Improving Software Sustainability Through Data-Driven Technical Debt Management

Similar documents
Measure it? Manage it? Ignore it? Software Practitioners and Technical Debt

Technical Debt Analysis through Software Analytics

Carnegie Mellon University Notice

Guided Architecture Trade Space Exploration of Safety Critical Software Systems

The Impact of Conducting ATAM Evaluations on Army Programs

Machine Learning for Big Data Systems Acquisition

Agile Acquisition of Agile C2

A Mashup of Techniques to Create Reference Architectures

Fall 2014 SEI Research Review Aligning Acquisition Strategy and Software Architecture

Driving Efficiencies into the Software Life Cycle for Army Systems

Evaluation of Competing Threat Modeling Methodologies

Discerning the Intent of Maturity Models from Characterizations of Security Posture

Carnegie Mellon University Notice

Semiconductor Foundry Verification

Frameworks for Assessing IT Systems Engineering Acquisition Issues and Proposed Approaches in Support of Public Law 111

Multi-Agent Decentralized Planning for Adversarial Robotic Teams

Smart Grid Maturity Model: A Vision for the Future of Smart Grid

Analytical Evaluation Framework

An Architecture-Centric Approach for Acquiring Software-Reliant Systems

Evolution of a Software Engineer in a SoS System Engineering World

OSATE overview & community updates

Analytical Evaluation Framework

DoD Joint Federated Assurance Center (JFAC) Industry Outreach

Future Trends of Software Technology and Applications: Software Architecture

CHAPTER 1: INTRODUCTION TO SOFTWARE ENGINEERING DESIGN

2016 IEEE/ACM 13th Working Conference on Mining Software Repositories. Got Technical Debt? Surfacing Elusive Technical Debt in Issue Trackers

Enterprise ISEA of the Future a Technology Vision for Fleet Support

Instrumentation and Control

Software Architecture Evaluation Methods A Survey Abstract Refer ences

Course Outline Department of Computing Science Faculty of Science

The Necessary Link Between Business Goals and Technology Choices

Software Testing for Developer Introduction. Duvan Luong, Ph.D. Operational Excellence Networks

Model Based Systems Engineering (MBSE) Business Case Considerations An Enabler of Risk Reduction

Grundlagen des Software Engineering Fundamentals of Software Engineering

Struggles at the Frontiers: Achieving Software Assurance for Software- Reliant Systems

RESEARCH OVERVIEW Methodology to Identify Opportunities for Flexible Design

A Knowledge-Centric Approach for Complex Systems. Chris R. Powell 1/29/2015

Digital Engineering Support to Mission Engineering

Advancing the Use of the Digital System Model Taxonomy

Reconsidering the Role of Systems Engineering in DoD Software Problems

SWEN 256 Software Process & Project Management

The Potential Social and Economic Value of Innovation Procurement

Evidence Engineering. Audris Mockus University of Tennessee and Avaya Labs Research [ ]

Identifying and Prioritizing Architectural Debt through Architectural Smells: a Case Study in a Large Software Company

Leveraging 21st Century SE Concepts, Principles, and Practices to Achieve User, Healthcare Services, and Medical Device Development Success

Leverage 3D Master. Improve Cost and Quality throughout the Product Development Process

S&T Stakeholders Conference

Our Acquisition Challenges Moving Forward

CS 889 Advanced Topics in Human- Computer Interaction. Experimental Methods in HCI

Software Verification and Validation. Prof. Lionel Briand Ph.D., IEEE Fellow

Gerald G. Boyd, Tom D. Anderson, David W. Geiser

SPICE: IS A CAPABILITY MATURITY MODEL APPLICABLE IN THE CONSTRUCTION INDUSTRY? Spice: A mature model

Transitioning UPDM to the UAF

RFTX-1 Installation Manual

Digital Engineering and Engineered Resilient Systems (ERS)

2. Publishable summary

System of Systems Software Assurance

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Privacy framework

PRIMATECH WHITE PAPER COMPARISON OF FIRST AND SECOND EDITIONS OF HAZOP APPLICATION GUIDE, IEC 61882: A PROCESS SAFETY PERSPECTIVE

UNIT-III LIFE-CYCLE PHASES

Software Architecture Research: Science or Engineering?

SMART PLACES WHAT. WHY. HOW.

Digitisation Plan

PUERTO RICO TELEPHONE COMPANY, INC. Second Revision - Page K-1-1 Canceling First Revision - Page K-1-1. ADDITIONAL SERVICES TARIFF SCHEDULE (Cont.

Software Engineering The School of Graduate & Professional Studies

Out of the Ivory Tower: Tao Xie Peking University ( ), China North Carolina State University Raleigh, NC, USA

Module 1 - Lesson 102 RDT&E Activities

OSD Engineering Enterprise: Digital Engineering Initiatives

Quantifying Flexibility in the Operationally Responsive Space Paradigm

Prototyping: Accelerating the Adoption of Transformative Capabilities

Systems Engineering and Autonomy: Opportunities and Challenges

Risk-Based Cost Methods

FOSS in Military Computing

15 th Annual Conference on Systems Engineering Research

Stress Testing the OpenSimulator Virtual World Server

A New Systems-Theoretic Approach to Safety. Dr. John Thomas

Software Evolution & Technical Debt

Physics-Based Modeling In Design & Development for U.S. Defense Virtual Prototyping & Product Development. Jennifer Batson Ab Hashemi

Applying and evaluating concernsensitive

Asking Questions on Knowledge Exchange and Exploitation in the Business R&D and Innovation Survey

AN OVERVIEW OF THE UNITED STATES PATENT SYSTEM

Research based on Clone Detection. Overview

System Architecture Pliability and Trading Operations in Tradespace Exploration

Military Robotics - Emerging Trends and Future Outlook. Reference code: DF4580PR Published: July 2015 Single user price: US$1950

UCL Institute for Digital Innovation in the Built Environment. MSc Digital Innovation in Built Asset Management

JOHANN CATTY CETIM, 52 Avenue Félix Louat, Senlis Cedex, France. What is the effect of operating conditions on the result of the testing?

REPORT DOCUMENTATION PAGE

Product Development Strategy

Stakeholder and process alignment in Navy installation technology transitions

User Interface Software Projects

Digital System Models: An Investigation of the Non-Technical Challenges and Research Needs

Finding Discipline in an

About Software Engineering.

Mission Reliability Estimation for Repairable Robot Teams

Technical Proposal for COMMON-ISDN-API. Version 2.0. Generic Tone Generator and Detector Support for Voice Applications. Extension.

Code Complete 2: A Decade of Advances in Software Construction Construx Software Builders, Inc. All Rights Reserved.

Architectural assumptions and their management in software development Yang, Chen

Update on R&M Engineering Activities: Rebuilding Military Readiness

A Test Bed for Verifying and Comparing BIM-based Energy Analysis Tools

34134A AC/DC DMM Current Probe. User s Guide. Publication number April 2009

Transcription:

Improving Software Sustainability Through Data-Driven Technical Debt Management Ipek Ozkaya October 7, 2015 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213

Copyright 2015 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution except as restricted below. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. DM-0002839 2

What is Technical Debt? We define technical debt as a software design issue that: Exists in an executable system artifact, such as code, build scripts, automated test suites; Is traced to several locations in the system, implying ripple effects of impact of change; Has a quantifiable effect on system attributes of interest to developers, such as increasing number of defects, negative change in maintainability and code quality indicators are symptoms of technical debt. We initially focus on detecting indicators in the form of violating known architectural pattern and maintainability rules to trace such symptoms 3

What is Technical Debt: Examples We have a model-view controller framework. Over time we violated the simple rules of this framework and had to retrofit later many functionality Modifiability violation, pattern conformance There were two modules highly coupled that should have been designed for from the beginning Modifiability violation, pattern conformance A simple API call turned into a nightmare <due to not following guidelines> Framework, pattern conformance 4

DoD Perspective of the Problem Contractor 1 developed 2 our software 3 tool 4 and delivered the long learning curve to make quality changes. 5 We continue Contractor intentionally or unintentionally incurs debt Contractor recognizes, but does not declare or fix the debt An optimal time to rearchitect or refactor the system passes By the time the government owns the system the accumulation of detection and redo is very expensive code to the government for maintenance. The code was poorly designed and documented therefore there was a very Ideal where technical debt is used strategically and declare at acquisition time to band aid over 1 million lines of code under the maintenance contract. As time goes by, the tool becomes more bloated and harder to repair. Our goal is to enable better sustainment decision making through identifying indicators that signify major contributors to technical debt analyzing data sets to build correlations between these indicators and project measures, such as defect and change proneness 1. time technical debt is incurred 2. time technical debt is recognized 3. time to plan and re-architect 4. time until debt is actually paid-off 5. continuous monitoring 5

Research Questions RQ1: What do our stakeholders care about? Which issues would benefit from being tagged as technical debt? RQ2: Can we detect indicators of design issues that result in technical debt? RQ3: What are the data needs for correlation? Once we detect them can we map them to externally visible measures (e.g., change proneness and defects)? Source code SEI Plug-in Plug-In Analyzers (e.g. FindBugs, CheckStyles) Eclipse IDE Project artifacts Datasets TD Dashboard 6

Which Issues Would Benefit from Being Tagged as Technical Debt? 7

RQ1: What Do Stakeholders Care About? Org A B C D Type Defense Contractor Global automation, power robotics Government development/ research lab DoD sustainment # Surveys out / received 3,500 / 248 15,000 / 1511 200 / 73 35 / 29 Total 1861 Collaborated with two global development organizations and two government development and sustainment labs to answer: Is there a commonly shared definition of technical debt among professional software engineers? Are issues with architectural elements among the most significant sources of technical debt? Are there practices and tools for managing technical debt? 8

Findings 1 Technical debt is just not an abstract metaphor! Bad architectural choices rated as the top contributor to technical debt, followed by overly complex code and inadequate testing. 56% of the respondents ranked architecture among their top 3 pain points. 9

Findings 2 75% of respondents said that dealing with the consequences of technical debt has consumed a painful chunk of project resources. Current tools do not capture the key areas of accumulating problems in technical debt. 10

Results Significance First of its kind broad, practice-based study with impact on research, government, and industry. The finding that bad architecture choices are most significant contributor to debt is influencing other s research. Enabling us to create engagement where we conduct detailed artifact analysis with two of our collaborators. Publications Measure it? Manage it? Ignore it? Software Practitioners and Technical Debt N. Ernst, S. Bellomo, I. Ozkaya, R. Nord, I. Gorton, FSE 2015 ACM SIGSOFT Distinguished Paper Award 11

Can We Detect Indicators of Design Issues that Result in Technical Debt? 12

RQ2: Can We Detect Indicators of Design Issues? What code and design indicators can be repeatably discovered that correlate with project measures that allow us to manage technical debt? combines static code analysis, architectural abstractions, empirical field studies, and conceptual correlation modeling to test qualitative causal assumptions. 1 detection 2 3 4 t i t j 2. technical debt is recognized 1. technical debt is incurred 5 3. plan and re-architect 4. debt is actually paid-off 5. continuous monitoring visualization 13

Tool Support Detection Any tool for experimentation should have a low threshold of entry for organizations be easy to extend by others Selected SonarQube as our prototype environment Pros API that we and others can extend built-in analysis frameworks for code analysis to extend with rules Cons incorporates an existing technical debt measurement framework that is code quality level and not validated. This results in confusion *Previously had analyzed Cast, Lattix and Structure101. Ran experiments with SonarQube and research prototype from Drexel University, Titan 14

Findings Detecting Modularity Detection Initial results on analyzing sample project (Connect version 4.4) point to architecture root cause of technical debt. Files that have the most modularity issues make up 16% of the overall system These files on the other hand represent a substantial percentage of the bugs - Looking at StartDate 6/20/12 EndDate 9/15/13, Files represent 84% of the bugs, - Looking at StartDate 9/16/13 EndDate 12/8/14, Files represent 47% of the bugs, A reduction in issues may imply a major refactoring. 15

Results Detection Significance Focuses typical code detection techniques on architecturally significant design issues Starts building the validation environment Publication A Case Study in Locating the Architectural Roots of Technical Debt, R. Kazman, Y. Cai, R. Mo, Q. Feng, L. Xiao, S. Haziyev, V. Fedak, A.Shapochka, ICSE 2015, (Florence, Italy), May 2015. Hotspot Patterns: The Formal Definition and Automatic Detection of Architecture Smells, R. Mo, Y. Cai, R. Kazman, L. Xiao, WICSA 2015, (Montreal, Canada), May 2015. 16

What Are the Data Needs for Correlation? 17

RQ3: Data Needs for Correlation Datasets What are the data needs? Based on our practice studies: Independent examples Analysis inputs Outputs/ Dependent variables Replicated functionality code clones $$$ Functionality depending on inhouse algorithm dependencies $$$ Coupling between two modules dependencies $$$ Code doesn t need to be developed at safety criticality level dependencies/ designated criticality $$$ High stress test scenario generated major failure complexity $$$ Closer look into the dependent variables show that additional effort is either spent on defects/issues or propagating changes. 18

Data Test Beds 1 Datasets DoD relevant communication terminal Qualitative: knowledge about major refactorings over program lifetime, and assessments from acquisition team and contractor, access to the SEI team Quantitatively: Outcomes that show when technical debt was increasing vs. bought down? (e.g., defect proneness, change proneness, cost of change) Early indicators of technical debt growth (e.g., deviation from good system design principles, deviation from reference architecture) Internal to the SEI, history of 2006-2011 period including some versions of code, project performance metrics (defects, PDR/CDR analysis results). 19

Data Test Beds 2 Datasets Government open source health IT exchange Qualitative: architecture evaluation (ATAM) results from 2011, access to the development team, specific issues the team tagged as technical debt, documentations Quantitatively: Jira data (commits, check-ins and check-outs over 10 releases) Issues data base Code repository in GitHub 20

Analyzing Connect Data from Jira and GitHub How are issues distributed across releases: Version 3.3 has an order of magnitude more issues Version 3.3 21

Analyzing Connect Data from Jira and GitHub Which files are affected by what types of issues: Classifying files based on issues can help understand the impact of change Secure SMTP Hibernate Log4j 22

Analyzing Connect Data from Jira and GitHub 23

Research and Transition Extensions to the open source technical debt model and tooling to include other key quality attributes concerns, e.g. security, architectural technical debt management tooling Relationship of technical debt management and testing Extensions to the data sets of rules for detecting likely sources of technical debt, along with correlations to cost to fix, cost to implement a new feature, and defects with other case studies Courses and case studies, published data sets 24

Team SEI Team Members Ipek Ozkaya, PhD, SSD Rod Nord, PhD, SSD Stephany Bellomo, MSc., SSD Neil Ernst, PhD, SSD Ian Gorton, PhD, SSD Rick Kazman, PhD, SSD Forrest Shull, PhD, SSD/ERO Harry Levinson, SSD/CTS Research Collaborators Philippe Kruchten, PhD, Univ. of British Columbia, funded Raghu Sangwan, PhD, Penn State, funded Managing Technical Debt research community, inf. Sharing Industry, DoD, and tool vendor partners 25

Contact Information Ipek Ozkaya Principal Researcher SSD/SEAP Telephone: +1 412 268 3551 Email: ozkaya@sei.cmu.edu U.S. Mail Software Engineering Institute Customer Relations 4500 Fifth Avenue Pittsburgh, PA 15213-2612 USA 26

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback