Experiences With New SW Paradigms for Systems Software and Service Process Improvement and Innovation

This special issue comprises a selected set of high-quality and extended articles of the 31st Systems, Software and Services Process Improvement (EuroSPI) Conference, held in 2024 in Munich, Germany. Conferences were held in Dublin (Ireland) in 1994, in Vienna (Austria) in 1995, in Brighton (UK) in 1996, in Budapest (Hungary) in 1997, in Gothenburg (Sweden) in 1998, in Pori (Finland) in 1999, in Copenhagen (Denmark) in 2000, in Limerick (Ireland) in 2001, in Nuremberg (Germany) in 2002, in Graz (Austria) in 2003, in Trondheim (Norway) in 2004, in Budapest (Hungary) in 2005, in Joensuu (Finland) in 2006, in Potsdam (Germany) in 2007, in Dublin (Ireland) in 2008, in Alcala (Spain) in 2009, in Grenoble (France) in 2010, in Roskilde (Denmark) in 2011, in Vienna (Austria) in 2012, in Dundalk (Ireland) in 2013, in Luxembourg in 2014, in Ankara (Turkey) in 2015, in Graz (Austria) in 2016, in Ostrava (Czech Republic) in 2017, in Bilbao (Spain) in 2018, in Edinburgh (UK) in 2019, in Düsseldorf (Germany) in 2020, in Krems (Austria) in 2021, in Salzburg (Austria) in 2022, in Grenoble (France) in 2023, and in Munich (Germany) in 2024. EuroSPI had a cooperation with the EU Blueprint for Batteries project ALBATTS (2020–2023) where leading European industry discussed and established a skills agenda to build a European battery production capability for the electrification of European e-mobility. EuroSPI had a cooperation with the EU project FLAMENCO (2023–2024) where EuroSPI founded the innovation agent task force (later promoted to a persistent working group) to develop an ISO 560xx compliant innovation capability assessment and to experiment with AI and GenAI in innovation projects. EuroSPI has a cooperation with the EU Blueprint project TRIREME (2024–2028, Digital & Green Skills Towards Future of The Mobility Ecosystem) in which a Europe-wide Skills Hub for key job roles and qualifications for a future Green Mobility ecosystem are set up. Job roles supported by EuroSPI become integrated to the Skills Hub. EuroSPI within ASA and TRIREME develops the new job role, training, assessment tool, and GenAI-based SmartSPI data analysis tool for innovation agents who in future support the implementation of ISO 560xx in the automotive ecosystem. EuroSPI signed a full partner agreement with Automotive Skills Alliance (ASA) who is the pact for skills partners in the Eu Erasmus+ program. EuroSPI has established the SPI Manifesto (SPI = Systems, Software and Services Process Improvement), a set of social media groups including a selection of presentations and key notes freely available on YouTube and access to job-role–based qualification through the European Certification and Qualification Association (www.ecqa.org). A typical characterization of EuroSPI is reflected in a statement made by a company: “… the biggest value of EuroSPI lies in its function as a European knowledge and experience exchange mechanism for SPI and innovation.” Since its beginning in 1994 in Dublin, the EuroSPI initiative continuously develops the term SPI including more and more fields that contribute. During the years, new communities (Cybersecurity, Internet of Things, Agile, etc.) joined and the term EuroSPI2 became European System, Software, Service, Safety, and Security Process, Product, Programming Improvement, Innovation, and Infrastructure. So in fact, it became EuroS5P3I3. EuroSPI 2024 took place in Munich, Germany. Six of the set of papers presented in the conference were selected by the editors for expansion in this special issue. The choice of the different manuscripts was made with consideration of the comments provided by the reviewers, and the final set was chosen based on the novelty and contribution of the papers. The editors present the selected manuscripts and discuss their content in what follows. “CyberESP: An integrated Cybersecurity Framework for SMEs” is authored by Calvo-Manzano, San Feliu, Herranz, Mariño, Fredlund, and Moreno. In this work, authors present CyberESP a cybersecurity framework supported by a semiautomated tool to ensure Spanish SMEs' cybersecurity management. Authors follow a design science research approach to review international standards and identify requirements for the framework. The approach and its prototype are validated by means of a case study. Being cybersecurity, one of the main concerns of SMEs around the globe [4], solutions to assess cybersecurity risks [5], are not scarce given the need to increase cyber hygiene among SMEs [6]. Complementing other approaches more behavioral [7], Calvo-Manzano et al. present a simplified methodology for ease of use and effective risk assessment and management, specifically tailored to the SME context. The paper “Overcoming Data Shortage in Critical Domains with Data Augmentation for Natural Language Software Requirements” by Korfmann, Beyersdorffer, Gerlich, Münch and Kuhrmann presents an empirical approach to use natural language processing approaches to tackle the problem of data shortage in software requirements. Data shortage is a common problem in information processing [8]; however, the use of Data Augmentation in Requirements Engineering is not that common. In spite of these scarce efforts, there are several works reported in the literature on the topic (e.g., [9]). In the case of the paper by Korfmann et al., the goal is to evaluate data augmentation techniques to synthetically increase the amount of a given set of training data to overcome the shortage of domain-specific training data. Poth and Rrjolli address one of the most important topics in literature in recent times: Computational sustainability. In “Eco-Friendly Micro-Services: Resource Footprint of Cloud-Native MicroServices Written in Java—A Balance Between Build-Time and Run-Time Effects of Releases,” authors evaluate the potential of Java frameworks that facilitate cloud-native microservices in reducing the energy footprint throughout the release life cycle. Given that compute servers cause the majority of a general-purpose cloud's emissions [10] to make cloud computing more environmentally sustainable [11] and reduce the negative impact on the environment that computing has [12]. In the work presented in this special issue, authors suggest that for noncompute intensive workloads, which are limited by the CPU-RAM-ratio of the cloud service provider, JVM-less microservice is a significant lever to deploy more microservices per VM. Cybersecurity is the topic of the paper “A Multi-Level Approach to TARA: Proposals for Attack Feasibility in Interference-Free Scenarios” by Liedtke, Messnarz, Ekert, and Much. Automotive can be seen as a complex software-intensive system [13] commonly affected by cybersecurity attacks [14, 15]. In this work, the authors explore the concept of freedom from interference and its implications to determine attack feasibility in automotive scenarios. The last paper of the collection is written by Aschbacher, Zelmenis, Messnarz, and Ekert and entitled “Strategic Intelligence Management (ISO 56006)—Using AI by the innovation agent task force in the Automotive Skills Alliance (ASA).” The TRIREME project builds on the FLAMENCO initiative by enhancing the automotive sector's innovation capabilities through AI-driven implementation of ISO 56006 Strategic Intelligence Management. In the context of this project, participants develop MOOCs for the ISO 5600x series, integrated into the Automotive Skills Alliance's European Skills Hub, fostering advanced green and digital skills for mobility ecosystems. In particular, this paper shows the results of the work on the ISO 56006 Strategic Intelligence Management implementation using AI in the TRIREME project. EuroSPI has a long-lasting relationship with Wiley publishing selected papers with high industrial experience value extended in special issues of the journal “Software Process: Improvement and Practice” starting in 2004, continuing the earlier tradition with the “Journal of Software Maintenance and Evolution: Research and Practice” and the “Journal of Software: Evolution and Process.” Data sharing not applicable to this article as no datasets were generated or analysed during the current study.