The Quality of Open Source Software

Open source software (OSS) is now posing significant competition to proprietary or closed source software (CSS) in several software markets. In this paper, we characterize the response of a firm developing CSS (where the CSS is a revenue earner) to the presence of an OSS in its market. In particular, we look at the firm's choice of resource investments to improve quality and the firm's pricing decisions. We are primarily motivated by the following questions: Would a firm producing CSS produce higher-quality software when it faces competition from an OSS than when there is no OSS in its market? Would there be a change in the firm's response if the CSS faced competition from another CSS in addition to competition from the OSS? We show that the firm produces lower-quality CSS when it faces competition from an OSS than when it does not. Also, the quality of the CSS decreases as the quality of the OSS increases. This result holds true even if we consider network effects. When we consider competition from another CSS, in addition to competition from the OSS, then the quality of the CSS could increase or decrease as the quality of the OSS increases. The change in quality depends on how closely substitutable the two CSS are. We also extend our base model to consider (1) competition for resources, (2) uncertainty in resources available to the OSS, and (3) uncertainty about the software development process.

The Nem1-Spo7 complex in the yeast <i>Saccharomyces cerevisiae</i> is a protein phosphatase required for the nuclear/endoplasmic reticulum membrane localization of Pah1, a phosphatidate phosphatase that produces diacylglycerol for triacylglycerol synthesis at the expense of phospholipid synthesis. In a previous study, we showed that the protein phosphatase is subject to phosphorylation by protein kinase A (PKA). Here, we demonstrate that Nem1-Spo7 is regulated through its phosphorylation by protein kinase C (PKC), which plays multiple roles, including the regulation of lipid synthesis and cell wall integrity. Phosphorylation analyses of Nem1-Spo7 and its synthetic peptides indicate that both subunits of the complex are <i>bona fide</i> PKC substrates. Site-directed mutagenesis of <i>NEM1</i> and <i>SPO7</i>, coupled with phosphopeptide mapping and immunoblotting with a phosphoserine-specific PKC substrate antibody, revealed that Ser-201 in Nem1 and Ser-22/Ser-28 in Spo7 are major PKC target sites of phosphorylation. Activity analysis of mutant Nem1-Spo7 complexes indicates that the PKC phosphorylation of Nem1 exerts a stimulatory effect, but the phosphorylation of Spo7 has no effect. Lipid-labeling analysis of cells expressing the phosphorylation-deficient alleles of <i>NEM1</i> and <i>SPO7</i> indicates that the stimulation of the Nem1-Spo7 activity has the effect of increasing triacylglycerol synthesis. Prephosphorylation of Nem1-Spo7 by PKC inhibits the PKA phosphorylation of Nem1, whereas prephosphorylation of the phosphatase complex by PKA inhibits the PKC phosphorylation of Spo7. Collectively, this work advances the understanding of the Nem1-Spo7 regulation by phosphorylation and its impact on lipid synthesis.

Selecting an Open-source Framework: A Practical Case Based on Software Development for Sensory Analysis

Open-source software is growing in popularity today and has been used as a software tool or as a component in software development within organizations. Selecting quality open-source software is a challenging task. Several open-source quality models have been proposed to assess open-source software quality, but the assessment is rather limited because it is often subjective, relies on heavy user intervention, and requires information from different sources. To complement and enhance existing approaches to open-source quality assessment, this paper proposes a new open-source software quality model called OSS-AQM that aims at automating the measurement of open-source software quality. The OSS-AQM provides a set of quality metrics and an automation tool that can retrieve information about the open-source software from GitHub, source code, SonarQube, and Stack Exchange, and quantitatively determine the overall quality of the open-source software. In an experiment, the OSS-AQM is compared with an existing open-source software quality model to show how the proposed OSS-AQM and its tool can enhance open-source software comparison and facilitate open-source software selection.

Гарантування безпеки програмного продукту з відкритим вихідним кодом є актуальною проблемою, бо навіть у проектах з закритим вихідним кодом можуть бути присутні open source бібліотеки, що робить можливим появу вразливості у них. Серед методів, що використовують для виявлення вразливостей, варто виділити моделювання загроз, бо цей метод дозволяє вже на ранніх етапах розробки програмного коду прийняти заходи, що знизять витрати на ліквідацію вразливостей та спростять їх усунення і зміни до архітектури додатку. Підбір відповідного підходу при побудові моделі загроз залежить від специфіки проекту, ресурсів, а також кваліфікації адміністраторів. &#x0D;

Harvesting Altruism in Open Source Software Development

Background Many open source software (OSS) quality assessment models are proposed and available in the literature. However, there is little or no adoption of these models in practice. In order to guide the formulation of newer models so they can be acceptable by practitioners, there is need for clear discrimination of the existing models based on their specific properties. Based on this, the aim of this study is to perform a systematic literature review to investigate the properties of the existing OSS quality assessment models by classifying them with respect to their quality characteristics, the methodology they use for assessment, and their domain of application so as to guide the formulation and development of newer models. Searches in IEEE Xplore, ACM, Science Direct, Springer and Google Search is performed so as to retrieve all relevant primary studies in this regard. Journal and conference papers between the year 2003 and 2015 were considered since the first known OSS quality model emerged in 2003.ResultsA total of 19 OSS quality assessment model papers were selected. To select these models we have developed assessment criteria to evaluate the quality of the existing studies. Quality assessment models are classified into five categories based on the quality characteristics they possess namely: single-attribute, rounded category, community-only attribute, non-community attribute as well as the non-quality in use models. Our study reflects that software selection based on hierarchical structures is found to be the most popular selection method in the existing OSS quality assessment models. Furthermore, we found that majority (47%) of the existing models do not specify any domain of application.ConclusionsIn conclusion, our study will be a valuable contribution to the community and helps the quality assessment model developers in formulating newer models and also to the practitioners (software evaluators) in selecting suitable OSS in the midst of alternatives.

The offering and adoption of open source software is growing and today it is an option for users, when they have to accomplish certain tasks, to do their own research on the web to find open source software they can download and install on their computer or use in the Cloud as a Software as a Service (SaaS). From the IT untrained user, no tools or guideline are available in order to evaluate or compare the quality of open source software. How to evaluate the quality of software is not a simple task and more often, the IT untrained user will be unaware of the quality of the software chosen to perform tasks and achieve a goal. This paper presents a basic method for the evaluation of the quality of open source software from an IT untrained user perspective.

Open source software reliability is an important factor affecting the quality of open source software. The developed reliability models of open source software cannot meet the actual evaluation of open source software reliability because of the complexity, dynamics, and uncertainty of open source software development. Considering the dynamic changes of fault introduction in open source software development, we propose an open source software reliability model with fault introduction based on the generalized Pareto distribution. We use three Apache open source software projects to validate the proposed model. Least squares estimation is used to estimate the model parameter values. Experimental results indicate that the proposed model has better fitting and predictive performance than other existing models. The generalized Pareto distribution of the fault introduction is consistent with that in actual open source software development. Thus, the proposed model can assist developers and managers in evaluating the reliability of open source software in the actual process of open source software development.

Open source software (OSS) as a movement has come a long way since its beginnings at MIT in the Free Software Foundation movement. The initial connotation was “free software” with little or no commercial angle to it. With time, the movement has morphed into the Open Source movement which accommodates within itself various different kinds of licensing agreements some of which enable the commercial usage of open software as well. The emphasis has been broadened from the low cost and wide accessibility argument to include non functional attributes of reliability, security, availability and survivability. This broadening is to an extent a function of the broadening of the locales where open source software is found today. The locales include not just college campuses and government research laboratories, but also mainstream commercial software development houses. The developer base for the open source initiative has grown to include developers in all these locales and also geographically widely dispersed. The developer base though large is a miniscule fraction of the user base of open source software, and that is probably a fundamental model that will be followed for some time to come. In this discussion, we consider Closed Source Software (CSS) as an alternative model for software development. This is the tried and tested software development model where the development, integration and testing are all done within a commercial establishment and the source code is not made available to the general user base. The source code is in fact closely guarded and is looked upon as valuable intellectual capital for the organization. There are some variations of this model in recent years, such as Microsoft’s Shared Source Initiative, in which the source code is made available to some partners, typically without granting the right to modify and re-distribute the code. With the non functional attributes of OSS being emphasized, there has been a lively and very inconclusive debate on the effect of OSS on software robustness. First, let us take a sample of some arguments against OSS that have been heard. It is true that the code in OSS is open to many more eyeballs than CSS. However, the eyeballs can be malicious ones intent on finding vulnerabilities in the software for the purpose of exploiting them. A vast majority of the eyeballs may be disinterested or

As commercial developers have established processes to assure software quality, open source software depends largely on community usage and defect reporting to achieve some level of quality. Thus, quality of open source software may vary. We examined defects reported in two active and popular open source software projects and an in-house project. The results of this analysis indicate that the reliability growth of each is quite distinct and that the defect profile of open source software appears to be a consequence of the open source software development method itself.

Open Source Software (OSS) quality evaluation is essential for ensuring the adoption and effective use of OSS projects across various domains.Most works on OSS quality evaluation have focused on the development of models or frameworks rather than providing practical implementations.These proposals can be challenging to use for inexperienced users, which highlights the need for user-friendly tools.This paper presents preliminary findings from a Systematic Literature Review (SLR) that investigates the characteristics, limitations, and gaps of current Quality Evaluation Tools (QETs) for OSS.Our analysis reveals the diversity of quality models underlying these tools and the absence of standardization, which impedes the comparability and reliability of evaluation results.This work also informs the next steps in improving OSS quality evaluation practices.

With the advent of Open Source Software (OSS) at the end of last century, many proponents believe that OSS is a new software development process and some even advocate OSS as a revolution for software engineering. The Cathedral and the Bazaar is a typical metaphor of the software development methodologies for the Closed Source Software (CSS) and the OSS. By comparing the phased (namely, requirement analysis, document design and system design, coding, testing and maintenance) software development methodology proposed by Software Engineering (SE), and by studying the management tools provided by SourceForge.net, we believe OSS development method not only follows the phased software development process, but also in return enriches the theory of SE.

The increasing availability and deployment of open source software in personal and commercial environments makes open source software highly appealing for hackers, and others who are interested in exploiting software vulnerabilities. This deployment has resulted in a debate full of religion on the security of open source software compared to that of closed source software. However, beyond such arguments, only little quantitative analysis on this research issue has taken place. We discuss the state-of-the-art of the security debate and identify shortcomings. Based on these, we propose new metrics, which allows to answer the question to what extent the review process of open source and closed source development has helped to fix vulnerabilities. We illustrate the application of some of these metrics in a case study on OpenOffice (open source software) vs. Microsoft Office (closed source software).

Evaluating the Quality of Open Source Software