.11 Discussion 212 10.12 Validation of Review Protocol 213 10.13 Limitation 214 References 214 11 Critical Challenges of Designing Software Architecture for Internet of Things (IoT) Software System 219 Noor Rehman, Abdul Wahid Khan 11.1 Introduction 220 11.2 Background 221 11.2.1 Layered Architecture Pattern 222 11.2.2 Microservices Software Architecture 222 11.2.3 Event-Driven Software Architecture Pattern 223 11.2.4 Blackboard Software Architecture Pattern 224 11.2.5 Systematic Literature Review for SADM 224 11.3 Research Questions 224 11.4 Research Methodology 225 11.4.1 Constructing Search Term Formulation 225 11.4.2 Publication Selection Process 229 11.4.3 Quality Assessment of the Publication 230 11.4.4 Data Extraction 230 11.4.5 Data Extraction Demonstration 230 11.4.6 Findings 232 11.5 Continent-Wise Comparison of the Challenges Found 235 11.6 Limitations 235 11.7 Conclusion and Future Work 236 References 237 12 Challenges to Project Management in Distributed Software Development: A Systematic Literature Review 241 Sher Badshah 12.1 Introduction 242 12.2 Related Work 242 12.3 Methodology 243 12.3.1 Planning the Review 244 12.3.2 Conducting the Review 245 12.3.3 Reporting the Review 246 12.4 Results and Discussion 246 12.5 Conclusion and Future Work 248 References 249 13 Cyber Security Challenges Model: SLR-Based Protocol and Initial Findings 253 Shah Zaib, Abdul Wahid Khan, Iqbal Qasim 13.1 Introduction 254 13.2 Related Work 254 13.3 Systematic Literature Review (SLR) Protocol 256 13.4 Research Questions 256 13.5 Search Term Construction 256 13.6 Strategies for Searching 257 13.6.1 Trial Searching 257 13.6.2 Characteristics of Search Terms 257 13.7 Process of Search String 258 13.7.1 Development of Search String 258 13.7.2 Resources to be Searched 259 13.8 Selection of Publication 259 13.8.1 Inclusion Criteria 259 13.8.2 Exclusion Criteria 260 13.8.3 Support of Secondary Reviewer 260 13.9 Assessment of Publication Quality 260 13.10 Data Extraction Phase 261 13.10.1 Commencement of Data Extraction Phase 261 13.10.2 Presentation of Extracted Data 261 13.10.3 Data Extraction Process 261 13.10.4 Data Storage 262 13.11 Literature Search and Selection 262 13.12 Results 263 13.12.1 Challenges in CSCM Based on Database/Digital Libraries 263 13.12.2 Challenges in CSCM Based on Methodology 265 13.13 Discussion 266 13.14 Limitations 266 13.15 Conclusion and Future Work 266 References 267 14 A Process Assessment Model for Human Resource Skill Development Enabling Digital Transformation 271 Ebru Gökalp 14.1 Introduction 272 14.2 Literature Review 273 14.2.1 Human Resource Skill Development 273 14.2.2 Theoretical Background 273 14.3 Process Assessment Model for Human Resource Skill Development 274 14.3.1 Process Dimension 274 14.3.2 Capability Dimension 274 14.4 Application of the Process Assessment Model for DX-HRSD 276 14.5 Findings and Discussions 277 14.6 Conclusion 279 References 279
Arif Ali Khan is at the University of Jyvȁskylȁ, Finland. He obtained his PhD degree in software engineering from the Department of Computer Science, City University of Hong Kong. He has participated in and managed several empirical software engineering related research projects. He has expertise in software outsourcing, process improvement, 3C’s (communication, coordination, control), requirements change management, agile software development and evidence-based software engineering. Khan has published over 40 articles in peer reviewed conferences and journals. Dac-Nhuong Le obtained his PhD in computer science from Vietnam National University, Vietnam in 2015. He is Deputy-Head of Faculty of Information Technology, Haiphong University, Vietnam. His area of research includes: evaluation computing and approximate algorithms, network communication, security and vulnerability, network performance analysis and simulation, cloud computing, IoT and image processing in biomedicine. He has more than 50 publications and edited/authored 15 computer science books, many with the Wiley-Scrivener imprint.
