Software AG, one of our industry partners, informs us about an entry-level position in the domain of open source governance and compliance, including commercial licensing and technology alliances. As always, feel free to apply directly or request an introduction and recommendation through Prof. Riehle.
Abstract: Inner source is the use of open source software developing practices in proprietary software development across organizational borders. A signiﬁcant amount of
companies are adopting inner source. Some companies already utilize inner source practices without a coordinated eﬀort to adopt inner source. It is unclear if the gains of inner source outweight the costs of running and adopting it because there is no quantitative method to determine the return on investment for inner source yet. In this paper, we develop a quantitative method to determine the return on investment of inner source. We followed a four phase research approach: First, we conducted a methodological literature review to collect methods and best practices on how to create a return on investment model. Second, we performed a exploratory literature review to identify typical inner source costs and gains. Third, we hypothesized formulas to quantify the costs and gains. Fourth, we prepared but not fully conducted an industry case study to evaluate the method. We provide a methode on how to determine the gains and costs induced by inner source and on how to aggregate them to the return on investment value. We evaluated our method at an organization already adopting inner source. As the results were inconclusive, we suggest further research on evaluating the method. This paper contains the ﬁrst method to determine the return on investment for inner source.
Keywords: Software engineering, open source, inner source, return on investement
Reference: Sebastian Duda. A Method to Determine the Return on Investement of Inner Source. Bachelor Thesis, Friedrich-Alexander-Universität Erlangen-Nürnberg: 2017.
Abstract: Within the scope of industry 4.0 and digitalization, there is a growing danger of cyber crime and security attacks, causing huge harm for digital business. Therefore, in nowadays software development, IT-security is regarded as a quality criterion, determining the success of a product or project. Nevertheless, the complexity of security attacks, vulnerabilities and software development as a whole, complicates the reliable protection against and mitigation of security attacks.
To support software engineers to develop more secure software, this thesis shows the concept and presents a prototype of a software security rules methodology called Serum. Serum is designed to help software developers and all other project members in creating a more secure software. A domain-specific language was designed and integrated into a global knowledge management system (Sweble), to allow modeling and describing software assets, associated security attacks as well as known countermeasures. A second component, using the gathered security knowledge, was implemented, focusing on the support of software architects during the creation of a threat- and risk analysis. To facilitate the consideration of security even more a custom test- and dashboard system allows developers and test architects to monitor their contribution towards a more secure system.
The thesis should provide a basis for a holistic security support during all phases of the software development life cycle.
Keywords: IT-Security, threat analysis, DSL, Sweble, structured data
PDFs: Master Thesis
Reference: Florian Gerdes. Sweble Security Programming Plugin – Security Rules Engine. Master Thesis, Friedrich-Alexander-Universität Erlangen-Nürnberg: 2017.
AVL DiTest schreibt uns resp. unseren Studenten und Studentinnen:
Im Rahmen des AMOS Projekts sind in unserem Unternehmen einige interessante Projekte entstanden. Wir suchen nun engagierte Studenten, welche uns bei der Weiterentwicklung unterstützen und diese vorantreiben. Daneben gibt es natürlich noch genug andere spannende Themen bei uns.
Einen kleinen Einblick gibt es auf unserer GitHub Seite unter https://github.com/AVL-DiTEST-DiagDev
We designed a new and simplified grading scheme for final theses, replacing the old one. A thesis still has to pass some basic [OK|NOK] checks like completeness of declaration of materials built on, relevant topic, no plagiarism, etc. However, this is a binary decision and does not affect the grade directly (except for failing if these criteria are not met).
The grade then is derived using only four main measures. These are:
- Results quality
- Method competence
- Effort expended
- Presentation quality
Each measure is taken on scale of [0..10], where 0 means not present at all and 10 means perfect, with a linear distribution around the mean. The four measures are combined using the geometric mean, from which a grade in the German 1,00 – 5,00 grading system is derived.
This new grading scheme has been put into effect starting the academic year of 2017/18.
Sivantos (former Siemens audiology) is looking for a Werkstudent to continue the AMOS SS17 project, in which it developed software for a Raspberry Pi as a user agent for testing hearing aids. Please see Sivantos career opportunities at Werkstudent (m/w) im Bereich Softwareentwicklung / Single Board Computer / Raspberry Pi (486).
Abstract: Inner source (IS) is the use of open source software development practices and the establishment of an open source-like culture within organizations. To create metrics about the usage of IS within a speciﬁc corporation, data about the software development need to be extracted from source code management (SCM) systems. A developed crawl process retrieves the data over specially implemented adapters. To date adapters for git and manually exported CSV ﬁles from Microsoft Team Foundation Server (TFS) are in use. To automate data extraction from TFS a new adapter must be developed. Furthermore, the poor performance of the existing git adapter along with the crawl process needs to be improved. To validate the performance increase execution time and resource metrics are measured and compared. The result of this work is a newly developed TFS adapter and a performance-optimized git adapter and crawl process.
Keywords: Engineering thesis, inner source metrics, performance optimization
Reference: Constantin Hasler. Implementierung und Performance-Optimierung von SCM-Adaptern. Master Thesis, Friedrich-Alexander-Universität Erlangen-Nürnberg: 2017.