Presentation of research goals and ongoing research in the joint ARC project "ECOS: Ecological Studies of Open Source Software Ecosystems", presented by Tom Mens (UMONS) during the projects track of the CSMR-WCRE 2014 Software Evolution Week. Collaborators: Philippe Grosjean and Maelick Claes.
In this talk we discuss the results of the survey of software ecosystems researchers conducted in October-December 2014. Researchers have been asked to identify the current trends in ecosystems’ research as well as the challenges the research community has to address in the coming years. We augment discussion of the trends identified by the community by the review of some of the recent results on software ecosystems.
Socio-technical evolution and migration in the Ruby ecosystemTom Mens
Presentation by Eleni Constantinou (joint work with Tom Mens, Software Engineering Lab, UMONS) at the BENEVOL 2016 Software Evolution Research Seminar, Utrecht University, The Netherlands
Social and Technical Evolution of the Ruby on Rails Software EcosystemTom Mens
Presentation by Eleni Constantinou (postdoctoral researcher at the Software Engineerin Lab of the University of Mons, Belgium) during the Workshop on Ecosystem Architecuters (WEA2016), Copenhagen, Denmark, 29 November 2016.
Abstract: Software ecosystems evolve through an active community of developers who contribute to projects within the ecosystem. However, development teams change over time, suggesting a potential impact on the evolution of the technical parts of the ecosystem. The impact of such modifications has been studied by previous works, but only temporary changes have been investigated, while the long-term effect of permanent changes has yet to be explored. In this paper, we investigate the evolution of the ecosystem of Ruby on Rails in GitHub in terms of such temporary and permanent changes of the development team. We use three viewpoints of the Rails ecosystem evolution to discuss our preliminary findings: (1) the base project; (2) the forks; and (3) the entire ecosystem containing both base project and forks.
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...Tom Mens
Presentation by Tom Mens of joint work with Alexandre Decan (University of Mons) at the SATTOSE 2017 research seminar in Madrid (7 June 2017).
Abstract: We carry out a quantitative empirical comparison of the macro-level evolution of software packaging ecosystems for a multitude of different programming languages. We report on the most important observed differences and commonalities in the evolution of their package dependency networks. We hypothesise that the observed commonalities emerge due to the ecosystem scale and complexity. Inspired by Lehman’s laws of software evolution, we seek evidence for a series of empirically observable “laws of software ecosystem evolution”.
Socio-Technical Evolution of the Ruby Ecosystem in GitHubTom Mens
Presentation at SANER 2017 by Eleni Constantinou of joint research with Tom Mens (University of Mons) on a socio-technical analysis of the evolution of the Ruby software ecosystem in GitHub.
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...Tom Mens
These are the slides of my ICSME 2016 keynote, presented on 5 October 2016 in Raleigh, North Carolina. I focus on the difficulties of maintaining and evolving software ecosystems, large collections of interacting software components that are maintained by a large and active community of contributors and that evolve together in the same environment. Software ecosystems are becoming ubiquitous due to the omnipresence of open source software. I present several problems that arise during maintenance and evolution of software ecosystems, and I argue how some of these challenges should be addressed by adopting a socio-technical view and by relying on a multidisciplinary and mixed methods research approach. I illustrate this with examples of social network analysis, complex systems research, ecological biodiversity, and survival analysis.
In this talk we discuss the results of the survey of software ecosystems researchers conducted in October-December 2014. Researchers have been asked to identify the current trends in ecosystems’ research as well as the challenges the research community has to address in the coming years. We augment discussion of the trends identified by the community by the review of some of the recent results on software ecosystems.
Socio-technical evolution and migration in the Ruby ecosystemTom Mens
Presentation by Eleni Constantinou (joint work with Tom Mens, Software Engineering Lab, UMONS) at the BENEVOL 2016 Software Evolution Research Seminar, Utrecht University, The Netherlands
Social and Technical Evolution of the Ruby on Rails Software EcosystemTom Mens
Presentation by Eleni Constantinou (postdoctoral researcher at the Software Engineerin Lab of the University of Mons, Belgium) during the Workshop on Ecosystem Architecuters (WEA2016), Copenhagen, Denmark, 29 November 2016.
Abstract: Software ecosystems evolve through an active community of developers who contribute to projects within the ecosystem. However, development teams change over time, suggesting a potential impact on the evolution of the technical parts of the ecosystem. The impact of such modifications has been studied by previous works, but only temporary changes have been investigated, while the long-term effect of permanent changes has yet to be explored. In this paper, we investigate the evolution of the ecosystem of Ruby on Rails in GitHub in terms of such temporary and permanent changes of the development team. We use three viewpoints of the Rails ecosystem evolution to discuss our preliminary findings: (1) the base project; (2) the forks; and (3) the entire ecosystem containing both base project and forks.
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...Tom Mens
Presentation by Tom Mens of joint work with Alexandre Decan (University of Mons) at the SATTOSE 2017 research seminar in Madrid (7 June 2017).
Abstract: We carry out a quantitative empirical comparison of the macro-level evolution of software packaging ecosystems for a multitude of different programming languages. We report on the most important observed differences and commonalities in the evolution of their package dependency networks. We hypothesise that the observed commonalities emerge due to the ecosystem scale and complexity. Inspired by Lehman’s laws of software evolution, we seek evidence for a series of empirically observable “laws of software ecosystem evolution”.
Socio-Technical Evolution of the Ruby Ecosystem in GitHubTom Mens
Presentation at SANER 2017 by Eleni Constantinou of joint research with Tom Mens (University of Mons) on a socio-technical analysis of the evolution of the Ruby software ecosystem in GitHub.
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...Tom Mens
These are the slides of my ICSME 2016 keynote, presented on 5 October 2016 in Raleigh, North Carolina. I focus on the difficulties of maintaining and evolving software ecosystems, large collections of interacting software components that are maintained by a large and active community of contributors and that evolve together in the same environment. Software ecosystems are becoming ubiquitous due to the omnipresence of open source software. I present several problems that arise during maintenance and evolution of software ecosystems, and I argue how some of these challenges should be addressed by adopting a socio-technical view and by relying on a multidisciplinary and mixed methods research approach. I illustrate this with examples of social network analysis, complex systems research, ecological biodiversity, and survival analysis.
Notes from attending FORCE2019 conference in Edinburgh (October 15-18), covering a range of topics around Research Communications, e-Scholarship, Open Science and Open Access. Links on last slide for full conference programme and presented materials available online.
Slides from presentation at CHI2015:
Paper Title: Designing for Citizen Data Analysis: A Cross-Sectional Case Study of a Multi-Domain Citizen Science Platform
Abstract:
Designing an effective and sustainable citizen science (CS) project requires consideration of a great number of factors. This makes the overall process unpredictable, even when a sound, user-centred design approach is followed by an experienced team of UX designers. Moreover, when such systems are deployed, the complexity of the resulting interactions challenges any attempt to generalisation from retrospective analysis. In this paper, we present a case study of the largest single platform of citizen driven data analysis projects to date, the Zooniverse. By eliciting, through structured reflection, experiences of core members of its design team, our grounded analysis yielded four sets of themes, focusing on Task Specificity, Community Development, Task Design and Public Relations and Engagement. For each, we propose a set of design claims (DCs), drawing comparisons to the literature on crowdsourcing and online communities to contextualise our findings.
[Wetenschappelijke Vorming] Science 2.0 en Alt.Metrics : Literatuurstudiebpaltmetrics
Literatuurstudie omtrent Science 2.0 en Alt.Metrics in kader van onze Bachelorproef aan de KU Leuven.
[Blog] http://bpaltmetrics.wordpress.com/2013/10/22/literatuurstudie/
A small story about Open Source projects' specificities. This presentation has been designed for non technical profiles with no previous experience in Open Source projects
This is a public presentation I gave at SIM University last year around this time. It is about using Open Source Software in every corner of the computing sector - desktop, workstation, server, appliances. I list the important pieces of software as well.
software ecosystem, google, amazon, apple, microsoft, software ecosystem about googl, software ecosystem about amazon, software ecosystem about apple, software ecosystem about microsoft, history present and future about google, history present and future about apple, history present and future about amazon, history present and future about microsoft
QuESo: a Quality Model for Open Source Software EcosystemsGESSI UPC
Open source software has witnessed an exponential growth in the last two decades and it is playing an increasingly
important role in many companies and organizations leading to the formation of open source software
ecosystems. In this paper we present a quality model that will allow the evaluation of those ecosystems in
terms of their relevant quality characteristics such as health or activeness.
Notes from attending FORCE2019 conference in Edinburgh (October 15-18), covering a range of topics around Research Communications, e-Scholarship, Open Science and Open Access. Links on last slide for full conference programme and presented materials available online.
Slides from presentation at CHI2015:
Paper Title: Designing for Citizen Data Analysis: A Cross-Sectional Case Study of a Multi-Domain Citizen Science Platform
Abstract:
Designing an effective and sustainable citizen science (CS) project requires consideration of a great number of factors. This makes the overall process unpredictable, even when a sound, user-centred design approach is followed by an experienced team of UX designers. Moreover, when such systems are deployed, the complexity of the resulting interactions challenges any attempt to generalisation from retrospective analysis. In this paper, we present a case study of the largest single platform of citizen driven data analysis projects to date, the Zooniverse. By eliciting, through structured reflection, experiences of core members of its design team, our grounded analysis yielded four sets of themes, focusing on Task Specificity, Community Development, Task Design and Public Relations and Engagement. For each, we propose a set of design claims (DCs), drawing comparisons to the literature on crowdsourcing and online communities to contextualise our findings.
[Wetenschappelijke Vorming] Science 2.0 en Alt.Metrics : Literatuurstudiebpaltmetrics
Literatuurstudie omtrent Science 2.0 en Alt.Metrics in kader van onze Bachelorproef aan de KU Leuven.
[Blog] http://bpaltmetrics.wordpress.com/2013/10/22/literatuurstudie/
A small story about Open Source projects' specificities. This presentation has been designed for non technical profiles with no previous experience in Open Source projects
This is a public presentation I gave at SIM University last year around this time. It is about using Open Source Software in every corner of the computing sector - desktop, workstation, server, appliances. I list the important pieces of software as well.
software ecosystem, google, amazon, apple, microsoft, software ecosystem about googl, software ecosystem about amazon, software ecosystem about apple, software ecosystem about microsoft, history present and future about google, history present and future about apple, history present and future about amazon, history present and future about microsoft
QuESo: a Quality Model for Open Source Software EcosystemsGESSI UPC
Open source software has witnessed an exponential growth in the last two decades and it is playing an increasingly
important role in many companies and organizations leading to the formation of open source software
ecosystems. In this paper we present a quality model that will allow the evaluation of those ecosystems in
terms of their relevant quality characteristics such as health or activeness.
Open Source and its role in a new IT ecosystemBruno von Rotz
Bob Gett presents Optaros' view on how Open Source influences the overall IT eco system and how it's a key ingredient of many of the new business models we currenlty see developing
Business Ecosystems in the Factory of the FutureStefan Ferber
Die Internet der Dinge-Technologie birgt auch für die Industrie ein enormes Potenzial. Durch die Vernetzung von Maschinen, Werkstücken, Systemen und Marktteilnehmer entlang der Wertschöpfungskette können in Zukunft Fertigungsprozesse völlig neu organisiert werden. Durch diese Veränderungen entstehen sowohl für bestehende als auch für neue Marktteilnehmer spannende Möglichkeiten für neue Geschäftsmodelle und Kooperationen.
In seinem Vortrag zeigt Dr. Stefan Ferber am Beispiel von Instandhaltung und Logistik, wie sich das Business für Unternehmen verändert und wie der Produktionsstandort Deutschland von diesen Veränderungen profitiert.
Studying Evolving Software Ecosystems Inspired by Ecological ModelsTom Mens
Research in progress presented by Tom Mens and Maelick Claes (Software Engineering Lab, University of Mons) at the SATToSE 2013 software evolution research seminar at the University of Bern, 9 July 2013
The Royal Irish Academy and the Irish Research Council held a forum on Open Access in May 2013.
More Details - http://www.ria.ie/about/our-work/policy/ria-initiatives/making-open-access-work-for-ireland.aspx
Indicator approach to understanding resilience of Socio-ecological Production...Bioversity International
Presentation by Kaoru Ichikawa from UNU-IAS and the International Partnership for the Satoyama Initiative (IPSI).
This was presented during a seminar hosted at Bioversity International on 'The Indicators of Resilience in Socio-Ecological Production Landscapes and Seascapes (SEPLS)' in January 2014.
Find out more: http://www.bioversityinternational.org/research-portfolio/agricultural-ecosystems/landscapes/
VERSO: Ecosystem Responses in the Southern OceanBruno Danis
General presentation of the BELSPO funded vERSO (Ecosystem Resoponses to Changes in the Southern Ocean) project. More information on www.versoproject.be
The repository ecology: an approach to understanding repository and service i...R. John Robertson
An increasing number of university institutions and other organisations are deciding to deploy repositories and a growing number of formal and informal distributed services are supporting or capitalising on the information these repositories provide. Despite reasonably well understood technical architectures, early majority adopters may struggle to articulate their place within the actualities of a wider information environment. The idea of a repository ecology provides developers and administrators with a useful way of articulating and analysing their place in the information environment, and the technical and organisational interactions they have, or are developing, with other parts of such an environment. This presentation will provide an overview of the concept of a repository ecology and examine some examples from the domains of scholarly communications and elearning.
European Long-term Ecosystem and Socio Ecological Research Infrastructure (eL...Innovate UK
Lessons learned under the 2013 call for “integrating and opening research infrastructures of European interest” by Terry Parr
How the starting community was set up and how it evolved from 2012 (or earlier) un.l
submission in 2014:
1. How will we know we are succeeding?
• Early contacts and ideas
• Outline proposal to 2012 call for topic ideas
• Team building while waiting
• Content of full proposal
• Useful tips for proposal preparation
Computational Model Discovery for Building Clinical Applications: an Example ...Koray Atalag
Presented at Health Informatics New Zealand (HINZ 2017) Conference, 1-3 Nov 2017, Rotorua, New Zealand. Based on my PhD student Dewan's research.
Authorship: Dewan Sarwar, Koray Atalag, David Nickerson
The University of Auckland
"Environmental performance tools: How ceramic PCRs contribute to a better env...Cerame-Unie
"Environmental performance tools: How ceramic PCRs contribute to a better environment" by Dr Pere Fullana i Palmer, UNESCO Chair in Life Cycle and Climate Change.
Presentation made at the Construction conference organised by Cerame-Unie on 26 November as part of the Ceramic Days 2013.
Liber Conference 2015. Presentation on "Text Mining for Climate Change domain"pinarozturk99
The presentation is about How to use text mining for knowledge discovery in the Climate Change domain. The aim is to develop computation support to natural scientist to speed up the scientific discovery process.
The presentation is about how to use text mining for knowledge discovery in the Climate Change domain. The aim is to develop computation support to natural scientist to speed up the scientific discovery process.
V Rolfe OER12 Conference Search Engine Optimisation 17April2012Vivien Rolfe
Talk given by Viv to OER12, Cambridge UK on using SEO techniques to make OER discoverable on the internet. Part of the UKOER Phase 3 project at De Montfort University, http://www.biologycourses.co.uk
Similar to ECOS: Ecological Studies of Open Source Software Ecosystems (@ CSMR-WCRE 2014 Projects Track) (20)
Keynote talk targeted to PhD students, during the BENEVOL 2023 research seminar (focused on software evolution) in Nijmegen, 27 November 2023, by Tom Mens (full professor in software engineering at University of Mons, Belgium). The keynote aims to provide tips, tricks and practical advice on how to become successful as a PhD student.
Recognising bot activity in collaborative software developmentTom Mens
Presentation by Natarajan Chidambaram during the International ICSE Workshop on Bots in Software Engineering (BotSE 2023) in Australia. Joint work with Mehdi Golzadeh, Tom Mens, Alexandre Decan of the Software Engineering Lab of the University of Mons and with Eleni Constantinou.
A Dataset of Bot and Human Activities in GitHubTom Mens
Presentation at the IEEE International Conference on Mining Software Repositories (MSR 2023) by Natarajan Chidambaram (Software Engineering Lab, University of Mons, Belgium) of a dataset of bot and human activities extracted from GitHub
In this presentation we explore how the CI/CD landscape on GitHub has evolved since the introduction of GitHub Actions. This presentation is based on several peer-reviewed articles published in 2022 and 2023.
Nurturing the Software Ecosystems of the FutureTom Mens
In January 2018, four Software Engineering research groups located in different Belgian Universities launched a five year research project to nurture the software ecosystems of the future. We assembled a diverse team of about a dozen researchers and embarked on an exciting journey leading to a rich and diverse suite of papers, tools and datasets. Halfway into the project the corona pandemic intervened, but despite several months of lockdown, we succeeded in increasing inter-university collaboration. In this paper we share our achievements so that the BENEVOL community may benefit from our experience.
Comment programmer un robot en 30 minutes?Tom Mens
Comment apprendre à programmer un robot en 30 minutes? Atelier organisé par Tom Mens (en collaboration avec Pierre Zielinski, Gauvain Devillez et Sebastien Bonte) lors des Journées Math-Sciences du Printemps des Sciences 2022 à l'Université de Mons
On the rise and fall of CI services in GitHubTom Mens
Presentation of SANER 2022 conference article "On the rise and fall of CI services in GitHub" by Mehdi Golzadeh (co-authored with Alexandre Decan and Tom Mens).
On backporting practices in package dependency networksTom Mens
Presentation at FOSDEM 2022 Composition and Dependency Management DevRoom of empirical research on backporting practices in package dependency networks, published in the IEEE Transactions in Software Engineering in 2021 (https://doi.org/10.1109/TSE.2021.3112204)
Joint work by Alexandre Decan, Tom Mens; Ahmed Zeourali, Coen De Roover as part of the Belgian Excellence of Science research project SECOASSIST (https://secoassist.github.io)
Comparing semantic versioning practices in Cargo, npm, Packagist and RubygemsTom Mens
Presentation by Tom Mens at PackagingCon 2021 on Wednesday 10 November 2021.
Abstract: Semantic versioning (semver) is a commonly accepted open source practice, used by many package management systems to inform whether new package releases introduce possibly backward incompatible changes. Maintainers depending on such packages can use this practice to reduce the risk of breaking changes in their own packages by specifying version constraints on their dependencies. Depending on the amount of control a package maintainer desires to assert over her package dependencies, these constraints can range from very permissive to very restrictive. We empirically compared the evolution of semver compliance in four package management systems: Cargo, npm, Packagist and Rubygems. We discuss to what extent ecosystem-specific characteristics influence the degree of semver compliance, and we suggest to develop tools adopting the wisdom of the crowds to help package maintainers decide which type of version constraints they should impose on their dependencies.
We also studied to which extent the packages distributed by these package managers are still using a 0.y.z release, suggesting less stable and immature packages. We explore the effect of such "major zero" packages on semantic versioning adoption.
Our findings shed insight in some important differences between package managers with respect to package versioning policies.
Our empirical results have been published in two peer-reviewed academic journals: the IEEE Transactions in Software Engineering (https://doi.org/10.1109/TSE.2019.2918315) and Elsevier Science of Computer Programming (https://doi.org/10.1016/j.scico.2021.102656).
Achknowledgments: Research conducted in the context of the SECOASSIST "Excellence of Science" Research Project.
Presentation by Tom Mens at FOSDEM21 (Free Open Source Developers Meeting, February 2021). Published in Science of Computer Programming, August 2021.
https://doi.org/10.1016/j.scico.2021.102656
Abstract: When developing open source software end-user applications or reusable software packages, developers depend on software packages distributed through package managers such as npm, Packagist, Cargo, RubyGems. In addition to this, empirical evidence has shown that these package managers adhere to a large extent to semantic versioning principles. Packages that are still in major version zero are considered unstable according to semantic versioning, as some developers consider such packages as immature, still being under initial development.
This presentation reports on large-scale empirical evidence on the use of dependencies towards 0.y.z versions in four different software package distributions: Cargo, npm, Packagist and RubyGems. We study to which extent packages get stuck in the zero version space, never crossing the psychological barrier of major version zero. We compare the effect of the policies and practices of package managers on this phenomenon. We do not reveal the results of our findings in this abstract yet, as it would spoil the fun of the presentation.
Evaluating a bot detection model on git commit messagesTom Mens
Detecting the presence of bots in distributed software development activity is very important in order to prevent bias in socio-technical empirical studies. In previous work, we proposed a classification model to detect bots in GitHub repositories based on the pull request and issue comments of GitHub accounts. The current study generalises the approach to git contributors based on their commit messages. We train and evaluate the classification model on a large dataset of 6,922 git contributors. The original model based on pull request and issue comments obtained a precision of 0.77 on this dataset, whereas retraining the classification model on git commit messages increased the precision to 0.80. As a proof-of-concept, we implemented this model in BoDeGiC, an open source command-line tool to detect bots in git repositories.
Is my software ecosystem healthy? It depends!Tom Mens
QUATIC 2020 keynote presentation by Tom Mens (University of Mons) on dependency-related health issues in software ecosystems and research advances to address such health issues. Part of the presented research has been conducted as part of the Belgian SECO-ASSIST Excellence of Science Research Project.
Bot or not? Detecting bots in GitHub pull request activity based on comment s...Tom Mens
Presentation by Mehdi Golzadeh (Software Engineering Lab, University of Mons) of an article published at the 2nd International ICSE Workshop on Bots In Software Engineering (BotSE). See https://doi.org/10.1145/3387940.3391503
Abstract: Many empirical studies focus on socio-technical activity in social coding platforms such as GitHub, for example to study the onboarding, abandonment, productivity and collaboration among team members. Such studies face the difficulty that GitHub activity can also be generated automatically by bots of a different nature. It therefore becomes imperative to distinguish such bots from human users. We propose an automated approach to detect bots in GitHub pull request activity. Relying on the assumption that bots contain repetitive message patterns in their pull request comments, we analyse the similarity between multiple messages from the same GitHub identity, using a clustering method that combines the Jaccard and Levenshtein distance. We empirically evaluate our approach by analysing 20,090 comments of 250 users and 42 bots in 1,262 GitHub repositories. Our results show that the method is able to clearly separate bots from human users.
Comparing dependency issues across software package distributions (FOSDEM 2020)Tom Mens
This talk reports on our findings based on multiple empirical studies that we have conducted to understand different aspects of dependency management and their practical implications. This includes:
* the outdatedness of package dependencies, the transitive impact of such "technical lag", and its relation to the presence of bugs and security vulnerabilities.
* the impact of using either more permissive or more restrictive version contraints on dependencies.
* the virtues and limitations of being compliant to semantic versioning, a common policy to inform dependents whether new releases of software packages introduce possibly backward incompatible changes.
* the impact of specific characteristics, policies and tools used by the packaging ecosystem and its supporting community on all of the above.
The contents of the talk is primarily based on the following peer-reviewed scientific articles:
* What do package dependencies tell us about semantic versioning? Alexandre Decan, Tom Mens. IEEE Transactions on Software Engineering, 2019. https://doi.org/10.1109/TSE.2019.2918315
* An empirical comparison of dependency network evolution in seven software packaging ecosystems. Alexandre Decan, Tom Mens, Philippe Grosjean. Empirical Software Engineering 24(1):381-416, 2019. https://doi.org/10.1007/s10664-017-9589-y
* A formal framework for measuring technical lag in component repositories and its application to npm. Ahmed Zerouali, Tom Mens, Jesus Gonzalez‐Barahona, Alexandre Decan, Eleni Constantinou, Gregorio Robles. Journal of Software: Evolution and Process 31(8), 2019. https://doi.org/10.1002/smr.2157
* On the Impact of Security Vulnerabilities in the npm Package Dependency Network. Alexandre Decan, Tom Mens, Eleni Constantinou. International Conference on Mining Software Repositories, 2018. https://doi.org/10.1145/3196398.3196401
* On the Evolution of Technical Lag in the npm Package Dependency Network. Alexandre Decan, Tom Mens, Eleni Constantinou. International Conference on Software Maintenance and Evolution, 2018. https://doi.org/10.1109/ICSME.2018.00050
Measuring Technical Lag in Software Deployments (CHAOSScon 2020)Tom Mens
Presentation at CHAOSSCon Europe 2020 about the generic technical lag software measurement framework. Technical lag measures the increasing difference between deployed software components and the ideal upstream software components.
For more information, see https://doi.org/10.1002/smr.2157
This presentation reports on the research results achieved in the context of the interuniversity interdisciplinary research project SECOHealth "Vers une méthodologie et analyse socio-technique interdisciplinaire de la santé des écosystèmes logiciels" co-financed by FRS-FNRS Belgium and FRQ (FRSC - FRNT, Québec) with principal investigators Tom Mens (UMONS), Bram Adams (Polytechnique Montréal) and Josianne Marsan (Université Laval).
Introduction to the research seminar on empirical analysis of open source software ecosystems, organised by the SECO-ASSIST "excellence of science" research project, on September 4th, 2019 at the University of Mons, Belgium. With invited presentations by Alexander Serebrenik, Jesus Gonzalez-Barahona, Dario Di Nucci and Henrique Nucci. The seminar concludes with the public PhD defense of Ahmed Zerouali (supervised by Tom Mens) on the topic of "A Measurement Framework for Analyzing Technical Lag in Open-Source Software Ecosystems"
Empirically Analysing the Socio-Technical Health of Software Package ManagersTom Mens
Invited presentation at Concordia University (Montreal, Canada) by Eleni Constantinou and Tom Mens on recent research about the socio-technical health issues in software package management ecosystems.
Abstract: The large majority of today’s software is relying on open software software components. Such components are typically distributed through package managers for a wide variety of programming languages, and developed and maintained through online distributed software development services like GitHub. Software component repositories are perceived as software ecosystems that constitute complex and evolving socio-technical software dependency networks. Because of their complexity and evolution, these ecosystems tend to suffer from a wide variety of software health issues that can be either technical or social in nature. Examples of such issues include the ecosystem fragility due to exponential growth and transitive dependencies; the abundance of outdated, unmaintained or obsolete software components; the prolonged presence of unfixed bugs and security vulnerabilities; the abandonment or high turnover of key contributors, suboptimal collaboration between contributors, and many more. This presentation will report on our past and ongoing empirical research that studies such health factors within and across different software packaging ecosystems (such as npm, RubyGems, Cargo, CRAN, CPAN). We provide empirical evidence of some of the health problems, compare their presence across different ecosystems, and suggest ways to reduce their potential impact by providing concrete guidelines and tools. The presented research Is being conducted by researchers of the Software Engineering Lab at the University of Mons in the context of two ongoing projects SECOHealth and SECO-ASSIST, aiming to analyse and improve the health of software ecosystems.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
ECOS: Ecological Studies of Open Source Software Ecosystems (@ CSMR-WCRE 2014 Projects Track)
1. ECOS:
Ecological
Studies
of
Open
Source
So6ware
Ecosystems
•
•
Tom
Mens,
Maelick
Claes
So6ware
Engineering
Lab
!
•
Philippe
Grosjean
Numerical
Ecology
Lab
informaEque.umons.ac.be/genlog/projects/ecos
2. About
ECOS
informaEque.umons.ac.be/genlog/projects/ecos
• “AcEon
de
Recherche
Concertée”
of
University
of
Mons
– Interdisciplinary
project
• Combines
research
in
biology
(ecology)
and
compuEng
science
(empirical
so6ware
engineering)
– COMPLEXYS
Research
InsEtute
– Oct
2012
—>
Sep
2017
– 500K
EUR
funding
• Related
EU
project:
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
2
3. High-‐level
project
goal
• Improve
understanding
of,
and
support
for,
open
source
so#ware
ecosystems
–Draw
inspiraEon
from
biological
evoluEon,
ecology
and
natural
ecosystems
• Determine
main
factors
of
success
and
failure
of
OSS
projects
within
their
ecosystem
–Provide
beeer
techniques
and
mechanisms
to
predict
and
improve
survivability
of
OSS
projects
and
resilience
of
their
ecosystems
–Provide
guidelines
and
evoluEon
dashboards
to
support
so6ware
communiEes
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
3
4. So6ware
ecosystem
DefiniEon
Business-‐oriented
view
•
“a
set
of
actors
func5oning
as
a
unit
and
interac5ng
with
a
shared
market
for
so#ware
and
services,
together
with
the
rela5onships
among
them.”
(Jansen
et
al.
2009)
Examples
• Eclipse
• Android
and
iOS
app
store
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
4
5. So6ware
ecosystem
DefiniEon
Development-‐centric
view
Examples
• “a
collec5on
of
so#ware
products
that
have
some
given
degree
of
symbio5c
rela5onships.”
• Gnome
KDE
!
• Debian
Ubuntu
!
• R’s
CRAN
!
• Apache
• Messerschmie
&
Szyperski:
So#ware
ecosystem:
Understanding
an
indispensable
technology
and
industry.
MIT
Press,
2003.
• “a
collec5on
of
so#ware
projects
that
are
developed
and
evolve
together
in
the
same
environment.”
• M.
Lungu:
Towards
reverse
engineering
so6ware
ecosystems.
Int’l
Conf.
So#ware
Maintenance,
2008,
pp.
428–431.
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
5
6. Main
Research
QuesEons
• Which
control
mechanisms
driving
natural
ecosystems
can
be
used
to
explain
dynamics
of
so6ware
ecosystems?
!
• Which
mechanisms
and
measures
can
we
borrow
from
ecology
to
explain
and
predict
how
so6ware
projects
evolve?
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
6
7. Terminology
Biological
ecosystem
DefiniEons
Example:
coral
reefs
• Ecology:
the
scien5fic
study
of
the
interac5ons
that
determine
the
distribu5on
and
abundance
of
organisms
• Ecosystem:
the
physical
and
biological
components
of
an
environment
considered
in
rela5on
to
each
other
as
a
unit
– combines
all
living
organisms
(plants,
animals,
micro-‐organisms)
and
physical
components
(light,
water,
soil,
rocks,
minerals)
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
• High
biodiversity:
polyps,
sea
anemones,
fish,
mollusks,
sponges,
algae
7
9. Ecological
theories
of
evoluEon
of
species
• Jean-‐BapEste
Lamarck
(1744-‐
1829)
• animal
organs
and
behaviour
can
change
according
to
the
way
they
are
used
• those
characterisEcs
can
transmit
from
one
generaEon
to
the
next
to
reach
a
greater
level
of
perfecEon
• Example:
giraffe’s
necks
have
become
longer
while
trying
to
reach
the
upper
leaves
of
a
tree
• Charles
Darwin
(1809–1882)
• all
species
of
life
have
descended
over
Eme
from
common
ancestors
• this
branching
paeern
resulted
from
natural
selecEon
• evoluEon
history
is
represented
by
a
phylogene5c
tree
• Example:
13
types
of
Galapagos
finches,
same
habits
and
characterisEcs,
but
different
beaks
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
9
10. Ecological
theories
of
evoluEon
of
species
Hologenome
theory
• The
unit
of
natural
selecEon
is
the
holobiont:
the
organism
together
with
its
associated
microbial
communiEes,
that
live
together
in
symbiosis.
• The
holobiont
can
adapt
to
changing
environmental
condiEons
far
more
rapidly
than
by
geneEc
mutaEon
and
selecEon
alone.
• Darwinism
emphasises
compe55on
(survival
of
the
fieest),
hologenome
theory
also
includes
coopera5on
(through
symbiosis)
!
In
so6ware
evoluEon:
Hologenome
theory
may
be
closer
to
what
one
observes
in
open
source
projects
where
cooperaEon
plays
a
more
important
role.
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
10
11. Ecological
theories
of
evoluEon
of
species
ReEculate
evoluEon
• EvoluEon
history
is
represented
as
a
graph
structure.
Two
or
more
evoluEonary
lineages
can
be
recombined
at
some
level
• hybrid
specia5on
(2
lineages
recombine
to
create
a
new
one)
• horizontal
gene
transfer
(genes
are
transferred
across
species)
!
In
so6ware
evoluEon:
Distributed
VCS
like
Git
promote
reEculate
evoluEon
through
fork
and
merge
(but
few
projects
actually
merge)
!
See
Robles
et
al.
A
Comprehensive
Study
of
So#ware
Forks:
Dates,
Reasons
and
Outcomes.
OSS
Conference
2012,
Best
Paper
Award.
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
11
13. Trophic
web
(food
chain)
in
natural
ecosystems
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
13
14. Trophic
web
in
so6ware
ecosystems
•Producer-‐consumer
relaEon
TOP-‐DOWN
change
requests
&
bug
reports
BOTTOM-‐UP
changes
in
core
projects
and
architecture
Onion
model
Users
Peripheral
developers
Core
developers
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
14
15. Core
Architecture
-‐
or
Why
developers
are
polyps
Coral
reef
ecosystem
So6ware
ecosystem
• Sclerac5nian
coral
polyps
are
• Core
developers
are
responsible
for
creaEng
the
responsible
for
creaEng
the
coral
reef
structure
core
so6ware
architecture
• This
coral
reef
is
required
for
• Based
on
this
core
the
other
species
of
the
architecture,
other
ecosystem
to
thrive.
developers
and
third
parEes
can
create
other
projects,
services,
and
so
on.
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
15
16. So6ware
Ecosystem
Dynamics
Predator-‐prey
relaEonship
(Lotka-‐Volterra
1925/1926)
• Predators
(hunEng
animals)
feed
upon
their
prey
(aeacked
animals)
• Can
be
described
by
a
dynamic
model
with
mutually
dependent
parametric
differenEal
equaEons
Analogies
in
so6ware
maintenance
• Debuggers
are
predators,
so6ware
defects
are
prey
Calzolari
et
al.
Maintenance
and
tes5ng
effort
modeled
by
linear
and
nonlinear
dynamic
systems,”
Informa5on
and
So#ware
Technology,
2001
• Developers
are
predators,
the
informaEon
they
seek
is
prey
Lawrance
et
al.
Scents
in
programs:
Does
informa5on
foraging
theory
apply
to
program
maintenance?
VL/HCC
2007
• Dual
(socio-‐technical)
view:
• Developers
are
predators,
the
projects
they
work
on
are
prey
• Projects
are
predators
that
feed
upon
the
cogniEve
resources
of
their
developers
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
16
17. Desirable
ecosystem
characterisEcs
Biodiversity
measures
the
degree
of
variaEon
of
species
within
a
given
ecosystem
• Maximum
diversity
if
all
species
have
same
number
of
individuals
• Low
diversity
if
a
parEcular
species
dominates
the
others
• Many
different
metrics:
Shannon
entropy,
Simpson
index,
evenness,
…
!
• Posnee
et
al.
used
similar
noEon
to
measure
developer
ac5vity
focus
and
module
ac5vity
focus
Dual Ecological Measures of Focus
in Software Development
Daryl Posnett† , Raissa D’Souza∗ , Premkumar Devanbu,† and, Vladimir Filkov†
†∗ University
of California Davis, USA
† {dpposnett,ptdevanbu,vfilkov}@ucdavis.edu,∗ raissa@cse.ucdavis.edu
Abstract—Work practices vary among software developers.
Some are highly focused on a few artifacts; others make wideranging contributions. Similarly, some artifacts are mostly authored, or “owned”, by one or few developers; others have very
wide ownership. Focus and ownership are related but different
phenomena, both with strong effect on software quality. Prior
studies have mostly targeted ownership; the measures of ownership used have generally been based on either simple counts,
information-theoretic views of ownership, or social-network views
of contribution patterns. We argue for a more general conceptual view that unifies developer focus and artifact ownership.
We analogize the developer-artifact contribution network to a
predator-prey food web, and draw upon ideas from ecology to
produce a novel, and conceptually unified view of measuring
focus and ownership. These measures relate to both cross-entropy
and Kullback-Liebler divergence, and simultaneously provide
two normalized measures of focus from both the developer and
artifact perspectives. We argue that these measures are theoretically well-founded, and yield novel predictive, conceptual, and
actionable value in software projects. We find that more focused
developers introduce fewer defects than defocused developers. In
contrast, files that receive narrowly focused activity are more
likely to contain defects than other files.
I. I NTRODUCTION
Developers are the lifeblood of open source software, OSS,
and their contributions are vital for OSS to thrive. Rather
than being assigned tasks by management, OSS developers are
generally free to choose the style, focus, and breadth of their
contributions. Some might be quite focused, working on one
specific subsystem; others may contribute to many different
subsystems. An device driver expert, for example, may contribute very specialized knowledge to an open source project,
focusing on only a few files or packages. His contributions to a
small subset of modules1 may be his only contribution during
his tenure with the project. In contrast, a project leader may
work on a variety of different tasks touching many modules
within a project. While OSS developers are free to choose
their contribution styles, such choices are not inconsequential,
especially to the central issue of software quality.
A dominant theme emerging from previous work in this
area is module ownership [1], [2], [3]. Low ownership of a
module, i.e., too many contributors, can adversely impact code
quality. There is, however, an entirely different perspective,
developer’s attention focus, which is relatively unexplored.
Human attention and cognition are finite resoucres [4]. When
different tasks are simultaneously engaged, they can compete
1 We
use modules to mean either packages or files, depending on the context.
978-1-4673-3074-9/13/$31.00 c 2013 IEEE
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
ICSE
2013
for mental resources and task performance can suffer [5]. A
developer engaged in many different tasks carries a greater
cognitive burden than a more focused developer. Interestingly,
the developer and module perspectives are, conceptually symmetric, dualistic views of focus. From a module’s perspective,
strong ownership indicates a strong focused contribution. We
refer to this as module activity focus, or MAF, a measure of
how focused the activities are on a module. Symmetrically, we
refer to the developer’s attention focus, or DAF, a measure
of how focused the activities are of a particular developer.
A surprising, but natural analogy for MAF and DAF, are
predator-prey food webs from ecology. In a sense, modules
are predators that “feed upon” the cognitive resources of
developers. As the number of developers contributing to a
module increases, the diversity of cognitive resources upon
which the module “feeds” also increases; likewise, a developer
is a “prey” whose limited cognitive resources are spread over
the modules that “prey” upon her.
Ecosystem diversity is of great interest to ecologists.
Williams and Martinez call the roles complexity and diversity
play “[o]ne of the most important and least settled questions
in ecology.” [6] This diversity has two symmetric perspectives,
both from a prey’s perspective, and a predator’s perspective.
Ecologists have developed sophisticated symmetric measures
of predator-prey relationships, drawing upon ideas such as
entropy and Kulback-Leibler divergence, that simultaneously
capture both perspectives. We adapt these measures for software engineering projects into the metrics MAF and DAF.
In this work, we employ the methodology presented by El
Emam to validate our measures [7]. In particular, we show
that the DAF and MAF measures succeed in distinguishing
important cases that extant measures don’t capture. We make
the following contributions:
• We adapt terminology and motivation from ecology,
based on bipartite graphs;
• We incorporate and generalize previous results on developer and artifact diversity;
• We provide easy to compute measures of focus, MAF
and DAF, normalized to facilitate comparison within and
across projects;
• We show these measures more precisely capture outcomes relevant to software researchers and practitioners.
This novel analysis simultaneously considers focus both
from the artifact perspective and the author perspective.
Researchers can use our MAF and DAF metrics to more
452
ICSE 2013, San Francisco, CA, USA
17
18. Desirable
ecosystem
characterisEcs
• Stability
• the
capacity
to
maintain
an
equilibrium
over
longer
periods
of
Eme
• Resistance
• the
ability
to
withstand
environmental
changes
without
too
much
disturbances
of
its
biological
communiEes
• Resilience
• the
ability
to
return
to
an
equilibrium
a6er
a
disturbance
!
Goal:
Use
these
and
related
measures
to
study
maintainability
and
survivability
of
so6ware
projects
within
their
ecosystem
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
18
19. Ongoing
Research
2
case
studies
• CRAN
(Comprehensive
R
Archive
Network)
– CharacterisEcs
15
years
>
5000
packages
>
2500
contributors
different
OS
flavours
(Linux,
Windows,
MacOS,
Solaris)
superlinear
package
growth
– Goal
• Study
package
dependencies
and
maintainability
(number
of
errors
and
Eme
to
fix)
and
their
effect
on
package
survivability
• See
our
CSMR-‐WCRE
2014
ERA
paper
“On
the
maintainability
of
CRAN
packages”
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
19
20. Ongoing
Research
2
case
studies
• GNOME
– CharacterisEcs
16
years
>
1400
projects
>
5800
contributors
>
1.3M
commits
>
12M
file
touches
– Goals
1. Combine
different
ecosystem
measures
into
a
predicEve
model
of
project
survivability
2. Study
migra5on
paberns
of
contributors
and
their
effect
on
project
survivability
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
20
21. Ongoing
Research
GNOME
case
study
1
Combine
different
ecosystem
measures
into
a
predicEve
model
of
project
survivability
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING,
VOL. 38,
NO. 1,
JANUARY/FEBRUARY 2012
163
Defining and Evaluating a Measure
of Open Source Project Survivability
Uzma Raja, Member, IEEE Computer Society, and Marietta J. Tretter
– Replicate
and
generalise
the
empirical
study
by
Uzma
Raja
Abstract—In this paper, we define and validate a new multidimensional measure of Open Source Software (OSS) project survivability,
called Project Viability. Project viability has three dimensions: vigor, resilience, and organization. We define each of these dimensions
and formulate an index called the Viability Index (V I) to combine all three dimensions. Archival data of projects hosted at
SourceForge.net are used for the empirical validation of the measure. An Analysis Sample (n ¼ 136) is used to assign weights to each
dimension of project viability and to determine a suitable cut-off point for V I. Cross-validation of the measure is performed on a holdout Validation Sample (n ¼ 96). We demonstrate that project viability is a robust and valid measure of OSS project survivability that can
be used to predict the failure or survival of an OSS project accurately. It is a tangible measure that can be used by organizations to
compare various OSS projects and to make informed decisions regarding investment in the OSS domain.
Index Terms—Evaluation framework, external validity, open source software, project evaluation, software measurement, software
survivability.
Ç
1
INTRODUCTION
O
PEN Source Software (OSS) projects are developed and
distributed for free, with full access to the project
source code. Recently there has been a significant increase
in the use of these projects. Some OSS projects have earned
themselves a high reputation and corporate sponsorships.
Large corporations (e.g., IBM, SUN microsystems) are
becoming involved with the OSS movement in various
capacities. Projections indicate that the corporate interest in
OSS projects will grow stronger in the future [1] and these
projects will see integration in enterprise architecture [2].
This increased use of OSS projects creates the need for
better project evaluation measures.
Traditionally, software projects are evaluated by conformance to budget, schedule, and user requirements [3], [4],
[5], [6], [7], [8]. These measures, however, are difficult to
map to OSS projects, which are developed through a
network of volunteer participants, with no defined budget,
schedule, or customer. Although there is a surge in the
investment in OSS projects [1], research indicates that a large
number of OSS projects fail [9], [10]. Some have questioned
the operational reliability and quality of OSS projects [11].
Since there are no contractual or legal bindings for providing
OSS updates or maintenance services, businesses investing
human or financial capital on adoption of OSS projects need
the ability to evaluate whether the project will continue to
exist or not [12]. Development teams need to measure
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
. U. Raja is with the Department of Information Systems, Statistics and
Management Science, The University of Alabama, Box #870226,
300 Campus Drive, Tuscaloosa, AL 35487. E-mail: uraja@cba.ua.edu.
. M.J. Tretter is with the Department of Information and Operations
Management, Texas A&M University, Mail Stop #310D, Wehner
project survivability to control and improve performance.
Individual and corporate users need a measure of project
survivability to compare the available OSS projects before
making decisions regarding project adoption.
In this paper, we define and validate a new multidimensional measure of OSS project survivability, called
Project Viability. OSS projects provide access to their
development archives, thereby providing a unique opportunity to conduct empirical research [13] and develop
reliable measures [14], [15]. In the following sections, we
define, formulate, and validate project viability. Section 2
provides a brief overview of the existing empirical research
in OSS and the background of project survivability. Section 3
defines the dimensions of project viability and formulates
an index to measure it. Section 4 discusses the empirical
evaluation framework and validates the new measure using
OSS project data. Discussion of the results is presented in
Section 5 and conclusions are given Section 6.
2
BACKGROUND
A large number of OSS projects are available for use.
However, the failure rate of these projects is high [9]. The
evaluation of OSS projects is different than Commercial
Software Systems (CSS) [16]. The adopters of OSS projects
need a mechanism to compare the chances of failure or
survival of the available projects. This would allow better
decisions regarding corporate resource investment.
A range of measures has been used in prior research to
evaluate OSS projects. Godfrey and Tu [17] examined the
evolution of the Linux kernel and its growth pattern in one
21
22. Ongoing
Research
GNOME
case
study
2
Study
migra5on
paberns
of
contributors
and
their
effect
on
project
survivability
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
22
23. joiners are incoming coders in the considered project that were not active in any
of the G NOME projects during the preceding period. A similar definition holds for
the local and global leavers. Formally, the metrics are defined as follows. Let p be
a G NOME project, t a 6-month activity period (and t 1 the previous period), c a
coder, Gnome the set of G NOME’s code projects, and isDev(c,t, p) is a predicate
which is true if and only if c made a code commit in p during t:
Ongoing
Research
GNOME
case
study
2
Timeline
(6-‐month
intervals)
of
joiners
to
Gnome
projects
localLeavers(p,t) =
{c|isDev(c,t 1, p) ^ ¬isDev(c,t, p) ^ 9p2 (p2 2 Gnome ^ isDev(c,t, p2 ))}
globalLeavers(p,t) =
{c|isDev(c,t 1, p) ^ 8p2 (p2 2 Gnome ) ¬isDev(c,t, p2 ))}
localJoiners(p,t) =
{c|isDev(c,t, p) ^ ¬isDev(c,t 1, p) ^ 9p2 (p2 2 Gnome ^ isDev(c,t 1, p2 ))}
globalJoiners(p,t) =
{c|isDev(c,t, p) ^ 8p2 (p2 2 Gnome ) ¬isDev(c,t 1, p2 ))}
2001
2003
2005
2007
2009
2011
2013
30
1999
2001
2003
2005
2007
2009
Time
25
evolution
gtk+
5
0
2011
2013
1997
1999
2001
2003
2005
2007
2009
2011
2013
Time
gimp
15
20
Fig. 1.11 Historical evolution (timeline) of the number of local (black solid) and global (red
dashed) joiners (y-axis) for three G NOME projects.
Joiners
25
Joiners
15
20
25
20
15
10
35
1997
30
1999
Time
Joiners
GTK+
5
0
1997
15
Joiners
20
25
30
25
20
15
Joiners
10
15
10
5
Gimp
0
35
EvoluEon
30
30
35
Joiners
20
25
30
-‐
Black
=
local
joiners
from
other
Gnome
projects
-‐
Red
=
global
joiners
from
outside
of
Gnome
-‐
Blue
=
stayers
5
0
10
5
0
10
5
0
10
We did not find any general trend, the patterns of intake and loss of coders are
highly project-specific. Figure 1.11 illustrates the evolution of the number of local
and global joiners for some of the more important G NOME projects (the figures for
leavers are very similar). For some projects (e.g., evolution) we do not observe
a big difference between the number of local and global joiners, respectively. These
projects seem to attract new developers both from within and outside of G NOME.
Other projects, like gimp, 2013
attract most of its incoming developers from outside
1997
1999
2001
2003
2005
2007
2009
2011
2013
1997
1999
2001
2003
2005
2007
2009
2011
1997
1999
2001
2003
2005
2007
2009
2011
2013
G NOME. A third category of projects attracts most of its incoming developers from
Time
Time
Time
other G NOME projects. This is the case for gtk+, glib and libgnome, which
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Bcan be considered as belonging to the core of G NOME. This observation seems to 23
elgium
24. 28
Tom Mens, Ma¨ lick Claes, Philippe Grosjean and Alexander Serebrenik
e
MigraEon
in
so6ware
ecosystems
Gnome
case
study
project that were not active in this project during the preceding 6-month period,
but that were involved in some activity in other G NOME projects instead. Global
joiners are incoming coders in the considered project that were not active in any
of the G NOME projects during the preceding period. A similar definition holds for
the local and global leavers. Formally, the metrics are defined as follows. Let p be
a G NOME project, t a 6-month activity period (and t 1 the previous period), c a
coder, Gnome the set of G NOME’s code projects, and isDev(c,t, p) is a predicate
which is true if and only if c made a code commit in p during t:
Timeline
(6-‐month
intervals)
of
leavers
from
Gnome
projects
localLeavers(p,t) =
{c|isDev(c,t 1, p) ^ ¬isDev(c,t, p) ^ 9p2 (p2 2 Gnome ^ isDev(c,t, p2 ))}
globalLeavers(p,t) =
{c|isDev(c,t 1, p) ^ 8p2 (p2 2 Gnome ) ¬isDev(c,t, p2 ))}
localJoiners(p,t) =
{c|isDev(c,t, p) ^ ¬isDev(c,t 1, p) ^ 9p2 (p2 2 Gnome ^ isDev(c,t 1, p2 ))}
globalJoiners(p,t) =
{c|isDev(c,t, p) ^ 8p2 (p2 2 Gnome ) ¬isDev(c,t 1, p2 ))}
35
30
25
Joiners
20
30
5
10
25
evolution
2009
2011
2013
1997
0
20
2007
1999
2001
2003
2005
2007
2009
Time
15
2005
gtk+
2011
2013
1997
1999
2001
2003
2005
2007
2009
2011
2013
Time
gimp
10
Fig. 1.11 Historical evolution (timeline) of the number of local (black solid) and global (red
dashed) joiners (y-axis) for three G NOME projects.
5
15
10
15
30
20
15
Joiners
10
5
0
2003
Leavers
0
2001
Time
5
GTK+
25
30
25
20
Joiners
10
5
25
20
20
Leavers
1999
We did not find any general trend, the patterns of intake and loss of coders are
highly project-specific. Figure 1.11 illustrates the evolution of the number of local
1997
1999
2001
2003
2005
2007
2009
2011
2013
1997
1999
2001
2003
2005
2007
2009
2011
2013
1997
1999
2001
2003
2005
2007
2009
2011
and global joiners for some of the more important G NOME projects (the figures for2013
Time
Time
leavers are very similar). For some projects (e.g., evolution) we do not observe
Time
a elgium
big difference between the number of local and global joiners, respectively. These24
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
B
0
0
0
Leavers
15
1997
5
10
Gimp
15
35
30
EvoluEon
25
30
35
-‐
Black
=
local
joiners
from
other
Gnome
projects
-‐
Red
=
global
joiners
from
outside
of
Gnome
-‐
Blue
=
stayers
25. Some
references
UMONS
Faculté des Sciences
Département d’Informatique
To appear in 2013 in Springer’s Empirical Software Engineering journal – manuscript No
(will be inserted by the editor)
On the variation and specialisation of workload – A
case study of the Gnome ecosystem community
Understanding the Evolution of
Socio-technical Aspects in Open Source
Ecosystems: An Empirical Analysis of
GNOME
Mathieu Goeminne
DOI: 10.1007/s10664-013-9244-1
A dissertation submitted in fulfillment of the requirements of
the degree of Docteur en Sciences
Advisor
Jury
Dr. TOM M ENS
Dr. X AVIER B LANC
Université de Mons, Belgium
Université de Bordeaux 1, France
Dr. V ÉRONIQUE B RUYÈRE
Université de Mons, Belgium
@
MSR
2013 Universidad Rey Juan Carlos, Spain
A historical dataset for G NOME contributors
Dr. T
M
Dr. J ESUS M. G ONZALEZ -B ARAHONA
OM
ENS
Université de Mons, Belgium
Mathieu Goeminne, Ma¨ lick Claes and Tom Mens
e
Software Engineering Lab, COMPLEXYS research institute,A LEXANDER S EREBRENIK
Dr. UMONS, Belgium
Technische Universiteit Eindhoven, The Netherlands
Abstract—We present a dataset of the open source
software ecosystem G NOME from a social point of view.
We have collected historical data about the contributors
to all G NOME projects stored on git.gnome.org, taking
June
into account the problem of identity matching, and associating different activity types to the contributors. This
type of information is very useful to complement the
traditional, source-code related information one can obtain by mining and analyzing the actual source code.
The dataset can be obtained at https://bitbucket.org/
mgoeminne/sgl-flossmetric-dbmerge.
Bogdan Vasilescu · Alexander Serebrenik ·
Mathieu Goeminne · Tom Mens
Dr. J EF we have
In this paper, we present the process W IJSENused
Université de Mons, information
to create a dataset containing the historicalBelgium
related to contributors to the G NOME ecosystem. Our
database
2013 and the tools and scripts used to created it can
be found on a dedicated Bitbucket repository2 .
In contrast to many other datasets, we do not focus on
source code, since a significant amount of files committed to G NOME’s project repositories do not even contain
code (e.g., image files, web pages, documentation, localization and many more). Such type of information is
often ignored in MSR research while it is very relevant
to understand which types of activities contributors are
I. I NTRODUCTION
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
Abstract Most empirical studies of open source software repositories focus on the
analysis of isolated projects, or restrict themselves to the study of the relationships between technical artifacts. In contrast, we have carried out a case study that
focuses on the actual contributors to software ecosystems, being collections of software projects that are maintained by the same community. To this aim, we defined
a new series of workload and involvement metrics, as well as a novel approach—
e
T-graphs—for reporting the results of comparing multiple distributions. We used
these techniques to statistically study how workload and involvement of ecosystem contributors varies across projects and across activity types, and we explored
to which extent projects and contributors specialise in particular activity types.
Using Gnome as a case study we observed that, next to coding, the activities of localization, development documentation and building are prevalent throughout the
ecosystem. We also observed notable di↵erences between frequent and occasional
contributors in terms of the activity types they are involved in and the number
of projects they contribute to. Occasional contributors and contributors that are
involved in many di↵erent projects tend to be more involved in the localization activity, while frequent contributors tend to be more involved in the coding activity
in a limited number of projects.
Keywords open source · software ecosystem · metrics · developer community ·
case study
B. Vasilescu and A. Serebrenik
MDSE, Eindhoven University of Technology, PO Box 513, 5600 MB Eindhoven, The Nether-
25
26. References
Mens, Tom; Serebrenik, Alexander; Cleve, Anthony (Eds.)
2014, XXIII, 404 p.
!
Springer, ISBN 978-3-642-45398-4
Chapter 10
Studying Evolving Software Ecosystems
based on Ecological Models
Tom Mens, Ma¨ lick Claes, Philippe Grosjean and Alexander Serebrenik
e
Research on software evolution is very active, but evolutionary principles, models
and theories that properly explain why and how software systems evolve over time
are still lacking. Similarly, more empirical research is needed to understand how
different software projects co-exist and co-evolve, and how contributors collaborate
within their encompassing software ecosystem.
In this chapter, we explore the differences and analogies between natural ecosystems and biological evolution on the one hand, and software ecosystems and software evolution on the other hand. The aim is to learn from research in ecology to
advance the understanding of evolving software ecosystems. Ultimately, we wish
to use such knowledge to derive diagnostic tools aiming to analyse and optimise
the fitness of software projects in their environment, and to help software project
communities in managing their projects better.
February
2014
-‐
CSMR-‐WCRE
So6ware
EvoluEon
Week,
Antwerp,
Belgium
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
26
27. Interested
in
joining?
• Open
PhD
posiEon
available
• 6
to
12
month
postdoc
visits
welcomed
5
February
2014
—
CSMR-‐WCRE
So6ware
EvoluEon
Week,Antwerp,
Belgium
27