Exploring the Relationship between Architecture Coupling and Software Vulnerabilities

Robert  Lagerstrom; Carliss Y. Baldwin; Alan   MacCormack; Dan  Sturtevant; Lee  Doolan

Working Paper | HBS Working Paper Series | 2017

Exploring the Relationship between Architecture Coupling and Software Vulnerabilities: A Google Chrome Case

by Robert Lagerstrom, Carliss Y. Baldwin, Alan MacCormack, Dan Sturtevant and Lee Doolan

Abstract

Employing software metrics, such as size and complexity, for predicting defects has been given a lot of attention over the years and has proven very useful. However, the few studies looking at software architecture and vulnerabilities are limited in scope and findings. We explore the relationship between software vulnerabilities and component metrics (like code churn and cyclomatic complexity) as well as architecture coupling metrics (direct, indirect, and cyclic coupling). Our case is based on the Google Chromium project, an open-source project that has not yet been studied for this topic. Our findings show a strong relationship between vulnerabilities and both component level metrics and architecture coupling metrics. Unfortunately, the effects of different types of coupling are somewhat hard to distinguish.

Keywords: software; architecture; complexity; coupling; vulnerabilities; Software; Complexity; Measurement and Metrics;

Language: English

Format: Print

12 pages

Read Now

Citation:

Lagerstrom, Robert, Carliss Y. Baldwin, Alan MacCormack, Dan Sturtevant, and Lee Doolan. "Exploring the Relationship between Architecture Coupling and Software Vulnerabilities: A Google Chrome Case." Harvard Business School Working Paper, No. 17-078, February 2017.

This case describes the operations of a fictitious company that processes Cranberries. The case contains data that allows students to calculate the bottleneck stage in production, and to evaluate alternative investment options for increasing cranberry processing capacity.

Case | HBS Case Collection | October 2018 (Revised February 2020)

Innovation at Uber: The Launch of Express POOL

Chiara Farronato, Alan MacCormack and Sarah Mehta

Set in March 2018, the case follows ride-sharing company Uber as it develops and launches a new product called Express POOL. This product offers a reduced price to riders willing to carpool, walk a short distance to/from their pick-up and drop-off points, and wait a few minutes before being matched to a driver. Two weeks after the launch of Express POOL in six U.S. cities, Uber’s product managers discover that if riders are made to wait five minutes to be matched to a driver—rather than the standard two minutes—rider cancellation rates increase, but Uber’s costs per ride are reduced. Together with data scientists, engineers, and product operations specialists, the product managers must decide whether to keep rider wait times at two minutes or increase wait times to five minutes in the six newly launched cities. The decision is complicated by the fact that Uber’s data science team normally places a five-week moratorium on changes to any new product, to allow robust data to be collected on its performance. This case is paired with a supplementary dataset from Uber (HBS No. 619-702). In advance of the class discussion, students can analyze the data and draw their own conclusions about the trade-offs of maintaining the standard wait times or increasing them.

Keywords: Innovation and Management; Innovation Leadership; Innovation Strategy; Technological Innovation; Technology; Mobile Technology; Software; Technology Platform; Decision Making; Technology Industry; California; San Francisco;

Citation:

Farronato, Chiara, Alan MacCormack, and Sarah Mehta. "Innovation at Uber: The Launch of Express POOL." Harvard Business School Case 619-003, October 2018. (Revised February 2020.) View Details

Cite View Details Educators Purchase

Faculty & Research

Exploring the Relationship between Architecture Coupling and Software Vulnerabilities: A Google Chrome Case

Abstract

Citation:

About the Authors

More from these Authors