Validation of New Theses on Off-the-Shelf Component Based Development

Using OTS (Off-The-Shelf) components in software development has become increasingly popular in the IT industry. OTS components can be either COTS (Commercial-Off-The-Shelf), or OSS (Open-Source-Software) components. A recent study with seven structured interviews concluded with six theses, which contradicted widely accepted (or simply undisputed) insight. Since the sample size of that study was very small, it is necessary to investigate these theses in a larger and randomized sample. A state-of-the-practice survey in three countries — Norway, Italy, and Germany — has been performed to validate these new theses. Data from 133 OTS component-based projects has been collected. Results of this survey support four and contradict two of the initial theses. The supported theses are: OSS components were mainly used without modification in practice; custom code mainly provided additional functionality; formal OTS selection processes were seldom used; OTS component users managed to get required changes from vendors. The unsupported theses are: standard mismatches were more frequent than architecture mismatches; OTS components were mainly selected based on architecture compliance instead of function completeness.

[1]  James M. Bieman,et al.  Software architecture classification for estimating the cost of COTS integration , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[2]  Nenad Medvidovic,et al.  Component-based perspective on software mismatch detection and resolution , 2000, IEE Proc. Softw..

[3]  Reidar Conradi,et al.  An empirical study of variations in COTS-based software development processes in the Norwegian IT industry , 2004, 10th International Symposium on Software Metrics, 2004. Proceedings..

[4]  Marco Torchiano,et al.  Overlooked aspects of COTS-based development , 2004, IEEE Software.

[5]  Maurizio Morisio,et al.  Investigating and improving a COTS-based software development process , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[6]  Barry W. Boehm,et al.  COTS Integration: Plug and Pray? , 1999, Computer.

[7]  Barry W. Boehm,et al.  Requirements that Handle IKIWISI, COTS, and Rapid Change , 2000, Computer.

[8]  Reidar Conradi,et al.  An empirical study of variations in COTS-based software development processes in Norwegian IT industry , 2004 .

[9]  Patricia K. Lawlis,et al.  A Formal Process for Evaluating COTS Software Products , 2001, Computer.

[10]  Lisa Brownsword,et al.  Evolutionary Process for Integrating COTS-Based Systems (EPIC): An Overview , 2002 .

[11]  G. Lawton Open Source Security: Opportunity or Oxymoron? , 2002, Computer.