research-article

Trade-offs in managing risk and technical debt in industrial research labs: an experience report

Authors:

François Gauthier,

Alexander Jordan,

Padmanabhan Krishnan,

Behnaz Hassanshahi,

Jörn Guy Süß,

Hyunjun LeeAuthors Info & Claims

TechDebt '20: Proceedings of the 3rd International Conference on Technical Debt

Pages 98 - 102

https://doi.org/10.1145/3387906.3388623

Published: 25 September 2020 Publication History

Abstract

Nowadays, industrial research labs operate like startups. In a relatively short amount of time, researchers are expected not only to explore innovative ideas but also show how the new ideas can add value to the organisation. One way to do this, especially when developing tools, is to construct usable prototypes. When the technology underlying the research tool is highly complex or niche, like program analysis, field trials with potential users also help explaining and demonstrating the benefits of the tool. Getting support from potential users helps demonstrate value to the organisation, which in turn justifies conducting more extensive research and investing more resources to enhance the initial prototype.

Thus, research that involves the construction of tools need to manage both short and long term risk, and the technical debt that arises throughout the lifecycle of a research prototype. As not all prototypes will result in a technology transfer, one has to carefully manage the project resources dedicated to paying the technical debt. For example, failure to pay the debt early in the project might result in unstable prototypes that can have a negative influence on potential customers and make technology transfer harder. On the other hand, over committing resources to reduce the technical debt might result in slower research progress and failure to show improvement over state-of-the-art. In this paper, we will present experience reports from two dynamic program analysis projects. at Oracle Labs Australia.

References

[1]

[n.d.]. ECMAScript Parsing Infrastructure for Multipurpose Analysis. https://esprima.org/.

[2]

[n.d.]. Jalangi2. https://github.com/Samsung/jalangi2.

[3]

[n.d.]. Man-in-the-middle Proxy. https://mitmproxy.org/.

[4]

[n.d.]. Websockets. https://pypi.org/project/websockets/.

[5]

Mesbah A., van Deursen A., and Lenselink S. 2012. Crawling Ajax-Based Web Applications through Dynamic Analysis of User Interface State Changes. ACM Trans. Web 6, 1 (2012), 3:1--3:30.

Digital Library

[6]

T. Besker, A. Martini, R. E. Lokuge, K. Blincoe, and J. Bosch. 2018. Embracing Technical Debt, from a Startup Company Perspective. In International Conference on Software Maintenance and Evolution (ICSME). 415--425.

[7]

S. Chandra, S. Sinha, and S. Thummalapenta. 2016. Lessons from the tech transfer trenches. Communications of the ACM (CACM) (Feb 2016).

[8]

M. Chwalisz, K. Geissdoerfer, and A. Wolisz. 2019. Walker: DevOps Inspired Workflow for Experimentation. In IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). 277--282.

[9]

O. Cico. 2019. Technical Debt Trade-Off - Experiences from Software Startups Becoming Grownups. In International Conference on Software Business (ICSOB) (Lecture Notes in Business Information Processing (LNBIP)). Springer, 413--418.

[10]

François Gauthier, Behnaz Hassanshahi, and Alexander Jordan. 2018. Affogato: Runtime detection of injection attacks for Node.js. In Companion Proceedings for the ISSTA/ECOOP 2018 Workshops. ACM, 94--99.

Digital Library

[11]

C. Giardino, N. Paternoster, M. Unterkalmsteiner, T. Gorschek, and P. Abrahamsson. 2016. Software Development in Startup Companies: The Greenfield Startup Model. IEEE Transactions on Software Engineering 42, 6 (2016), 585--604.

Digital Library

[12]

V. Kashyap, K. Dewey, E. A. Kuefner, J. Wagner, J. Gibbons, Kevin. Sarracino, B. Wiedermann, and B. Hardekopf. 2014. JSAI: A Static Analysis Platform for JavaScript. In Proceedings of the 22^nd ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE). 121--132.

[13]

E. Klotins, M. Unterkalmsteiner, P. Chatzipetrou, T. Gorschek, R. Prikladnicki, N. Tripathi, and L. B. Pompermaier. 2018. Exploration of Technical Debt in Startups. In Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Practice. ACM, 75--84.

[14]

H. Lee, S. Won, J. Jin, J. Cho, and S. Ryu. 2012. Safe: Formal specification and implementation of a scalable analysis framework for ecmascript. In FOOL.

[15]

C. Marzocchi and R. Ramlogan. 2019. Forsaking innovation: addressing failure and innovationbehaviour variety. Technology Analysis & Strategic Management 31, 2 (2019), 1462--1473.

[16]

I. Ozkaya, R. L. Nord Z. Kurtz, and R. S. Sangwan. 2019. Automatically Detecting Technical Debt Discussions. Technical Report. Carnegie Mellon University: Software Engineering Institute.

[17]

D. Shepherd, K. Damevski, and L. Pollock. 2015. How and when to Transfer Software Engineering Research via Extensions. In Proceedings of the 37th International Conference on Software Engineering - Volume 2. IEEE Press, 239--240.

[18]

H. Sun, D. Bonetta, C. Humer, and W. Binder. 2018. Efficient Dynamic Analysis for Node.Js. In Proceedings of the 27th International Conference on Compiler Construction (CC 2018). ACM, 196--206.

[19]

O. Tripp, M. Pistoia, S. J. Fink, M. Sridharan, and O. Weisman. 2009. TAJ: effective taint analysis of web applications. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI. ACM, 87--97.

[20]

Thomas Würthinger, Christian Wimmer, Christian Humer, Andreas Wöundefined, Lukas Stadler, Chris Seaton, Gilles Duboscq, Doug Simon, and Matthias Grimmer. 2017. Practical Partial Evaluation for High-Performance Dynamic Language Runtimes. SIGPLAN Not. 52, 6 (June 2017), 662--676.

Digital Library

Cited By

Cifuentes CGauthier FHassanshahi BKrishnan PMcCall D(2023)The Role of Program Analysis in Security Vulnerability Detection: Then and NowComputers & Security10.1016/j.cose.2023.103463(103463)Online publication date: Sep-2023
https://doi.org/10.1016/j.cose.2023.103463
Santamaria ILarrucea XFernandez‐Gauna B(2023)Integrating privacy debt and VSE's software developmentsJournal of Software: Evolution and Process10.1002/smr.243735:8Online publication date: 7-Aug-2023
https://dl.acm.org/doi/10.1002/smr.2437
Larrucea XSantamaría IGraña Romay M(2021)Towards a privacy debtIET Software10.1049/sfw2.1204415:6(453-463)Online publication date: 8-Sep-2021
https://doi.org/10.1049/sfw2.12044

Index Terms

Trade-offs in managing risk and technical debt in industrial research labs: an experience report
1. Software and its engineering
  1. Software creation and management
    1. Software development process management
      1. Risk management
    2. Software post-development issues
      1. Maintaining software

Recommendations

Sell-Side Debt Analysts and Debt Market Efficiency

We explore sell-side debt analysts’ contributions to the efficiency of securities markets. We document that debt returns lag equity returns less when debt research coverage exists, which is consistent with debt analysts facilitating the process by which ...
The financial aspect of managing technical debt

ContextTechnical debt is a software engineering metaphor, referring to the eventual financial consequences of trade-offs between shrinking product time to market and poorly specifying, or implementing a software product, throughout all development ...
Risk Analysis of Collateralized Debt Obligations

Collateralized debt obligations, which are securities with payoffs that are tied to the cash flows in a portfolio of defaultable assets such as corporate bonds, play a significant role in the financial crisis that has spread throughout the world. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

TechDebt '20: Proceedings of the 3rd International Conference on Technical Debt

June 2020

131 pages

ISBN:9781450379601

DOI:10.1145/3387906

General Chair:
Clemente Izurieta
Montana State University
,
Program Chairs:
Matthias Galster
University of Canterbury
,
Michael Felderer
University of Innsbruck

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

In-Cooperation

IEEE CS

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 September 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

TechDebt '20

Sponsor:

SIGSOFT

TechDebt '20: International Conference on Technical Debt

June 28 - 30, 2020

Seoul, Republic of Korea

Acceptance Rates

TechDebt '20 Paper Acceptance Rate 14 of 31 submissions, 45%;

Overall Acceptance Rate 14 of 31 submissions, 45%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
73
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 26 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Cifuentes CGauthier FHassanshahi BKrishnan PMcCall D(2023)The Role of Program Analysis in Security Vulnerability Detection: Then and NowComputers & Security10.1016/j.cose.2023.103463(103463)Online publication date: Sep-2023
https://doi.org/10.1016/j.cose.2023.103463
Santamaria ILarrucea XFernandez‐Gauna B(2023)Integrating privacy debt and VSE's software developmentsJournal of Software: Evolution and Process10.1002/smr.243735:8Online publication date: 7-Aug-2023
https://dl.acm.org/doi/10.1002/smr.2437
Larrucea XSantamaría IGraña Romay M(2021)Towards a privacy debtIET Software10.1049/sfw2.1204415:6(453-463)Online publication date: 8-Sep-2021
https://doi.org/10.1049/sfw2.12044

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents