Software, Volume 4, Issue 4 (December 2025) – 12 articles

Graph generalization is a powerful concept with a wide range of potential applications, while established algorithms exist for generalizing simple graphs, practical approaches for more complex graphs remain elusive. We introduce a novel formal model and algorithm (GGA) that generalizes labeled directed graphs without assuming label identity. We evaluate GGA by focusing on its information preservation relative to its input graphs, its scalability in execution, and its utility for three applications: abstract syntax trees, class graphs, and call graphs. Our findings reveal the superiority of GGA over alternative tools. GGA outperforms ASGard by an average of 5–18% on metrics related to information preservation; GGA matches 100% with diffsitter, indicating the correctness of the output. For class graphs, GGA achieves 77.1% in precision at 5, while for call graphs, it exhibits 60% in precision at 5 for a specific application problem. We also test performance for the first two applications: GGA’s execution time scales linearly with respect to the product of vertex count and edge count. Our research demonstrates the ability of GGA to preserve information in diverse applications while performing efficiently, signaling its potential to advance the field. Full article

Regulated web systems require traceable, rollback-safe UI delivery, yet conventional static deployments and Boolean flagging struggle to provide per-user versioning, deterministic fallbacks, and audit-grade observability. The objective of this research is to develop and validate a runtime frontend architecture that enables per-session component versioning with deterministic fallbacks and audit-grade traceability for regulated systems. We present a dynamic frontend architecture that integrates typed GraphQL flag schemas, runtime module federation, and structured observability to enable per-session and per-route component versioning with deterministic fallbacks. We formalize a version-resolution function v = f(u, r, t) and implement a production system that achieved a 96% reduction in MTTR, a P90 fallback rate below 0.7%, and over 280 k session-level logs across 45 days. Compared to static delivery and standard flag evaluators, our approach adds schema-driven targeting, component-level isolation, and audit-ready render traces suitable for compliance. Limitations include cold-start overhead and governance complexity; we provide mitigation strategies and discuss portability beyond fintech. Full article

Organizations increasingly rely on Agile software development to navigate the complexities of digital transformation. Agile emphasizes flexibility, empowerment, and emergent design, yet large-scale initiatives often extend beyond single teams to include multiple subsidiaries, business units, and regulatory stakeholders. In such contexts, team-level mechanisms such as retrospectives, backlog refinement, and planning events may prove insufficient to achieve alignment across diverse perspectives, organizational boundaries, and compliance requirements. To address this limitation, this paper introduces a complementary framework and a supporting software tool that enable systematic cross-stakeholder alignment. Rather than replacing Agile practices, the framework enhances them by capturing heterogeneous stakeholder views, surfacing tacit knowledge, and systematically reconciling differences into a shared alignment artifact. The methodology combines individual Functional Resonance Analysis Method (FRAM)-based process modeling, iterative harmonization, and an evidence-supported selection mechanism driven by quantifiable performance indicators, all operationalized through a prototype tool. The approach was evaluated in a real industrial case study within the regulated gaming sector, involving practitioners from both a parent company and a subsidiary. The results show that the methodology effectively revealed misalignments among stakeholders’ respective views of the development process, supported structured negotiation to reconcile these differences, and produced a consolidated process model that improved transparency and alignment across organizational boundaries. The study demonstrates the practical viability of the methodology and its value as a complementary mechanism that strengthens Agile ways of working in complex, multi-stakeholder environments. Full article

The integration of modern artificial intelligence into software systems presents transformative opportunities and novel challenges for software quality assurance (SQA). While AI enables powerful enhancements in testing, monitoring, and defect prediction, it also introduces non-determinism, continuous learning, and opaque behavior that challenge traditional quality and reliability paradigms. This paper proposes a framework for addressing these issues, drawing on concepts from systems theory. We argue that AI-enabled software systems should be understood as dynamical systems, i.e., stateful adaptive systems whose behavior depends on prior inputs, feedback, and environmental interaction, as well as components embedded within broader socio-technical ecosystems. From this perspective, quality assurance becomes a matter of maintaining stability by enforcing constraints as well as designing robust feedback and control mechanisms that account for interactions across the full ecosystem of stakeholders, infrastructure, and operational environments. This paper outlines how the systems-theoretic perspective can inform the development of modern SQA processes. This ecosystem-aware approach repositions software quality as an ongoing, systemic responsibility, especially important in mission-critical AI applications. Full article

Root cause analysis (RCA) identifies the faults and vulnerabilities underlying software failures, informing better design and maintenance decisions. Earlier approaches typically framed RCA as a classification task, predicting coarse categories of root causes. With recent advances in large language models (LLMs), RCA can be treated as a generative task that produces natural language explanations of faults. We introduce RCEGen, a framework that leverages state-of-the-art open-source LLMs to generate root cause explanations (RCEs) directly from bug reports. Using 298 reports, we evaluated five LLMs in conjunction with human developers and LLM judges across three key aspects: correctness, clarity, and reasoning depth. Qwen2.5-Coder-Instruct achieved the strongest performance (correctness ≈ 0.89, clarity ≈ 0.88, reasoning ≈ 0.65, overall ≈ 0.79), and RCEs exhibited high semantic fidelity (CodeBERTScore ≈ 0.98) to developer-written references despite low lexical overlap. The results demonstrated that LLMs achieve high accuracy in root cause identification from bug report titles and descriptions, particularly when reports contained error logs and reproduction steps. Full article

Federated Learning (FL) has emerged as a pivotal paradigm for privacy-preserving machine learning. While numerous FL libraries have been developed to operationalize this paradigm, their rapid proliferation has created a significant challenge for practitioners and researchers: selecting the right tool requires a deep understanding of their often undocumented software architectures and extensibility, aspects that are largely overlooked by existing algorithm-focused surveys. This paper addresses this gap by conducting the first comprehensive survey of FL libraries from a software engineering perspective. We systematically analyze ten popular open-source FL libraries, dissecting their architectural designs, support for core and advanced FL features, and most importantly, their extension mechanisms for customization. Our analysis produces a novel taxonomy of FL concepts grounded in software implementation, a practical decision framework for library selection, and an in-depth discussion of architectural limitations and pathways for future development. The findings provide developers with actionable guidance for selecting and extending FL tools and offer researchers a clear roadmap for advancing FL infrastructure. Full article

This study investigates how software developers discuss usability on Stack Overflow through an analysis of posts from 2008 to 2024. Despite recognizing the importance of usability for software success, there is a limited amount of research on developer engagement with usability topics. Using mixed methods that combine quantitative metric analysis and qualitative content review, we examine temporal trends, comparative engagement patterns across eight non-functional requirements, and programming context-specific usability issues. Our findings show a significant decrease in usability posts since 2010, contrasting with other non-functional requirements, such as performance and security. Despite this decline, usability posts exhibit high resolution efficiency, achieving the highest answer and acceptance rates among all topics, suggesting that the community is highly effective at resolving these specialized questions. We identify distinctive platform-specific usability concerns: web development prioritizes responsive layouts and form design; desktop applications emphasize keyboard navigation and complex controls; and mobile development focuses on touch interactions and screen constraints. These patterns indicate a transformation in the sharing of usability knowledge, reflecting the maturation of the field, its integration into frameworks, and the migration to specialized communities. This first longitudinal analysis of usability discussions on Stack Overflow provides insights into developer engagement with usability and highlights opportunities for integrating usability guidance into technical contexts. Full article

Our goal is to generate restructuring recommendations for research software systems based on software architecture descriptions that were obtained via reverse engineering. We reconstructed these software architectures via static and dynamic analysis methods in the reverse engineering process. To do this, we combined static and dynamic analysis for call relationships and dataflow into a hierarchy of six analysis methods. For generating optimal restructuring recommendations, we use genetic algorithms, which optimize the module structure. For optimizing the modularization, we use coupling and cohesion metrics as fitness functions. We applied these methods to Earth System Models to test their efficacy. In general, our results confirm the applicability of genetic algorithms for optimizing the module structure of research software. Our experiments show that the analysis methods have a significant impact on the optimization results. A specific observation from our experiments is that the pure dynamic analysis produces significantly better modularizations than the optimizations based on the other analysis methods that we used for reverse engineering. Furthermore, a guided, interactive optimization with a domain expert’s feedback improves the modularization recommendations considerably. For instance, cohesion is improved by 57% with guided optimization. Full article

To ensure adequate skill development, but also competitive advantage as a software engineering organization, initiatives in cybersecurity training is one of several important investment decisions to make for management. This study builds upon three case organizations in Sweden and Greece, where managers’ and software developers’ perceptions on trialability and observability effects are analyzed, grounded in the theory of innovation diffusion. Using interviews and a developer-centric survey, both quantitative and qualitative data are collected, and used in combination to support the development of a pre-investment framework for management. The analysis includes thematic analysis, cosine similarity comparison, and, to some extent, sentiment polarity scoring. A pre-investment framework consisting of a process of seven concrete steps is proposed, based on the empirical findings in the study. Full article

This study investigates how Development and Operations (DevOps) practices impact Project Management Office (PMO) governance within the technology sector of the United Arab Emirates (UAE). It addresses the need for agile-aligned governance frameworks by exploring how DevOps principles affect traditional PMO structures. A quantitative cross-sectional survey was conducted, and data was collected from 321 DevOps and PMO professionals in UAE organizations. The analysis, using Partial Least Squares Structural Equation Modelling (PLS-SEM), revealed a moderate positive correlation between specific DevOps practices—such as microservices, Minimum Viable Experience (MVE) culture, continuous value streams, automated configuration, and continuous delivery—and effective PMO governance. The study’s novel theoretical contribution is the integration of the Dynamic Capabilities Framework (DCF) with the Agile DevOps Reference Model (ADRM) to examine this alignment, bridging strategic agility and operational execution. This research offers actionable insights for UAE organizations and policymakers seeking to enhance governance and digital maturity. Full article

This paper introduces a variant of the classic Towers of Hanoi (TH) puzzle in which parallel moves—simultaneous transfers of multiple discs—are permitted. The problem is formalized with Generalized Nets (GN), an extension of Petri nets (PN) whose tokens and transitions encode the ordering and movement of the n discs among three rods under the usual constraints. The resulting GN model, implemented on the OnlineGN platform, provides a clear, precise, and systematic representation that highlights the role of parallelism and supports interactive experimentation. This framework enables the exploration of strategies that reduce the number of parallel steps (PS) and, more broadly, illustrates how GN-captured parallelism can shorten the sequential depth for selected problems with exponential-time solutions. Full article

Context: Modern software systems have become increasingly complex, making it difficult to interpret raw requirements and effectively utilize traditional tools for software design and analysis. Unified Modeling Language (UML) class diagrams are widely used to visualize and understand system architecture, but analyzing them manually, especially for large-scale systems, poses significant challenges. Objectives: This study aims to automate the analysis of UML class diagrams by assessing their complexity using a machine learning approach. The goal is to support software developers in identifying potential design issues early in the development process and to improve overall software quality. Methodology: To achieve this, this research introduces a Visual Question Answering (VQA)-based framework that integrates both computer vision and natural language processing. Vision Transformers (ViTs) are employed to extract global visual features from UML class diagrams, while the BERT language model processes natural language queries. By combining these two models, the system can accurately respond to questions related to software complexity, such as class coupling and inheritance depth. Results: The proposed method demonstrated strong performance in experimental trials. The ViT model achieved an accuracy of 0.8800, with both the F1 score and recall reaching 0.8985. These metrics highlight the effectiveness of the approach in automatically evaluating UML class diagrams. Conclusions: The findings confirm that advanced machine learning techniques can be successfully applied to automate software design analysis. This approach can help developers detect design flaws early and enhance software maintainability. Future work will explore advanced fusion strategies, novel data augmentation techniques, and lightweight model adaptations suitable for environments with limited computational resources. Full article