Evolution Strategies

  • Frank J. FurrerEmail author


Software-systems evolve over time. The evolution is driven by change in business requirements, market conditions, operating environment changes and technology progress. This requires a relentless adaptation of the Software-systems. Building and maintaining future-proof software-systems needs a clear and realistic pathway. The first element for this is a strategy: The strategy prescribes the process for the management of the evolution of the future-proof software-system. Many software-evolution strategies exist in the literature. Here a proven strategy for very large, long-lived, and mission-critical Software-systems is presented: The “Managed Evolution”. Managed Evolution steers the evolution process in such a way, that the business value, the changeability and the dependability of the future-proof software-systems are continuously improved, while other quality of service properties are guaranteed to be as good as necessary.


  1. [Abran10]
    Abran A (2010) Software metrics and software metrology. Wiley, Piscataway. ISBN 978-0-470-59720-0CrossRefGoogle Scholar
  2. [Ahern08]
    Ahern DM, Clouse A (2008) CMMI distilled—a practical introduction to integrated process improvement, 3rd edn. Addison-Wesley Professional, Upper Saddle River (SEI Series in Software Engineering). ISBN 978-0-321-46108-7Google Scholar
  3. [Ambler11]
    Ambler SW, Sadalage PJ (2011) Refactoring databases—evolutionary database design. Addison Wesley, Upper Saddle River. ISBN 978-0-321-77451-4Google Scholar
  4. [Anda08]
    Anda B, Dreiem H, Sjoberg DIK, Jorgensen M (2008) Estimating software development effort based on use cases—experiences from industry.
  5. [Armour03]
    Armour PG (2003) The laws of software process—a new model for the production and management of software. Auerbach, Boca Raton. ISBN 978-0-849-31489-6CrossRefGoogle Scholar
  6. [Aroms12]
    Aroms E (2012) NIST special publication 800–55 rev1: security metrics guide for information technology systems. CreateSpace, Scotts Valley. ISBN 978-1-4701-5204-8Google Scholar
  7. [Aviziensis04]
    Avizienis A, Laprie J-C, Randell B, Landwehr C (2004) Basic concepts and taxonomy of dependable and secure computing IEEE transactions on dependable and secure computing, Vol. 1, No. 1, January–March. Accessed: 6. June 2017CrossRefGoogle Scholar
  8. [Bernstein05]
    Bernstein L, Yuhas CM (2005) Trustworthy systems through quantitative software engineering. Wiley Interscience, Hoboken (IEEE Book Series). ISBN 978-0-471-69691-9CrossRefGoogle Scholar
  9. [Bernstein15]
    Bernstein D (2015) Beyond legacy code – nine practices to extend the life (and value) of your software. O’Reilly UK Ltd, Dallas. ISBN 978-1-680-50079-0Google Scholar
  10. [Boehm00]
    Boehm BW, Abts C, Brown AW, Chulani S, Clark BK, Horowitz E, Madachy R, Reifer D, Steece B (2000) Software cost estimation with COCOMO II. Prentice Hall PTR, New Jersey. ISBN 978-0-13-026692-2Google Scholar
  11. [Brotby08]
    Brotby WK (2008) Information security management metrics—a definitive guide to effective security monitoring and measurement. Taylor & Francis, Boca Raton. ISBN 978-1-420-05285-5Google Scholar
  12. [Brotby13]
    Brotby WK, Hinson G (2013) PRAGMATIC security metrics – applying metametrics to information security. Taylor & Francis, Boca Raton. ISBN 978-1-439-88152-1Google Scholar
  13. [Buchmann13]
    Buchmann JA, Karatsiolis E, Wiesmaier A (2013) Introduction to public key infrastructures. Springer, Berlin. ISBN 978-3-642-40656-0CrossRefGoogle Scholar
  14. [Burchard17]
    Burchard E (2017) Refactoring JavaScript—turning bad code into good code. O’Reilly UK Ltd, Beijing. ISBN 978-1-491-96492-7Google Scholar
  15. [Cusumano10]
    Cusumano MA (2010) Staying power—six enduring principles for managing strategy & innovation in an uncertain world. Oxford University Press, Oxford. ISBN 978-0-19-921896-7Google Scholar
  16. [Chou13]
    Chou W (2013) Fast-tracking your career—soft skills for engineering and IT professionals. Wiley, Hoboken. ISBN 978-1-118-52178-6Google Scholar
  17. [Doane17]
    Doane M (2017) Enterprise taxonomy governance—practical advice for building and maintaining your enterprise taxonomy. CreateSpace, Scotts Valley. ISBN 978-1-54637-377-3Google Scholar
  18. [Eickhoff11]
    Eickhoff J (2011) Onboard computers, onboard software and satellite operations—an introduction. Springer, Berlin (Springer Aerospace Technology). ISBN 978-3-642-25169-6Google Scholar
  19. [Ejiogu05]
    Ejiogu LO (2005) Software metrics—the discipline of software quality. Booksurge Publishing, Charleston. ISBN 978-1-4196-0242-9Google Scholar
  20. [Eliot17]
    Eliot LB (2017) Advances in AI and autonomous vehicles: cybernetic self-driving cars: practical advances in artificial intelligence (AI) and machine learning. LBE Press Publishing, South Carolina. ISBN 978-0-6929-1517-2Google Scholar
  21. [Eusgeld08]
    Eusgeld I (2008) Dependability metrics—advanced lecture. Springer Lecture Notes in Computer Science, Berlin (GI-Dagstuhl Research Seminar, 2005). ISBN 978-3-540-68946-1CrossRefGoogle Scholar
  22. [Feathers19]
    Feathers M (2019) Brutal Refactoring – More Working Effectively with Legacy Code. Addison Wesley, Boston, MA, USA, ISBN 978-0-321-79320-1Google Scholar
  23. [Feghhi98]
    Feghhi J, Feghhi J, Williams P (1998) Digital certificates—applied internet security. Addison-Wesley, Amsterdam. ISBN 978-0-201-30980-5Google Scholar
  24. [Fenton15]
    Fenton N, Bieman J (2015) Software metrics—a rigorous and practical approach, 3rd edn. Chapman & Hall/CRC Innovations in Software Engineering and Software Development Series. CRC Press, Boca Raton. ISBN 978-1-439-83822-8zbMATHGoogle Scholar
  25. [Fowler99]
    Fowler M (1999) Refactoring—improving the design of existing code. Addison Wesley, Boston (Object Technology Series). ISBN 978-0-201-48567-7zbMATHGoogle Scholar
  26. [Freund14]
    Freund J, Jones J (2014) Measuring and managing information risk—a FAIR approach. Butterworth-Heinemann, Oxford. ISBN 978-0-124-20231-3Google Scholar
  27. [Furrer15]
    Furrer FJ (2015) Zukunftsfähige Softwaresysteme—Zukunftsfähig trotz zunehmender SW-Abhängigkeit. Informatik Spektrum & Springer, Heidelberg. 30 June., Accessed: 31. Dec 2015CrossRefGoogle Scholar
  28. [Galin17]
    Galin D (2017) Software quality. Wiley & IEEE Computer Society, Murray Hill. ISBN 978-1-119-13449-7Google Scholar
  29. [Garmus01]
    Garmus D, Herron D (2001) Function point analysis—measurement practices for successful software projects. Addison-Wesley, Boston. ISBN 978-0-201-69944-3Google Scholar
  30. [Garmus10]
    Garmus D, Russac J, Edwards R (2010) Certified function point specialist examination guide. Routledge, Boca Raton. ISBN 978-1-4200-7637-0CrossRefGoogle Scholar
  31. [Genero05]
    Genero M, Piattini M, Calero C (eds) (2005) Metrics for software conceptual models. Imperial College Press, London. ISBN 978-1-8609-4497-0zbMATHGoogle Scholar
  32. [Gupta17]
    Gupta R (2017) Measurement of software quality factors using CK metrics. LAP LAMBERT Academic Publishing, Saarbrücken. ISBN 978-3-6598-9331-5Google Scholar
  33. [Harris17]
    Harris M (2017) The business value of software. Productivity Press, Milton. ISBN 978-1-4987-8286-9CrossRefGoogle Scholar
  34. [Hayden10]
    Hayden L (2010) IT security metrics—a practical framework for measuring security and protecting data. McGraw-Hill, New York. ISBN 978-0-071-71340-5Google Scholar
  35. [Herrmann07]
    Herrmann DS (2007) Complete guide to security and privacy metrics—measuring regulatory compliance, operational resilience, and ROI. Auerbach, Boca Raton. ISBN 978-0-8493-5402-1CrossRefGoogle Scholar
  36. [High14]
    High PA (2014) Implementing world class it strategy—how it can drive organizational innovation. Wiley, Bognor Regis. ISBN 978-1-118-63411-0Google Scholar
  37. [Hopkinson16]
    Hopkinson M (2016) Net present value and risk modelling for projects, New edn. Advances in Project Management. Routledge, Abingdon. ISBN 978-1-4724-5796-7Google Scholar
  38. [Hubbard16]
    Hubbard DW, Seiersen R (2016) How to measure anything in cybersecurity risk. Wiley, Hoboken. ISBN 978-1-119-08529-4CrossRefGoogle Scholar
  39. [Humble10]
    Humble J, Farley D (2010) Continuous delivery—reliable software releases through build, test, and deployment automation. Addison Wesley, Boston. ISBN 978-0-321-60191-9Google Scholar
  40. [Janicak15]
    Janicak CA (2015) Safety metrics—tools and techniques for measuring safety performance, Revised edn. Bernan Print, Lanham. ISBN 978-1-5988-8754-9Google Scholar
  41. [Jaquith07]
    Jaquith A (2007) Security metrics—replacing fear, uncertainty, and doubt. Addison-Wesley Professional, Upper Saddle River. ISBN 978-0-321-34998-9Google Scholar
  42. [Jeffries15]
    Jeffries R (2015) The nature of software development—keep it simple, make it valuable, Build It piece by piece. The Pragmatic Bookshelf, Dallas. ISBN 978-1-94122-237-9Google Scholar
  43. [Jones17]
    Jones C (2017) A guide to selecting software measures and metrics. Taylor & Francis, Boca Raton. ISBN 978-1-138-03307-8CrossRefGoogle Scholar
  44. [Kan02]
    Kan SH (2002) Metrics and models in software engineering, 2nd edn. Addison-Wesley Longman, Amsterdam. ISBN 978-0-201-72915-3Google Scholar
  45. [Kerievsky04]
    Kerievsky J (2004) Refactoring to patterns. Addison Wesley, Boston. ISBN 978-0-321-21335-8Google Scholar
  46. [Kleppmann17]
    Kleppmann M (2017) Designing data-intensive applications—the big ideas behind reliable, scalable, and maintainable systems, Revised edn. O’Reilly UK Ltd, Sebastopol. ISBN 978-1-449-37332-0Google Scholar
  47. [Kochs18]
    Kochs H-D (2018) System dependability evaluation including s-dependency and uncertainty—model-driven dependability analyses. Springer, Cham. ISBN 978-3-319-64990-0CrossRefGoogle Scholar
  48. [Kruchten03]
    Kruchten P (2003) The rational unified process—an introduction, 3rd edn. Addison-Wesley Professional, Upper Saddle River. ISBN 978-0-321-19770-2Google Scholar
  49. [Kuhrmann16]
    Kuhrmann M, Münch J, Richardson I, Rausch A, Zang H (eds) (2016) Managing software process evolution: traditional, agile and beyond—how to handle process change. Springer, Cham. ISBN 978-3-319-31543-0Google Scholar
  50. [Laprie13]
    Laprie J-C (ed) (2013) Dependability: basic concepts and terminology: in English, French, German, Italian and Japanese. Springer, Berlin (Softcover reprint of the original 1st edition 1992). ISBN 978-3-709-19172-9zbMATHGoogle Scholar
  51. [Lines12]
    Lines MW, Ambler S (2012) Disciplined agile delivery—a practitioner’s guide to agile software delivery in the enterprise. Prentice Hall Inc. & IBM Press, Upper Saddle Rive. ISBN 978-0-132-81013-5Google Scholar
  52. [Mateski17]
    Mateski M, Trevino CM, Veitsch CK, Harris M, Maruoka S, Frye J (2017) Cyber Threat Metrics. CreateSpace, Scotts Valley. ISBN 978-1-5424-7775-8Google Scholar
  53. [Mathew14]
    Mathew RG, Bandura A (2014) Progressive function point analysis—advanced estimation techniques for IT projects. CreateSpace, Scotts Valley. ISBN 978-1-5023-5416-7Google Scholar
  54. [Mausberg16]
    Mausberg F (2016) Aufwandsschätzung mit Use Case Points—Manipulation durch Subjektivität. Grin Publishing, München. ISBN 978-3-6683-3784-8Google Scholar
  55. [McConnell06]
    McConnell S (2006) Software estimation—demystifying the black art. Microsoft Press, New York. ISBN 978-0-735-60535-0Google Scholar
  56. [Microsoft11]
    Microsoft Official Academic Course (2011) Software development fundamentals—exam 98–361. Microsoft Official Academic Co, Hoboken. ISBN 978-0-470-88911-4Google Scholar
  57. [Miller98]
    Howard Wilbert Miller (1998) Reengineering legacy software systems. Butterworth-Heinemann & Digital Press, Woburn. ISBN 978-1-55558-195-1Google Scholar
  58. [Münch14]
    Münch J, Armbrust O, Kowalczyk M, Soto M (2014) Software process definition and management. Springer, Berlin (The Fraunhofer IESE Series on Software and Systems Engineering). ISBN 978-3-642-42842-5Google Scholar
  59. [Murer11]
    Murer S, Bonati B, Furrer FJ (2011) Managed evolution—a strategy for very large information systems. Springer, Berlin. ISBN 978-3-642-01632-5CrossRefGoogle Scholar
  60. [NISO05]
    ANSI/NISO Z39-19-2005 (R2010) Guidelines for the construction, format, and management of monolingual controlled vocabularies. ISBN 1-880124-65-3. Accessed: 5. July 2017
  61. [Nygard16]
    Nygard M (2017) Release it!—design and deploy production-ready software, 2nd edn. O’Reilly UK Ltd, Raleigh. ISBN 978-1-680-50239-8Google Scholar
  62. [Oo11]
    Oo T, Oo AK (2011) Analyzing object-oriented systems with software quality metrics—an empirical study for software maintainability. LAP LAMBERT Academic Publishing, Saarbrücken. ISBN 978-3-8433-7748-5Google Scholar
  63. [Oram10]
    Oram A (2010) Making software—what really works, and why we believe it. O’Reilly and Associates, Sebastopol. ISBN 978-0-596-80832-7Google Scholar
  64. [Peppard16]
    Peppard J, Ward J (2016) The strategic management of information systems—building a digital strategy, 4th edn. Wiley, Chichester. ISBN 978-0-470-03467-5Google Scholar
  65. [Redmond13]
    Redmond-Neal A (2013) Starting a taxonomy project—taxonomy basics SLA annual conference, June 9. Accessed: 5. July 2017
  66. [Rodin00]
    Rodin R (2000) Free, perfect, and now—connecting to the three insatiable customer demands: a CEO’s true story, revised edn. Free Press, New York. ISBN 978-0-6848-6312-2Google Scholar
  67. [Ross06]
    Ross JW, Weill P, Robertson DC (2006) Enterprise architecture as strategy—creating a foundation for business execution. Harvard Business Review Press, Boston. ISBN 978-1-5913-9839-4Google Scholar
  68. [Schoen18]
    Schön H, Furrer FJ (2018) Gute Softwarearchitektur ist Business Value—Ein Ansatz zur Bewertung von SW-Architektur. Informatik Spektrum & Springer, Heidelberg. Vol. 41, Nr. 4, p 240–249.
  69. [Schweikard15]
    Schweikard A, Ernst F (2015) Medical robotics. Springer, New York. ISBN 978-3-319-22890-7CrossRefGoogle Scholar
  70. [SCN01]
    SCN Education B.V. (ed) (2001) Electronic banking—the ultimate guide to business and technology of online banking. Vieweg Verlagsgesellschaft, Wiesbaden. ISBN 978-3-528-05754-1Google Scholar
  71. [Seacord03]
    Seacord RC, Plakosh D, Lewis GA (2003) Modernizing legacy systems—software technologies, engineering processes, and business practices. Addison Wesley, Boston. ISBN 978-0-321-11884-7Google Scholar
  72. [Shuja07]
    Shuja AK, Krebs J (2007) IBM rational unified process reference and certification guide—solution designer. Addison Wesley Publishing Inc, Upper Saddle River. ISBN 978-0-131-56292-9Google Scholar
  73. [Simsion05]
    Simsion GC (2005) Data modeling essentials, 3rd edn. Morgan Kaufmann, Amsterdam. ISBN 978-0-12-644551-0zbMATHGoogle Scholar
  74. [Stewart11]
    Stewart DL (2011) Building enterprise taxonomies. Mokita Press, Lexington. ISBN 978-0-5780-7822-9Google Scholar
  75. [Thayer12a]
    Thayer RH, Dorfman M (2012) Software engineering essentials, volume 1: the development process, 4th edn. Software Management Training Press, Carmichael. ISBN 978-0-9852-7070-4Google Scholar
  76. [Thayer12b]
    Thayer RH, Dorfman M (2012) Software engineering essentials, volume 2: the supporting processes—a detailed guide to the IEEE SWEBOK and the IEEE CSDP/CSDA exam, 4th edn. Software Management Training Press, Carmichael. ISBN 978-0-9852-7071-1Google Scholar
  77. [Thayer12c]
    Thayer RH, Dorfman M (2012) Software engineering essentials, volume 3: the engineering fundamentals, 4th edn. Software Management Training Press, Carmichael. ISBN 978-0-9852-7072-8Google Scholar
  78. [Ulrich02]
    Ulrich WM (2002) Legacy Systems Transformation Strategies. Prentice Hall, Upper Saddle River. ISBN 978-0-13-044927-XGoogle Scholar
  79. [VanRenssen14]
    van Renssen A (2014) Semantic information modeling in formalized languages. ISBN 978-1-304-51359-5
  80. [Weill04]
    Weill P, Ross JW (2004) IT Governance. Harvard Business School Press, Boston. ISBN 978-1-59139-253-8Google Scholar
  81. [Wong00]
    Wong C (2000) Security metrics—a beginner’s guide. Osborne Publisher, New York. ISBN 978-0-071-74400-3Google Scholar
  82. [Wong18]
    Wong W (2018) The risk management of safety and dependability—a guide for directors, managers and engineers. Woodhead Publishing, Oxford. ISBN 978-0-0810-1439-4Google Scholar
  83. [Young10]
    Young C (2010) Metrics and methods for security risk management. Syngress, Burlington. ISBN 978-1-8561-7978-2Google Scholar

Copyright information

© Springer Fachmedien Wiesbaden GmbH, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Computer Science FacultyTechnical University of DresdenDresdenGermany

Personalised recommendations