Effort and Cost in Software Engineering

Huijgens, Hennie; Deursen, Arie van; Minku, Leandro L.; Lokan, Chris

doi:10.1145/3084226.3084249

Cited by 9 publications

(4 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…At the high end, it might require considerably more effort, including a fully appointed front company and a lengthy development process. For insight into development costs, we could treat malware development as simply a form of software development, which would fall in about the same cost range, depending on the size and complexity (Huijgens et al, 2017). We could then walk through each of the factors (see Wagner and Ruhe, 2018) that drive software development costs and try to estimate an attacker's cost from these factors or look at rental rates for hacking products.…”

Section: Box 41 Uncertainty About the Costs Of Attackingmentioning

confidence: 99%

Cybersecurity and Supply Chain Risk Management Are Not Simply Additive: Implications for Directions in Risk Assessment, Risk Mitigation, and Research to Secure the Supply of Defense Industrial Products

2023

View full text Add to dashboard Cite

In mid-2019, the Air Force Research Laboratory (AFRL) asked RAND Project AIR FORCE (PAF) for assistance understanding how cyber-related risks compare with other risks to its defense-industrial supply chains-a scope that included supply chains for hardware, not supply chains for software per se-and exploring implications for risk assessment and mitigation and for research. Over the next 18 months, PAF sought to characterize cyber-related risks to supply chains and identify directions for addressing the distinct-unique, exceptional, and sometimesreinforcing-challenges that cyber-related risks pose to defense-industrial supply chains and, hence, to supply chain risk management (SCRM).This report discusses that PAF research effort. The effort was part of a larger undertaking that also explored national security policies at the nexus of cybersecurity and SCRM, as well as tools and frameworks for addressing cyber-related risks. The report complements a body of recent RAND work, including several studies on the cybersecurity of Department of the Air Force weapon systems and industrial control systems, cyber vulnerabilities, and global supply chain risks. It should be of interest to those seeking to secure the supply of defense industrial products from the risks of cyberattacks, primarily from the perspective of SCRM, and across research and policy communities.

show abstract

Section: Box 41 Uncertainty About the Costs Of Attackingmentioning

confidence: 99%

Cybersecurity and Supply Chain Risk Management Are Not Simply Additive: Implications for Directions in Risk Assessment, Risk Mitigation, and Research to Secure the Supply of Defense Industrial Products

2023

View full text Add to dashboard Cite

show abstract

“…the costs. The effort estimation is critical part of software project management [41] and it inherently carries a considerable amount of uncertainty [42]. Whatever model is implemented on the project, it should strive to reduce this so that the project converges to the successful end.…”

Section: Related Researchmentioning

confidence: 99%

The Effects of Turnover on Expert Effort Estimation

Karna

Gotovac

Vickovic

et al. 2020

JIOS

View full text Add to dashboard Cite

Turnover of the personnel represents a serious issue for management of software projects. The buildup of competences and phasing in of the people into the project requires both time and effort. This paper presents a case study of a large in-house agile software development project. The research goal was to determine the effects that turnover has on the expert effort estimation. In order to do this, paper examines relations across empirical data on a studied project. Study findings are the following: a) it is necessary to distinguish types of turnover, b) the general and planned turnover do not necessarily have a negative effect on estimation accuracy, and c) the unplanned turnover can have a significant negative impact on the reliability of the estimates and therefore should be treated with special attention. Results suggest that these facts should be taken into account both by the management and human resources.

show abstract

“…These attributes reflect the data quality of a project in this dataset. In most studies on software effort prediction involving the ISBSG dataset, the authors follow the ISBSG guidelines [9] and filter the data by only including projects with Data Quality Rating and UFP Rating classified as A or B, denoting at least good quality [7,[10][11][12][13][14][15][16][17]. Generally, performing analyses on the best possible data seems reasonable.…”

Section: Introductionmentioning

confidence: 99%

“…For UFP Rating, it mainly reflects data integrity between variables describing project size. In many studies, the dataset was filtered to include only projects with categories A or B for one or both rating attributes [7,[10][11][12][13][14][15] or with even stricter filtering including only projects with Data Quality Rating in the A category [16,17]. Furthermore, the ISBSG guidelines [9] recommend using projects for statistical analyses with Data Quality Rating A or B, because of the uncertainty about some of the size or effort values for projects with ratings C or D. However, arbitrary data filtering, based on these ratings, may be too conservative or too optimistic [21].…”

mentioning

confidence: 99%

The Impact of Data Quality on Software Testing Effort Prediction

Radliński

2023

Electronics

View full text Add to dashboard Cite

Background: This paper investigates the impact of data quality on the performance of models predicting effort on software testing. Data quality was reflected by training data filtering strategies (data variants) covering combinations of Data Quality Rating, UFP Rating, and a threshold of valid cases. Methods: The experiment used the ISBSG dataset and 16 machine learning models. A process of three-fold cross-validation repeated 20 times was used to train and evaluate each model with each data variant. Model performance was assessed using absolute errors of prediction. A ‘win–tie–loss’ procedure, based on the Wilcoxon signed-rank test, was applied to identify the best models and data variants. Results: Most models, especially the most accurate, performed the best on a complete dataset, even though it contained cases with low data ratings. The detailed results include the rankings of the following: (1) models for particular data variants, (2) data variants for particular models, and (3) the best-performing combinations of models and data variants. Conclusions: Arbitrary and restrictive data selection to only projects with Data Quality Rating and UFP Rating of ‘A’ or ‘B’, commonly used in the literature, does not seem justified. It is recommended not to exclude cases with low data ratings to achieve better accuracy of most predictive models for testing effort prediction.

show abstract

Effort and Cost in Software Engineering

Cited by 9 publications

References 35 publications

Cybersecurity and Supply Chain Risk Management Are Not Simply Additive: Implications for Directions in Risk Assessment, Risk Mitigation, and Research to Secure the Supply of Defense Industrial Products

Cybersecurity and Supply Chain Risk Management Are Not Simply Additive: Implications for Directions in Risk Assessment, Risk Mitigation, and Research to Secure the Supply of Defense Industrial Products

The Effects of Turnover on Expert Effort Estimation

The Impact of Data Quality on Software Testing Effort Prediction

Contact Info

Product

Resources

About