MODELING RISK IN THE FRONT-END OF THE OSS DEBIAN SUPPLY-CHAIN USING MODELS OF NETWORK PROPAGATION

Sahithi Kasim (18859078)

24 June 2024

<p dir="ltr">Our research revolves around the evolving landscape of Open-Source Software (OSS) supply chains, emphasizing their critical role in contemporary software development while investigating the escalating security concerns associated with their integration. As OSS continues to shape the software ecosystem, our research acknowledges the paradigm shift in the software supply chain, highlighting its complexity and the associated security challenges. Focusing on Debian packages, we employ advanced network science methods to comprehensively assess the structural dynamics and vulnerabilities within the OSS supply chain. The study is motivated by the imperative to understand, model, and mitigate security risks from interconnected software components.</p><p dir="ltr">Our research questions delve into 1) identifying high-risk packages 2) comparing risk profiles between source and build stages and 3) predicting future vulnerabilities. Data collection involves collecting source code repositories, build-info information, and vulnerability data of Debian packages. Leveraging a multifaceted methodology, we perform the following things: graph construction, subsampling, metrics creation, explorative data analysis, and statistical investigations on the Debian package network. This statistical approach integrates the Wilcoxon test, Chi-Square test, and advanced network dynamics modeling with machine learning, to explore evolving trends and correlations between different stages of the OSS supply chain.</p><p dir="ltr">Our goals include providing actionable insights for industry practitioners, policymakers, and developers to enhance risk management in the OSS supply chain. The expected outcomes encompass an enriched understanding of vulnerability propagation, the identification of high-risk packages, and the comparison of network-based risk metrics against traditional software engineering measures. Ultimately, our research contributes to the ongoing discourse on securing open-source ecosystems, offering practical strategies for risk mitigation and fostering a safer and more resilient OSS supply chain.</p>

Data security and protection

Open Source Software

OSS

Debian

Network Science

Security

Risk

Defect intention : the specific challenges faced by women in open source that may predict (or influence) their intention to leave an open source software project/community

Altena, Ivanna, Markov, Georgi A.

January 2022

Background Open source is largely accepted as an important innovation driver in the technology industry. Even though inclusion and diversity is beneficial for the success of technology projects (including open source software projects), many statistics are pointing out that diversity in open source is even worse than in the technology sector in general. The unequal representation of minorities (in this limited scope study represented by women) has negative effects on the innovation potential of many tech-related companies and is a major cause of corporate companies’ concerns. To attract more women and increase their retention in open source software projects and communities, the understanding of reasons behind the decisions on why they leave/defect an open source project can be is essential for the development of the effective retention strategies in OSS.  Objective Based on the extensive literature review conducted by Trinkenreich, et al. (2021), only a few studies make a theoretical connection to why women leave (or avoid) open source software projects. This study aimed to explore the challenges faced by women in open source that may predict (or influence) their intention to leave/defect an open source software project/community. Thus, the following research question was formulated: What are the specific challenges faced by women in OS that may predict (or influence) their intention to leave an OSS project/community? Methodology The initial in-depth literature review discovered a list of socio-cultural challenges faced by women when contributing to open source projects. Trinkenreich, et al. (2021) have grouped these challenges conceptually as follows: (1) Lack of peer parity; (2) Non-inclusive communication; (3) Toxic culture; (4)  Impostor syndrome; (5) Community reception issues; (6) Stereotyping; (7) Work-life balance issues, (8) Gender-identified contributions. Additionally, one of the authors of this study found an existing dataset on the state of diversity, equity, and inclusion in open source as of 2021. The survey ‘2021 Diversity, Equity, and Inclusion in Open Source’ was developed and distributed by the Linux Foundation. The data for this survey was gathered in 2021 from 2,350 individuals, particularly, from the Foundation’s subscribers and community members, on questions about their sense of inclusion and belongingness in OS communities. The authors of this study made the initial mapping of the questions from the Linux Foundation survey against challenge-clustering developed by Trinkenreich, et al. (2021). This helped to isolate the following groups of challenges for this study: (1) Non-Inclusive Communication &amp; Community Reception Issues; (2) Toxic Culture; and (3) Gender-Identified Contributions &amp; Stereotyping, that are likely to contribute to women leaving/defecting an OSS project/community. Altogether, this helped to formulate two hypotheses: null  (H0) and alternative  (HA) which highlight the relationships between different variables in the dataset. The hypotheses were tested using multiple regression analysis. To test the hypotheses and answer the research question, the authors of this study did not design the survey questions themselves but rather observed them directly through the questions of the Linux Foundation survey. In the context of this study (viz., a small-scale applied research project) capitalizing on the secondary data made sense as explained further in the study. A multiple regression was carried out to explore whether any of the challenges (e.g., lack of response to or rejection of contributions or questions; experience of conflict or interpersonal tension between you and another contributor; experience of written or spoken language that made a women feel unwelcome; experience of threats of violence, stalking; experience of unsolicited sexual advances or comments; experience of stereotyping based on perceived demographic characteristics; experience of impersonation or malicious publication of personal information; experience of background-based harassment) could significantly predict (or influence) women’s intention to leave/defect an open source software project/community. Results The results of multiple regression analysis reject the null hypothesis. The following predictors (i.e., independent variables): Q17_04_violence_stalking_experience, Q17_06_stereotyping_experience, and Q18_background_based_harassment are statistically significant and thus contribute to the regression models because their statistical significance (i.e., the p-value) is less than 0.05. Based on the findings of the study, the challenges that may predict (or influence) women’s intention to leave/defect an open source software project/community can be formulated as follows: o   For the sample ‘North America (Unites States, Canada, Mexico)’   §  [Model 1] experience of threats of violence, stalking directed at women in the context of an open source project  §  [Model 2] experience of threats of violence, stalking and of harassment connected to their background directed at women in the context of an open source project    o   For the sample ‘Europe’   §  [Model 1] experience of stereotyping based on perceived demographic characteristics directed at women in the context of an open source project  §  [Model 2] experience of stereotyping based on perceived demographic characteristics and threats of violence, stalking directed at women in the context of an open source project  Conclusions Women’s intention to leave/defect an OSS project/community can be explained by the following prediction models (i.e., regression equations): o   For the sample ‘North America (Unites States, Canada, Mexico)’   §  [Model 1]  Y = 0.892 – (0.413 * Q17_04_violence_stalking_experience) §  [Model 2]  Y = 0.991 – (0.328 * Q17_04_violence_stalking_experience) – (0.228 * Q18_background_based_harassment)   o   For the sample ‘Europe’   §  [Model 1]  Y = 0.938 – (0.345 * Q17_06_stereotyping_experience) §  [Model 2]  Y = 0.953 – (0.285 * Q17_06_stereotyping_experience) – (0.242 * Q17_04_violence_stalking_experience)   The results of the study also indicate that the models were a significant predictor of women’s intention to leave/defect an OSS project/community: o   For the sample ‘North America (Unites States, Canada, Mexico)’   §  [Model 1]  F(1,134) = 31.671, p = &lt;0.001 §  [Model 2]  F(2,133) = 20.342, p = &lt;0.001   o   For the sample ‘Europe’   §  [Model 1]  F(1,104) = 19.874, p = &lt;0.001 §  [Model 2]  F(2,103) = 13.118, p = &lt;0.001 Contribution to theory and practice Academic value: The findings of this study extend the knowledge about specific challenges faced by women in OS that may predict (or influence) their intention to leave an OSS project/community. Insights for adopting ‘Innovation by All’ workplace culture: The findings of this study provide OSS projects/communities with insights into the hindrances and determinants associated with women’s participation in OS. These insights, in their turn, can be valuable to understand and be aware of when an OSS team/community aims to adopt an ‘Innovation by All’ workplace culture and by doing so  - attain greater team productivity, more innovative and more revolutionary ideas, greater agility, and higher rates of ideas’ implementation, decision-making, and innovation. Internal analysis: The results of this study can be used to inform OSS teams/communities about the most critical aspects they need to address in order to attract more and retain existing female talent. Thus, the findings of this study can serve as an internal analysis for an OSS team/ community to take further actions on including and diversifying their project teams and ensuring that all members stay and keep on contributing to OSS projects. Recommendations for future research The following research proposals are suggested: (1) An extensive quantitative study amongst female contributors of various OSS projects/communities and a comparative analysis of these communities based on different parameters. (2) A replication of this study that examines/explores the specific challenges faced by the representatives of other minority groups in OS that may predict (or influence) their intention to leave an OSS project/community. (3) A comparative study (e.g., women versus men; women versus binary/no-gender participants; and so on) about challenges faced by them in OS that may predict (or influence) the intention to leave an OSS project/community.

Diversity

Equity

Business Administration

Företagsekonomi

Software Engineering

Programvaruteknik

Information Systems, Social aspects

Computer and Information Sciences

Data- och informationsvetenskap

Natural Sciences

Naturvetenskap

Kan projekt med öppen källkod användas delvis eller helt för at tuppfylla behoven för routing-applikationer? / Could open source projects be used partly or completely to fulfill the needs for routing-applications?

Adugna, Leykun, Laic, Goran

January 2020

I dagens samhälle är det inte ovanligt för företag och organisationer att hitta bättre och alternativa mjukvaror med öppen källkod för att lösa sina behov. De söker programvaror som har de nödvändiga egenskaperna som krävs för att driva sin verksamhet och eventuellt ersätta egenutvecklad programvara för att spara tid och undvika onödiga kostnader. Denna avhandling har undersökt företagens behov av routing-applikationer och tagit fram ett förslag med hjälp av egenutvecklad testbädd. Den egenutvecklade testbädden kan användas av företag för att avgöra om den önskade öppen källkod programvara är lönsamt att implementera i ens verksamhet. Den routing-applikation som visade sig vara bättre än den befintliga är FRRouting(Free Range Routing). Lösningen som föreslås av studien har givit bevisad effekt genom ett pilotprojekt där öppen källkod har varit framgångsrikt på ett kvalitetsmässigt, funktionellt och kostnadseffektivt sätt att ersätta en befintlig programvara / Companies are looking into the open source community in the hope of finding a better alternative software to replace their existing software suit. They are looking for software that has the necessary properties required to run their business and possibly help them avoid unnecessary costs and save time. This thesis has examined the needs of routing application for companies and presented a suggestion by using self-developed testbed. The testbed can be used by companies to decide the beneficial of implementing the desired routing application software. The routing application that gave the best result in this study is FRRouting (Free Range Routing). The solution proposed by the study has been proven to be effective through a pilot project where open source program has been successful by retaining the expected quality, functionality in a cost-effective way.

IP-routing stack

routing protocol daemon

open source

open source software

test environment

OSPF

software program

routing protocol

dynamic IP configuration

static IP configuration

routing protocol suit

routing application

open source license

investment calculation

IP-routing stack

routing-protokoll daemon

routing-tabell

öppen källkod

öppenkällkod programvara

testningsmiljö

OSPF

mjukvaruprogram

routing protocol suit

dynamisk IP konfiguration

statisk IP konfiguration

routingapplikationer

öppen källkod-licens

investeringskalkylering

Computer and Information Sciences

Data- och informationsvetenskap

Governance and organizational sponsorship as success factors in free/libre and open source software development: An empirical investigation using structural equation modeling

Blekh, Aleksandr

01 April 2015

Recent advances in information technologies and subsequent explosive growth of computer software use in practically all aspects of everyday life provide tremendous opportunities and benefits for improving people's lives. However, significant proportion of software projects represents cancelled, abandoned or otherwise failed projects. This situation exists not only in commercial software products or government information systems, but also in an increasingly popular and important domain of free/libre and open source software (FLOSS). The problem of failures in software development projects requires identification and understanding of the factors of success and their interrelationships. Practice and previous research suggest that governance of software development projects plays crucial role in their success. Increasing adoption and sponsorship of FLOSS by commercial firms and government organizations present additional challenges; such sponsorship may also interact with governance in FLOSS projects and play a role in determining their success. This dissertation focused on analyzing the role and significance of governance and organizational sponsorship in the success of FLOSS development. This study used both conceptual analysis and empirical methods. The conceptual analysis phase, a preliminary study based on the review of existing literature, produced a partial model of success in FLOSS development. This model was verified in an empirical phase, which statistically analyzed data from multiple FLOSS repositories and other public sources. The statistical analysis was based on structural equation modeling (SEM) approach. Results of this study did not confirm hypothesized effects of the main two factors (governance and organizational sponsorship) on FLOSS success, but confirmed a positive effect of project maturity on the success. The likely reason of the lack of support for the main factors is unavailability of sufficient and correct data for proper operationalization. This and other uncovered issues are planned to be addressed in the future research on the topic, for which this dissertation formed a solid conceptual and data analysis framework.

Management

Organizational behavior

Information Technology

free/libre and open source software

governance

information systems success

organizational sponsorship

software development

success factors

Computer Sciences

Software Engineering

Open-source software and the rationale for copyright protection of computer programs

Karjiker, Sadulla

03 1900

Thesis (LLD)--Stellenbosch University, 2013. / ENGLISH ABSTRACT: The rationale for the legal protection of copyright works is based on the perceived need to encourage the creation of works which are considered to be socially beneficial. By awarding authors proprietary rights in their creations, copyright law allows authors the ability to earn direct financial returns from their efforts, and, thus, copyright law provides the required incentives for authors to create copyright works. Since the early days of commercial software development, copyright protection has been extended to computer programs; thus, by providing such protection it was assumed that their production should be encouraged, and that without such protection they will not be produced to the extent required by society. Comparatively recently, we have witnessed large-scale production of open-source software, which is licensed on generous terms, giving users the right to freely use, modify and redistribute such software. By adopting such licensing terms, the authors of open-source software are unable to charge licensees a fee for permission to use their software, which is the reward which copyright assumes authors seek to create such software. This development has made it necessary to re-evaluate the rationale for copyright protection of computer programs, and determine whether the continued protection of computer programs is justifiable. This study seeks to first establish a coherent theoretical justification for copyright protection, which it is submitted should be an economic justification, rather than a moral justification. The legal analysis in this work seeks to establish whether the copyright protection of computer programs is consistent with the economic justification for copyright protection. In particular, the analysis focuses on the current scope of copyright protection, and seeks to establish whether such protection is excessive, stifling creativity and innovation, and, thus, imposing too high a social cost. It is contended that copyright doctrine has generally sought to minimise these costs, and that current scope of copyright protection of computer programs leaves enough creative room for the production of new software. Despite the fact that the effect of open-source software licences is that authors are unable to earn the direct financial rewards which copyright enables authors to earn as an incentive to create such software, their authors continue to have financial incentives to create such software. Commercial firms who invest in open-source software do so because they seek to provide financially-rewarding related services in respect of software, or because it serves to promote sales in their complementary products. Similarly, the participation of individual computer programmers is largely consistent with the standard economic theories relating to labour markets and the private provision of public goods. Individuals are principally motivated by economic motives, such as career concerns. Copyright protection gives participants the choice to opt for the direct financial rewards which its proprietary protection enables, or the more indirect financial rewards of open-source software development. It is submitted within this research that rather than undermining the rationale for copyright protection of computer programs, the development of open-source software has illustrated that copyright protection allows for the emergence of alternative business models, which may be more economically advantageous to authors. / AFRIKAANSE OPSOMMING: Die rasionaal agter outeursregbeskerming wat deur die reg verleen word is gebasseer op 'n behoefte om die skepping van werke wat sosiaal voordelig geag word te bevorder. Outeursreg verleen aan outeurs direkte finansiële vergoeding vir hul inspanning deur die vestiging van eiendomsreg oor hul werke. Dus, outeursreg voorsien outeurs van die nodige insentiewe om sulke werke te skep. Sedert die begindae van kommersiële sagteware ontwikkeling, is outeursregbeskerming uitgebrei om aan rekenaarprogramme sulke beskerming te bied. Deur die bied van outeursregbeskerming word daar aangeneem dat die ontwikkeling van rekenaarprogramme aangemoedig word en dat sonder die genoemde beskerming programme nie geproduseer sal word tot in 'n mate benodig deur die samelewing nie. Onlangs egter, is daar 'n grootskaalse ontwikkeling van oopbronsagteware opgemerk. Hierdie sagteware word onder ruime terme gelisensieer en gee aan gebruikers die reg om die genoemde sagteware te gebruik, te wysig en vrylik te versprei. Deur sulke terme van lisensiëring aan te neem word outeurs verhoed om vanaf lisensiehouers 'n fooi te vorder vir die toestemming om die sagteware te gebruik. Outeursreg neem aan dat hierdie vergoeding die basis vorm waarom outeurs sulke sagteware ontwikkel. Hierdie ontwikkeling maak dit nodig om die rasionaal agter outeursregbeskerming van rekenaarprogramme te her-evalueer en ook om vas te stel of die volgehoue beskerming van rekenaarprogramme regverdigbaar is. Hierdie studie poog om, eerstens, 'n samehangende teoretiese regverdiging vir outeursreg te vestig. Daar word aan die hand gedoen dat hierdie beskerming 'n ekonomiese, eerder as 'n morele regverdiging as grondslag moet hê. Die regsontleding vervat in hierdie werk poog om vas te stel of die outeursregbeskerming wat aan rekenaarprogramme verleen word in lyn is met die ekonomiese regverdiging van outeursregbeskerming. Die analise fokus in besonder op die huidige bestek van outeursregbeskerming en poog om vas te stel of sodanige beskerming oormatig is, of dit kreatiwiteit en innovasie onderdruk en derhalwe te hoë sosiale koste tot gevolg het. Daar word geargumenteer dat outeursreg in die algemeen poog om sosiale koste te verlaag en dat die huidige omvang van outeursregbeskerming van rekenaarprogramme voldoende kreatiewe ruimte vir die ontwikkeling van nuwe sagteware laat. Die effek van oopbronsagteware is dat outeurs nie in staat is om direkte finansiële vergoeding te verdien, wat as insentief gesien word vir die ontwikkeling van sagteware, nie. Ten spyte hiervan is daar steeds voldoende finansiële insentiewe om sodanige sagteware te ontwikkel. Kommersiële firmas belê in oopbronsagteware om finansiëel lonende verwante dienste ten opsigte van sagteware te voorsien. Dit kan ook dien om verkope in hul onderskeie aanvullende produkte te bevorder. Eweweens is die deelname van individuele rekenaarprogrameerders oorwegend in lyn met die standaard ekonomiese teoriëe ten opsigte van die arbeidsmark en die privaat voorsiening van openbare goedere. Individue word gemotiveer deur ekonomiese motiewe, soos byvoorbeeld oorwegings wat verband hou met hul loopbane. Outeursregbeskerming bied aan deelnemers die keuse om voordeel te trek uit die direkte finansiële vergoeding wat moontlik gemaak word deur outeursregbeskerming of uit die meer indirekte finansiële vergoeding gebied deur die ontwikkeling van oopbronsagteware. In hierdie navorsing word daar geargumenteer dat die ontwikkeling van oopbronsagteware geillustreer het dat outeursregbeskerming die onstaan van alternatiewe besigheidsmodelle toelaat wat ekonomies meer voordelig is vir outeurs in plaas daarvan dat dit die rasionaal vir die outeursregbeskerming van rekenaarprogramme ondermyn.

Copyright law -- Computer programs

Computer programs -- Protection

Intellectual property

Theses -- Law

Dissertations -- Law

Theses -- Mercantile law

Dissertations -- Mercantile law

Mercantile Law

An investigation into quality assurance of the Open Source Software Development model

Otte, Tobias

January 2010

The Open Source Software Development (OSSD) model has launched products in rapid succession and with high quality, without following traditional quality practices of accepted software development models (Raymond 1999). Some OSSD projects challenge established quality assurance approaches, claiming to be successful through partial contrary techniques of standard software development. However, empirical studies of quality assurance practices for Open Source Software (OSS) are rare (Glass 2001). Therefore, further research is required to evaluate the quality assurance processes and methods within the OSSD model. The aim of this research is to improve the understanding of quality assurance practices under the OSSD model. The OSSD model is characterised by a collaborative, distributed development approach with public communication, free participation, free entry to the project for newcomers and unlimited access to the source code. The research examines applied quality assurance practices from a process view rather than from a product view. The research follows ideographic and nomothetic methodologies and adopts an antipositivist epistemological approach. An empirical research of applied quality assurance practices in OSS projects is conducted through the literature research. The survey research method is used to gain empirical evidence about applied practices. The findings are used to validate the theoretical knowledge and to obtain further expertise about practical approaches. The findings contribute to the development of a quality assurance framework for standard OSSD approaches. The result is an appropriate quality model with metrics that the requirements of the OSSD support. An ideographic approach with case studies is used to extend the body of knowledge and to assess the feasibility and applicability of the quality assurance framework. In conclusion, the study provides further understanding of the applied quality assurance processes under the OSSD model and shows how a quality assurance framework can support the development processes with guidelines and measurements.

005.3

Development of an Interactive E-learning Management System (e-LMS) for Tanzanian Secondary Schools

Kalinga, Ellen

January 2010

e-Learning, defined as the use of information and communications technology (ICT) for supporting the educational process, has motivated Tanzania to apply ICT in its education systems. Tanzanian secondary schools which are geographically and socially isolated face a number of problems, including a way to get learning materials. The impact of these problems is poor performance in National Examinations. This poor performance however is most noted in science and mathematics. The problem in get- ting learning materials can be reduced by employing ICT. This research developed an interactive e-learning management system (e-LMS) to be used by Tanzanian secondary schools. Tanzania Secondary Schools e-Learning (TanSSe-L) system is the name adopted for an interactive e-LMS developed. The re- search is aimed at supporting teaching and learning functions by allowing for the creation and storage of learning materials, making them available, easily accessed and sharable by students from different secondary schools in Tanzania. It is a context- driven research work of knowledge production in a specific context for application. Initially, the research work focused on two selected pilot schools; Kibaha Secondary School and Wali-ul-Asr Girls’ Seminary in Kibaha town, Pwani region. Features of the TanSSe-L system represent the standard form of any secondary school registered by the Ministry of Education and Vocational Training. The development of the TanSSe-L system made use of software engineering discipline. The research used Unified Modelling Language (UML) and integrated Object-Orient- ed System Analysis and Design (OOSA&amp;D) and Model Driven Architecture (MDA) to address the System Development Life Cycle (SLDC) in a systemic way. UML design class diagram (DCD) is a Platform Independent Model (PIM) that was transformed into a Platform Specific Model (PSM) in MDA for implementation. Implementation made use of open source LMS to help generate a timely solution to TanSSe-L system development. In this specific context, focus group discussion as inspired by action re- search methodology was used. The research evolved into a triple helix process in close cooperation with other stakeholders. Finally, it is considered that replication and mirroring will make learning materials highly available to end-users.

ICT

Tanzania

Secondary Schools

e-Learning

Software Engineering

UML

OOSA&D

MDA

PIM

PSM

LMS

Open Source

Customization

Replication

Mirroring

Focus Group Discussion

mode 2

Triple Helix Processes

HIV Patient Monitoring Framework Through Knowledge Engineering

Otine, Charles

January 2012

Uganda has registered more than a million deaths since the HIV virus was first offi¬cially reported in the country over 3 decades ago. The governments in partnership with different groups have implemented different programmes to address the epidemic. The support from different donors and reduction in prices of treatment resulted in the focus on antiretroviral therapy access to those affected. Presently only a quarter of the approximately 1 million infected by HIV in Uganda are undergoing antiretroviral therapy. The number of patients pause a challenge in monitoring of therapy given the overall resource needs for health care in the country. Furthermore the numbers on antiretroviral therapy are set to increase in addition to the stringent requirements in tracking and monitoring of each individual patient during therapy. This research aimed at developing a framework for adopting knowledge engineering in information systems for monitoring HIV/AIDS patients. An open source approach was adopted due to the resource constrained context of the study to ensure a cost effec¬tive and sustainable solution. The research was motivated by the inconclusive literature on open source dimensional models for data warehouses and data mining for monitor¬ing antiretroviral therapy. The first phase of the research involved a situational analysis of HIV in health care and different health care information systems in the country. An analysis of the strengths, weaknesses and opportunities of the health care system to adopt knowledge bases was done. It proposed a dimensional model for implementing a data warehouse focused on monitoring HIV patients. The second phase involved the development of a knowledge base inform of an open source data warehouse, its simulation and testing. The study involved interdisciplinary collaboration between different stakeholders in the research domain and adopted a participatory action research methodology. This involved identification of the most appropriate technologies to foster this collabora¬tion. Analysis was done of how stakeholders can take ownership of basic HIV health information system architecture as their expertise grow in managing the systems and make changes to reflect even better results out of system functionality. Data mining simulations was done on the data warehouse out of which two machine learning algorithms (regression and classification) were developed and tested using data from the data warehouse. The algorithms were used to predict patient viral load from CD4 count test figures and to classify cases of treatment failure with 83% accu¬racy. The research additionally presents an open source dimensional model for moni¬toring antiretroviral therapy and the status of information systems in health care. An architecture showing the integration of different knowledge engineering components in the study including the data warehouse, the data mining platform and user interac-tion is presented.

Action Research

Antiretroviral therapy (ART)

AIDS

Classification

Databases

Data Mining

Data Warehousing

Health

ICT

IT

HIV

Open Source

Knowledge Discovery

Knowledge Engineering

Machine Learning

Regression

An evaluation of open source software adoption by UK SMEs in the IT industry

Mijinyawa, Kabiru

January 2008

This study evaluates the adoption of Open Source Software (OSS) by IT Small to Medium-sized Enterprises (SMEs) in the UK. The growing popularity and acceptance of OSS continues to draw much attention in research and practice. However, researchers and IT practitioners within the UK SME sector still face challenges in understanding the issues that influence the acceptance, adoption, and diffusion of OSS. While previous research studies have focused mainly on the software development model and the unique characteristics of OSS, the area of OSS adoption by UK SMEs has largely been ignored. Furthermore, there is a lack of widely-acceptable theories that explain the adoption of OSS, implying that there is limited understanding of OSS adoption by UK SMEs. This gap in research has led this thesis to evaluate existing adoption theories and then apply the 'Decomposed Theory of Planned Behaviour' to model the adoption of OSS by SMEs. Based on the emerged conceptual model, an innovative and structured qualitative research design that uses a case study strategy was developed to evaluate the adoption of OSS across 10 UK SMEs in the IT industry. The analysis of the standardised data from the case study interviews led to the definition of the 16 factors of an emergent theory of OSS adoption by IT SMEs. The analysis of that empirical model has led to important conclusions including the following five issues, summarily. (1) The participant IT SMEs were drawn to different benefits, and experienced different challenges, in using OSS, suggesting that there is subjectivity and complexity in the factors influencing OSS adoption. (2) As in most Information and Communication Technology (ICT) adoption, ITcapability was identified to be essential for successful adoption of OSS, and therefore, it presents potential for important cooperative and collaborative support with OSS communities. (3) The emergent theory from this research study provide researchers and practitioners with variables for surveying critical-success-factors and a reference model for understanding the adoption of OSS. (4) The emergent theory and other general findings from this study are likely to have relevance in other areas of Information Systems research and practice, owing to the factors and theoretical framework that are common to OSS and general ICT acceptance, adoption, and diffusion. (5) This study appears to be the first that has focused on developing a widely-acceptable theory of OSS adoption by IT SMEs in the UK, suggesting that this innovative research study is a novel contribution that has important implications for theory and practice in OSS and general ICT acceptance, adoption, and diffusion.

338.0068

Driving and inhibiting factors in the adoption of open source software in organisations

Greenley, Neil

January 2015

The aim of this research is to investigate the extent to which Open Source Software (OSS) adoption behaviour can empirically be shown to be governed by a set of self-reported (driving and inhibiting) salient beliefs of key informants in a sample of organisations. Traditional IS adoption/usage theory, methodology and practice are drawn on. These are then augmented with theoretical constructs derived from IT governance and organisational diagnostics to propose an artefact that aids the understanding of organisational OSS adoption behaviour, stimulates debate and aids operational management interventions. For this research, a combination of quantitative methods (via Fisher's Exact Test) and complimentary qualitative method (via Content Analysis) were used using self-selection sampling techniques. In addition, a combination of data and methods were used to establish a set of mixed-methods results (or meta-inferences). From a dataset of 32 completed questionnaires in the pilot study, and 45 in the main study, a relatively parsimonious set of statistically significant driving and inhibiting factors were successfully established (ranging from 95% to 99.5% confidence levels) for a variety for organisational OSS adoption behaviours (i.e. by year, by software category and by stage of adoption). In addition, in terms of mixed-methods, combined quantitative and qualitative data yielded a number of factors limited to a relatively small number of organisational OSS adoption behaviour. The findings of this research are that a relatively small set of driving and inhibiting salient beliefs (e.g. Security, Perpetuity, Unsustainable Business Model, Second Best Perception, Colleagues in IT Dept., Ease of Implementation and Organisation is an Active User) have proven very accurate in predicting certain organisational OSS adoption behaviour (e.g. self-reported Intention to Adopt OSS in 2014) via Binomial Logistic Regression Analysis.

658.4