Maharaja Agrasen Institute of Technology, PSP Area, Sector-22, Rohini, New elhi - !!""#$ Submitted By:- Shefai !a"##$ Maharaja Agrasen Institute of Technology Roll No !$"!%#2&"&'MAIT' ()Tech)*+SE,'"& & th Se-ester ! Ta.le of +ontents Ta.le of +ontents %: I&t$#du'ti#& ( ): S#ft*a$e E&+i&ee$i&+ , 2)! /i-itations of e0isting software engineering 1ractices & 2)2 Nee2 for alternati3e a11roaches in SE in the for- of E(SE # -: Cu$$e&t S'e&a$i# . 4)! Pro2ucti3ity 3s) success rate !" (: G#a #f EBSE %% ,: /eth#d##+y #f EBSE %) $)! Ste1 I- As5 an answera.le 6uestion !4 $)2 Ste1 II- 7in2 the .est e3i2ence !% $)2 Ste1 III- +ritically a11raise the e3i2ence !$ $)2 Ste1 I8- A11ly the e3i2ence !9 $)2 Ste1 8- E3aluate 1erfor-ance !& 0: A""i'ati#& #f EBSE i& e1i2ti&+ 2#ft*a$e e&+i&ee$i&+ ife 'y'e %3 9)! +ase of +y.er 7orensics !# 9)!)! Pro1ose2 Syste- !: 9)!)2 eri3e2 Algorith- 2" 9)2 A11lication of E(SE in ITES an2 E-Ser3ice sectors 22 4: EBSE i& A'ademi'2 a&d Edu'ati#&a I&2titute2 )( &)! Moti3ation of teaching E(SE to uni3ersity stu2ents 2% 3: Im"i'ati#&2 f#$ EBSE )0 2 .: C#&'u2i#& )4 A""e&di1 A: G#22a$y )3 A""e&di1 B: 5i2t #f Fi+u$e2 ). A""e&di1 C: Refe$e&'e2 -6 4 +;APTER ! +;APTER ! INTRO<+TION E3i2ence (ase2 Software Engineering *E(SE, is a -echanis- to su11ort an2 i-1ro3e the technology a2o1tion, 2e3elo1-ent an2 -anage-ent techni6ues) E(SE -etho2ology ai-s to i-1ro3e 2ecision -a5ing relate2 to software 2e3elo1-ent .y integrating current .est e3i2ence fro- research with 1ractical e01erience an2 hu-an 3alues) This 1rocess ai-s at i-1ro3ing software engineering 2ecisions) Software -anagers an2 1ractitioners often -ust -a5e 2ecisions a.out what technologies to e-1loy on their 1rojects7 They -ight .e aware of 1ro.le-s with their current 2e3elo1-ent 1ractices i)e) 1ro2uction .ottlenec5s or nu-erous 2efect re1orts fro- custo-ers an2 want to resol3e the-) ;owe3er, 1ractitioners can ha3e 2ifficulty in -a5ing infor-e2 2ecisions a.out whether to a2o1t a new technology or not) Software engineers also -ight -a5e incorrect 2ecision a.out a2o1ting new techni6ues if they 2on=t consi2er scientific e3i2ence a.out the techni6ue>s efficacy) They shoul2 consi2er using 1roce2ures si-ilar to ones 2e3elo1e2 for e3i2ence-.ase2 -e2icine) Software co-1anies are often un2er 1ressure to a2o1t i--ature technologies .ecause of -ar5eting an2 -anage-ent 1ressures) Therefore, e3i2ence .ase2 software engineering is suggeste2 as -echanis- to su11ort an2 i-1ro3e their technology a2o1tion 2ecisions) The e01erience of the success of -e2ical 1ractice a2o1ting e3i2ence .ase2 1ara2ig-, has 2e-onstrate2 the suita.ility of this a11roach for other .ranches also) ?e e01lore the 1ossi.ility of e0ten2ing the sco1e the e3i2ence-.ase2 a11roach for software engineering an2 i2entify the 1otential 2ifficulties associate2 with the a11roach) ?e 2iscuss the E(SE a11roach for con3entional software engineering an2 illustrate it for 1rogra- 2e3elo1-ent an2 co2ing 1hase through a case of +y.er forensic illustration) ?e e0ten2 the E(SE a11roach for IT Ena.le2 Ser3ice *ITES, Sector an2 .ring out new a3enues for a11lication of E(SE % +;APTER 2 +;APTER 2 SO7T?ARE EN@INEERIN@ Software has .eco-e critical to a23ance-ent in al-ost all areas of hu-an en2ea3our) Software engineering has the o.jecti3e of sol3ing these 1ro.le-s .y 1ro2ucing goo2 6uality -aintaina.le software on ti-e within .u2get) Software engineering is 2efine2 as the esta.lish-ent an2 use of well-esta.lishe2 an2 1ro3en engineering 1rinci1les in or2er to o.tain econo-ically 2e3elo1e2 software that is relia.le an2 wor5s efficiently on real -achines) AB)B AggarwalC ?e use the wor2 real -achines here intentionally since non-IT 1rofessionals 3iew the software in its intangi.le for-) The goal of software engineering is to 1ro3i2e -o2els an2 1rocesses that lea2 to the 1ro2uction of well 2ocu-ente2 software) A software cycle -o2el is a 1articular a.straction that re1resents a software life cycle) The -ost fa-iliar -o2el is a waterfall -o2el, which has the following stagesD !) Re6uire-ents 2) esign 4) I-1le-entation E <nit testing) %) Integration E Syste- testing $) O1eration E -aintenance The har2est 1art of .uil2ing a software syste- is to 2eci2e 1recisely its re6uire-ents) Re6uire-ents are gathere2 in the initial 1hase of software life cycle calle2 as re6uire-ent engineering) The re6uire-ent elicitation a2o1ts <se-case 2iagra- an2 ata flow 2iagra-s, in its 3arious for-s) ;owe3er in this 1roject, the I-1le-entation ste1 is use2, in the illustration of the +y.er 7orensic Mo2ule) $ 7ig)!D Software life cycle 9 2)! /i-itations of e0isting software engineering 1ractices The -ost significant ste1 in the software life cycle is the ocu-entation) Re6uire-ents, after .eing collecte2 are 2ocu-ente2 in for- of a SRS *Software Re6uire-ent S1ecification,) The 2esigning 1hase of the life cycle -o2el also has a S *Software esign ocu-ent,, which translates re6uire-ents into a 2escri1tion of the software structure) (ut these software 1ractices are irrele3ant for the ITES sector, as they 2o not ha3e to 2eal 2irectly with the syste- or software 2e3elo1-ent) An ITES organiFation 1ro3i2es ser3ices to the 1eo1le, an2 the 2ocu-entation of any software, is insignificant to their wor5) ;owe3er, large a-ount of 1u.lic -oney ha3e .een waste2 an2 cor1orate house are charge2 for it on IT Assets) The 2irect a2a1tation of the conte-1orary software engineering 1rinci1les an2 1ractices to the ITES sector are causing 2elays, an2 2issatisfaction a-ongst the 1rofessional co--unity G .oth solution 1ro3i2er an2 solution user) In -ost cases, software is .uilt with technologies for which we ha3e insufficient e3i2ence to confir- their suita.ility, li-its, 6ualities, costs an2 3arious ris5s) & 2)2 Nee2 for alternati3e a11roaches in Software Engineering in for- of E(SE ?e therefore suggest an alternate strategy of a2o1ting an e3i2ence-.ase2 techni6ue, which -ight .e .eneficial to the software 1ractitioners an2 their clients) Such a strategy can i-1ro3e the 2e1en2a.ility of software in3ol3ing the a2o1tion of .etter software 2e3elo1-ent 1roce2ures) This new a11roach, E(SE ena.les software 1ractitioners to i2entify, e3aluate an2 a11ly 3ali2 research results in -a5ing 2ecisions relate2 to the 3arious software 1ractices) It is 1ossi.le that E(SE can 1ro3i2e the -echanis-s nee2e2 to assist 1ractitioners to a2o1t fa3oura.le technologies) Initially it is worthwhile consi2ering why e3i2ence woul2 .e .eneficial to software 2e3elo1ers, users an2 other sta5ehol2ers e)g) 1u.lic 1urchasing .o2ies, certification .o2ies an2 the general 1u.lic) E(SE is 1otentially i-1ortant .ecause of the central 1lace software intensi3e syste-s are starting to ta5e in e3ery2ay life) 7or e0a-1leD +urrent 1lans for a23ance2 life-critical syste-s such as 2ri3e-.y-wire a11lications for cars an2 weara.le -e2ical 2e3ices ha3e the 1otential for i--ense econo-ic an2 social .enefit .ut can also 1ose a -ajor threat to in2ustry, to society, an2 to in2i3i2uals) If syste-s are relia.le, usa.le an2 useful, the 6uality of life of in2i3i2ual citiFens will .e enhance2) ;owe3er, there are far too -any e0a-1les of syste-s that ha3e not only waste2 large a-ounts of 1u.lic -oney .ut ha3e also cause2 har- to in2i3i2ual citiFens (e.g. the automated command and control system for the London Ambulance Service). In2i3i2ual citiFens ha3e a right to e01ect their go3ern-ents to 1ro1erly a2-inister ta0 re3enues use2 to co--ission new software syste-s an2 1ut in 1lace controls to -ini-iFe the ris5 of such syste-s causing har-) There are -any strategies to i-1ro3e the 2e1en2a.ility of software in3ol3ing the a2o1tion of H.etterI software 2e3elo1-ent 1roce2ures an2 1ractices) At a high le3el, the +a1a.ility Maturity Mo2el an2 SPI+E suggest 1roce2ures for i-1ro3ing the software 1ro2uction 1rocess) In a22ition, the 1rofessional .o2ies are esta.lishing 1roce2ures for certification of in2i3i2ual software engineers) ;owe3er, the high le3el 1rocess an2 the in2i3i2ual engineers are constraine2 .y the s1ecific technologies *-etho2s, tools an2 1roce2ures, they use) In -ost cases software is .uilt with technologies for which we ha3e insufficient e3i2ence to confir- their suita.ility, li-its, 6ualities, costs, an2 inherent ris5s) Thus, it is 2ifficult to .e sure that changing software 1ractices will necessarily .e a change for the .etter) It is 1ossi.le that E(SE can 1ro3i2e the -echanis-s nee2e2 to assist 1ractitioners to a2o1t a11ro1riate technologies an2 to a3oi2 ina11ro1riate technologies) # +;APTER 4 +;APTER 4 +<RRENT S+ENARIO ?e are 1ro2ucing software syste-s that are -uch -ore co-1le0 an2 so1histicate2 than those of yesteryear) Our 1rogress, .oth in ter-s of functionality an2 1ro2ucti3ity, is i-1ressi3e) On the other han2D Our 1rogress in ter-s of 1roject success is not i-1ressi3e) I-agine that the software in2ustry has a -eter that -onitors 1roject successes an2 failures -- a 2ial gauge with a nee2le 1ointing along a nu-erical scale) O3er the 1ast se3eral 2eca2es, the nee2le recor2s a slowly a23ancing success rateJ itKs -o3ing in a 1ositi3e 2irection, .ut the 1ace is glacial) Table 1: Software project success rates reported by Standish Group
Date Su''e22 Rate 7irst +;AOS re1ort !::% !9L ME0tre-e +;AOSM 2""! 2#L Most recent +;AOS 2""4 4!L The conclusion is that we are -a5ing 1rogress on the success-rate front, .ut slowly) The i-1ro3e-ent is a.out !)& 1ercentage 1oints a year an2 a11ears to .e linear .ase2 on this s-all sa-1le of 2ata) If the current i-1ro3e-ent rate continues, we shoul2 achie3e a $" 1ercent success rate in the year 2"!%) Software is the engine of our econo-y, at the root of al-ost e3erything we 2o) Our success rate has .een cree1ing u1 in recent years, .ut one thing is sureD there has .een NO .rea5through) <nless you consi2er al-ost M2ou.lingM the success rate in nine years a .rea5throughJ I woul2 clai- that this effect is the result of a 3ery low .aseline for co-1arison) ?e -ay still .e in the .usiness of har3esting low-hanging fruit) : 4)! Pro2ucti3ity 3s) success rate (esi2es the success-rate -etric, we also nee2 to consi2er 1ro2ucti3ity) Is our software .eco-ing -ore or less e01ensi3e to 2e3elo1N This is a 2ifficult 6uestion, .ecause the a11lications that we 2e3elo1 continue to .eco-e -ore an2 -ore rich an2 so1histicate2 in their sco1e an2 functionality) The software 1rojects we now un2erta5e are -uch -ore co-1le0 than software 1rojects were ten or twenty years ago) There is no 2ou.t that we e01ect -ore fro- software to2ay than e3er .efore) In a sense, we ha3e a Mchic5en an2 eggM 1ro.le- here) Are we 2oing -ore 2aunting things to2ay .ecause we canN That is, are we atte-1ting -ore a-.itious 1rojects .ecause we ha3e .etter -etho2ologies an2 tools that ena.le their conce1tion an2 e0ecutionN Or ha3e the -etho2ologies an2 tools just 5e1t 1ace with the increasing challenges an2 2egree of 2ifficulty 2e-an2e2 .y the e0ternal worl2N 7ran5ly, I 2onKt thin5 there is a clear an2 una-.iguous answer to this 6uestion) ?hat we can say is that when 1rojects are successful, we ha3e 1ro2ucti3ity le3els that are -uch higher than heretofore) The -ountains we are cli-.ing are higher, an2 we are cli-.ing the- with 1ro1ortionately fewer resources than in the 1ast) That is the .right si2e of software 2e3elo1-entD .etter syste-s an2 higher 1ro2ucti3ity) The 2ar5 si2e of the e6uation is 1roject success rates) ?hy 2oes the nee2le on success rates -o3e so slowlyN It is al-ost as though all the a23ances in -etho2ologies an2 tools ha3e hel1e2 us .uil2 -ore a-.itious syste-s, yet there is so-e other factor that is 5ee1ing us fro- .eing successful -ore of the ti-e) Perha1s there is so-ething in the a11roach of the 1ast se3eral 2eca2es that is -issing the 1oint) !" +;APTER % +;APTER % @OA/ O7 E(SE The goal of e3i2ence-.ase2 software engineering *E(SE, is to to 1ro3i2e the -eans .y which current .est e3i2ence fro- research can .e integrate2 with 1ractical e01erience an2 hu-an 3alues in the 2ecision -a5ing 1rocess regar2ing the 2e3elo1-ent an2 -aintenance of software) Thus E(SE woul2 1ro3i2eD O A co--on goal for in2i3i2ual researchers an2 research grou1s to ensure that their research is 2irecte2 to the re6uire-ents of in2ustry an2 other sta5ehol2er grou1s) O A -eans .y which in2ustry 1ractitioners can -a5e rational 2ecisions a.out technology a2o1tion) O A -eans to i-1ro3e the 2e1en2a.ility of software intensi3e syste-s, as a result of .etter choice of 2e3elo1-ent technologies) O A -eans to increase the acce1ta.ility of software intensi3e syste-s that interface with in2i3i2ual citiFens) O An in1ut to certification 1rocesses) !! +;APTER $ +;APTER $ MET;O/O@P O7 E(SE E(SE in3ol3es fi3e ste1sD !) +on3ert a rele3ant 1ro.le- or infor-ation nee2 into an answera.le 6uestion) 2) Search the literature for the .est a3aila.le e3i2ence to answer the 6uestion) 4) +ritically a11raise the e3i2ence for its 3ali2ity, i-1act, an2 a11lica.ility) %) Integrate the a11raise2 e3i2ence with 1ractical e01erience an2 the custo-er=s 3alues an2 circu-stances to -a5e 2ecisions a.out 1ractice) $) E3aluate 1erfor-ance an2 see5 ways to i-1ro3e it) E(SE 1ro3i2es -echanis-s to su11ort 3arious 1arts of S'w PRO+ESS IMPRO8EMENT !2 $)! STEP-I As5 an answera.le 6uestion) E(SE 2oesn=t 1ro1ose a s1ecific -etho2 to i2entify an2 1rioritiFe 1ro.le-s) If you are using SPI you shoul2 -onitoring your 1roject an2 so .e in a 1osition to i2entify 1rojects an2 1ro2ucts 1ro.le-s) Otherwise 1ro.le- i2entification relies on the e01ertise of in2i3i2ual staff -e-.ers) Another for- of hel1 is the goal 6uestion -etric -etho2 in which you 2eri3e 6uestion fro- s1ecific goals) Once you ha3e i2entifie2 the 1ro.le-, you nee2 to s1ecify an answera.le 6uestion) The well-for-ulate2 6uestions usually ha3e three co-1onents) !) The -ain inter3ention or action you are intereste2 in) 2) The conte0t or s1ecific situation of interest) 4) The -ain outco-es or effects of interest) In the SE conte0t factors to consi2er which 6uestion to .e answere2 first inclu2esD - O ?hich 6uestion is -ost i-1ortant to your custo-erN O ?hich 6uestion is -ost rele3ant to your situationN O ?hich 6uestion is -ost li5ely to reoccur in your 1racticeN O ?hich 6uestion is 1ossi.le to .e answere2 in a3aila.le ti-eN The -ain challenge in this ste1 is, in other wor2s, to con3ert a 1ractical 1ro.le- into a 6uestion that=s s1ecific enough to .e answere2 .ut not so s1ecific that you 2on=t get any answers) !4 $)2 STEP-II 7in2 the .est e3i2ence 7in2ing an answer to your 6uestion inclu2es selecting an a11ro1riate infor-ation resource an2 e0ecuting a search strategy) ;owe3er, you nee2 to se1arate the 6uestion you want to answer, the 6uestion i-1le-ente2 in the search 5eywor2s, an2 the 6uestions answere2 in the stu2ies foun2) There are se3eral infor-ation sources you can use) Pou can, for e0a-1le, get 3iew1oints fro- your custo-ers or the S'w users) As5 an e01ert or use research-.ase2 e3i2ence, which is our -ain focus) Pou can for e0a-1le get 3iew1oints of your custo-ers or the software usersJ use your own e01erience an2 search for research-.ase2 e3i2ence, which is our -ain focus) The -ain source of the e3i2ence is the scientific journals) A22itional sources inclu2e .oo5s, .i.liogra1hical 2ata.ases, an2 the Internet) 7or -ost 1ractitioners rea2ing i-1ortant -agaFines such as +o--unication of A+M, +o-1uter, IEEE, S'w an2 IT Professional is enough to get an o3er3iew of the latest S'w 2e3elo1-ents) Bee1ing u1 to 2ate is -uch easier when you can use sources that co-.ine results fro- in2e1en2ent e-1irical stu2ies of a 1articular 1heno-enon) Syste-atic re3iews ha3e clearly 2efine2 inclusion criteria an2 stan2ar2iFe2 in2icators of in2i3i2ual an2 co-.ine2 effect siFes) Such re3iews su--ariFe the a3aila.le e3i2ence regar2ing s1ecific 1heno-ena, showing where the stu2ies corres1on2 or contra2ict an2 unco3ering ga1s in your 5nowle2ge) ;owe3er, A+M co-1uting ser3ice is the only SE journal 2e2icate2 to syste-atic re3iews) So, we nee2 to search for such re3iews in journal as well) !% $)4 STEP-III +ritically a11raise the e3i2ence <nfortunately, 1u.lishe2 research is not always of goo2 6uality, the 1ro.le- un2er stu2y -ight .e unrelate2 to 1ractice or the research -etho2 -ight ha3e wea5nesses such that you cannot trust the results) To access whether research is a goo2 6uality an2 is a11lica.le to 1ractice you -ust .e a.le to critically a11raise the e3i2ence) In e3i2ence-.ase2 -e2icine, the -ost con3incing for- of e3i2ence is a syste-atic re3iew of a series of 2ou.le .lin2 ran2o-iFe2 fiel2 trials) SE 2oes not yet ha3e -any well-con2ucte2 re1lications of rigorous e01eri-ents, so our e-1irical stu2ies are -uch less relia.le scientifically) ?hen you ha3e e3i2ence fro- 2ifferent ty1es of stu2ies, you nee2 so-e way to access each stu2ies 6uality) Australian National ;ealth an2 Me2ical Research +ouncil gui2elines 2iscusse2 the relati3e trustworthiness of 2ifferent ty1es of e-1irical stu2ies) +urrently e3i2ence relate2 to software engineering technologies that is a3aila.le isD 8 Fragmented and limited7 Many in2i3i2ual research grou1s un2erta5e 3alua.le e-1irical stu2ies) ;owe3er, .ecause the goal of such wor5 is either in2i3i2ual 1u.lications an2'or 1ost-gra2uate theses, there is so-eti-es little sense of o3erall 1ur1ose to such stu2ies) ?ithout ha3ing a research culture that strongly a23ocates syste-atic re3iews an2 re1lication, it is easy for researchers to un2erta5e research in their own areas of interest rather than contri.ute to a wi2er research agen2a) 8 Not properly integrated7 +urrently, there are no agree2 stan2ar2s for syste-atic re3iews) Thus, although -ost Ph stu2ents un2erta5e re3iews of the HState of the ArtI in their to1ic of interest, the 6uality of such re3iews is 3aria.le, an2 they 2o not as a rule lea2 to 1u.lishe2 1a1ers) There is little a11reciation of the 3alue of syste-atic re3iews, for e0a-1le, there is only one +o-1uting journal that solicits re3iews *ACM Surveys,) 7urther-ore, if we consi2er H-eta-analysisI, which is a -ore statistically rigorous for- of syste-atic re3iew, there ha3e .een few atte-1ts to a11ly -eta-analytic techni6ues to software engineering not least .ecause of the li-ite2 nu-.er of re1lications) In general there are few incenti3es to un2erta5e re1lication stu2ies in s1ite of their i-1ortance in ter-s of the scientific -etho2) 8 Without agreed standards7 There are no generally acce1te2 gui2elines or stan2ar2 1rotocols for con2ucting in2i3i2ual e01eri-ents) The recent 2is1ute .etween (erry an2 Tichy an2 So.el an2 +lar5son o3er the !$ con2uct of an e01eri-ent into for-al -etho2s -a5es it clear that e-1irical software engineering is .a2ly in nee2 of gui2elines an2 1rotocols) Bitchenha- et al) 1ro1ose2 so-e 1reli-inary gui2elines for for-al e01eri-ents an2 sur3eys) $)% STEP-I8 A11ly the e3i2ence To e-1loy the e3i2ence in a 2ecision--a5ing, we integrate it with 1ractical e01erience, custo-er re6uire-ents an2 5nowle2ge of the concrete situation=s s1ecific circu-stances an2 then a11ly it in 1ractice) Acti3e use of new 5nowle2ge consists of a11lying or a2a1ting s1ecific e3i2ence to a s1ecific situation in 1ractice) This contrasts with tra2itional, 1assi3e -o2e of trans-itting infor-ation through teachers, .oo5s, -anuals etc) Although such trans-ission can hel1 in arranging the con2itions re6uire2 for learning to occur, it cannot su.stitute for learning through 2irect e01erience) ?hat characteriFes a software 2e3elo1er using E(SE is that he or she -a5es in2i3i2ual ju2g-ent in a gi3en situation rather than si-1ly confir-ing to a11ro3e stan2ar2s an2 1roce2ures) The ease of a11lying e3i2ence 2e1en2s on the ty1e of technology *Metho2, Tool, Techni6ue, you are e3aluating) So-e technologies a11lie2 at the le3el of in2i3i2ual 2e3elo1er i)e) a 2e3elo1er can a2o1t e3i2ence relate2 to how .est to co--ent 1rogra-s) ;owe3er, e3i2ence relate2 to the a2o1tion of a co-1uter-ai2e2 s'w engineering tool or a s1ecific -athe-atically .ase2 for-al -etho2 re6uires su11ort fro- 1roject an2 senior -anagers) So it is at this 1oint that you nee2 to integrate E(SE with SPI) E(SE woul2 wor5 well in an organiFation that has a strong co--it-ent to 1rocess i-1ro3e-ent, e)g) .ase2 on the reco--en2ations in) ;owe3er, currently this 2oes not a11ear to .e ha11ening) Research results areD 8 Not in widespread use in industry7 Researchers often a22ress issues that are not 1ercei3e2 to .e of rele3ance to in2ustry or 1resent their results in a way that is 3irtually inco-1rehensi.le to 2ecision -a5ers in in2ustry) 8 Not of perceived value to sta!eholders7 +ertification .o2ies, 1u.lic 1urchasing .o2ies, an2 consu-er grou1s shoul2 all .e concerne2 a.out the 6uality of the techni6ues use2 to .uil2 software 1ro2ucts) It is li5ely that any trust such grou1s ha3e in the 6uality of software intensi3e 1ro2ucts woul2 .e su.stantially un2er-ine2 if they were aware that the choice of 2e3elo1-ent techni6ues is .ase2 on fashion an2 hy1e rather than scientific e3i2ence) !9 $)$ STEP-8 E3aluate 1erfor-ance In SPI the final ste1 is usually to confir- that the 1rocess change has wor5e2 as e01ecte2) In 1articular, you as5 yourself how well you are integrating e3i2ence with 1ractical e01erience custo-er re6uire-ents an2 your 5nowle2ge of s1ecific circu-stances) 7ollowing SPI 1ractice, we -ust also access whether 1rocess change has .een effecti3e) ;owe3er, en3iron-ental tur.ulence an2 ra1i2 changes in technology often lea2 to the nee2 to a2a1t an2 learn 2uring 1rojects) This in3ol3es high 2egree of creati3ity an2 i-1ro3isation, which suggests that we cannot wait until a 1roject=s en2 to 2raw out the lessons learne2) ?hen a 1roject or a -ajor 1art of it is co-1lete2, SPI 1rinci1les suggest that we -ust confir- that the e01ecte2 i-1ro3e-ent has ta5en 1lace) A si-1le way to 2o this is to arrange a 1ost -orte- analysis *PMA,) A PMA is si-ilar to an after action re3iew .ut is con2ucte2 in -ore 2e1th) A PMA results -ainly in .etter e3i2ence regar2ing the s1ecific 1rocess or technology) - E3i2ence that we -ight reuse as gui2elines for the future) After action re3iews, short -eetings ai-e2 at e3aluating 1erfor-ance in the -i22le of action are a si-1le way for in2i3i2uals an2 the tea-s to learn i--e2iately fro- .oth successes an2 failures) !& +;APTER 9 +;APTER 9 APP/I+ATIONS O7 E(SE IN EQISTIN@ SO7T?ARE EN@INEERIN@ /I7E +P+/E 9)!+ase of +y.er 7orensics The ra1i2 1roliferation of the Internet has resulte2 in increase in the +y.er-cri-es also, es1ecially in the conte0t of harass-ent of the networ5 user 1o1ulation) +y.er-cri-es -ay .e 2efine2 as those cri-es in3ol3ing co-1uters as tools for co--itting cri-es or co-1uters as the targets of cri-es) +o--unity centers, Internet 5ios5s, cy.er cafes 1ro3i2ing Internet access 1oints in large cities, townshi1s an2 -etros are o.ject of attac5 fro- antisocial ele-ents) So-e of the co--on anti-social acti3ities here inclu2e s1a--ing of -ails, hac5ing, sales an2 in3est-ent frau2s) Si-ilar to con3entional cri-es an2 its forensic analysis, the cri-es an2 its in3estigation an2 analysis in the cy.er worl2 for-s a 1art of the +y.er 7orensics) !# 9)!)! Pro1ose2 Syste- A han2-hel2, 1orta.le ga2gets with the ca1a.ility of 2ownloa2ing a few 5ilo.ytes of security 2ata fro- an Internet Ser3ice Pro3i2er=s we. ser3er for effecti3e -onitoring in real-ti-e -o2e to hel1 1olice 1atrol to classify 1atrolling o1erations in ris5y an2 safe classes) These han2hel2 2e3ices, which were 1ro1ose2, ta5e 2ata fro- the we. .rowsers at cy.er cafes in 3arious locations) Monitoring the 3arious e3i2ences recei3e2 .y the we. .rowsers, filtere2 2ata is sent to the 1olice 1atrol) 7or e0a-1le we ha3e 3arious e3i2ences of the age of a 1erson, we. .rowsers use2, location of the user, we.site accesse2 etc) ata or infor-ation a.out thousan2s of 1eo1le are collecte2 an2 store2 at the 2ata.ase at the .ac5en2) An Infor-ation syste- is -a2e out of the 2ata .ase, an2 on the .asis of e3i2ence, a 2ecision is -a2e as to which user coul2 .e a 1otential cy.er-cri-inal ' cy.er-attac5 3icti-) (efore 1rocee2ing any further, we nee2 to 2escri.e, as to what are Infor-ation Syste-s) 7ig 2) Pro1ose2 Infor-ation Syste- The 1roject is actually a -onitoring syste-, which -a5es references to the 2ata.ase of the users an2 their 3arious attri.utes) The relationshi1 .etween these attri.utes 2eci2es, whether a user is a cy.er-cri-inal or not) The e3i2ence collection algorith- gi3en .elow will hel1 in -a5ing the conte0t clearer) !: 9)!)2 eri3e2 Algorith- 2" 7ig 4) Algorith- In an e01lanation to the a.o3e algorith-, first we first choose a single 1ara-eter *i)e) age,) Then we fin2 the result, which is the infor-ation gain in this case) The infor-ation gain o.taine2, is sai2 to .e 3ali2, within a certain range of 3alues) If the Infor-ation gain is not a2e6uate, then we collect further e3i2ences of the sus1ecte2 users to fin2 out whether they are 1otential ele-ents to a11en2 to the sus1icious set of the -o2ule If the Infor-ation gain is within a certain 2efine2 li-its, then we -onitor another set of 1ara-eters) ;ence, this a11lication hel1s in -onitoring the syste- an2 hel1s in 2eci2ing which Infor-ation is to .e, sent to the han2hel2 2e3ice) "hus the #$S# techni%ues of &nformation gain and 'ough Set "heory applied here increases the success rate.
2! 9)2 A11lication of E(SE in ITES an2 E-Ser3ice sectors The Infor-ation technology Ena.le2, ser3ices *ITES,, is a for- of outsource2 ser3ice, which has e3ol3e2, 2ue to the in3ol3e-ent of IT in 3arious fiel2s, such as .an5ing an2 finance, teleco--unications, insurance etc) 7ir-s, usually fro- 2e3elo1e2 countries, outsource such ser3ices to countries li5e In2ia, +hina, in or2er to gain fro- large talent 1ool at low cost) @oing ahea2 we -ay see -ore co-1anies outsourcing such ser3ices an2 hence high co-1etition is e01ecte2 within countries an2 co-1anies 1ro3i2ing IT-ena.le2 ser3ices) ?hile entering into such outsourcing contracts, the effecti3e role 1laye2 .y trustworthiness of the organiFation, which will .e e0ecuting the 1roject, inlays a significant role) This is analogous to +re2it history a2o1te2 .y .an5s for sanctioning loans) Since we. has .eco-e a 2o-inant uni3ersal -e2iu- of interaction for .usinesses, in2i3i2uals an2 the society, the sco1e an2 co-1le0ity of ?e. a11lications ha3e grown significantly fro- infor-ation 2isse-ination to online transactions, enter1rise-wi2e 1lanning sche2uling syste-s, colla.orati3e wor5 en3iron-ents an2 1ersonaliFe2 we. sites) ITES inclu2es we.-.ase2 a11lications .ase2 on functionality, li5e in the transactional an2 in the interacti3e wor5 en3iron-ents) This 1ri-arily in3ol3es online or2ering of goo2s an2 ser3ices, online .an5ing, status -onitoring an2 su11ly chain -anage-ent) As it has .een .rought out in the 1re3ious sections, there is a strong nee2 to assess the figure of -erit fro- the security 1oint of 3iew for any city-.ase2 infrastructure in an outsourcing'outsource2 nation where the 1roject is .eing e0ecute2) The infrastructure 2oes not -erely refer to the 1hysical har2ware'software setu1) There is a certain trustworthiness le3el of any 1articular ser3ice unit *ITES, an2 how far the ser3ice unit has succee2e2 in achie3ing an2 -aintaining its targets) The assess-ent of 1ara-eters, which 1lay a significant role in 2eter-ining +y.er trustworthiness of any ser3ice unit, re6uire e3i2ence collection) These 1ara-eters areD (i) (yber (rime &nde) (((&) This is the -easure of the 3arious +y.er +ri-es that occur at a 1articular ser3ice unit in a city where the outsourcing infrastructure has .een installe2 an2 in3ol3es inter-nation illegal atte-1ts that ha3e ta5en 1lace in the ti-e 1erio2 of o.ser3ation) This +y.er +ri-e In2e0 can .e 2eter-ine2 .y certain actions 1erfor-e2 .y the user) ?e suggest a22ing a ser3ice 1atch with the o1erating syste- that tells the occurrences of cy.er-cri-es) 7or instance, if a user is using >co1y >co--an2, then it shoul2 .e foun2 as to what co--an2s has he'she use2 .efore an2 after the >co1y=co--an2) If the user uses >cut= co--an2 .efore >co1y= an2 >1aste= co--an2 after the >co1y= co--an2 continuously, for a large nu-.er of 1rocesses, then it -ight create a sus1icion, that so-ething wrong is .eing 2one) A nu-.er of e3i2ences are further calculate2 to 2etect the cy.er cri-inal) ;ence we reco--en2 a har2ware *o1erating syste-, 1atch to .e 2esigne2, on the .asis of e3i2ence collection, as 2escri.e2 a.o3e) 22 (ii) (ustomer satisfaction rate It 2eter-ines the 1ercentage-.ase2 3alue of the nu-.er of the satisfie2 custo-ers 1er unit ti-e) The +SR 3alue 2eter-ines the relia.ility an2 the ser3icea.ility of the infrastructure unit) ?ee5ly 1roject 1rogress of the target as 1er the PERT chart ser3es an i-1ortant 1ara-eter) There are a nu-.er of online ser3ices a3aila.le to 2eter-ine the custo-er satisfaction rate in any location) 8arious sur3eys are con2ucte2 to re3eal the critical facts clients nee2 to 5now a.out their custo-ers, the le3el of satisfaction of the custo-ers) ?e also ha3e an E-ail Message Manage-ent Syste- *EMMS,, which effecti3ely -anages online sur3ey e-ail -essages to -eet the uni6ue -essaging re6uire-ents of large-scale co-1le0 sur3ey 1rogra-s) PersonaliFe2 -essages that enhance relationshi1 an2 2ialog colla.oration can .e 2eli3ere2 to the 1eo1le who -atter -ost to the success of any organiFation) It is 1ossi.le to sen2 -essages whene3er we nee2 the-, e3en sche2ule the- on the .asis of the rules we set) So-e ITES organiFations also ha3e an Online Re1ort +enter *OR+,, which 1ro3i2e a ti-ely an2 relia.le way to access an2 2isse-inate sur3ey results) This OR+ technology 1ro3i2es a 1ainless way to organiFe your sur3ey results into re1orts that s1ecifies the .usiness 1riorities in a -eaningful, easy-to-rea2 style) It gi3es the 1ower to 6uic5ly res1on2 to .usiness o11ortunities an2 challenges in ti-e) The OR+ facilities can .e use2 with intuiti3e re1ort .uil2ing interfaces to e0tensi3ely a sur3ey results) (asic an2 a23ance2 re1orts can .e .uilt for .oth 1erio2ic sur3eys an2 continuous sur3eys) This -etho2ology is .ase2 on the lines of TIO(E 1rogra--ing in2e0, which is u12ate2 e3ery -onth) This TIO(E in2e0 -aintains the list of 1rogra--ing languages as 1er their suita.ility an2 their ratings) (y a11lying a search engine 6uery, a lot of hit counts are collecte2) The search 6uery is e0ecute2 for regular @oogle, PahooR An2 MSN we. search) 24 +;APTER & +;APTER & E(SE IN A+AEMI+S AN E<+ATIONA/ INSTIT<TIONS Researchers ha3e o.taine2 encouraging results fro- teaching E(SE 1rinci1les to uni3ersity stu2ents) 7or the last three years E(SE has .een taught to uni3ersity stu2ents at ;EMARB <NI8ERSITP +O//E@E, RENA, NOR?AP) The -oti3ation for E(SE course is that, it is essential for the stu2ents as future 1ractitioners, to learn how to .ase i-1ortant software engineering 2ecisions on the critical e3aluation of the .est a3aila.le e3i2ence) &)! Moti3ation of teaching E(SE to uni3ersity stu2ents The -ain -oti3ation for the E(SE course is to 1ro3i2e the future software 1rofessionals with the 5nowle2ge, e01erience, attitu2e an2 s5ill to ena.le the- to -a5e .etter 2ecisions) The 3arious reasons for teaching the E(SE courses to uni3ersity stu2ents areJ - O The software in2ustry will .enefit fro- -o3ing in the right 2irection of e3i2ence-.ase2 software engineering O Software engineering stu2ents, in general, ha3e insufficient 5nowle2ge an2 1ractice regar2ing the e3aluation of argu-ents) In their 1rofessional li3es, they are fre6uently re6uire2 to ar.itrate .etween conflicting conclusions of 2ifferent lines of argu-ent) An E(SE course -ay su11ort the critical an2 syste-atic e3aluation of argu-ents) O Stu2ents nee2 to learn to collect infor-ation fro- all ty1es of sources, e)g) fro- li.rary 2ata.ases, te0t.oo5s, the Internet an2 other 1eo1le=s e01eriences, an2 to assess critically, the rele3ance an2 3ali2ity of this infor-ation) 7or e0a-1le, the stu2ents we ha3e taught E(SE ha2 ne3er ha2 any teaching in how to e0a-ine scientific stu2ies critically or how to syste-atically e3aluate the argu-ents 1resente2 in course te0t.oo5s an2 co-1uter -agaFines) O <ni3ersities shoul2 ha3e a stronger focus on how to ac6uire new 5nowle2ge an2 s5ill) 2% S5ill in the for-ulation of -eaningful 6uestions, the i2entification of rele3ant infor-ation an2 critical assess-ent of stu2ies are of a long lasting 3alue) O The software in2ustry is full of hy1e) ;y1es are s-all changes of ol2 -etho2 hea3ily -ar5ete2 as -etho2s that will re3olutioniFe the 1ro2ucti3ity of the software in2ustry) Teaching E(SE to uni3ersity stu2ents -ay .e an i-1ortant -eans to software engineering to .eco-e a -ore -ature 2isci1line with -ore resistant towar2s hy1e) In 1articular, we .elie3e that E(SE -ay lea2 to -ore critical assess-ent of 2e3elo1-ent -etho2s an2 -ar5eting 1loys) It is not easy to stu2y the 2egree to which these assu-1tions are true an2 the 2egree to which E(SE will ha3e a 1ositi3e i-1act on the software 1ractice) It is, for e0a-1le, not o.3ious what to co-1are E(SE 1ractice without of all the other 2ecision--a5ing 1ractices) In so-e colleges, the course is -a2e -an2atory for stu2ent following the syste-s 2e3elo1-ent 1rogra-) Many of the stu2ents who ha3e un2erta5en the E(SE course ha3e starte2 wor5ing as software 1rofessionals) The E(SE course has .een organiFe2 an2 taught in 3arious uni3ersities in 2ifferent -o2ules) The course structure has two intensi3e teaching -o2ules an2 a su1er3ise2 1roject tas5) This course is .asically an !!-wee5 course) In the first wee5, the teaching -o2ule starts an2 stu2ents are e01ecte2 to 2o a su1er3ise2 in2i3i2ual 1roject wor5, which -ight e0ten2 to % wee5s) Another teaching -o2ule starts in the $ th wee5 followe2 .y su1er3ise2 in2i3i2ual 1roject wor5 an2 2eli3ery of the co-1lete 1roject re1ort) The Project 2eli3ery *E(SE 1ractice wor5, is e3aluate2 as H1asse2I or H not 1asse2I) In or2er to 1ass, a 1roject -ust fulfil the following criteriaD O An answera.le software engineering 6uestion'1ro.le- -ust .e for-ulate2 1ro1erly) This re6uires that ter-inology .e e01laine2 an2 that the 1ro.le- .e s1ecifie2 1recisely) The 6uestion shoul2 .e rele3ant for software 1rofessionals) An e0a-1le of a 1ro1er 1ro.le- foun2ation is the followingI ?hat is the effect of Q, for organiFation'2e3elo1ers of ty1e P, in situations of ty1e SNI O An e0tensi3e search for rele3ant results an2 1ractice-relate2 e01erience -ust .e con2ucte2) In 1ractise, we ha3e re6uire2 thatD a, A3aila.le uni3ersity li.rary search facilities are use2 with a11ro1riate search ter-inologies) ., At least one e01ert on the to1ic is contacte2 for infor-ation) c, At least two co-1anies for rele3ant 1ractice are contacte2) O The rele3ance an2 3ali2ity of the results, o1inions, 3iew1oints recei3e2 fro- the 2ifferent sources -ust .e e3aluate2 1ro1erly) 2$ O A cogent argu-ent -ust .e constructe2 that -arshals the a3aila.le e3i2ence to su11ort a conclusion) +;APTER # +;APTER # IMP/I+ATIONS 7OR E(SE It is clear that a full-scale i-1le-entation of E(SE is an e0tre-ely a-.itious goal) It cannot .e achie3e2 without e0tensi3e colla.oration an2 long-ter- co--it-ent a-ong in2i3i2ual research grou1s worl2wi2e, an2 acti3e su11ort fro- other sta5ehol2ers such as 1ractitioners in in2ustry, certification .o2ies etc) 7urther-ore it cannot .e achie3e2 without initial financial su11ort fro- research fun2ing agencies to ena.le the .asic technological an2 -etho2ological infrastructure to .e esta.lishe2) It is clear that in2i3i2ual 1ractitioners an2 researchers can use so-e of the i2eas of E(SE without e0tensi3e technical su11ort) 29 +;APTER : +;APTER : +ON+/<SION E(SE is the .est -etho2 in the fiel2 of s'w engineering with certain 2raw.ac5s an2 hin2rances, .ut it surely has 1ro-ising 1ros1ects) Researchers nee2 to 1erfor- an2 re1ort re1lication stu2ies in or2er to accu-ulate relia.le e3i2ence a.out SE to1ics) So, although rigor is necessary con2ition for rele3ant SE research, it isn=t sufficient) SE shoul2 not solely rely on la.oratory e01eri-ents an2 shoul2 atte-1t to gather e3i2ence fro- in2ustrial e01eri-ents, using o.ser3ation stu2ies, sur3eys an2 fiel2 e01eri-ents) It is clear that the full scale i-1le-entation of E(SE is an e0tre-ely a-.itious goal, which cannot .e achie3e2 without e0tensi3e colla.oration an2 long-ter- co--it-ent a-ong research grou1s an2 other acti3e sta5ehol2ers such as 1ractitioners in the in2ustry, certification .o2ies etc) ;owe3er, continuing e3olution in the SE 5nowle2ge will hel1 software organiFations to a2o1t goo2 1ractice -ore 6uic5ly with fewer ris5s, i-1ro3e the 6uality of 1ro2ucts, an2 hence re2uce the ris5s of 1roject failures) 2& APPENIQ A APPENIQ A
Plan and Prepare Your Environment For Filenet P8 For Installation On Microsoft Windows With Ibm Db2, Ibm Websphere Application Server, and Ibm Tivoli Directory Server