Change impact analysis

Change impact analysis (IA) is defined by Bohner and Arnold^[1] as "identifying the potential consequences of a change, or estimating what needs to be modified to accomplish a change", and they focus on IA in terms of scoping changes within the details of a design. In contrast, Pfleeger and Atlee^[2] focus on the risks associated with changes and state that IA is: "the evaluation of the many risks associated with the change, including estimates of the effects on resources, effort, and schedule". Both the design details and risks associated with modifications are critical to performing IA within change management processes. A technical colloquial term is also mentioned sometimes in this context, dependency hell.

Types of Impact Analysis Techniques

IA techniques can be classified into three types:^[3]

• Trace
• Dependency
• Experiential

Bohner and Arnold^[4] identify two classes of IA, traceability and dependency IA. In traceability IA, links between requirements, specifications, design elements, and tests are captured, and these relationships can be analysed to determine the scope of an initiating change.^[5] In dependency IA, linkages between parts, variables, logic, modules etc. are assessed to determine the consequences of an initiating change. Dependency IA occurs at a more detailed level than traceability IA. Within software design, static and dynamic algorithms can be run on code to perform dependency IA.^[6][7] Static methods focus on the program structure, while dynamic algorithms gather information about program behaviour at run-time.

Literature and engineering practice also suggest a third type of IA, experiential IA, in that the impact of changes is often determined using expert design knowledge. Review meeting protocols,^[8] informal team discussions, and individual engineering judgement^[9] can all be used to determine the consequences of a modification.

Package management and dependency IA

Software is often delivered in packages, which contain dependencies to other software packages necessary that the one deployed runs. Following these dependencies in reverse order is a convenient way to identify the impact of changing the contents of a software package. Examples for software helpful to do this:

• scripts like whatrequires ^[10] for RPM, and debian package formats

Source code and dependency IA

Dependencies are also declared in source code. Amongst the tools supporting to show such dependencies are:

• Integrated development environment
• FindBugs
• JRipples

There are as well tools applying fulltext search over source code stored in various repositories. If the source code is web-browsable, then classical search engines can be used. If the source is only available in the runtime environment, it gets more complicated and specialized tools may be of help.^[11]

Requirements, and traceability to source code

Recent tools use often stable links to trace dependencies. This can be done on all levels, amongst them specification, blueprint, bugs, commits. Despite this, the use of backlink checkers known from search engine optimization is not common. Research in this area is done as well, just to name use case maps^[12]

Commercial tools in this area include Telelogic DOORS, and IBM Rational.

See also

• Change management (engineering)

References

1. ↑ Bohner and Arnold, 1996, pg.3
2. ↑ Pfleeger and Atlee, 2006, pg.526
3. ↑ Kilpinen, 2008
4. ↑ Bohner and Arnold, 1996
5. ↑ Eisner, 2002, pg.236-237
6. ↑ Rajlich, 2000
7. ↑ Ren et al., 2005
8. ↑ Endres and Rombach, 2003, pg.17
9. ↑ Ambler, 2002, pg.244
10. ↑ http://www.pixelbeat.org/scripts/whatrequires
11. ↑ ohloh, discover, track, and compare open source.
12. ↑ Change Impact Analysis for Requirement Evolution using Use Case Maps, Jameleddine Hassine, Juergen Rilling, Jacqueline Hewitt, Department of Computer Science, Concordia University, 2005.

Further reading

• Ambler, S. (2002). Agile Modeling: Effective Practices for Extreme Programming and the Unified Process. New York, New York, USA, John Wiley & Sons.
• Bohner, S.A. and R.S. Arnold, Eds. (1996). Software Change Impact Analysis. Los Alamitos, California, USA, IEEE Computer Society Press.
• Eisner, H. (2002). Essentials of Project and Systems Engineering Management. New York, New York, USA, John Wiley & Sons.
• Endres, A. and D. Rombach (2003). A Handbook of Software and Systems Engineering: Empirical Observations, Laws and Theories. New York, New York, USA, Addison-Wesley.
• Kilpinen, M.S. (2008). The Emergence of Change at the Systems Engineering and Software Design Interface: An Investigation of Impact Analysis. PhD Thesis. University of Cambridge. Cambridge, UK.
• Pfleeger, S.L. and J.M. Atlee (2006). Software Engineering: Theory and Practice. Upper Saddle River, New Jersey, USA, Prentice Hall.
• Rajlich, V. (2000). "A Model and a Tool for Change Propagation in Software." ACM SIGSOFT Software Engineering Notes 25(1):72.
• Ren, X., F. Shah, et al. (2005). Chianti: A Tool for Change Impact Analysis of Java Programs. International Conference on Software Engineering (ICSE 2005), St Louis, Missouri, USA.