Академический Документы
Профессиональный Документы
Культура Документы
www.elsevier.com/locate/jss
Abstract
The work described in this paper is an investigation of the COTS-based software development within a particular NASA en-
vironment, with an emphasis on the processes used. Fifteen projects using a COTS-based approach were studied and their actual
process was documented. This process is evaluated to identify essential dierences in comparison to traditional software develop-
ment. The main dierences, and the activities for which projects require more guidance, are requirements denition and COTS
selection, high level design, integration and testing. Starting from these empirical observations, a new process and set of guidelines
for COTS-based development are developed and briey presented. 2002 Elsevier Science Inc. All rights reserved.
Keywords: Commercial o-the-shelf; COTS; Component-based; Empirical study; Software development process
0164-1212/02/$ - see front matter 2002 Elsevier Science Inc. All rights reserved.
PII: S 0 1 6 4 - 1 2 1 2 ( 0 1 ) 0 0 1 4 7 - 9
190 M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199
delivered with the system to provide operational func- in order to understand the challenges associated with
tionality or to sustain maintenance eorts. For the this type of development and to gather best practices
purposes of this paper, COTS-based is the term used to used on COTS projects. Using a solid understanding of
indicate component- or package-based development- the FDD project domain, history and environment, the
rapid conguration of software systems based on COTS SEL synthesized this information into a suggested pro-
packages, Government o-the-shelf (GOTS) packages, cess to be used to produce COTS-based systems in the
and some custom-built reusable packages. The term FDD. This initial process was then reviewed for feasi-
COTS project refers to a project that integrates COTS bility by key FDD software engineers who have had
packages and other software to develop a system. This is some experience with COTS. The resulting proposed
not to be confused with the development of COTS process (Parra et al., 1997) is shown in Fig. 1. The
packages that occurs at the vendor organization. process is sequential, with the high level phases: Re-
Section 2 describes the environment of the projects quirements, Design, and Coding. The square-cornered
we analyzed and the motivations for this study, Section boxes in the picture highlight COTS-related activities
3 describes the methodological approach we used in the performed in a phase. COTS identication belongs to
study, Section 4 presents the results of interviews, spe- the requirements phase, along with interaction with the
cically the COTS used and the COTS-based process in vendor. COTS selection belongs to the design phase,
use, and Section 5 presents a newly suggested COTS COTS integration and testing to the coding phase.
process. In parallel with the proposed process denition, sev-
eral COTS projects started at FDD. The SEL tried to
gain a greater understanding of these projects by look-
2. Background ing at their eort data. It soon became clear, however,
that these data was inadequate to tell the entire story of
The Software Engineering Laboratory (SEL), a joint what was occurring on COTS projects. One shortcoming
academic/industry/government institution known for of the data collection at that time was that the tradi-
empirical study of software development practice, pro- tional activities listed on the data collection form were
vides local guidance to NASA/Goddard Space Flight too general to elicit useful data specic to COTS-
Center (GSFC) projects, based on empirical ndings, as based development activities. One indication of this was
well as serving as a model for process improvement for the disproportionately large amount of eort listed as
the global software development community. Other on COTS projects. Further, these data were not
The Flight Dynamics Division (FDD) at NASA/ sucient to identify and understand the new issues
GSFC, which until recently has been responsible for the arising from the use of COTS packages in FDD pro-
development of large amounts of ground support soft- jects. As a consequence, it was decided to study these
ware for NASA satellites, has been studied by the SEL projects at a much deeper level, using new research tools
for more than two decades. In the 1980s and 1990s, the to gather and interpret qualitative, and not only quan-
FDD achieved eective software reuse levels as high as titative, data.
90%. This trend has gradually evolved into COTS-based The reader will not be surprised to know that the
software development. Realizing that COTS-based actual COTS process used by the projects observed was
development represents a signicant shift in the way radically dierent from the suggested process. This
the FDD does business, the SEL decided to update paper is dedicated to describing the actual COTS pro-
its guidelines on recommended practice and processes cess used, issues raised by project members, and a new
(NASA/SEL, 1992). Unlike previous SEL activities, this process dened to address and resolve these issues.
eort was in response to something that was already
happening in the development community in the FDD.
Projects began using COTS components in their sys-
tems, in part due to pressure from NASA management,
without guidance from the SEL. Thus, the SEL was
reacting to this new technology rather than proactively
studying it and monitoring its introduction into the
organization.
According to the Quality Improvement Paradigm
(Basili et al., 1994), the study is an iteration of under-
standing, experimenting and packaging phases. During
the last few months of 1995, the SEL designed an initial
COTS-based process. Because the FDD had limited
experience developing COTS-based systems at that time,
the SEL looked at experiences of outside organizations Fig. 1. The proposed COTS process.
M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199 191
Table 1
A sample of COTS used by projects
COTS name Domain/functionalities
STK Satellite Tool Kit Orbit determination and mission planning
Labview Data acquisition, analysis and visualization
Autocon Orbit determination
Altair Mission Control System Mission Control
Probe Data analysis
GensAs (GOTS) Spacecraft monitoring, commanding, fault detection and isolation
GTDS (GOTS) Orbit determination
Builder Xcessory, X-Software, Shared-X, Visual Optimization package, GUI, GUI builders
X Runner
Matlab Computing environment, data visualization, application develop-
ment
192 M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199
mission control) or generic. Most of the COTS used 4.2.1. Requirements analysis
could be classied as domain-specic. Among generic The earliest steps in COTS-based development are
COTS, the subcategories are databases, data acquisi- similar to traditional development-requirements gath-
tion, analysis and visualization, GUI builders, net- ering and analysis. In the requirements phase a strong
working and middleware. emphasis is on gathering external information. Much of
All of the projects were from the traditional domain this information comes from separate organizations.
of NASA Goddards FDD, that is to say, ground soft- Some project requirements are predened, with minimal
ware dedicated to controlling satellite orbit, attitude and requirements analysis needed.
communication with earth. The 15 projects ranged from Glueware and interfaces, as dictated by the system
29 to 300 KSLOC, with the size gure including only architecture, operating system and hardware, are iden-
code developed and excluding COTS code. tied. These can be seen as specic requirements im-
Carney (1997) identies three types of COTS-based posed by the COTS used.
systems based on the number of COTS used and their The requirements activity changes considerably as
inuence on the nal system. Turnkey systems are compared to traditional development. Projects reported
built around a (suite of) commercial products such as that, with COTS, not all requirements are equal. Some
Microsoft Oce or Netscape Navigator. Only one are free or are provided by the COTS. Some are not
COTS is used, and customization does not change the immediately available, but can be worked out with
nature of the initial COTS. Intermediate systems are reasonable extensions and add-ons. Others are incom-
built around one COTS (e.g. Oracle) but integrate other patible with the COTS. Satisfying these requirements
components, commercial or developed in-house. Finally can become time consuming. Sometimes projects com-
other systems are built by integrating several COTS, all plained about not being able to negotiate these re-
on the same level of importance. In our case projects fell quirements. The eort spent to satisfy these hard
into the second and third categories. requirements can outweigh the eort saved with free
or easy requirements.
4.2. The actual COTS process
4.2.2. System requirements review
Although not every team followed all of the steps This review closes the requirements phase. This rst
outlined below, a composite process ow emerged from verication step is aimed at checking the completeness
the interview data. and feasibility of system requirements. Early reviews of
Below we describe the steps and quality checkpoints the requirements are crucial, even with a less formal
in the overall process, as shown in Fig. 2. process.
4.2.3. Package identication, evaluation/selection the non-COTS development that comes into play in the
COTS identication consists of Web searches, prod- design review.
uct literature surveys and reviews, identication of other After the design review, whether it is formal or in-
reusable system components, and recommendations formal, traditional non-COTS development continues in
from external sources. Product information is kept in a parallel with the coding of the glueware and the inter-
central justication notebook or in an evaluation note- faces. This activity does not really require any new skills
book. In most cases, this is a physical, paper-based, or tasks, but it is sometimes forgotten when eort and
binder that contains spreadsheets comparing dierent resources are allocated at the beginning of the project.
alternative COTS products on various criteria. Dierent In other words, it must be included in the project plan
project members charged with evaluating COTS prod- along with the COTS-related work.
ucts from dierent perspectives enter the relevant in-
formation in these spreadsheets as they complete their 4.2.7. Write glueware and interfaces
evaluations. In many projects, one team member or a Projects reported, in this phase, less coding and de-
small task force of team members is charged with col- bugging than in the traditional process, and as a con-
lecting information on COTS products and keeping the sequence less unit testing and inspections. Close contact
notebook. Not only are product evaluation notes kept, with the vendor technical sta or a competent Help
but subjective comments concerning vendor quality and Desk is essential during this development.
responsiveness are also kept.
As COTS are identied, the evaluation and selection 4.2.8. Integration and test
processes begin. COTS evaluation steps mentioned in Projects reported spending a lot of eort in integra-
the interviews included prototyping, vendor demon- tion, and encountering problems during it. Actually for
strations, and in-depth review of the literature such as many projects integration was the activity that con-
manuals and user guides. Vendor training sites and sumed the most eort.
availability are considered. Procurement issues surface The integration step varies a great deal from project
such as development fees for added requirements, li- to project, depending on which and how many COTS
censing and maintenance fees, and sustaining engineer- products are being used. At system integration and
ing support. testing the COTS packages are treated as black boxes.
The teams commented that testing focused on the in-
4.2.4. Identify glueware and integration requirements terface glueware and the format and correctness of the
This step, although it is the activity that most closely input les. Again, the importance of availability of the
resembles design in a traditional development process, vendor technical sta or Help Desk was emphasized.
is less a problem of decomposition (nding the right Testing is usually conducted piece-by-piece, as each
decomposition that best satises the requirements) and software component is integrated.
more a problem of composition and integration (nding
the best way to integrate COTS that satises the re-
quirements). That is, it is more of a bottom-up process, 4.2.9. Target system installation and acceptance test
where developers attempt to put together COTS prod- Unlike the traditional life cycle, no formal acceptance
ucts like building blocks, until all requirements are met. testing or operational readiness reviews were mentioned
As a result, gaps are identied where the chosen con- by the teams. The development team installs the soft-
guration of COTS products leaves some requirements ware on the target system. It seemed that the develop-
unfullled. At the same time, all interfaces are identied. ment teams felt that the systems being built relied
enough on pre-tested components that the reliability of
4.2.5. System design review the system as a whole could be assured. Since none of
This second verication step deals with system de- these systems had yet reached the maintenance stage, it
sign. Only some teams held it formally, but all teams cannot be said whether or not this assumption held up.
mentioned some mechanism to apprise the customer of
the design. 4.2.10. Discrepancy resolution
Once installed, navigational training to familiarize
4.2.6. Non-COTS development the customer with the system is conducted. During this
Some projects reported that a signicant part of the phase, a member of the development team is the single
project eort was still spent on traditional development point-of-contact or intermediary between the customer
that did not depend on COTS. This development begins and the vendor. This person is responsible for reporting
in parallel with the early COTS-related steps, as in a discrepancies, and handling software patches or cor-
traditional development project. Non-COTS cost and rections. Interviewees mentioned that software patches
schedule are monitored. There is a bi-directional infor- were placed on vendor Web sites that were downloaded
mation ow between the COTS-based process ow and to the target system.
194 M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199
Some of the related problems identied by project 5. A new proposed COTS process
leaders were:
We present here (see Fig. 4) the new proposed process
Slippage in schedule because of delays in vendor re- for COTS-based projects developed by the SEL as a
lease of the COTS (typically the delay is between result of this study.
the beta version and the ocial release). The process is targeted at COTS-based projects using
Unavailable, incomplete, or unreliable documenta- several peer COTS or one COTS integrated with a
tion on the product. considerable amount of newly developed software. In
An unpredictable learning curve with the product. other words we exclude the case of adaptation of a single
Vaporware, i.e. functions that are promised but COTS (a turnkey system). The process covers only de-
never implemented. velopment. The SEL will extend it as soon as enough
Modications made by the vendor that alter the com- observations of maintenance processes will be available.
patibility of one COTS with other COTS or the rest We discuss phases and activities in Section 5.1. We
of system or introduce new bugs. For several reasons will concentrate on the dierences and enhancements as
the purchaser could be obliged to upgrade to the new compared with the actual process (Fig. 2). In Section
version even when such compatibility issues exist. 5.2, we discuss some of the broader process issues such
One-way communication with the vendor, with many as project management and roles/responsibilities.
questions but no answers.
5.1. Process phases and activities
The most commonly reported risk mitigation strate-
gies were: having a close relationship with the vendor; The main phases of the proposed process (repre-
and having a backup plan if the COTS fails (e.g. a sented as ovals in Fig. 4) are: requirements, design,
second choice COTS or internal development). In an- coding and integration. Activities specic to COTS-
other study of lessons learned from COTS usage, con- based development are depicted by circles in the upper
ducted by USC and Software Metrics (Clark, 2001), half of the diagram, while those not specic to COTS-
vendor-related problems were the most commonly cited based development are in the lower half.
issue.
COTS projects must also accept exibility in re- 5.1.1. Requirements
quirements. At the moment a COTS is selected, some Previously, COTS selection was performed at the
requirements are immediately satised, some other re- beginning of the design phase. Now, based on ndings
quirements become easy to implement, and others be- from the interviews and on actual processes, require-
come dicult if not impossible to obtain. Since the ments analysis and COTS selection are performed
typical goal of a COTS project is to reduce (cost, eort together. Further, new activities are added and key de-
or schedule) as compared with a traditional project, the cisions stressed. We list them in a logical order, while in
project must be ready to give up the latter category of practice many of them will be concurrent or iterative.
requirements. In other words, the COTS selected drives Make vs. buy decision I. Using or not COTS in a
the requirements to at least some extent. Some projects project is a key decision that impacts all subsequent
interviewed reported that they ended up writing (some- phases, and the success of the project. The decision
times rewriting) requirements after the COTS was se- should consider technical and non-technical issues.
lected. COTS selection has thus far been treated more as a
Others reported integration problems later in the managerial than a technical decision. Instead, technical
project when requirements and COTS selection were not sta should be empowered to make decisions regarding
coordinated upfront. Still others reported major con- COTS, as opposed to management dictates that a spe-
icts when they had little control over either system cic COTS shall be used. For many projects, COTS
requirements or COTS selection (i.e. one or the other or choices were made outside the project team, thus ig-
both were mandated from some other organizational noring the teams expertise and experience. Require-
unit). ments also often came from outside the team, and
On the other hand, sometimes functionality was dis- conicts between requirements and COTS functionality
covered in a COTS that was useful, even though the often occurred later in the project.
project had not originally planned to use it. Eectively For these reasons the make vs. buy decision should be
managing the tradeo between requirements and COTS recognized, formalized and justied. At this point, a rst
selection seems to be a key to avoiding problems make vs. buy decision can be made, considering only
downstream, and to realizing the benets of COTS. non-technical issues, the exibility in requirements and
Interestingly enough, in the above-cited study at USC the willingness to depend on the vendor. If any of these
(Clark, 2001), exibility in requirements was the second- prerequisites is not satised, the project should not use
most cited group of lessons learned from COTS usage. COTS.
196 M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199
Requirements denition. Requirements for the project vendor dependability, COTS dependability and other
are sketched out in brief detail. The goal is to guide the factors are an input for the risk model.
identication of COTS. When the domain of an appli- The feasibility study should be repeated for a product
cation is stable and well known, this activity could be without COTS (the make solution), and one (or more)
skipped, as the requirements and the COTS available products with a COTS. As an example, let us assume
are pretty familiar. that three variants of the product are studied, without
COTS identication and selection. COTS are identi- COTS, with COTS A, and with COTS B. In real cases
ed and evaluated using vendor documentation, re- more or fewer variants could be studied. Using dierent
views, peer experiences and suggestions. The goal of this combinations of COTS could be analyzed in the same
activity is to reduce the number of candidates to two way.
or three to be deeply evaluated. Clearly, the number of Make vs. buy decision II. At this point the make vs.
deep evaluations must be kept low for cost and schedule buy decision can be reviewed at a much deeper level of
reasons. detail. The attributes considered for the decision are the
COTS familiarization. The COTS selected above are requirements satised by a product variant, the esti-
actually used. The projects interviewed considered this mated cost, and the estimated risks. The algorithms used
activity essential to better understand the functionalities to guide the decision process come from Kontio (1996)
available (not just the ones claimed), their quality, and and Morisio and Tsoukias (1997). The result of this
architectural assumptions. decision is the product variant that will be developed,
Feasibility study. In this activity a product is de- including requirements and COTS selected. Each vari-
scribed at a level of detail sucient to make the second ant represents a dierent tradeo among requirements
make vs. buy decision (see below). The description satised, risks accepted and cost. This make vs. buy
should consist of a complete requirements denition, a decision analyzes in detail these tradeos.
high level architecture, an eort estimation, and a risk The process sketched above has several variants,
assessment model. The high level architecture allows the which are currently undergoing experimental validation
team to sketch dependencies among COTS, incompati- dedicated to understanding under what conditions each
bilities and integration eort (Yakimovich et al., 1999; variant is more suitable. In general, though, the process
Yakimovich et al., 1999). Integration eort is an input outlined above formalizes and stresses the importance of
for the eort estimation model, while incompatibilities, key activities and decisions in a COTS project.
M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199 197
The phase ends with a requirements review. Review- 5.2.1. Project management
ing requirements with the customer is a fundamental Project management is probably the most impacted
step in traditional software engineering. In COTS pro- of horizontal activities (i.e. activities performed
jects several decisions (COTS selection, requirements throughout the development process). Project estima-
satised) are made early, with limited information tion and tracking both have to consider new activities.
available. Therefore the requirements review becomes, if Estimating their duration is currently a complex task
possible, even more important. The review is guided by a due to the limited amount of existing experience and the
checklist covering the main decisions made in this phase, few estimation models available. Project estimation is
and the assumptions they are based on (risk, cost and performed using guidance from Yakimovich et al. (1999)
requirements). and Yakimovich et al. (1999) to build and calibrate local
estimation models, using the estimated amount of
5.1.2. Design glueware to be produced as a predictor of integration
Some parts of design (denition of high level archi- eort. Project tracking is easier to accomplish, as it only
tecture, analysis of integration issues) were anticipated requires modications to the eort accounting proce-
in the requirements phase. However, these activities are dures.
repeated here at a much lower level of detail, as all eort
is concentrated on fully designing the product variant 5.2.2. Roles
selected. We describe here new roles and responsibilities pe-
Design includes a high level design activity where one culiar to COTS projects. One role (the COTS team) is at
of the main concerns is dening the integration of COTS the organizational level, while the other is at the project
and newly developed software. This is particularly de- level.
manding when several COTS are involved, each one COTS team. A group or a person, depending on the
with, possibly, dierent architectural styles and con- size of the organization, should concentrate on the fol-
straints. lowing COTS-related skills and activities. Single projects
The phase ends with the COTS design review. This cannot aord to build these skills individually. The team
is a typical design review for the traditional part, but acts as a repository of history, knowledge and skills
covers other aspects too, essentially the decisions about about COTS, and oers them to projects as a consulting
architecture, COTS integration and glueware. At this activity.
point the make vs. buy decision is reviewed too. More
information is available now, essentially about the Evaluation and selection of COTS. Evaluations done
COTS selected and about integration issues. Risks, the by individual projects tend to be narrow in scope,
integration eort and overall cost are re-estimated and concentrating only on those packages with which
the decision re-assessed. It is possible that at this stage it the project team members are familiar. Furthermore,
becomes clear that integrating the selected COTS is unbiased evaluations require techniques and skills
impossible, requiring a loop back to the requirements that projects cannot have.
phase. History of COTS evaluations. These are organized in
an easily accessible catalogue of COTS known to the
5.1.3. Coding, integration organization, describing concisely the function pro-
Coding deals with parameterizing and possibly vided, vendor, cost, location, and projects using
modifying COTS, and writing glueware. Integration it. The real diculty of this task is the rapidity of
gradually puts the pieces together COTS, glueware changes in the market place that makes the catalogue
and traditionally developed software to assemble the rapidly obsolete. The COTS team should rely on the
nal application. The main decisions have been made in COTS evaluation notebooks from individual projects
the Requirements and Design phases, so Coding and as the input to this catalogue. However, the informa-
Integration are dedicated to implementing these deci- tion from the notebooks must be merged, summa-
sions. However, problems may be discovered. In this rized, and generalized by the COTS team in order
case the decisions could be reconsidered, with back- to provide a catalogue that is useful to the entire or-
tracking to Requirements and Design. ganization.
COTS usage. A project becomes more readily pro-
5.2. Cross-phase issues cient with a new COTS if it can access the experience
of other projects that used it in the past. The COTS
There are a number of issues that are relevant team normally does not have this experience, but
through all phases of the process. Two areas that are of can act as a contact point between projects.
particular interest when talking about COTS projects Procurement. Procurement of COTS requires admin-
are project management and the changes in roles and istrative, managerial and commercial support that is
responsibilities. missing in technical teams. The COTS team denes
198 M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199
a repeatable process for vendor interaction. Part of models. The projects interviewed felt that eort and
the process is documentation of interactions with cycle time could be reduced in COTS projects, but
the vendor, an important record for the project man- compelling evidence is still missing, especially because
ager. no data from the maintenance phase of projects are
available yet.
Interface with vendor. A project should design a single Starting from the experience gained through the
point of contact with the vendor. The role is supported study, the SEL has dened a new proposed COTS
by the COTS team as far as non-technical, procurement process that tries to tackle the points listed above.
skills are needed. The role records all interactions with The new process denes in detail the phases where
the vendor and follows a dened and documented pro- COTS-based development is most challenging: require-
cess. The role is also essential to building a partnership ments, design and project management. In particular,
with the vendor, a key factor for success. the make vs. buy decision is formalized and guided,
considering the overall tradeo among cost, risks and
provided functionality. The high level research goal is to
6. Conclusion dene under which conditions COTS-based develop-
ment is superior to traditional development, including
We have analyzed 15 COTS projects, performed at the maintenance lifespan.
the Flight Dynamics Division at the Goddard Space As far as the study itself is concerned, it should be
Flight Center of NASA. These projects represent a va- noted that quantitative data traditionally collected by
riety of software domains and use more than 30 dierent the SEL were not sucient to understand changes in the
COTS products. We think that the following observa- process. Using qualitative data was key, although this
tions can be generalized and could be useful to improve requires specic, more dicult tools for analysis.
COTS-based software development in any context.
COTS-based processes dier considerably from tra-
ditional software development. Failure to recognize this
by attempting to use traditional processes in a COTS Acknowledgements
project could be a factor in overall project success (or
failure). It also could give developers leeway to loosen This work was funded in part by NASA grant
their processes, as the only processes they have are NCC5170. The authors wish to thank all of the devel-
clearly inappropriate for the project at hand. On the opers and managers in the FDD and at Computer
other hand, new processes and activities have to be de- Sciences Corporation who generously allowed us to in-
ned and given guidance. terview them. This study would not have been possible
New activities identied in COTS-based processes without them.
are: product evaluations, product familiarization, and
vendor interaction (of technical, administrative and
commercial kinds). New roles are the COTS team
and the interface with the vendor. Requirements elici- References
tation is deeply impacted. Selecting a COTS means se-
Basili, V.R., Caldiera, C., Rombach, H.D., 1994. Experience factory.
lecting a (set of) requirement(s) and assuming it to be In: Marciniak, J.J. (Ed.), Encyclopedia of Software Engineering,
available cheaper and faster. The decision to use COTS, vol. 1. Wiley, New York, pp. 469476.
as opposed to making a product from scratch, is often Basili, V.R., Weiss, D.M., 1984. A methodology for collecting valid
made implicitly, is neither formalized nor rigorously software engineering data. IEEE Transactions on Software Engi-
dened and analyzed under the points of view of cost neering SE-10 (6), 728738.
Carney, D., 1997. Assembling large systems from COTS components:
and risks. opportunities, cautions, and complexities. In: SEI Monographs on
Eort in coding, debugging, unit testing, and code Use of Commercial Software in Government Systems. Software
inspections is reduced, while design and testing activities Engineering Institute, Pittsburgh, USA.
are modied. Design focuses more on how to t pieces Clark, B., 2001. CBS development: guidelines based on lessons learned.
together rather than the internal workings of dierent Presented at the Focused Workshop on COTS-Based Systems,
University of Southern California, February.
modules. Architectural issues, especially the diculties Glaser, B.G., Strauss, A.L., 1967. The Discovery of Grounded Theory:
of integrating components, must be considered. Testing Strategies for Qualitative Research. Aldine, Chicago, IL, p.
has to deal with large modules, where no source code or 1967.
documentation is available, and complex glueware. Kontio, J., 1996. A case study in applying a systematic method for
Given a large number of new or modied activities, COTS selection. In: Proceedings of the 18th International Confer-
ence on Software Engineering. IEEE CS Press, Silver Spring, MD.
project tracking has to be adopted, and project estima- Miles, M.B., Huberman, A.M., 1994. In: Qualitative Data Analysis:
tion is especially dicult because of limited or missing An Expanded Sourcebook, second ed. Sage, Beverley Hills, CA, p.
historical data, and limited or uncalibrated estimation 1994.
M. Morisio et al. / The Journal of Systems and Software 61 (2002) 189199 199
Morisio, M., Tsouki as, A., 1997. IusWare: a methodology for the SEI description, Software Engineering Institute, COTS-based initia-
evaluation and selection of software products. In: IEE Proceedings tive description. Available from http:// www.sei.cmu.edu/cbs/
Software Engineering, pp. 162174. cbs_description.html.
NASA/SEL, 1998. SEL COTS Study. Phase 1, Initial characterization SEI overview, Software Engineering Institute, COTS-based initiative
study Report, SEL-98-001, August. overview. Available from http://www.sei.cmu.edu/cbs/cbs_descrip-
NASA/SEL, 1999. SEL COTS Study. Phase 2, New proposed COTS tion.html.
process, SEL-99-002, November. Yakimovich, D., Bieman, J.M., Basili, V.R., 1999. Software architec-
NASA/SEL, 1992. SEL recommended approach to software develop- ture classication for estimating the cost of COTS integration. In:
ment, Revision 3, SEL-81-305, June. Proceedings of the 21st International Conference on Software
Parra, A., Seaman, C., Basili, V., Kraft, S., Condon, S., Burke, S., Engineering, Los Angeles, CA, pp. 296302.
Yakimovich, D., 1997. The package-based development process in Yakimovich, D., Travassos, G.H., Basili, V.R., 1999. A classication
the ight dynamics division. In: Proceedings of the Twenty-second of software components incompatibilities for COTS integration. In:
Software Engineering Workshop, NASA/Goddard Space Flight Proceedings of the 24th Software Engineering Workshop, NASA/
Center, pp. 2156. Goddard Space Flight Center, December.