Rick Kazman

Rick Kazman
Carnegie Mellon University | CMU · Software Engineering Institute

PhD

About

356
Publications
229,366
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
18,618
Citations

Publications

Publications (356)
Preprint
Full-text available
Technical debt (TD) is a term used to describe the additional work and costs that emerge when developers have opted for a quick and easy solution to a problem, rather than a more effective and well-designed, but time-consuming approach. Self-Admitted Technical Debts (SATDs) are a specific type of technical debts that developers intentionally docume...
Article
Smart contract-based applications are executed in a blockchain environment, and they cannot directly access data from external systems, which is required for the service provision of these applications. Instead, smart contracts use agents known as blockchain oracles to collect and provide data feeds to the contracts. The functionality and compatibi...
Preprint
Full-text available
Software architecture is the foundation of a system's ability to achieve various quality attributes, including software performance. However, there lacks comprehensive and in-depth understanding of why and how software architecture and performance analysis are integrated to guide related future research. To fill this gap, this paper presents a syst...
Preprint
Full-text available
Mobile applications (apps) have become an essential part of everyday life, offering convenient access to services such as banking, healthcare, and shopping. With these apps handling sensitive personal and financial data, ensuring their security is paramount. While previous research has explored mobile app developer practices, there is limited knowl...
Article
Technical Debt Management (TDM) can suffer from unpredictability, communication gaps and the inaccessibility of relevant information, which hamper the effectiveness of its decision making. These issues can stem from division among decision-makers which takes root in unfair consequences of decisions among different decision-makers. One mitigation ro...
Chapter
Despite the clear need for and importance of performing empirical studies as part of software architecture research, there is still a lack of curated, standardized, clean, well-maintained, documented, easily accessible, reusable, and shared datasets. In this chapter, we provide an overview of the problems, of the motivations, and of the opportuniti...
Chapter
Software architecture education is a weak spot in many undergraduate programs in computer science and software engineering. While the concepts and practices used by software architects in industry are rich and varied, transferring this expertise into a university classroom has proved problematic. Bridging the gap between industry and academia requi...
Preprint
Full-text available
Background: Since Alitheia Core was proposed and subsequently retired, tools that support empirical studies of software projects continue to be proposed, such as Codeface, Codeface4Smells, GrimoireLab and SmartSHARK, but they all make different design choices and provide overlapping functionality. Aims: We seek to understand the design decisions ad...
Preprint
Full-text available
Technical debt describes situations where developers write less-than-optimal code to meet project milestones. However, this debt accumulation often results in future developer effort to live with or fix these quality issues. To better manage this debt, developers may document their sub-optimal code as comments in the code (i.e., self-admitted techn...
Preprint
Tightly coupled and interdependent systems inhibit productivity by requiring developers to carefully coordinate their changes, even when modifying subsystems that should be independent of one another. Poor architectural decisions frequently lead to the presence of large, change-prone source files that are at the center of complexes of technical deb...
Chapter
Background: Since Alitheia Core was proposed and subsequently retired, tools that support empirical studies of software projects continue to be proposed, such as Codeface, Codeface4Smells, GrimoireLab and SmartSHARK, but they all make different design choices and provide overlapping functionality. Aims: We seek to understand the design decisions ad...
Article
Design-time evaluation is essential to build the initial software architecture to be deployed. However, experts’ assumptions made at design-time are unlikely to remain true indefinitely in systems that are characterized by scale, hyperconnectivity, dynamism, and uncertainty in operations (e.g. IoT). Therefore, experts’ design-time decisions can be...
Article
Traditionally, the quality of a software or system architecture has been evaluated in the early stages of the development process using architecture quality evaluation methods. Emergent approaches like Industry 4.0 require continuous monitoring of both run‐time and development‐time quality properties, in contrast to traditional systems where qualit...
Article
In Dynamic Service Composition(DSC), an application can be dynamically composed using web services to achieve its functional and Quality of Services (QoS) goals. DSC is a relatively mature area of research that crosscuts autonomous and services computing. Complex autonomous and self-adaptive computing paradigms (e.g. multi-tenant cloud services, mo...
Article
Blockchain is a disruptive technology intended to implement secure decentralised distributed systems, in which transactional data can be shared, stored, and verified by participants of the system without needing a central authentication/verification authority. Blockchain-based systems have several architectural components and variants, which archit...
Article
The quality of large and complex Systems-of-Systems (SoS) that have emerged in critical application domains depends on the quality of their architectures, which are inherently dynamic in terms of reorganization at runtime to comply with domain needs. However, the way to model and evaluate the quality of these architectures is not clear. This articl...
Article
Full-text available
Forming members of an organisation into coherent groups or teams is an important issue in any large-scale software engineering endeavour, especially so in agile software development where teams rely heavily on self-organisation and organisational flexibility. But is there a recurrent organisational structure pattern in agile software engineering te...
Article
Dependencies among software entities are the foundation for much of the research on software architecture analysis and architecture analysis tools. Dynamically typed languages, such as Python, JavaScript and Ruby, tolerate the lack of explicit type references, making certain dependencies indiscernible by a purely syntactic analysis of source code....
Article
Full-text available
It is vitally important to fix quality issues in security-critical code as they may be sources of vulnerabilities in the future. These quality issues may increase the attack surface if they are not quickly refactored. In this paper, we use the history of vulnerabilities and security bug reports along with a set of keywords to automatically identify...
Book
The practical implications of technical debt for the entire software life cycle; with examples and case studies. Technical debt in software is incurred when developers take shortcuts and make ill-advised technical decisions in the initial phases of a project, only to be confronted with the need for costly and labor-intensive workarounds later. This...
Article
Architectural Technical Debt ( ATD ) refers to sub-optimal architectural design in a software system that incurs high maintenance “interest” over time. Previous research revealed that ATD has significant negative impact on daily development. This paper contributes an approach to enable an architect to precisely locate ATDs , as well as capture...
Conference Paper
View Video Presentation: https://doi.org/10.2514/6.2021-2404.vid Context: The NASA Aviation Safety Reporting System (ASRS) is a voluntary confidential aviation safety reporting system. The ASRS receives reports from pilots, air traffic controllers, flight attendants and other involved in aviation operations. The reports are de-identified and coded...
Article
Full-text available
Context: Evaluating software architectures in uncertain environments raises new challenges, which require continuous approaches. We define continuous evaluation as multiple evaluations of the software architecture that begins at the early stages of the development and is periodically and repeatedly performed throughout the lifetime of the software...
Article
Full-text available
This paper describes a large-scale empirical study investigating the relevance of socio-technical congruence over key basic software quality metrics, namely, bugs and churn. That is, we explore whether alignment or misalignment of social communication structures and technical dependencies in large software projects influences software quality. To t...
Preprint
Full-text available
We report on a large-scale empirical study investigating the relevance of socio-technical congruence over key basic software quality metrics, namely, bugs and churn. In particular, we explore whether alignment or misalignment of social communication structures and technical dependencies in large software projects influences software quality. To thi...
Article
Blockchain offers a distributed ledger to record data collected from Internet of Thing (IoT) devices as immutable and tamper-proof transactions and securely shared among authorized participants in a Peer-to-Peer (P2P) network. Despite the growing interest in using blockchain for securing IoT systems, there is a general lack of systematic research a...
Article
Full-text available
http://deepblue.lib.umich.edu/bitstream/2027.42/170142/1/ICSE2020_Decision_Objective_Spaces__Copy_.pdf
Preprint
Full-text available
The aims of this paper are: 1) to identify "worst smells", i.e., bad smells that never have a good reason to exist, 2) to determine the frequency, change-proneness, and severity associated with worst smells, and 3) to identify the "worst reasons", i.e., the reasons for introducing these worst smells in the first place. To achieve these aims we ran...
Preprint
A vigorous and growing set of technical debt analysis tools have been developed in recent years -- both research tools and industrial products -- such as Structure 101, SonarQube, and DV8. Each of these tools identifies problematic files using their own definitions and measures. But to what extent do these tools agree with each other in terms of th...
Conference Paper
Full-text available
Dependencies among software entities are the basis for many software analytic research and architecture analysis tools. Dynamically typed languages, such as Python, JavaScript and Ruby, tolerate the lack of explicit type references, making certain syntactic dependencies indiscernible in source code. We call these possible dependencies, in contrast...
Article
Full-text available
Forges are online collaborative platforms to support the development of distributed open source software. While once mighty keepers of open source vitality, software forges are rapidly becoming less and less relevant. For example, of the top 10 forges in 2011, only one survives today—SourceForge —the biggest of them all, but its numbers are droppin...
Article
Full-text available
Microservices have gained wide recognition and acceptance in software industries as an emerging architectural style for autonomic, scalable, and more reliable computing. The transition to microservices has been highly motivated by the need for better alignment of technical design decisions with improving value potentials of architectures. Despite m...
Preprint
Full-text available
Success and failure in software engineering are still among the least understood phenomena in the discipline. In a recent special journal issue on the topic, Mantyla et al. started discussing these topics from different angles; the authors focused their contributions on offering a general overview of both topics without deeper detail. Recognising t...
Article
Full-text available
Success and failure in software engineering are still among the least understood phenomena in the discipline. In a recent special journal issue on the topic, Mäntylä et al. started discussing these topics from different angles; the authors focused their contributions on offering a general overview of both topics without deeper detail. Recognizing t...
Article
https://deepblue.lib.umich.edu/bitstream/2027.42/155331/1/Commit_Messages_Analysis_for_Refactoring__Copy_ (16).pdf
Preprint
Forming members of an organization into coherent groups or communities is an important issue in any large-scale software engineering endeavour, especially so in agile software development teams which rely heavily on self-organisation and organisational flexibility. To address this problem, many researchers and practitioners have advocated a strateg...
Conference Paper
Full-text available
In the last decade architectural patterns like microservices and event-driven architectures have emerged to meet the challenges of distributed computing. This paper explores recent practices and research in microservice- and event-driven architectures to identify the challenges in architecting such systems. With a proof-of-concept study approach, w...
Article
In large-scale software systems, error-prone or change-prone files rarely stand alone. They are typically architecturally connected and their connections usually exhibit architecture problems causing the propagation of error-proneness or change-proneness. In this paper, we propose and empirically validate a suite of architecture anti-patterns that...
Preprint
Microservices have gained wide recognition and acceptance in software industries as an emerging architectural style for autonomic, scalable, and more reliable computing. The transition to microservices has been highly motivated by the need for better alignment of technical design decisions with improving value potentials of architectures. Despite m...
Article
Software engineering is now more than ever a community effort. Its success often weighs on balancing distance, culture, global engineering practices and more. In this scenario many unforeseen socio-technical events may result into additional project cost or “social” debt, e.g., sudden, collective employee turnover. With industrial research we disco...
Conference Paper
Full-text available
With the advent of cloud computing and the concept of immutable infrastructure, the scaling and deployment of applications has become significantly easier. This increases the possibility of "configuration drift" as an operations team manages this cluster of machines, both virtual and actual. In this paper we propose a revised view on configuration...
Preprint
Full-text available
Architectural debt is a form of technical debt that derives from the gap between the architectural design of the system as it "should be" compared to "as it is". We measured architecture debt in two ways: 1) in terms of system-wide coupling measures, and 2) in terms of the number and severity of architectural flaws. In recent work it was shown that...
Conference Paper
Background: Though much research has been conducted to investigate software maintenance activities, there has been little work charactering maintenance files as a community and exploring the evolution of this community. Aims: The goal of our research is to identify maintenance communities and monitor their evolution-birth, growth, death and rejuven...
Conference Paper
In this paper, we report our experiences of applying three complementary automated software architecture analysis techniques, supported by a tool suite, called DV8, to 8 industrial projects within a large company. DV8 includes two state-of-the-art architecture-level maintainability metrics—Decoupling Level and Propagation Cost, an architecture flaw...
Article
A look at the software for an automated weather station shows that energy can be treated like any other architectural quality attribute. It’s no different, from the perspective of architectural design, than modifiability, performance, or availability. It can be modeled and prototyped, and we can reason about the design tradeoffs required to achieve...
Article
Full-text available
A major impediment to the long-term quality of large and complex programs is inconsistency between design and implementation. Conflicts between intent and execution are common because detecting them is laborious, error-prone, and poorly supported, and because the costs of continuously maintaining design documents outweigh immediate gains. A growing...
Conference Paper
Robotics software is booming thanks in part to a rich and productive ecosystem around the Robot Operating System. We introduce a military effort to leverage the ROS ecosystem and reduce the challenges in building military robots, called ROS-M. We outline some of the work we have done on the ROS-M initiative, and explain our future directions in ana...
Conference Paper
Enabling rapid feature delivery is essential for product success and is therefore a goal of software architecture design. But how can we determine if and to what extent an architecture is "good enough" to support feature addition and evolution, or determine if a refactoring effort is successful in that features can be added more easily? In this pap...
Conference Paper
Full-text available
Empirical software engineering (SE) research is often criticized for poorly designed and reported studies, a lack of replications to build up bodies of knowledge, and little practical relevance. In this paper, we discuss issues in empirical software architecture research as an illustration of these issues in one subfield of SE and as a step towards...
Article
In this paper, we propose an architecture model called Design Rule Space (DRSpace). We model the architecture of a software system as multiple overlapping DRSpaces, reflecting the fact that any complex software system must contain multiple aspects, features, patterns, etc. We show that this model provides new ways to analyze software quality. In pa...
Conference Paper
We use real options theory to evaluate the options of diversity in design by looking at the trade-offs between the cost and long-term value of different architectural strategies under uncertainty, given a set of scenarios of interest. As part of our approach, we extend one of the widely used architecture trade-offs analysis methods (Cost-Benefit An...
Article
An examination of the security approaches in industrial and open source projects shows that a strategic, systemwide architectural approach, implemented as a security framework or as a platform built using these frameworks, results in the highest security and lowest maintenance costs.
Article
This article contributes an architecture-centric methodology, called AABA ( A rchitecture-centric A gile B ig data A nalytics), to address the technical, organizational, and rapid technology change challenges of both big data system development and agile delivery of big data analytics for Web-based Systems (WBS). As the first of its kind, AABA fill...
Book
http://www.amazon.com/Designing-Software-Architectures-Practical-Engineering/dp/0134390784 Designing Software Architectures will teach you how to design any software architecture in a systematic, predictable, repeatable, and cost-effective way. This book introduces a practical methodology for architecture design that any professional software eng...
Conference Paper
Our prior work showed that the majority of error-prone source files in a software system are architecturally connected. Flawed architectural relations propagate defects among these files and accumulate high maintenance costs over time, just like debts accumulate interest. We model groups of architecturally connected files that accumulate high maint...
Conference Paper
Despite decades of research on software metrics, we still cannot reliably measure if one design is more maintainable than another. Software managers and architects need to understand whether their software architecture is "good enough", whether it is decaying over time and, if so, by how much. In this paper, we contribute a new architecture maintai...