Abstract—This paper describes the results of an investigation into a set of metrics for object-oriented design, called the MOOD metrics. The merits of each of the six MOOD metrics is discussed from a measurement theory viewpoint, taking into account the recognized object-oriented features which they were intended to measure: encapsulation, inheritance, coupling, and polymorphism. Empirical data, collected from three different application domains, is then analyzed using the MOOD metrics, to support this theoretical validation. Results show that (with appropriate changes to remove existing problematic discontinuities) the metrics could be used to provide an overall assessment of a software system, which may be helpful to managers of software development projects. However, further empirical studies are needed before these results can be generalized. Index Terms—Empirical software engineering, validating software metrics, assessing object-oriented software.

1 This paper describes an empirical comparison of several modeling techniques for predicting the quality of software components early in the software life cycle. Using software product measures, we built models that classify components as high-risk, i.e., likely to contain faults, or low-risk, i.e., likely to be free of faults. The modeling techniques evaluated in this study include principal component analysis, discriminant analysis, logistic regression, logical classification models, layered neural networks, and holographic networks. These techniques provide a good coverage of the main problemsolving paradigms: statistical analysis, machine learning, and neural networks. Using the results of independent testing, we determined the absolute worth of the predictive models and compare their performance in terms of misclassification errors, achieved quality, and verification cost. Data came from 27 software systems, developed and tested during three years of project-intensive academic cou...

This paper presents a process model for software measurement methods. The proposed model details the distinct steps from the design of a measurement method, to its application, then to the analysis of its measurement results and last to the exploitation of these results in subsequent models, such as in quality and estimation models. From this model, a validation framework can be designed for analyzing whether or not a software metrics could qualify as a measurement method. The model can also be used for analyzing the coverage of the validation methods proposed for software metrics.

In this paper we present a concrete method for validating software product measures for internal attributes and provide guidelines for its application. This method integrates much of the relevant previous work, such as measurement theory, properties of measures, and GQM. We identify two types of validation: theoretical and empirical. The former addresses the question "is the measure measuring the attribute it is purporting to measure?", and the latter addresses the question "is the measure useful in the sense that it is related to other variables in expected ways?"

Abstract—Measurement of software security is a long standing challenge to the research community. At the same time, practical security metrics and measurements are essential for secure software development. Hence the need for metrics is more pressing now due to a growing demand for secure software. In this paper, we propose to use a software system’s attack surface measurement as an indicator of the system’s security. We formalize the notion of a system’s attack surface and introduce an attack surface metric to measure the attack surface in a systematic manner. Our measurement method is agnostic to a software system’s implementation language and is applicable to systems of all sizes; we demonstrate our method by measuring the attack surfaces of small desktop applications and large enterprise systems implemented in C and Java. We conducted three exploratory empirical studies to validate our method. Software developers can mitigate their software’s security risk by measuring and reducing their software’s attack surfaces. Our attack surface reduction approach complements software industry’s traditional code quality improvement approach for security risk mitigation and is useful in multiple phases of the software development lifecycle. Our collaboration with SAP demonstrates the use of our metric in the software development process.

Abstract. Accurate estimates of development effort play an important role in the successful management of larger Web development projects. However, estimating the effort required in developing Web applications can be a difficult task. By applying measurement principles to measure the quality of applications and their development processes, feedback can be obtained to help control, improve and predict products and processes. Although to date most work in software effort estimation has focused on algorithmic cost models, in recent years research in the field of effort estimation has started to move towards non-algorithmic models, where "estimation by analogy " is one of the available techniques. The first part of this paper describes a case study evaluation (CSE) where proposed metrics and the effort involved in authoring Web applications were measured. The second half presents the use of analogy and two algorithmic models- linear regression and stepwise multiple regression- to estimate the authoring effort of Web applications, based on the datasets obtained from the CSE. Results suggest that estimation by analogy is a superior technique and that, with the aid of an automated environment, it is a practical technique to apply to Web authoring prediction. 1

Measuring structural design properties of a software system, such as coupling, cohesion, or complexity, is a promising approach towards early quality assessments. To use such measurement effectively, quality models are needed that quantitatively describe how these internal structural properties relate to relevant external system qualities such as reliability or maintainability. This chapter has for objective to summarize, in a structured and detailed fashion, the empirical results that have been reported so far with modeling external system quality based on structural design properties in object-oriented systems. We perform a critical review of existing work in order to identify lessons learned regarding the way these studies are performed and reported. Constructive guidelines are also provided to facilitate the work of future studies, thus facilitating the development of an

Abstract—Design by Contract is a lightweight technique for embedding elements of formal specification (such as invariants, pre and postconditions) into an object-oriented design. When contracts are made executable, they can play the role of embedded, online oracles. Executable contracts allow components to be responsive to erroneous states and, thus, may help in detecting and locating faults. In this paper, we define Vigilance as the degree to which a program is able to detect an erroneous state at runtime. Diagnosability represents the effort needed to locate a fault once it has been detected. In order to estimate the benefit of using Design by Contract, we formalize both notions of Vigilance and Diagnosability as software quality measures. The main steps of measure elaboration are given, from informal definitions of the factors to be measured to the mathematical model of the measures. As is the standard in this domain, the parameters are then fixed through actual measures, based on a mutation analysis in our case. Several measures are presented that reveal and estimate the contribution of contracts to the overall quality of a system in terms of vigilance and diagnosability. Index Terms—Object-oriented design methods, programming by contract, diagnostics, metrics. 1

Database and data model evolution is a significant problem in the highly dynamic business environment that we experience these days. To support the rapidly changing data requirements of agile companies, conceptual data models, which constitute the foundation of database design, should be sufficiently flexible to be able to incorporate changes easily and smoothly. In order to understand what factors drive the maintainability of conceptual data models and to improve conceptual modelling processes, we need to be able to assess conceptual data model properties and qualities in an objective and cost-efficient manner. The scarcity of early available and thoroughly validated maintainability measurement instruments motivated us to define a set of metrics for Entity-Relationship (ER) diagrams, which are a relevant graphical formalism of the conceptual data modelling method. In this paper we show that these objectives and easily calculated metrics, measuring internal properties of ER diagrams related to their structural complexity, can be used as indirect measures (hereafter called indicators) of the maintainability

This contribution presents a new approach, based on Fuzzy Prototypical Knowledge Discovery, to predict the maintainability of class diagrams done using the Unified Modelling Language (UML), which has great importance on the final quality of object-oriented information systems (OOIS). The prediction model is built from metrics values obtained at the early phases of OOIS life-cycle. We will start with Fuzzy Prototypical Knowledge Discovery process (FPKD) for finding Fuzzy Deformable Prototypes of class diagram maintainability, and later we will predict a real case class diagram maintainability deforming the similar prototypes using the degree of compatibility with them.