Professional Documents
Culture Documents
Process
Criteria
Resources
Marko Schütz
07 May 2009
Outline
1 Overview
2 Process
3 Criteria
4 Resources
Workshop Structure
– presentation of background
– independent work
– review
Introduction
– the problem
> FLOSS sought to fill some need
> wealth of FLOSS available: 100,000s of projects
– stages of the process
requirements
analyze review
compare
– criteria
– resources supporting the process
> existing evaluation frameworks
> project documentation templates
Marko Schütz Evaluating, Selecting, and Implementing Free/Libre/Open-Source
Overview
Process
Criteria
Resources
Stages
– elicit
> user interviews
> user surveys
> brainstorming sessions
Identify Candidates
Review Candidates
Analyze Results
Implement
Criteria
Community
Source Code
– technologies
> portability hidden issues: Java may be less portable than
e.g. C
> teams existing competence in those technologies
> teams desire, capability to learn these technologies
> extends to e.g.
- programming language
- database system
- desktop environment
- communications protocols
– How well is the implementation documented?
– code size
> is an expenditure!!! bigger is worse, not better
> all that code has to be maintained
Marko Schütz Evaluating, Selecting, and Implementing Free/Libre/Open-Source
Overview
Process
Criteria
Resources
Project Evolution
– How long does the project exist?
– history
> How has it proceeded since then?
> Have there been prolonged phases of inactivity?
> How has developer community evolved?
> Major obstacles/challenges faced?
– maturity
> Is it based on a tried concept, architecture?
> What are the revisions it went through?
> Will be different for different kinds of applications
> Installations
- What are the showcase deployments/installations?
- How many installations are there?
Deliverables
– usability
– quality
– security
– feature list: breadth/focus
– documentation
Deliverables: Usability
– often misused:
> ease of installation, initial startup: valuable for casual, new
users
> frequent/”power” users need growth path, e.g.:
- scripting
- external control
- plug-ins
– setup prerequisites
> which are shared with other software that is likely to be
used? e.g. requires KDE, requires PostgreSQL.
Amortization.
> done once, updates should be rare. Amortize over user
number, usage time.
> estimated time to update to future versions
Deliverables: Quality
– minor releases & point/patch releases
> criteria for version number increase
> developer oriented might rely of code repository
– open bugs
> bugs need to be reported
> how many reporters?
> what kind of bugs are reported?
> assignment of appropriate priority
> bug-fixing sprints held
> avoidance of regressions
> reactivity to security relevant bugs
> security relevant bugs relative to software class
> what is considered critical?
> as with most criteria here: absolute numbers mean little
Marko Schütz Evaluating, Selecting, and Implementing Free/Libre/Open-Source
Overview
Process
Criteria
Resources
Deliverables: Security
– security vulnerabilities
> how many
> how critical
> over what period
Trials
– http://www.openbrr.org
– evaluation methodology
– provides
> template
> some sample evaluations
– http://www.qsos.org
– evaluation methodology
– provides
> template
> browser-based software to work with templates
> sample evaluations
ReadySET
– http://readyset.tigris.org
– project documentation library
– provides
> XHTML-based forms for software-engineering projects
Discussion
Independent Work