65 results for MacDonell, SG, Conference item

  • Analyzing confidentiality and privacy concerns: insights from Android issue logs

    Licorish, S; MacDonell, SG; Clear, T

    Conference item
    Auckland University of Technology

    Context: Post-release user feedback plays an integral role in improving software quality and informing new features. Given its growing importance, feedback concerning security enhancements is particularly noteworthy. In considering the rapid uptake of Android we have examined the scale and severity of Android security threats as reported by its stakeholders. Objective: We systematically mine Android issue logs to derive insights into stakeholder perceptions and experiences in relation to certain Android security issues. Method: We employed contextual analysis techniques to study issues raised regarding confidentiality and privacy in the last three major Android releases, considering covariance of stakeholder comments, and the level of consistency in user preferences and priorities. Results: Confidentiality and privacy concerns varied in severity, and were most prevalent over Jelly Bean releases. Issues raised in regard to confidentiality related mostly to access, user credentials and permission management, while privacy concerns were mainly expressed about phone locking. Community users also expressed divergent preferences for new security features, ranging from more relaxed to very strict. Conclusions: Strategies that support continuous corrective measures for both old and new Android releases would likely maintain stakeholder confidence. An approach that provides users with basic default security settings, but with the power to configure additional security features if desired, would provide the best balance for Android's wide cohort of stakeholders.

    View record details
  • Understanding Class-level Testability Through Dynamic Analysis

    Tahir, A; MacDonell, SG; Buchan, J

    Conference item
    Auckland University of Technology

    It is generally acknowledged that software testing is both challenging and time-consuming. Understanding the factors that may positively or negatively affect testing effort will point to possibilities for reducing this effort. Consequently there is a significant body of research that has investigated relationships between static code properties and testability. The work reported in this paper complements this body of research by providing an empirical evaluation of the degree of association between runtime properties and class-level testability in object-oriented (OO) systems. The motivation for the use of dynamic code properties comes from the success of such metrics in providing a more complete insight into the multiple dimensions of software quality. In particular, we investigate the potential relationships between the runtime characteristics of production code, represented by Dynamic Coupling and Key Classes, and internal class-level testability. Testability of a class is consider ed here at the level of unit tests and two different measures are used to characterise those unit tests. The selected measures relate to test scope and structure: one is intended to measure the unit test size, represented by test lines of code, and the other is designed to reflect the intended design, represented by the number of test cases. In this research we found that Dynamic Coupling and Key Classes have significant correlations with class-level testability measures. We therefore suggest that these properties could be used as indicators of class-level testability. These results enhance our current knowledge and should help researchers in the area to build on previous results regarding factors believed to be related to testability and testing. Our results should also benefit practitioners in future class testability planning and maintenance activities.

    View record details
  • Managing Requirements Change the Informal Way! When Saying 'No' Is Not an Option

    Hussain, W; Zowghi, D; Clear, T; MacDonell, SG; Blincoe, K

    Conference item
    Auckland University of Technology

    Software has always been considered as malleable. Changes to software requirements are inevitable during the development process. Despite many software engineering advances over several decades, requirements changes are a source of project risk, particularly when businesses and technologies are evolving rapidly. Although effectively managing requirements changes is a critical aspect of software engineering, conceptions of requirements change in the literature and approaches to their management in practice still seem rudimentary. The overall goal of this study is to better understand the process of requirements change management. We present findings from an exploratory case study of requirements change management in a globally distributed setting. In this context we noted a contrast with the traditional models of requirements change. In theory, change control policies and formal processes are considered as a natural strategy to deal with requirements changes. Yet we observed that "informal requirements changes" (InfRc) were pervasive and unavoidable. Our results reveal an equally 'natural' informal change management process that is required to handle InfRc in parallel. We present a novel model of requirements change which, we argue, better represents the phenomenon and more realistically incorporates both the informal and formal types of change.

    View record details
  • Packaged Software Implementation Requirements Engineering by Small Software Enterprises

    Jebreen, I; Wellington, R; MacDonell, SG

    Conference item
    Auckland University of Technology

    Small to medium sized business enterprises (SMEs) generally thrive because they have successfully done something unique within a niche market. For this reason, SMEs may seek to protect their competitive advantage by avoiding any standardization encouraged by the use of packaged software (PS). Packaged software implementation at SMEs therefore presents challenges relating to how best to respond to mismatches between the functionality offered by the packaged software and each SME's business needs. An important question relates to which processes small software enterprises - or Small to Medium-Sized Software Development Companies (SMSSDCs) - apply in order to identify and then deal with these mismatches. To explore the processes of packaged software (PS) implementation, an ethnographic study was conducted to gain in-depth insights into the roles played by analysts in two SMSSDCs. The purpose of the study was to understand PS implementation in terms of requirements engineering (or 'PSIRE'). Data collected during the ethnographic study were analyzed using an inductive approach. Based on our analysis of the cases we constructed a theoretical model explaining the requirements engineering process for PS implementation, and named it the PSIRE Parallel Star Model. The Parallel Star Model shows that during PSIRE, more than one RE process can be carried out at the same time. The Parallel Star Model has few constraints, because not only can processes be carried out in parallel, but they do not always have to be followed in a particular order. This paper therefore offers a novel investigation and explanation of RE practices for packaged software implementation, approaching the phenomenon from the viewpoint of the analysts, and offers the first extensive study of packaged software implementation RE (PSIRE) in SMSSDCs.

    View record details
  • Effort-based re-estimation during software projects

    MacDonell, SG (2011-08-13)

    Conference item
    Auckland University of Technology

    View record details
  • Onshore to near-shore outsourcing transitions: unpacking tensions

    Clear, AG; Raza, B; Clear, T; MacDonell, SG

    Conference item
    Auckland University of Technology

    This study is directed towards highlighting tensions of incoming and outgoing vendors during outsourcing in a near-shore context. Incoming-and-outgoing of vendors generate a complex form of relationship in which the participating organizations cooperate and compete simultaneously. It is of great importance to develop knowledge about this kind of relationship typically in the current GSE-related multi-sourcing environment. We carried out a longitudinal case study and utilized data from the 'Novo pay' project, which is available in the public domain. This project involved an outgoing New Zealand based vendor and incoming Australian based vendor. The results show that the demand for the same human resources, dependency upon cooperation and collaboration between vendors, reliance on each other system's configurations and utilizing similar strategies by the client, which worked for the previous vendor, generated a set of tensions which needed to be continuously managed throughout the project.

    View record details
  • Self-organising roles in agile globally distributed teams

    Licorish, SA; MacDonell, SG

    Conference item
    Auckland University of Technology

    The ability to self-organise is posited to be a fundamental requirement for successful agile teams. In particular, self-organising teams are said to be crucial in agile globally distributed software development (AGSD) settings, where distance exacerbates team issues. We used contextual analysis to study the specific interaction behaviours and enacted roles of practitioners working in multiple AGSD teams. Our results show that the teams studied were extremely task focussed, and those who occupied team lead or programmer roles were central to their teams’ self-organisation. These findings have implications for AGSD teams, and particularly for instances when programmers – or those occupying similar non-leadership positions – may not be willing to accept such responsibilities. We discuss the implications of our findings for information system development (ISD) practice.

    View record details
  • Autonomous requirements specification processing using natural language processing

    MacDonell, SG; Min, K; Connor, AM (2011-08-06)

    Conference item
    Auckland University of Technology

    We describe our ongoing research that centres on the application of natural language processing (NLP) to software engineering and systems development activities. In particular, this paper addresses the use of NLP in the requirements analysis and systems design processes. We have developed a prototype toolset that can assist the systems analyst or software engineer to select and verify terms relevant to a project. In this paper we describe the processes employed by the system to extract and classify objects of interest from requirements documents. These processes are illustrated using a small example.

    View record details
  • A framework for contextual information retrieval from the WWW

    Limbu, DK; Connor, AM; MacDonell, SG (2011-08-06)

    Conference item
    Auckland University of Technology

    Search engines are the most commonly used type of tool for finding relevant information on the Internet. However, today’s search engines are far from perfect. Typical search queries are short, often one or two words, and can be ambiguous therefore returning inappropriate results. Contextual information retrieval (CIR) is a critical technique for these search engines to facilitate queries and return relevant information. Despite its importance, little progress has been made in CIR due to the difficulty of capturing and representing contextual information about users. Numerous contextual information retrieval approaches exist today, but to the best of our knowledge none of them offer a similar service to the one proposed in this paper. This paper proposes an alternative framework for contextual information retrieval from the WWW. The framework aims to improve query results (or make search results more relevant) by constructing a contextual profile based on a user’s behaviour, their preferences, and a shared knowledge base, and using this information in the search engine framework to find and return relevant information

    View record details
  • Stochastic cost estimation and risk analysis in managing software projects

    Connor, AM; MacDonell, SG (2011-08-06)

    Conference item
    Auckland University of Technology

    This paper presents an overview of the use of stochastic modelling as an approach to assessing the impact of uncertainty in effort and cost estimations in software projects. Uncertainty in input values is modelled using probability distributions and this uncertainty is propagated through the model to provide risk information using Monte Carlo simulation. Statistical analysis of the outputs of the simulation provides a means for identifying where the highest risk in the estimates lies. Understanding this risk, in terms of both its impact and its likelihood, allows activities to be undertaken to mitigate the risk prior to submitting a tender, therefore increasing the confidence with which the bid/no-bid decision is made.

    View record details
  • Comparing local and global software effort estimation models – reflections on a systematic review

    MacDonell, SG; Shepperd, MJ (2011-08-08)

    Conference item
    Auckland University of Technology

    The availability of multi-organisation data sets has made it possible for individual organisations to build and apply management models, even if they do not have data of their own. In the absence of any data this may be a sensible option, driven by necessity. However, if both cross-company (or global) and within-company (or local) data are available, which should be used in preference? Several research papers have addressed this question but without any apparent convergence of results. We conduct a systematic review of empirical studies comparing global and local effort prediction systems. We located 10 relevant studies: 3 supported global models, 2 were equivocal and 5 supported local models. The studies do not have converging results. A contributing factor is that they have utilised different local and global data sets and different experimental designs thus there is substantial heterogeneity. We identify the need for common response variables and for common experimental and reporting protocols.

    View record details
  • Insights into domain knowledge sharing in software development practice

    Buchan, J; Ekadharmawan, CH; MacDonell, SG (2011-08-13)

    Conference item
    Auckland University of Technology

    The collaborative development of shared understanding is crucial to the success of software development projects. It is also a challenging and volatile process in practice. Small organizations may be especially vulnerable due to reliance on key individuals and insufficient resource to employ several domain specialists. There is, however, minimal empirical research on sharing domain understanding in the context of small software organizations. In this paper we present the results of a field study of commercial software development practice in which we conducted semi-structured interviews with practitioners from ten such organizations. The study provides insights into practices, perceptions, and challenges related to developing shared domain understanding. Our results show that smaller organizations place particular emphasis on the use of prototypes or existing products to refine and verify domain understanding. Furthermore they perceive the biggest challenge to developing shared understanding as the quality of the client representative(s).

    View record details
  • A prototype tool to support extended team collaboration in agile project feature management

    Licorish, S; Philpott, A; MacDonell, SG (2011-08-16)

    Conference item
    Auckland University of Technology

    In light of unacceptable rates of software project failure agile development methodologies have achieved widespread industry prominence, aimed at reducing software project risks and improving the likelihood of project success. However, the highly collaborative processes embedded in agile methodologies may themselves introduce other risks. In particular, the fluid and diverse nature of agile team structures may mean that collaboration regarding what is to be delivered becomes more challenging. We have therefore developed a prototype tool intended to enable all stakeholders to have greater access to the features of the emerging system irrespective of their location, via remote feature management functionality. Software engineering experts have evaluated the initial prototype, verifying that it would enhance collaboration and is likely to assist teams in their handling of feature management.

    View record details
  • Modelling software processes - a focus on objectives

    Kirk, D; MacDonell, SG; Tempero, E (2011-08-23)

    Conference item
    Auckland University of Technology

    Existing software process models such as Waterfall and XP are characterised by unstated assumptions, a consequence of which is that we can not easily compare models or transfer data from one model to another. This means that software planners have no mechanism for selecting process activities that are best suited to individual projects. In this paper, we propose a framework for modelling software processes that supports representation and comparison of different kinds of software process. Our framework is based on a lift in focus from 'choosing activities' to 'identifying project objectives and selecting activities to meet those objectives'. We overview some evidence to support the claims of representation and comparison and discuss benefits and limitations of the approach.

    View record details
  • Raising healthy software systems

    MacDonell, SG; Kirk, D; McLeod, L (2011-08-23)

    Conference item
    Auckland University of Technology

    We elaborate on the analogy between humans and bespoke software systems and we use this analogy to inform an alternative perspective on the development and management of such systems.

    View record details
  • The viability of fuzzy logic modeling in software development effort estimation: opinions and expectations of Project Managers

    MacDonell, SG (2011-08-06)

    Conference item
    Auckland University of Technology

    There is a growing body of evidence to suggest that significant benefits may be gained from augmenting current approaches to software development effort estimation, and indeed other project management activities, with models developed using fuzzy logic and other soft computing methods. The tasks undertaken by project managers early in a development process would appear to be particularly amenable to such a strategy, particularly if fuzzy logic models are used in a complementary manner with other algorithmic approaches, thus providing a range of predictions as opposed to a single point value. As well as providing a more intuitively acceptable set of estimates, this would help to reduce or remove the unwarranted level of certainty associated with a point estimate. Furthermore, such an approach would enable organizations to "store" their project management knowledge, making them less susceptible to employee resignations and the like. If fuzzy logic modeling is to be implemented in industry, however, managers must first believe it to be a realistic and workable option. This issue is addressed here by considering two related questions: one, what expectations do project managers have in relation to effort estimation? And two, what is their opinion of the methods that might be useful in this regard? This is followed by a discussion of the results of two surveys of project managers aimed at deriving membership functions using polling methods, the first using an interval declaration approach and the second using votes on fixed points. It is concluded that there is indeed support in the software engineering practitioner community for the use of methods based on the principles of fuzzy logic modeling.

    View record details
  • Source code authorship analysis for supporting the cybercrime investigation process

    Frantzeskou, G; Gritzalis, S; MacDonell, SG (2011-08-08)

    Conference item
    Auckland University of Technology

    Cybercrime has increased in severity and frequency in the recent years and because of this, it has become a major concern for companies, universities and organizations. The anonymity offered by the Internet has made the task of tracing criminal identity difficult. One study field that has contributed in tracing criminals is authorship analysis on e-mails, messages and programs. This paper contains a study on source code authorship analysis. The aim of the research efforts in this area is to identify the author of a particular piece of code by examining its programming style characteristics. Borrowing extensively from the existing fields of linguistics and software metrics, this field attempts to investigate various aspects of computer program authorship. Source code authorship analysis could be implemented in cases of cyber attacks, plagiarism and computer fraud. In this paper we present the set of tools and techniques used to achieve the goal of authorship identification, a review of the research efforts in the area and a new taxonomy on source code authorship analysis.

    View record details
  • Supporting agile team composition: a prototype tool for identifying personality (in)compatibilities

    Licorish, S; Philpott, A; MacDonell, SG (2011-08-16)

    Conference item
    Auckland University of Technology

    Extensive work in the behavioral sciences tells us that team composition is a complex activity in many disciplines, given the variations inherent across individuals' personalities. The composition of teams to undertake software development is subject to this same complexity. Furthermore, the building of a team to undertake agile software development may be particularly challenging, given the inclusive yet fluid nature of teams in this context. We describe here the development and preliminary evaluation of a prototype tool intended to assist software engineers and project managers in forming agile teams, utilizing information concerning members' personalities as input to this process. Initial assessment of the tool's capabilities by agile development practitioners suggests that it would be of value in supporting the team composition activity in real projects.

    View record details
  • Maximising data retention from the ISBSG repository

    Deng, K; MacDonell, SG (2011-08-23)

    Conference item
    Auckland University of Technology

    Background: In 1997 the International Software Benchmarking Standards Group (ISBSG) began to collect data on software projects. Since then they have provided copies of their repository to researchers and practitioners, through a sequence of releases of increasing size. Problem: Questions over the quality and completeness of the data in the repository have led some researchers to discard substantial proportions of the data in terms of observations, and to discount the use of some variables in the modelling of, among other things, software development effort. In some cases the details of the discarding of data has received little mention and minimal justification. Method: We describe the process we used in attempting to maximise the amount of data retained for modelling software development effort at the project level, based on previously completed projects that had been sized using IFPUG/NESMA function point analysis (FPA) and recorded in the repository. Results: Through justified formalisation of the data set and domain-informed refinement we arrive at a final usable data set comprising 2862 (of 3024) observations across thirteen variables. Conclusion: a methodical approach to the pre-processing of data can help to ensure that as much data is retained for modelling as possible. Assuming that the data does reflect one or more underlying models, such retention should increase the likelihood of robust models being developed.

    View record details
  • Fuzzy logic for software metric models throughout the development life-cycle

    Gray, AR; MacDonell, SG (2011-09-03)

    Conference item
    Auckland University of Technology

    One problem faced by managers who are using project management models is the elicitation of numerical inputs. Obtaining these with any degree of confidence early in a project is not always feasible. Related to this difficulty is the risk of precisely specified outputs from models leading to overcommitment. These problems can be seen as the collective failure of software measurements to represent the inherent uncertainties in managers' knowledge of the development products, resources, and processes. It is proposed that fuzzy logic techniques can help to overcome some of these difficulties by representing the imprecision in inputs and outputs, as well as providing a more expert-knowledge based approach to model building. The use of fuzzy logic for project management however should not be the same throughout the development life cycle. Different levels of available information and desired precision suggest that it can be used differently depending on the current phase, although a single model can be used for consistency

    View record details