Interactive Complexity: Software Metrics from an Ecosystem Perspective
This addresses the need for better complexity metrics in software engineering, especially for security-critical domains like healthcare and finance, but it is incremental as it adapts existing CK-metrics to new contexts.
The paper tackles the problem of measuring software complexity in modern ecosystems where applications heavily rely on external dependencies, proposing Interactive Complexity as a quantitative metric to assess system interactions. The results show strong correlations between these metrics and the number of bugs fixed in releases for large-scale systems.
With even the most trivial of applications now being written on top of millions of lines code of libraries, API's, and programming languages, much of the complexity that used to exist when designing software has been abstracted away to allow programmers to focus on primarily business logic. With each application relying so heavily on the ecosystem it was designed to run in, whether that is limited to a local system or includes dependencies on machines connected by networks, measuring the complexity of these systems can no longer be done simply by observing the code internal to the application; we also need to account for its external interactions. This is especially important when considering issues of security, which becomes more vital as our healthcare, financial, and automobiles rely on complicated software systems. We propose Interactive Complexity, which provide a quantitative measure of how intertwined parts of the system are. Some of the most well-known software complexity metrics out there are the metrics in the CK-metric suite; these metrics are designed for use in measuring object oriented systems, but we believe they can be adapted to help measure the interaction of software systems. Our experimental results show strong correlations between the number of bugs fixed in a release and the value of some of these metrics in systems of sufficient scale.