Mr Davide Salomoni (INFN CNAF)Dr Elisabetta Ronchieri (INFN CNAF)Mr Marco Canaparo (INFN CNAF)Mr Vincenzo Ciaschini (INFN CNAF)
Software packages in our scientific environment are constantly growing in size, and are written by any number of developers. This implies a strong churn on the code itself, and an associated risk of bugs and stability problems. This risk is unavoidable as long as the software undergoes active evolution, as it always happens with software that is still in use. However, the necessity of having production systems goes against this. In fact, in this case stability and predictability are promoted over most other factors; in addition, a short turn-around time for the bug discovery-correction-deployment cycle is normally required. We suggest that a way to address these two opposite needs is to evaluate models that define software quality. These models should offer a reasonable approximation of the "risk" associated to a program, specifically in relation to stability and maintainability. The final goal would then be to assess software maturity and, for example, to identify release milestones when a risk lower than an agreed threshold is achieved. In this article we evaluate several quality predictive models, such as ARMOR to automatically identify the operational risks of software program modules, ComPare to give an overall quality prediction, and Case-based reasoning (CBR) to predict the quality of software components. We then apply these models to the development history of some packages released in the context of the European Middleware Initiative (EMI) with the intent to discover the risk factor associated by each model to a given program, to compare it with its real history. Finally, we attempt to determine which of the models best maps reality for the applications under evaluation, and conclude suggesting directions for further studies.