John Robert

Measuring software sustainability

Planning and management of software sustainment is impaired by a lack of consistently applied, practical measures. Without these measures, it is impossible to determine the effect of efforts to improve sustainment practices. In this paper we provide a context for evaluating sustainability and discuss a set of measures developed at the Software Engineering Institute at Carnegie Mellon University.

Custom vs. off-the-shelf architecture

Members of the COTS-based system initiative at the Software Engineering Institute have developed the Generic Enterprise Ensemble (GEE), a generic approach to building distributed, transaction based, secure enterprise information systems (EIS). GEE is a tool to help in the selection of technologies and architectural choices when building enterprise information systems. Enterprise JavaBeans/sup TM/ (EJB) is a specification from Sun Microsystems for an application server based on Java technology. a comparison is made between GEE based solutions and off-the-shelf solutions based on the EJB specification.

Bringing COTS Information Technology into Small Manufacturing Enterprises

Due to increasing competitive pressure, many small manufacturing enterprises (SMEs) are considering COTS software technology improvements to increase productivity. However, SMEs are generally not as prepared to bring COTS software technology into their company as are medium and large organizations. SMEs face unique COTS issues due to organizational constraints, limited interaction with vendors and a passive role (in terms of technology and business process) in the manufacturing supply chain. This report describes these unique SME COTS software challenges as observed in several hands-on technology demonstrations conducted over a two-year period as part of the SEI Technology Insertion Demonstration & Evaluation (TIDE) program.

Managed Technology Adoption Risk: A Way to Realize Better Return from COTS Investments

Two companies can install the same COTS (Commercial Off The Shelf) software package, yet one company enjoys more success, and a better return, than the other. Needless to say, many factors could be involved in this common scenario. Yet, chances are, one of the factors is that the successful company actively managed the non-technical aspects of the adoption of the COTS software adoption, instead of just selecting it and installing it. What is the difference? According to technology transition researchers, “installed” means that the system is operational; however, only a few people use the software as intended (or at all!) [Fichman1995]. “Adopted” means that the system is operational, and employees are using it in the way that was intended to support the business need that led to the COTS adoption to begin with. Every organization exhibits different risks for adopting a particular technology, and whether and how those risks are managed often determine whether adoption is achieved, vs merely achieving installation. Managing adoption, especially managing adoption risk, actually starts before acquiring any technology and continues after installation.

Securing Internet sessions with Sorbet

More and more organizations are using intranets and even the Internet as the communications media for important data. However, such communications media are inherently insecure and subject to hijacking. To secure these connections, mechanisms must be built on top of the underlying communications facilities. We discuss one such security mechanism and describe an implementation using common object request broker architecture (CORBA) based interceptors.