Software systems become progressively more complex and difficult to maintain. To facilitate maintenance tasks, project managers and developers often turn to the evolution history of the system to recover various kinds of useful information, such as anomalous phenomena and lost design decisions. An informative visualization of the evolution history can help cope with this complexity by highlighting conspicuous evolution events using strong visual cues. In this paper, we present a scalable visualization technique called evolution spectrographs (ESG). An evolution spectrograph portrays the evolution of a spectrum of components based on a particular property measurement. We describe several special-purpose spectrographs and discuss their use in understanding and supporting software evolution through the case studies of three large software systems (OpenSSH, KOffice and FreeBSD).

As software evolves, maintenance practices require a process of accommodating changing requirements while minimizing the cost of implementing those changes. Over time, incompatibilities between design assumptions and the operational environment become more pronounced, requiring some regions of the implementation to require repeated modification. These regions are considered to be "unstable", and may benefit from targeted restructuring efforts as a means of realigning these assumptions and the environment.

process of incremental change. Researchers have observed that software systems also exhibit characteristics of punctuation (sudden and discontinuous change) during their evolution. In this paper, we analyze punctuated evolution from the perspective of structural change. We developed a colorcoded visualization technique called the Evolution Spectrograph (ESG). ESG can be applied to highlight conspicuous changes across a historical sequence of software releases. We describe evolution spectrographs and present the empirical results from our studies of three open source software systems: OpenSSH, PostgreSQL, and Linux. We show that punctuated change occurred in the evolution of these three systems, and we validate our empirical results by examining related software documents such as change logs and release notes.

This paper discusses in detail a possible methodology for collecting repository data on a large number of open source software projects from a single project hosting and community site. The process of data retrieval is described along with the possible metrics that can be computed and which can be used for further analyses. Example research areas to be addressed with the available data and first results are given. Then, both advantages and disadvantages of the proposed methodology are discussed together with implications for future approaches. 1.

It is remarkable to think that even without any interest in finding suitable methods and concepts that would allow complex software systems to evolve and remain manageable, the ever growing open source movement has silently managed to establish highly successful evolution techniques over the last two decades. These concepts represent best practices that could be applied equally to a number of today 's most crucial problems concerning the evolution of complex commercial software systems. In this paper, the authors state and explain some of these principles from the perspective of experienced open source developers, and give the rationale as to why the highly dynamic "free software development process", as a whole, is entangled with constantly growing code bases and changing project sizes, and how it deals with these successfully.

Open source software is often considered to be secure. One factor in this confidence in the security of open source software lies in leveraging large developer communities to find vulnerabilities in the code. Eric Raymond declares Linus ’ Law “Given enough eyeballs, all bugs are shallow. ” Does Linus ’ Law hold up ad infinitum? Or, can the multitude of developers become “too many cooks in the kitchen”, causing the system’s security to suffer as a result? In this study, we examine the security of an open source project in the context of developer collaboration. By analyzing version control logs, we quantified notions of Linus ’ Law as well as the “too many cooks in the kitchen ” viewpoint into developer activity metrics. We performed an empirical case study by examining correlations between the known security vulnerabilities in the open source Red Hat Enterprise Linux 4 kernel and developer activity metrics. Files developed by otherwiseindependent developer groups were more likely to have a vulnerability, supporting Linus ’ Law. However, files with changes from nine or more developers were 16 times more likely to have a vulnerability than files changed by fewer than nine developers, indicating that many developers changing code may have a detrimental effect on the system’s security. Categories and Subject Descriptors D.2.8 [Software Engineering]: Metrics – process metrics, product metrics.

With the success of libre (free, open source) software, a new type of software compilation has become increasingly common. Such compilations, often referred to as ‘distributions’, group hundreds, if not thousands, of software applications and libraries written by independent parties into an integrated system. Software compilations raise a number of questions that have not been targeted so far by software evolution, which usually focuses on the evolution of single applications. Undoubtedly, the challenges that software compilations face differ from those found in single software applications. Nevertheless, it can be assumed that both, the evolution of applications and that of software compilations, have similarities and dependencies. In this sense, we identify a dichotomy, common to that in economics, of software evolution in the small (microevolution) and in the large (macro-evolution). The goal of this paper is to study the evolution of a large software compilation, mining the publicly available repository of a well-known Linux distribution, Debian. We will therefore investigate changes related to hundreds of millions of lines of code over seven years. The aspects that will be covered in this paper are size (in terms of number of packages and of number of lines of code), use of programming languages, maintenance of packages and file sizes.

I hereby declare that I am the sole author of this thesis. The is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii This thesis undertakes an empirical study of software evolution by analyzing open source software (OSS) systems. The main purpose is to aid in understanding OSS evolution. The work centers on collecting large quantities of structural data cost-effectively and analyzing such data to understand software evolution dynamics (the mechanisms and causes of change and growth). We propose a multipurpose systematic approach to extracting program facts (e.g., func-tion calls). This approach is supported by a suite of C and C++ program extractors, which cover different steps in the program build process and handle both source and binary code. We present several heuristics to link facts extracted from individual files into a combined system model of reasonable accuracy. We extract historical sequences of system models to aid software evolution analysis. We propose that software evolution can be viewed as Punctuated Equilibrium (i.e., long periods of small changes interrupted occasionally by large avalanche changes). We develop two approaches to study such dynamical behavior. One approach uses the evolution spec-trograph to visualize file level changes to the implemented system structure. The other ap-proach relies on automated software clustering techniques to recover system design changes. We discuss lessons learned from using these approaches. We present a new perspective on software evolution dynamics. From this perspective, an evolving software system responds to external events (e.g., new functional requirements) according to Self-Organized Criticality (SOC). The SOC dynamics is characterized by the following: (1) the probability distribution of change sizes is a power law; and (2) the time series of change exhibits long range correlations with power law behavior. We present em-pirical evidence that SOC occurs in open source software systems. iii

Abstract – In this paper, the evolution of a large sample of open source software projects will be analysed. The evolution of commercial systems has been an issue that has long been a center of research, thus a coherent theoretical framework of software evolution has been developed and empirically tested. Therefore these results can be used to compare the situation in open source projects to the evolution of commercial projects. This allows to assess whether the underlying software process indeed significantly differs. The data collection methodology relying on a large software repository and the respective source code control systems is described, and an overview on the collected data on several thousand projects is given. The evolutionary behaviour is explored using both a linear and a quadratic model, with the quadratic model significantly outperforming the linear one. The most interesting fact is that while in the mean the growth rate is decreasing over time according to the laws of software evolution, especially larger projects with a higher number of participants might be more often able to sustain super-linear growth. I.

Abstract not found