Cloud-based software engineering can be faster, more sustainable and energy efficient, states Software Improvement Group in EU-funded research project
Amsterdam – March 21, 2019 – Software Improvement Group (SIG) reports today that new guidelines, methods and datasets have been developed to increase the quality and sustainability of cloud-based software development, as part of the results of European Union-funded research project SENECA.
A European Industrial Doctorate project coordinated by SIG, project SENECA brought together three leading universities and three commercial organizations over the last four years to address key issues in software engineering and computing of cloud-based systems. The project’s recommendations and findings are based on the analyses of hundreds of thousands of lines of code and millions of dependencies in software ecosystems.
Software development processes are relying ever more on cloud-based platforms, with the cloud businesses of leading vendors Amazon and Microsoft seeing revenue growth of 45% and 76%, respectively, in Q4 of 2018. This enormous cloud market growth makes it imperative that software engineers work with scientifically-validated guidelines and sufficient tooling to enhance the quality, maintainability and security of their code and infrastructure while optimizing energy efficiency and CO2 footprints.
From January 2015 to December 2018, the project’s ten PhD research fellows leveraged the vast amount of data available on cloud-based software engineering platforms, such as GitHub, as well as security advisory databases and ecosystems of open source libraries.
The results of project SENECA include:
- A new code review technique, Test-Driven Review (TDR), to enhance test quality and increase software reliability by employing cloud-based review tools in a new way
- New guidelines for security code reviews, including the recommendation that at least three people are needed to detect the majority of security issues
- A new dataset for practitioners, which contains all known security vulnerabilities for the most-reported open-source projects
- A new catalogue that describes practitioners’ requirements and needs for code review tools, which will be used in future development of new and improved cloud-based tooling
- New metrics to indicate the amount of technical debt and lag that software incurs over its lifetime, allowing practitioners to increase actionability in library selection and risk prevention in the context of cloud ecosystems of software
- Task-specific data on the Energy Delay Product (EDP) of programming languages, allowing practitioners to understand the energy consumption of each and select the most sustainable of 14 languages for 25 common tasks
The SENECA consortium consisted of six organizations in both academia and industry: SIG and Delft University of Technology in the Netherlands; Singular Logic and Athens University of Economics and Business in Greece; and Bitergia and King Juan Carlos University in Spain.
SENECA provided the research fellows with the opportunity to pursue a PhD in software engineering of systems in the cloud. The project received funding from the European Union’s Horizon 2020 research and innovation program under the Marie Sklodowska-Curie grant agreement No 642954 and was overseen by the Research Executive Agency of the European Commission.
For more information about SENECA, read the interview with Magiel Bruntink, Head of Research at SIG.
Founded in 2000, Software Improvement Group (SIG) helps business and technology leaders drive their organizational objectives by fundamentally improving the health and security of their software applications.
SIG combines its proprietary tools and benchmark data with its consultants’ expertise to help organizations measure, evaluate and monitor code quality – whether they’re building, buying or operating software.
An independent organization, SIG has the largest benchmark in the industry with more than 10 billion lines of code across hundreds of technologies. SIG expert consultants use the benchmark to evaluate an organization’s IT assets on maintainability, scalability, complexity, security and other mission-critical factors. The SIG laboratory is the only one in the world accredited according to ISO/IEC 17025 for software quality analysis.
SIG supports customers around the globe in both public and private sectors. The company is headquartered in Amsterdam and New York with regional offices in Copenhagen, Antwerp, Frankfurt and Athens.