Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00027
Umberto Azadi, F. Fontana, D. Taibi
Architectural smells can negatively impact on different software qualities and can represent a relevant source of architectural debt. Several architectural smells have been defined by different researchers. Moreover, both academia and industry proposed several tools for software quality analysis, but it is not always clear to understand which tools provide also support for architectural smells detection and if the tools developed for this specific purpose are effectively available or not. In this paper we propose a catalogue of architectural smells for which, at least one tool able to detect the smell exists. We outline the main differences in the detection techniques exploited by the tools and we propose a classification of these architectural smells according to the violation of three design principles.
{"title":"Architectural Smells Detected by Tools: a Catalogue Proposal","authors":"Umberto Azadi, F. Fontana, D. Taibi","doi":"10.1109/TechDebt.2019.00027","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00027","url":null,"abstract":"Architectural smells can negatively impact on different software qualities and can represent a relevant source of architectural debt. Several architectural smells have been defined by different researchers. Moreover, both academia and industry proposed several tools for software quality analysis, but it is not always clear to understand which tools provide also support for architectural smells detection and if the tools developed for this specific purpose are effectively available or not. In this paper we propose a catalogue of architectural smells for which, at least one tool able to detect the smell exists. We outline the main differences in the detection techniques exploited by the tools and we propose a classification of these architectural smells according to the violation of three design principles.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128417618","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00021
B. Kontsevoi, E. Soroka, S. Terekhov
The paper covers the company's proprietary approach to the assessment of software product quality and measurement of technical debt. In the paper, the authors state that the software product quality is the amount of various technical debts embedded into the product and delivered to end-users. Similar to the fact that any debt can be paid, the software product quality can be efficiently managed and measured by a set of techniques, parameters, and dimensions. The authors share the details of the company proprietary approach to technical debt management done with the help of the Technical DebT Reduction plAtform, TETRA. They share the measurement parameters, tools and major dimension for the assessment.
{"title":"TETRA, as a set of Techniques and Tools for Calculating Technical Debt Principal and Interest","authors":"B. Kontsevoi, E. Soroka, S. Terekhov","doi":"10.1109/TechDebt.2019.00021","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00021","url":null,"abstract":"The paper covers the company's proprietary approach to the assessment of software product quality and measurement of technical debt. In the paper, the authors state that the software product quality is the amount of various technical debts embedded into the product and delivered to end-users. Similar to the fact that any debt can be paid, the software product quality can be efficiently managed and measured by a set of techniques, parameters, and dimensions. The authors share the details of the company proprietary approach to technical debt management done with the help of the Technical DebT Reduction plAtform, TETRA. They share the measurement parameters, tools and major dimension for the assessment.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"95 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115388299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00024
P. Anderson, Lucja Kot, Neil Gilmore, David Vitek
SARIF is an emerging standard for representing the results of program analysis tools. This tool demo shows how it can enable integration between static analysis tools and version control systems such as GitHub, and by doing so, encourage developers to reduce technical debt in a gradual non-invasive fashion.
{"title":"SARIF-Enabled Tooling to Encourage Gradual Technical Debt Reduction","authors":"P. Anderson, Lucja Kot, Neil Gilmore, David Vitek","doi":"10.1109/TechDebt.2019.00024","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00024","url":null,"abstract":"SARIF is an emerging standard for representing the results of program analysis tools. This tool demo shows how it can enable integration between static analysis tools and version control systems such as GitHub, and by doing so, encourage developers to reduce technical debt in a gradual non-invasive fashion.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114918930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00013
R. Brenner
Technical approaches to effective technical debt management—metrics, descriptors, transformation tools, and the like—are necessary but insufficient. We must also address drivers of technical debt that lie in the realm of psychology, politics, finance, and policy. The open question is: Will organizations exploit the impressive technology-based advancements in technical debt management to make engineers more effective? Or will they do something else with the cost savings those technologies generate? Psychology, politics, finance, and policy play critical roles in determining whether we gain control of technical debt. For example, if engineering groups become more adept at managing and preventing technical debt, while marketing and sales groups do not improve their own processes, the demands of marketing and sales groups for new products and capabilities might be associated with even shorter timelines than they now are. Schedule pressure usually results. Consequently, enterprise agility and engineering productivity might not benefit from the new technology-based technical debt management capabilities, even though the burden of technical debt might be reduced. Absent a significant change in the behavior of non-technologists, we can expect the effects of nontechnical causes of technical debt to persist, and possibly even to increase in significance. In this paper we explore eleven nontechnical phenomena that contribute to technical debt formation and persistence. We describe each one, and recommend lines of inquiry that can suggest (a) the significance of the phenomenon's effects on technical debt, from an organizational behavior perspective; (b) technologies that could aid in assessing that significance, and which could eventually aid in mitigating the phenomenon's deleterious effects; or (c) changes to phenomenon-related policy or accounting methods that could reduce the rate of formation or the persistence of technical debt.
{"title":"Balancing Resources and Load: Eleven Nontechnical Phenomena that Contribute to Formation or Persistence of Technical Debt","authors":"R. Brenner","doi":"10.1109/TechDebt.2019.00013","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00013","url":null,"abstract":"Technical approaches to effective technical debt management—metrics, descriptors, transformation tools, and the like—are necessary but insufficient. We must also address drivers of technical debt that lie in the realm of psychology, politics, finance, and policy. The open question is: Will organizations exploit the impressive technology-based advancements in technical debt management to make engineers more effective? Or will they do something else with the cost savings those technologies generate? Psychology, politics, finance, and policy play critical roles in determining whether we gain control of technical debt. For example, if engineering groups become more adept at managing and preventing technical debt, while marketing and sales groups do not improve their own processes, the demands of marketing and sales groups for new products and capabilities might be associated with even shorter timelines than they now are. Schedule pressure usually results. Consequently, enterprise agility and engineering productivity might not benefit from the new technology-based technical debt management capabilities, even though the burden of technical debt might be reduced. Absent a significant change in the behavior of non-technologists, we can expect the effects of nontechnical causes of technical debt to persist, and possibly even to increase in significance. In this paper we explore eleven nontechnical phenomena that contribute to technical debt formation and persistence. We describe each one, and recommend lines of inquiry that can suggest (a) the significance of the phenomenon's effects on technical debt, from an organizational behavior perspective; (b) technologies that could aid in assessing that significance, and which could eventually aid in mitigating the phenomenon's deleterious effects; or (c) changes to phenomenon-related policy or accounting methods that could reduce the rate of formation or the persistence of technical debt.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127514831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00029
Lerina Aversano, Laura Nardi
Code reuse by copying a code fragment with or without modification generates duplicate copies of exact or similar code fragments in a software system, known as code clones. The debate about the harmfulness of clone in ongoing in the literature, nevertheless, it is widely recognized that clones needs special considerations during software evolution. In this paper, it is proposed a quantitative analysis of technical debt values to understand if it is higher with cloned code than those without cloned code. Moreover, changes performed on these files have been analyzed by analyzing commit logs. According to our inspection on four subject systems, the technical debt of files with cloned code is significantly higher than those without cloned code. Moreover, as expected, files with cloned code are more impacted by changes.
{"title":"Investigating on the Impact of Software Clones on Technical Debt","authors":"Lerina Aversano, Laura Nardi","doi":"10.1109/TechDebt.2019.00029","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00029","url":null,"abstract":"Code reuse by copying a code fragment with or without modification generates duplicate copies of exact or similar code fragments in a software system, known as code clones. The debate about the harmfulness of clone in ongoing in the literature, nevertheless, it is widely recognized that clones needs special considerations during software evolution. In this paper, it is proposed a quantitative analysis of technical debt values to understand if it is higher with cloned code than those without cloned code. Moreover, changes performed on these files have been analyzed by analyzing commit logs. According to our inspection on four subject systems, the technical debt of files with cloned code is significantly higher than those without cloned code. Moreover, as expected, files with cloned code are more impacted by changes.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114999699","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00010
Terese Besker, A. Martini, J. Bosch
Remediation of technical debt through regular refactoring initiatives is considered vital for the software system's long and healthy life. However, since today's software companies face increasing pressure to deliver customer value continuously, the balance between spending developer time, effort, and resources on implementing new features or spending it on refactoring of technical debt becomes vital. The goal of this study is to explore how the prioritization of technical debt is carried out by practitioners within today's software industry. This study also investigates what factors influence the prioritization process and its related challenges. This paper reports the results of surveying 17 software practitioners, together with follow-up interviews with them. Our results show that there is no uniform way of prioritizing technical debt and that it is commonly done reactively without applying any explicit strategies. Often, technical debt issues are managed and prioritized in a shadow backlog, separate from the official sprint backlog. This study was also able to identify several different challenges related to prioritizing technical debt, such as the lack of quantitative information about the technical debt items and that the refactoring of technical debt issues competes with the implementation of customer requirements.
{"title":"Technical Debt Triage in Backlog Management","authors":"Terese Besker, A. Martini, J. Bosch","doi":"10.1109/TechDebt.2019.00010","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00010","url":null,"abstract":"Remediation of technical debt through regular refactoring initiatives is considered vital for the software system's long and healthy life. However, since today's software companies face increasing pressure to deliver customer value continuously, the balance between spending developer time, effort, and resources on implementing new features or spending it on refactoring of technical debt becomes vital. The goal of this study is to explore how the prioritization of technical debt is carried out by practitioners within today's software industry. This study also investigates what factors influence the prioritization process and its related challenges. This paper reports the results of surveying 17 software practitioners, together with follow-up interviews with them. Our results show that there is no uniform way of prioritizing technical debt and that it is commonly done reactively without applying any explicit strategies. Often, technical debt issues are managed and prioritized in a shadow backlog, separate from the official sprint backlog. This study was also able to identify several different challenges related to prioritizing technical debt, such as the lack of quantitative information about the technical debt items and that the refactoring of technical debt issues competes with the implementation of customer requirements.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122554727","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00017
J. Ludwig, Devin Cline
A critical aspect of software development is creating high-quality source code that is reliable, maintainable, and has limited technical debt. Software development teams generally employ a variety of design techniques, processes, and tools to continually work towards quality code while balancing the overall time and budget demands of the project. The goal of CBR Insight (CBRI) is to provide an objective and understandable measure of software quality that can help guide decisions and direct limited resources during software acquisition, development, and sustainment. CBRI supports the ability of technical and non-technical decision makers to verify that a project's software implementation follows through on promises around developing and sustaining reliable and maintainable software while managing technical debt.
{"title":"CBR Insight: Measure and Visualize Source Code Quality","authors":"J. Ludwig, Devin Cline","doi":"10.1109/TechDebt.2019.00017","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00017","url":null,"abstract":"A critical aspect of software development is creating high-quality source code that is reliable, maintainable, and has limited technical debt. Software development teams generally employ a variety of design techniques, processes, and tools to continually work towards quality code while balancing the overall time and budget demands of the project. The goal of CBR Insight (CBRI) is to provide an objective and understandable measure of software quality that can help guide decisions and direct limited resources during software acquisition, development, and sustainment. CBRI supports the ability of technical and non-technical decision makers to verify that a project's software implementation follows through on promises around developing and sustaining reliable and maintainable software while managing technical debt.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"201 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133354567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00023
Simon Baars, Sander Meester
To minimize technical debt and increase the maintainability of software, it is essential to make developers aware of what factors influence the maintainability of a codebase. To make the field of code quality and maintenance intuitive to developers, we propose CodeArena, which is an extension to the popular 3D sandbox game called Minecraft. CodeArena converts patterns in a codebase that are considered harmful to monsters in Minecraft, which can then be fought to improve the codebase. This way, the developer can gradually improve the quality of the code, while learning about code quality in an engaging way.
{"title":"CodeArena: Inspecting and Improving Code Quality Metrics using Minecraft","authors":"Simon Baars, Sander Meester","doi":"10.1109/TechDebt.2019.00023","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00023","url":null,"abstract":"To minimize technical debt and increase the maintainability of software, it is essential to make developers aware of what factors influence the maintainability of a codebase. To make the field of code quality and maintenance intuitive to developers, we propose CodeArena, which is an extension to the popular 3D sandbox game called Minecraft. CodeArena converts patterns in a codebase that are considered harmful to monsters in Minecraft, which can then be fought to improve the codebase. This way, the developer can gradually improve the quality of the code, while learning about code quality in an engaging way.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131963578","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-26DOI: 10.1109/TechDebt.2019.00012
C. Izurieta, Mary Prouty
Context: Managing technical debt (TD) associated with external cybersecurity attacks on an organization can significantly improve decisions made when prioritizing which security weaknesses require attention. Whilst source code vulnerabilities can be found using static analysis techniques, malicious external attacks expose the vulnerabilities of a system at runtime and can sometimes remain hidden for long periods of time. By mapping malicious attack tactics to the consequences of weaknesses (i.e. exploitable source code vulnerabilities) we can begin to understand and prioritize the refactoring of the source code vulnerabilities that cause the greatest amount of technical debt on a system. Goal: To establish an approach that maps common external attack tactics to system weaknesses. The consequences of a weakness associated with a specific attack technique can then be used to determine the technical debt principal of said violation; which can be measured in terms of loss of business rather than source code maintenance. Method: We present a position study that uses Jaccard similarity scoring to examine how 11 malicious attack tactics can relate to Common Weakness Enumerations (CWEs). Results: We conduct a study to simulate attacks, and generate dependency graphs between external attacks and the technical consequences associated with CWEs. Conclusion: The mapping of cyber security attacks to weaknesses allows operational staff (SecDevOps) to focus on deploying appropriate countermeasures and allows developers to focus on refactoring the vulnerabilities with the greatest potential for technical debt.
{"title":"Leveraging SecDevOps to Tackle the Technical Debt Associated with Cybersecurity Attack Tactics","authors":"C. Izurieta, Mary Prouty","doi":"10.1109/TechDebt.2019.00012","DOIUrl":"https://doi.org/10.1109/TechDebt.2019.00012","url":null,"abstract":"Context: Managing technical debt (TD) associated with external cybersecurity attacks on an organization can significantly improve decisions made when prioritizing which security weaknesses require attention. Whilst source code vulnerabilities can be found using static analysis techniques, malicious external attacks expose the vulnerabilities of a system at runtime and can sometimes remain hidden for long periods of time. By mapping malicious attack tactics to the consequences of weaknesses (i.e. exploitable source code vulnerabilities) we can begin to understand and prioritize the refactoring of the source code vulnerabilities that cause the greatest amount of technical debt on a system. Goal: To establish an approach that maps common external attack tactics to system weaknesses. The consequences of a weakness associated with a specific attack technique can then be used to determine the technical debt principal of said violation; which can be measured in terms of loss of business rather than source code maintenance. Method: We present a position study that uses Jaccard similarity scoring to examine how 11 malicious attack tactics can relate to Common Weakness Enumerations (CWEs). Results: We conduct a study to simulate attacks, and generate dependency graphs between external attacks and the technical consequences associated with CWEs. Conclusion: The mapping of cyber security attacks to weaknesses allows operational staff (SecDevOps) to focus on deploying appropriate countermeasures and allows developers to focus on refactoring the vulnerabilities with the greatest potential for technical debt.","PeriodicalId":197657,"journal":{"name":"2019 IEEE/ACM International Conference on Technical Debt (TechDebt)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116682194","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: