The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Background: Understanding and controlling the impact of change decides about the success or failure of evolving products. The problem magnifies for start-ups operating with limited resources. Their usual focus is on Minimum Viable Product (MVP's) providing specialized functionality, thus have little expense available for handling changes. Aims: Change Impact Analysis (CIA) refers to the identification...
Dependency-based software change impact analysis is the domain concerned with estimating the sets of artifacts impacted by a change to a related artifact. Research has shown that analysing the various class dependency types independently will never completely reveal the impact sets. Therefore, dependency types are combined to improve the precision of estimated when compared to impact sets. Software...
The mining of software repositories has provided significant advances in a multitude of software engineering fields, including defect prediction. Several studies show that the performance of a software engineering technology (e.g., prediction model) differs across different project repositories. Thus, it is important that the project selection is replicable. The aim of this paper is to present STRESS,...
Continuous Integration(CI) is a widely used development practice where developers integrate their work after submitting code changes at central repository. CI servers usually monitor central repository for code change submission and automatically build software with changed code, perform unit testing, integration testing and provide test summary report. If build or test fails developers fix those...
Background: Static analysis security testing (SAST) tools may be evaluated using synthetic micro benchmarks and benchmarks based on real-world software. Aims: The aim of this study is to address the limitations of the existing SAST tool benchmarks: lack of vulnerability realism, uncertain ground truth, and large amount of findings not related to analyzed vulnerability. Method: We propose Delta-Bench...
Context: Software engineering repositories contain a wealth of textual information such as source code comments, developers' discussions, commit messages and bug reports. These free form text descriptions can contain both direct and implicit references to security concerns. Goal: Derive an approach to extract security concerns from textual information that can yield several benefits, such as bug management...
Developers' chat messages are a rich source of rationale behind development decisions. Rationale comprises valuable knowledge during software evolution for understanding and maintaining the software system. However, developers resist explicit methods for rationale capturing in practice, due to their intrusiveness and cognitive overhead. Aim: Our primary goal is to help developers capture rationale...
Empirical software engineering research aims to generate prescriptive knowledge that can help software engineers improve their work and overcome their challenges, but deriving these insights from real-world problems can be challenging. In this paper, we promote design science as an effective way to produce and communicate prescriptive knowledge. We propose using a visual abstract template to communicate...
Context. Member checking can be defined as a research phase performed during a qualitative research in which the researcher compares her interpretations and understanding obtained from the data analysis with the view-points of participants to increase accuracy and consistency of results. This is an important step for any qualitative research. However, considering a sample of 66 case studies developed...
[Background] Systematic Literature Reviews (SLRs) are one of the important pillars when employing an evidence-based paradigm in Software Engineering. To date most SLRs have been conducted using a search strategy involving several digital libraries. However, significant issues have been reported for digital libraries and applying such search strategy requires substantial effort. On the other hand,...
Background: Experiment-driven development with the help of real usage data helps to build software products and services that are of high value to their users. As more software companies use experimentation in their development practises, ethical concerns are increasingly important. Objective: There is a need for understanding the ethical issues companies must take into account when practising experimentation...
Ethical guidelines of software engineering journals require authors to provide statements related to the conflict of interest and the process of obtaining consent (if human subjects are involved). The objective of this study is to review the reporting of the ethical considerations in Empirical Software Engineering - An International Journal. The results indicate that two out of seven studies reported...
Background: Although there has been a significant amount of research focused on designing and conducting controlled experiments, few studies report how experienced experimental software engineering researchers actually design and conduct their studies. Aims: This study aimed to offer a practical perspective from their viewpoint regarding controlled experiment planning. Method: We collected data through...
Context: In organizational psychology literature, Task Variety and Skill Variety are considered different aspects of work design. Albeit related to different aspects of the work, it is common to find strong correlations between these constructs. After applying the Work Design Questionnaire (WDQ) on a sample of 102 software professional, we found the similar correlations and conjectured that they were...
Background: While bug bounty programs are not new in software development, an increasing number of companies, as well as open source projects, rely on external parties to perform the security assessment of their software for reward. However, there is relatively little empirical knowledge about the characteristics of bug bounty program contributors. Aim: This paper aims to understand those contributors...
Context: Software development process is executed by professionals with different roles, who are responsible for distinct activities. These roles can have different degrees of autonomy depending on some factors, such as the adopted process and hierarchy. Goal: This study aims to identify what factors can impact autonomy and also investigate how autonomy is given to an employee based on two main factors:...
Background: In Software Engineering (SE) the term maturity is often linked to the work process and product quality. In many cases, team maturity is seen as a backdrop to the process of SE, and sometimes as something that is known to exist, but which cannot be understood, neither measured accurately nor even dimension its value. Aim: In this article, we seek to understand the concept of mature teams...
[Background] A high-functioning team is a decisive factor for a successful software development project. However building such a team is not easy. Among many issues and obstacles encountered by teams, social loafing is a common but difficult one to tackle. [Aim] We intend to construct an approach to effectively prevent social loafing behaviors in software development teams. [Method] We built one social...
Background. Often motivated by optimization objectives, software products are characterized by different subsequent releases and deployed through different strategies. The impact of these two aspects of software on energy consumption has still to be completely understood and can be improved by carrying out ad-hoc analyses for specific software products. Aims. In this research we report on an industrial...
[Background] Security risk assessment methods in industry mostly use a tabular notation to represent the assessment results whilst academic works advocate graphical methods. Experiments with MSc students showed that the tabular notation is better than an iconic graphical notation for the comprehension of security risks. [Aim] We investigate whether the availability of textual labels and terse UML-style...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.