DevOps is a modern so ware engineering paradigm that is gaining widespread adoption in industry. e goal of DevOps is to bring so ware changes into production with a high frequency and fast feedback cycles.is con icts with so ware quality assurance activities, particularly with respect to performance. For instance, performance evaluation activities -such as load testing -require a considerable amount of time to get statistically signi cant results.We conducted an industrial survey to get insights into how performance is addressed in industrial DevOps se ings. In particular, we were interested in the frequency of executing performance evaluations, the tools being used, the granularity of the obtained performance data, and the use of model-based techniques. e survey responses, which come from a wide variety of participants from di erent industry sectors, indicate that the complexity of performance engineering approaches and tools is a barrier for wide-spread adoption of performance analysis in DevOps. e implication of our results is that performance analysis tools need to have a short learning curve, and should be easy to integrate into the DevOps pipeline.ACM Reference format:
The accelerated growth in exploiting vulnerabilities due to errors or failures in the software development process is a latent concern in the Software Industry. In this sense, this study aims to provide an overview of the Secure Software Development trends to help identify topics that have been extensively studied and those that still need to be. Therefore, in this paper, a systematic mapping review with PICo search strategies was conducted. A total of 867 papers were identified, of which only 528 papers were selected for this review. The main findings correspond to the Software Requirements Security, where the Elicitation and Misuse Cases reported more frequently. In Software Design Security, recurring themes are security in component-based software development, threat model, and security patterns. In the Software Construction Security, the most frequent topics are static code analysis and vulnerability detection. Finally, in Software Testing Security, the most frequent topics are vulnerability scanning and penetration testing. In conclusion, there is a diversity of methodologies, models, and tools with specific objectives in each secure software development stage.
How is software measurement addressed in undergraduate and graduate programs in universities? Do organizations consider that the graduating students they hire have an adequate knowledge of software measurement? To answer these and related questions, a survey was administered to participants who attended the IWSM-MENSURA 2010 conference in Stuttgart, Germany. Forty-seven of the 69 conference participants (including software development practitioners, software measurement consultants, university professors, and graduate students) took part in the survey. The results indicate that software measurement topics are: 1) covered mostly at the graduate level and not at the undergraduate level, and 2) not mandatory. Graduate students and professors consider that, of the measurement topics covered in university curricula, specific topics, such as measures for the requirements phase, and measurement techniques and tools, receive more attention in the academic context. A common observation of the practitioners who participated in the survey was that students hired as new employees bring limited software measurement-related knowledge to their organizations. Discussion of the findings and directions for future research are presented
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.