dr tom mens
play

Dr. Tom Mens g n r i u s a e M n i g Dr. Ahmed Zerouali - PowerPoint PPT Presentation

Sep 23, 2023 •299 likes •599 views

Dr. Tom Mens g n r i u s a e M n i g Dr. Ahmed Zerouali a L l a c n i h c e T s n t e m y o p l e D e r a w Software Engineering Lab f t o S University of Mons tom.mens@umons.ac.be @tom_mens

  1. Dr. Tom Mens g n r i u s a e M n i g Dr. Ahmed Zerouali a L l a c n i h c e T s n t e m y o p l e D e r a w Software Engineering Lab f t o S University of Mons tom.mens@umons.ac.be @tom_mens chaoss.community

  2. @secoassist secoassist.github.io "Excellence of Science" Research Project chaoss.community

  3. Focus Which measures can help software developers and deployers to decide when and why they should update? Update Don’t update chaoss.community 3

  4. Focus Up-to-date Outdated chaoss.community 4

  5. Online survey What would be the most appropriate (i.e., ideal) version of a software library to depend on? • 17 respondents Highly educated with an average of 3 years of development experience ★ Most stable (14) • Responses: ★ Latest available (9) ★ Most documented (7) ★ Most secure (5) chaoss.community 5

  6. Idea: Technical Lag “The increasing difference between deployed software packages and the ideal available upstream packages.” Ideal • stability, security, functionality, recency, etc. Difference • time, version updates, bugs, vulnerabilities, features, … J. Gonzalez-Barahona, P. Sherwood, G. Robles, D. Izquierdo (2017) "Technical lag in software compilations: Measuring how outdated a software deployment is.” IFIP International Conference on Open Source Systems . Springer chaoss.community 6

  7. Importance of Technical Lag Semi-structured interviews: 2019 5 highly educated software practitioners with an average of 10 years of experience Technical Lag is important, especially if we mix between the benefits of updating and the effort required to do that. chaoss.community 7

  8. Measuring Technical Lag ∆ version ∆ time ∆ bugs ∆ vulnerabilities chaoss.community

  9. Measuring Technical Lag A technical lag framework F is a tuple (C, L, ideal, delta, agg) with C a set of component releases • L a set of possible lag values • • ideal: C → C computes the “ideal” (upstream) component release for a given (deployed) release delta: C x C → L computes the difference between two • component releases agg: 2 L → L aggregates the results of a set of lags • A formal framework for measuring technical lag in component repositories – and its application to npm. A. Zerouali, T. Mens, J. Gonzalez-Barahona, A. Decan, E. Constantinou, G. Robles. Wiley Journal on Software Evolution and Process, 2019 chaoss.community

  10. Measuring Technical Lag Given a technical lag framework F, we define techlag F (c) = delta(c,ideal(c)) for any deployed component c aggLag F (D) = agg( {techlag F (c) | c in D} ) for any set of deployed components D A formal framework for measuring technical lag in component repositories – and its application to npm. A. Zerouali, T. Mens, J. Gonzalez-Barahona, A. Decan, E. Constantinou, G. Robles. Wiley Journal on Software Evolution and Process, 2019 chaoss.community

  11. Technical Lag - Example Time -based measurement of technical lag (ideal = most recent release; delta = time difference) 1.0.1 1.1.0 1.2.0 2.0.0 2.0.1 upstream package Time lag date(2.0.1) - date(1.1.0) deployed package chaoss.community

  12. Technical Lag - Example Version -based measurement of technical lag (ideal = highest release; delta = version difference) 1 major 1 patch 1.0.1 1.1.0 2.0.0 2.0.1 1.2.0 upstream package Version lag 1 major + 1 patch deployed package chaoss.community

  13. Technical Lag - Example Vulnerability -based measurement of technical lag (ideal = least vulnerable release; delta = #vulnerabilities) 1.0.1 1.1.0 1.2.0 2.0.0 2.0.1 upstream package Security lag 1 vulnerability fix behind deployed package chaoss.community

  14. Technical Lag - Example Bug -based measurement of technical lag (ideal = least known bugs; delta = #known bugs) 1.0.1 1.1.0 1.2.0 2.0.0 2.0.1 upstream package Bug lag 1 more bug than Dependency needs to be downgraded to most stable version be able to use most stable version… deployed package chaoss.community

  15. Case study 1: Technical lag in npm distribution of JavaScript packages +20M dependencies A. Decan, T. Mens, E. Constantinou (2018) On the evolution of technical lag in the npm package dependency network. IEEE Int’l Conf. Software Maintenance and Evolution chaoss.community Credits: https://exploring-data.com/vis/npm-packages-dependencies/

  16. Technical Lag – Example package.json chaoss.community 16

  17. Technical Lag – Example chaoss.community 17

  18. Technical Lag – Example Time-based technical lag for deployed release debug 2.6.9 ideal (debug 2.6.9) = debug 3.1.0 timeLag (debug 2.6.9) = 26-09-2017 - 22-09-2017 = 4 days versionLag (debug 2.6.9) = 1 major + 1 minor + 1 patch chaoss.community 18

  19. Technical Lag – Example Time-based technical lag for deployed release ms 2.0.0 ideal (ms 2.0.0) = ms 2.1.1 timeLag (ms 2.0.0) = 30-11-2017 - 16-05-2017 = 198 days versionLag (ms 2.0.0) = 1 minor + 1 patch chaoss.community 19

  20. Technical Lag – Example Aggregated transitive time lag for deployed release youtube-player 5.5.0 agglag ({ debug 2.6.9, ms 2.0.0 }) = max ( 4 days, 198 days ) = 198 days chaoss.community 20

  21. Tool support Example: david-dm.org chaoss.community

  22. Case study 2: Technical lag in Debian-based Docker containers A. Zerouali, T. Mens, G. Robles, J. Gonzalez-Barahona (2019). On the relation between outdated Docker containers, security vulnerabilities, and bugs. IEEE In’tl Conf. SANER chaoss.community

  23. Case study 2: Technical lag in Debian-based Docker containers Important issues faced when deploying Docker containers: Security vulnerabilities • Dependence on external software packages • Presence of bugs in third-party software • Outdated third-party software • chaoss.community

  24. Technical Lag in Debian-based Docker containers « ideal » release 1.0.1 1.1.0 1.2.1 2.0.0 2.1.0 upstream releases of the Debian package Technical lag ∆ versions (freshness) ∆ vulnerabilities (security) deployed ∆ bugs (stability) Docker container container C included Debian package release chaoss.community 26

  25. Tool support Example: snyk container chaoss.community

  26. Summary Technical Lag is a very useful generic measure for assessing to which extent deployed software is outdated w.r.t. upstream releases. • Different ways to measure (time, version, bugs, vulnerabilities, …) and aggregate (max, sum, …) technical lag • It can be operationalized in different contexts (package dependency management, container deployment, …) Suggestion: • Include this measure as part of the CHAOSS Metrics and Tooling Open Challenges: • How to measure effort required to update? • How to combine multiple dimensions of technical lag? • How to assess whether updates do not cause breaking changes? chaoss.community 30

  27. New proposed CHAOSS project metrics • Dependencies • Number of / List of; Direct or transitive • Dependency depth • Outdated dependencies • List of / Number of / Ratio of • Vulnerable dependencies • List of / Number of / Ratio of • Dependents (i.e. reverse dependencies) • Number of / List of; Direct or transitive • Dependency lag • aggregated dependency-based technical lag of a project • Deployment lag • Aggregated lag of set of deployed components w.r.t. upstream chaoss.community

  28. http://soheal.github.io SoHeal, May 2020 3rd Int’l ICSE Workshop on Software Health Seoul, South Korea – May 2020 What? • Focus on the health of software projects, communities and ecosystems • Discuss about technical, social, legal and business aspects related to project effectiveness, success, longevity, growth, resilience, survival, diversity, sustainability, popularity, inclusiveness, ... Who? • Open Source Community Members, Industry and Academia Why? • Raise awareness on software health @iw_soheal • Present tools, methods, practical experiences • Advance body of knowledge on software health chaoss.community

  29. SoHeal 2020 http://soheal.github.io/cft.html Extended call for submissions Are you a involved in software projects or ecosystems, and have something to say about software health? Submit a short paper or talk proposal on • Open source and industrial experiences from individual, team or community level • Relation between software health and social, technical, legal, process and business aspects • Tools, dashboards and models to enable, assess, predict and recommend software health • Guidelines and lessons learned Submission deadline: Friday, February 7, 2019 chaoss.community

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DIVISION I MENS BASKETBALL BREAKOUT Ron English Director, Mens Basketball Championships

DIVISION I MENS BASKETBALL BREAKOUT Ron English Director, Mens Basketball Championships

DIVISION I MENS BASKETBALL BREAKOUT Ron English Director, Mens Basketball Championships OPPORTUNITY Preliminary Rounds Mens basketball has aligned with the other NCAA championships. This bid cycle will award sites for 2023,

404 views • 12 slides
NATIONAL MENS HEALTH POLICIES WHAT DIFFERENCE CAN THEY MAKE? APHA Mens Health Caucus

NATIONAL MENS HEALTH POLICIES WHAT DIFFERENCE CAN THEY MAKE? APHA Mens Health Caucus

NATIONAL MENS HEALTH POLICIES WHAT DIFFERENCE CAN THEY MAKE? APHA Mens Health Caucus Denver, 31 October 2016 Peter Baker Director Global Action on Mens Health www.gamh.org Presenter Disclosures Peter Baker The following personal

378 views • 23 slides
a Mens Shed day where you can be a part of making positive social and health changes for

a Mens Shed day where you can be a part of making positive social and health changes for

Welcome to a great day, a Mens Shed day where you can be a part of making positive social and health changes for Scotland's men & communities My Purpose Today To share with you what is a Mens Shed - the missing piece of the mens

351 views • 16 slides
SCD095-17 WHO WE ARE Were the only global charity focused solely on mens health. Since

SCD095-17 WHO WE ARE Were the only global charity focused solely on mens health. Since

SCD095-17 WHO WE ARE Were the only global charity focused solely on mens health. Since 2003, weve inspired millions of men and women to take action for mens health, funding over 1,000 projects focused on prostate cancer, testicular

371 views • 13 slides
DIVISION I MENS ICE HOCKEY Kristin W. Fasbender Director of Championships and Alliances Chad

DIVISION I MENS ICE HOCKEY Kristin W. Fasbender Director of Championships and Alliances Chad

DIVISION I MENS ICE HOCKEY Kristin W. Fasbender Director of Championships and Alliances Chad Tolliver Associate Director of Championships and Alliances OPPORTUNITY 2023- 26 Division I Mens Frozen Four 2022- 26 Division I Mens

596 views • 11 slides
Welcome! Technology, Workforce, Prevention Wallingford PPG Mens Health Emma Hagues

Welcome! Technology, Workforce, Prevention Wallingford PPG Mens Health Emma Hagues

Wallingford PPG Mens Health Welcome! Technology, Workforce, Prevention Wallingford PPG Mens Health Emma Hagues Here for Health Oxford University Hospitals Gemma Crane UCare Adam Jones Consultant Urologist Neil

458 views • 43 slides
Mens issues in CVD risk management and CVD prevention Feisul Idzwan Mustapha Consultant

Mens issues in CVD risk management and CVD prevention Feisul Idzwan Mustapha Consultant

Mens issues in CVD risk management and CVD prevention Feisul Idzwan Mustapha Consultant Public Health Physician (NCD) Disease Control Division Ministry of Health Malaysia First Malaysian Mens Health Conference 2018 Kuala Lumpur, 13

218 views • 21 slides
COLLEGIATE CHAMPIONSHIPS John Bugner & Jeff Mlynski DIVISION I Mens & Womens

COLLEGIATE CHAMPIONSHIPS John Bugner & Jeff Mlynski DIVISION I Mens & Womens

DIVISION I & NATIONAL COLLEGIATE CHAMPIONSHIPS John Bugner & Jeff Mlynski DIVISION I Mens & Womens Cross Country Field Hockey Mens & Womens Golf Womens Lacrosse Womens Rowing (DI/DII/DIII)

263 views • 10 slides
Stanford Mens Varsity Golf Team Performance Analysis: Informing Putting and Approach Shots

Stanford Mens Varsity Golf Team Performance Analysis: Informing Putting and Approach Shots

Stanford Mens Varsity Golf Team Performance Analysis: Informing Putting and Approach Shots Practice and Strategy on a Risk-Reward Basis Lindsey Kostas, Luke Lefebure, Sam Sarpong, Chris Sebastian Stanford Mens Varsity Golf Team Viraat

333 views • 22 slides
Badminton Doubles Doubles VS Singles Womens Mens Mixed Doubles Doubles Doubles

Badminton Doubles Doubles VS Singles Womens Mens Mixed Doubles Doubles Doubles

Badminton Doubles Doubles VS Singles Womens Mens Mixed Doubles Doubles Doubles Womens Mens Singles Singles What doubles need ?? Reflexes Coordination Speed Power Endurance Athleticism Focus How to

525 views • 14 slides
PERRY ELLIS MENS SPORTS TSWEAR PERRY ELLIS MENS SPORTS TSWEAR CALVI VIN KLEIN

PERRY ELLIS MENS SPORTS TSWEAR PERRY ELLIS MENS SPORTS TSWEAR CALVI VIN KLEIN

PERRY ELLIS MENS SPORTS TSWEAR PERRY ELLIS MENS SPORTS TSWEAR CALVI VIN KLEIN WOMENS S SPORT RTSWEAR CALVI VIN KLEIN WOMENS S SPORT RTSWEAR CALVI VIN KLEIN WOMENS U UNDERWEAR R CALVIN IN KLE LEIN IN MENS S

1.04k views • 101 slides
Gingham Sourcing [Bangladesh Office] Product Presentation Mens Casual Shirts : Gingham

Gingham Sourcing [Bangladesh Office] Product Presentation Mens Casual Shirts : Gingham

Gingham Sourcing [Bangladesh Office] Product Presentation Mens Casual Shirts : Gingham extremely focused mens casual shirt is the base product which is always top ranking in the demanding product around the brand which is always help to

408 views • 24 slides
mockup review section b Mens et Manus A finger stretching device for children with cerebral

mockup review section b Mens et Manus A finger stretching device for children with cerebral

mockup review section b Mens et Manus A finger stretching device for children with cerebral palsy Presenter Cathy Zhou Mens et Manus | target consumers >180,000 persons have Hemiplegic Cerebral Palsy (CP) in the US section b market

279 views • 11 slides
Should the Olympics be Divided into Mens and Womens Events? 1 ENGAGE Silent Written

Should the Olympics be Divided into Mens and Womens Events? 1 ENGAGE Silent Written

Should the Olympics be Divided into Mens and Womens Events? 1 ENGAGE Silent Written Response: Should the Olympics be divided into Mens and Womens Events? Explain your reasoning. 2 ENGAGE DISCUSS with your elbow partner:

436 views • 28 slides
Assessing ng t the he M Mult lti- dime mens nsiona nal A l Aspects of P Poverty y

Assessing ng t the he M Mult lti- dime mens nsiona nal A l Aspects of P Poverty y

Assessing ng t the he M Mult lti- dime mens nsiona nal A l Aspects of P Poverty y Prepared for the 7 th International African Evaluation Conference Yaound, Cameroon | March 2014 1 Provide an introduction to Nuru Discuss

637 views • 24 slides
Mens Health Who we are We are a not for profit organisation funded by caring New

Mens Health Who we are We are a not for profit organisation funded by caring New

Mens Health Who we are We are a not for profit organisation funded by caring New Zealanders. We receive no Government funding. Improving well-being by reducing the incidence and impact of cancer. Cancer Society Canterbury

514 views • 27 slides
The Outdoor Rock Festival 1966-2011 Corry Arnold September 2011

The Outdoor Rock Festival 1966-2011 Corry Arnold September 2011

The Outdoor Rock Festival 1966-2011 Corry Arnold September 2011 www.Rockprosopography101.Blogspot.com Why Go To A Free Concert? Upsides Downsides Its cheap Its crowded See new bands Bands could be lousy Bring your

332 views • 19 slides
REX AGM 2010 AGAINST ALL ODDS PERFORMANCE Record Net Profit After Tax of $24.6m Total

REX AGM 2010 AGAINST ALL ODDS PERFORMANCE Record Net Profit After Tax of $24.6m Total

REX AGM 2010 AGAINST ALL ODDS PERFORMANCE Record Net Profit After Tax of $24.6m Total Revenue reduced by 8.5% to $229.7m Passenger numbers declined by 5.0% to 1.24m REX GROUP FINANCIALS Rex Group Revenue and PAT Evolution $30 $256.1M

417 views • 22 slides
Barry Gilway Opening Comments August 23, 2017 Rate Hearing Slide 1 : Good afternoon and thank

Barry Gilway Opening Comments August 23, 2017 Rate Hearing Slide 1 : Good afternoon and thank

Barry Gilway Opening Comments August 23, 2017 Rate Hearing Slide 1 : Good afternoon and thank you to Florida International University for hosting this rate hearing. You have a beautiful campus and provide an exceptional learning environment.

551 views • 30 slides
Scott Wen-tau Yih # , What are the names of Obamas daughters? Q: Who won the best actor

Scott Wen-tau Yih # , What are the names of Obamas daughters? Q: Who won the best actor

Scott Wen-tau Yih # , What are the names of Obamas daughters? Q: Who won the best actor Oscar in 1973? S 1 : Jack Lemmon was awarded the Best Actor Oscar for Save the Tiger (1973). S 2 : Academy award winner Kevin Spacey said that Jack

459 views • 24 slides
Semiclassical Limit of Large Fermionic Systems Sren Fournais Department of Mathematics, Aarhus

Semiclassical Limit of Large Fermionic Systems Sren Fournais Department of Mathematics, Aarhus

Semiclassical Limit of Large Fermionic Systems Sren Fournais Department of Mathematics, Aarhus University, Denmark QMATH13 Atlanta 2016 Joint work with M. Lewin and J.P. Solovej A A R H U S U N I V E R S I T Y Sren Fournais Interacting

606 views • 21 slides
CREATIVITA NELLEMBEDDED @ COMPANY OVERVIEW Experience HR Since 1979 206 people SECO

CREATIVITA NELLEMBEDDED @ COMPANY OVERVIEW Experience HR Since 1979 206 people SECO

CREATIVITA NELLEMBEDDED @ COMPANY OVERVIEW Experience HR Since 1979 206 people SECO designs and manufactures embedded systems all-in-house , in Italy . (31.12.2016) SECOoffers a wide range of standard modules , SBCs , systems and custom

573 views • 21 slides
Accelerating Data Management and Processing on Modern Clusters with RDMA-Enabled Interconnects

Accelerating Data Management and Processing on Modern Clusters with RDMA-Enabled Interconnects

Accelerating Data Management and Processing on Modern Clusters with RDMA-Enabled Interconnects Keynote Talk at ADMS 2014 by Dhabaleswar K. (DK) Panda The Ohio State University E-mail: panda@cse.ohio-state.edu

1.14k views • 92 slides
From trajectory optimization to inverse KKT and sequential manipulation Marc Toussaint Machine

From trajectory optimization to inverse KKT and sequential manipulation Marc Toussaint Machine

From trajectory optimization to inverse KKT and sequential manipulation Marc Toussaint Machine Learning & Robotics Lab University of Stuttgart marc.toussaint@informatik.uni-stuttgart.de Zurich, July 2016 1/51 Motivation:

850 views • 55 slides

More recommend