The capability maturity model and CASE

Abstract. Many software organizations face serious problems in their attempts to make expectations and realities meet in introducing CASE technology. One promising approach to understanding CASE introduction better and to managing it more effectively has been developed by relating CASE introduction to the Capability Maturity Model (CMM). This paper reviews software process maturity as a framework for CASE introduction. The relevance of the framework is discussed and three critical questions are explored: 1) What is the role of organizational experiments in CASE introduction? 2) How do the functional characteristics of CASE technology influence CASE introduction? and 3) How does the organizational context influence CASE introduction? The aim of the paper, by way of this discussion, is to explicate the strengths and limits of software process maturity as a framework for CASE introduction, and to identify the most important supplementary issues     

Essence of the capability maturity model

The CMM (Capability Maturity Model) wasn't intended to be all things to all people or cover all possible aspects of software and systems development. CMM was intended to provide one set of guidelines for managing software development projects and making improvements over time. This set of guidelines was based on best practices, software engineering discipline, real world experience and extrapolation from other industries. These guidelines were only meant to be tailored and applied within the culture and context of each unique organization     

能力成熟度模型探讨与分析

成熟度模型(CMM)是当前国内外研究的热点。首先阐述了CMM的产生、研究现状和发展趋势，然后说明了CMM中所涉及的基本概念，给出了CMM的框架和内部结构，重点对CMM的每一级别进行了详细分析，最后进行了相关总结。     

Experiences with the capability maturity model in a research environment

This paper describes a project aimed at the evaluation of the Capability Maturity Model (CMM) in the context of a research organization. The evaluation was done at the Winand Staring Centre (a Dutch research organization). Part of the evaluation was a standard CMM-assessment. It was found that CMM could be applied to a research organization, although its five maturity levels were considered to be rather rigid. It was felt to be a disadvantage, especially by management, that business goals were not explicitly taken into account by CMM. It turned out that the process of doing an assessment is more important than the assessment itself! The assessment process introduced to the organization a language which encouraged discussion of the software development process and its improvement. This topic was hardly discussed before the assessment.     

信息系统监理能力成熟度模型研究

信息系统监理企业要想高效率、高质量和低成本地按合同完成监理任务,必须以改善监理过程为中心,全面实施监理工程和质量管理手段.论文提出ISS-CMM模型,初步划分为5个等级:初始级、重用级、定义级、控制级和优化级;并提出每一等级组成元素,包括:关键过程、目标和关键活动,并初步给出关键过程、目标和关键活动的定义.ISS-CMM模型可以作为监理过程的标准,因为它结合质量管理和监理工程的双重经验,专门针对监理过程制订的一套规范.     

Towards assessing the networkability of health care providers: a maturity model approach

This paper presents a networkability maturity model as an approach to assess a health care organisation’s capacity with regards to being able to efficiently engage in business relationships. Continuously rising costs and increasingly restrained budgets for health care put pressure on the public health systems. A low division of labour and integration of processes along cross-organisational patient therapy provides large potential for improvements in efficiency and efficacy. It is the aim of the presented model to enable identification of potentials for improvements and respective measures to advance the ability to benefit from specialisation and collaboration along the value chain. The presented model is developed based on a classification of related state-of-the-art in maturity models to assess individual factors of networkability which are integrated to form an overall framework comprising six components and respective factors to be assessed. As networkability maturity addresses the interrelation of strategy, organisational design and information systems design, the paper adheres to requirements for effective design science research applied to the process of construction of a networkability maturity model applicable for health care providers. It therefore concludes with a case-based evaluation according to the design research literature and identification of further research.     

Tenant-based access control model for multi-tenancy and sub-tenancy architecture in Software-as-a-Service

Software-as-a-Service (SaaS) introduces multi-tenancy architecture (MTA). Sub-tenancy architecture (STA), is an extension of MTA, allows tenants to offer services for subtenant developers to customize their applications in the SaaS infrastructure. In a STA system, tenants can create subtenants, and grant their resources (including private services and data) to their subtenants. The isolation and sharing relations between parent-child tenants, sibling tenants or two non-related tenants are more complicated than those between tenants in MTA. It is important to keep service components or data private, and at the same time, allow them to be shared, and support application customizations for tenants. To address this problem, this paper provides a formal definition of a new tenant-based access control model based on administrative role-based access control (ARBAC) for MTA and STA in service-oriented SaaS (called TMS-ARBAC). Autonomous areas (AA) and AA-tree are proposed to describe the autonomy of tenants, including their isolation and sharing relationships. Authorization operations on AA and different resource sharing strategies are defined to create and deploy the access control scheme in STA models. TMS-ARBAC model is applied to design a geographic e-Science platform.     

The internal consistency and precedence of key process areas in the capability maturity model for software

Evaluating the reliability of maturity level (ML) ratings is crucial for providing confidence in the results of software process assessments. This study investigates the dimensions underlying the maturity construct in the Capability Maturity Model (CMM) for Software (SW-CMM) and estimates the internal consistency of each dimension. The results suggest that SW-CMM maturity is a three-dimensional construct, with “Project Implementation” representing the ML 2 key process areas (KPAs), “Organization Implementation” representing the ML 3 KPAs, and “Quantitative Process Implementation” representing the KPAs at MLs 4 and 5. The internal consistency for each of the three dimensions as estimated by Cronbach’s alpha exceeds the recommended value of 0.9. Based on those results, this study builds and tests a theoretical model which posits that the achievement of lower ML KPAs sustains the implementation of higher ML KPAs. Results of path analysis using partial least squares (PLS) support the theoretical model and provide detailed understanding of the process improvement path. The analysis is based on 676 CMM-Based Appraisal for Internal Process Improvement (CBA IPI) assessments.

Software crowdsourcing for developing Software-as-a-Service

Recently software crowdsourcing has become a viable development paradigm for Software-as-a-Service (SaaS) ecosystems. TopCoder, one of the largest competitive programming communities, enables enterprises to tap into its global talent pool and crowdsource a variety of SaaS development tasks including requirement analysis, architecture design, code, and testing. Many researchers have proposed auction-based modelling methods to characterize general software crowdsourcing. But there are few papers on the comprehensive analysis of SaaS crowdsourcing process and developer community.This paper introduces a holistic analysis framework to model the SaaS-oriented software crowdsourcing from two dimensions: individual behavior in crowdsourcing contests and collective competition in the community. The framework includes a game-theoretical model to describe the competitive nature of software crowdsourcing process. Moreover, the framework defines a competition network to characterize the topological properties of a crowdsourcing community for SaaS development. The analysis of this model indicates that the success of a competitive software crowdsourcing project essentially depends upon the networks of key participants with sufficient skills and dedication for the project. This is validated by a large historical data collected from the Top-Coder website over a ten-year period.     

SEI capability maturity model's impact on contractors

The Software Engineering Institute's Capability Maturity Model measures software development companies' ability to produce quality software within budget and on schedule. The CMM rates software development companies and government agencies at one of five maturity levels. Two key features are assessments and evaluations. Assessments represent a company's or government agency's voluntary, internal efforts to identify its current CMM maturity level and areas needing improvement. Evaluations represent an independent assessor's examination of a company's maturity level. Industry responses to the model vary. Some companies have reported that savings significantly offset the costs of achieving and maintaining a maturity level. Others have attacked the CMM on many fronts, such as its failure to incorporate Total Quality Management principles. Nevertheless, either enthusiastically or reluctantly companies are attempting to achieve higher CMM levels. The authors present both favorable and unfavorable reactions to the model as well as insight gained through discussions with various companies. They conclude that since no approach that enforces improvements will be universally acceptable in all aspects to all concerned, the CMM, on balance, can be considered a very successful model, particularly when combined with TQM principles. There may be uncertainty as to whether the costs of attaining and maintaining a CMM level will be recouped through reduced software production costs and more efficient software engineering practices (as published studies report). But with continued strong DoD sponsorship, there will likely be an increasing number of companies that base their software process improvement efforts on the CMM     

Shareholder reaction to firm investments in the capability maturity model: an event study

This study investigates the differential effects of successfully completed capability maturity model (CMM) appraisals on a firm's short-term and long-term stock performance. Our results indicate a positive share price response on the days surrounding the appraisal date for the stocks of companies obtaining the CMM appraisal. Stocks of firms successfully completing CMM appraisals generally outperform the S&P 500 index over longer-holding periods, although they do not outperform a matched sample. We find support that firms from the information technology industry, firms that are larger, firms of higher CMM maturity levels, and firms completing multiple appraisals are more likely to experience both short-term and long-term benefits from their investing in the CMM.     

Development of a maturity model for electronic invoice processes

The digitalization of invoice processes provides a good opportunity for companies to pare down expenses, optimize administrative tasks, and increase efficiency and competitiveness. But the digitalization is limited by a variety of software solutions, legal uncertainties, heterogeneous demands, lack of know-how, and information system infrastructure incompatibilities. A holistic map of electronic invoice processes is mandatory, especially to demonstrate different levels of process integration and optimization. A maturity model puts this into practice and provides companies with a tool to identify their current situation and to derive recommendations to optimize that situation. In this paper, a maturity model for electronic invoice processes will be developed using exploratory data from focus groups. A theoretical approach that is based on a procedure-model for developing maturity models is applied. Four categories (strategy, acceptance, processes & organization, and technology) are identified and enriched by sub-categories. Future research requires the development of detailed maturity metrics.     

A survey of usability capability maturity models: implications for practice and research

Improving the position and effectiveness of user-centred design (UCD) in software and product development is a challenge in many companies. One step towards improvements is to carry out a usability capability maturity (UCM) assessment to evaluate the strengths and weaknesses of a development organisation in UCD. While several diverse UCM models have been introduced, little research has been published in the public domain on these models. The paper aims to fill this gap by analysing the main features of the models. The results show that most models represent different approaches - although some of them have the same roots - meaning that understanding one model is not enough to understand the basics of another model. All models can be used for examining the status of UCD in individual development projects. In addition, models provide various means for assessment of the status of UCD in other organisational areas. The level of documentation of models varies a lot, and very few empirical research results exist. Based on the results, implications for practice and research are suggested.     

A survey of usability capability maturity models: implications for practice and research

Improving the position and effectiveness of user-centred design (UCD) in software and product development is a challenge in many companies. One step towards improvements is to carry out a usability capability maturity (UCM) assessment to evaluate the strengths and weaknesses of a development organisation in UCD. While several diverse UCM models have been introduced, little research has been published in the public domain on these models. The paper aims to fill this gap by analysing the main features of the models. The results show that most models represent different approaches – although some of them have the same roots – meaning that understanding one model is not enough to understand the basics of another model. All models can be used for examining the status of UCD in individual development projects. In addition, models provide various means for assessment of the status of UCD in other organisational areas. The level of documentation of models varies a lot, and very few empirical research results exist. Based on the results, implications for practice and research are suggested.     

Towards a programming model for context-aware applications

In mobile computing scenarios, users move in different environments and applications can automatically explore their surroundings. This type of context-aware application is an emerging trend, so far not widely disseminated. We believe that the proposal of a programming model specifically designed for the specification of context-aware applications, using general abstractions, will foster a rapidly widespread of such kind of software. In this article, we propose the use of the Holoparadigm (in short Holo) to fill this gap. We created a programming language based on Holo (called HoloL) to demonstrate the strengths of Holoparadigm to develop context-aware applications. The article uses a sample scenario to show the Holo's practical aspects related to implementation of context-aware applications. We also present a platform to HoloL (called HoloEnv), composed of a compiler, a virtual machine, and a distributed execution environment. Finally, different performance aspects of the HoloEnv's components were evaluated through experimental results.     

Towards a model for long-term education policy

This paper describes the long-term economic and demographic forecast from recent long-term computer global models and discusses their possible relevance to education policy. Overall, regional, sectoral and international economic results are described as well as age and skill specific demographic results. It is argued that the models may be of some value in their current form but that a more comprehensive and value based analysis is in order. Different Utopian models of education, traditional, diverse and planned, and their dysutopian counterparts are sketched. After taking one of the current models as an illustration, a computable quantitative framework, designed to overcome several of the criticisms of current models made in the paper, is suggested.     

Towards a competency model for requirements analysts

Requirements engineering is a software development discipline, executed by requirements analysts (RAs), that includes requirements elicitation, analysis, specification and validation. Its successful outcome is very often essential to overall project success. However, there is a lack of systematically conducted empirical research on the competencies of RAs. This paper addressed this gap by conducting 64 interviews at eight major North American and European financial services companies. Our qualitative research design follows an interpretive approach and uses critical incident technique. We develop a competency model, which specifies 16 critical competencies, and integrates contextual and situational factors as well as results variables. ‘Consulting others’, ‘Testing assumptions and investigating’ and ‘Explaining concepts and opinions’ were the most frequently identified competencies. This indicates that for an effective analyst, close interaction and communication with customers is indeed crucial – but of equally importance is the critical questioning of the expressed needs. Surprisingly, applying specific tools and advanced techniques did not seem to play a significant role from the interviewees' perspective. This study contributes to theory as it is the first to elaborate a competency model for RAs. It also provides a foundation for the development of competency‐based training in companies and universities.     

SLA-based admission control for a Software-as-a-Service provider in Cloud computing environments

Software as a Service (SaaS) provides access to applications to end users over the Internet without upfront investment in infrastructure and software. To serve their customers, SaaS providers utilise resources of internal data centres or rent resources from a public Infrastructure as a Service (IaaS) provider. In-house hosting can increase administration and maintenance costs whereas renting from an IaaS provider can impact the service quality due to its variable performance. To overcome these limitations, we propose innovative admission control and scheduling algorithms for SaaS providers to effectively utilise public Cloud resources to maximize profit by minimizing cost and improving customer satisfaction level. Furthermore, we conduct an extensive evaluation study to analyse which solution suits best in which scenario to maximize SaaS provider?s profit. Simulation results show that our proposed algorithms provide substantial improvement (up to 40% cost saving) over reference ones across all ranges of variation in QoS parameters.     

基于CMM的隐患治理能力成熟度模型研究与应用

为提升企业自身的隐患治理能力,借鉴软件能力成熟度模型,提出了隐患治理能力成熟度的概念,建立隐患治理能力成熟度五级模型,构建评估指标体系,基于专家评估法和自组织特征映射神经网络提出组合评估方法。实验结果表明,所提出的模型与方法可实现智能化评估企业隐患治理能力,并为强化隐患排查治理长效机制提供参考依据。     

Towards a security model for computational puzzle schemes

In the literature, computational puzzle schemes have been considered as a useful tool for a number of applications, such as constructing timed cryptography, fighting junk emails, and protecting critical infrastructure from denial-of-service attacks. However, there is a lack of a general security model for studying these schemes. In this paper, we propose such a security model and formally define two properties, namely the determinable difficulty property and the parallel computation resistance property. Furthermore, we prove that a variant of the RSW scheme, proposed by Rivest, Shamir, and Wagner, achieves both properties.