Technical dept metaphor is found attractive to practitioners as it communicates to both technical and nontechnical audiences that if quality problems are not addressed, things may get worse. In their research, Ernst et al. concluded that the even though technical dept is widely known and accepted, making it visible and measurable is a big gap in practice. Tools are installed, but the complexity of configuring them or interpreting results meant that they were unused. Only very small minority of business managers were actively managing technical debt. [ 3 ]

This paper focuses to investigate whether technical depth KPIs could be used together with machine learning in order to manage technical dept in software maintenance project in controlled manner.

Dataset [ 7 ] which was collected from various open source projects was used together with machine learning technologies in order to see, if it is possible to estimate based on technical dept KPIs, whether the bug fixing SLA thresholds are kept or not.

Limitations of this paper include the fact that strict SLA policies are more common in commercial software products under maintenance than in open source projects. Also, the open source software products which were used in dataset [ 7 ] are collected from various stages of the software products lifecycle.

However, results indicated, that machine learning methodologies could estimate quite accurately, when bug fixing times start to have big probabilities of growing too big and outside of SLA limits. When using ROC-AUC as measure of how good the estimation is, excellent correlation was found. When simple number of lines variable was removed from variables, still good and close to excellent AUC numbers were found. 2

Software maintenance has dramatically evolved in the last four decades in order to cope with the continuously changing development models. Maintenance is also an increasingly popular research topic, with an increasing number of new models and approaches being proposed. Interestingly, the number of models proposed is increasing rather than consolidating. The fact highlights that more research effort is needed to identify reusable and tunable models that can be applied in different contexts.[ 5 ]

In their work Lenarduzzi et al., presented results of a Systematic Literature Review, highlighting the evolution of the metrics and models adopted in the last forty years. Key findings included, that there is increase in the size of the data analyzed. One reason is due to the availability of an enormous open source code base that can be easily used to build maintenance models. Despite the open source ideology, it is nearly impossible to replicate the studies, because almost all papers are based on private data sets and/or used custom tools that are not available to other researchers to support the replication.[ 5 ] 2.1

At the level of IT management in industry, organizations are interested in the economic consequences of technical debt and risks that they may pose. Technical debt can decrease efficiency of running software systems and create difficulties in extending them. Cost overhead in fixing issues or adding new functionality caused by technical debt is considered as the interest of technical debt. In economic perspective, technical debt is defined as the cost of repairing quality issues in software systems to achieve an ideal quality level. An ideal quality level is the highest achievable level of quality defined in a quality model adopted by an organization. The amount of debt is the gap between the current and the ideal level. Interest is defined as the extra maintenance cost spent for not achieving the ideal quality level. Maintenance activities include adding new functionality and fixing bugs. Maintenance and technical quality repair action is different in that former involves visible changes and their impacts are immediately visible. Extra effort spent on new functionality or fixing bugs are examples of interest on technical debt. Interest of technical debt is not the same as maintenance costs, because systems without technical issues will still spend some effort on maintenance.[ 7 ]

In software development and maintenance cost point of view, the earlier bugs are found, the cheaper it is. On the other hand, companies want to be fast in market. But faster time-to-market and quick user feedback also implies less time for testing and bug fixing in early stages [ 2 ].

Code with bad quality is more expensive to maintain, but also refactoring is risky. It requires changes to working code that can introduce subtle bugs. Refactoring, if done wrongly, can set you back days or weeks. Refactoring becomes riskier when practiced informally or ad hoc.[ 1 ]

If there is a way to apply machine learning techniques to identify problems earlier, there is a good motivation to include it already in CI/CD pipeline, using the SonarQube metrics and technical Dept information to forecast problems. This could help organizations to balance between time to refactor an be fast in time-to-market. Using the open dataset described collected from various open source projects [ 7 ], this paper is focusing on SonarQube technical dept metrics and their relationship to actual bug resolution times reported to issue tracking tool JIRA.

If the technical dept KPIs can predict future bugs, those can be used as good indicator for refactoring purposes. RQ: Can SonarQube technical depth KPIs be used to estimate increasing bug resolution times?

This study is using big dataset [ 7 ] as input for collecting variables for machine learning algorithms use. However, the projects used for the dataset are all open source projects with different ways of working different policies on how quick to fix bugs. Also, the selected open source projects are from projects which vary a lot in terms of size of the project and the products phase in its lifecycle.

The research also relies on monthly averages of technical dept measures while it would be best to analyze the dept KPIs from the exact moment when bug is found. As the data comes from various phases of the products lifecycle, one can find very short bug resolution times, which are due to the fact which can be seen on commit dates compared to bug opening and closing times, that some bugs are probably found during development, fixed at the same time and the bug is reported afterwards. 5

First executions of the python scripts against the data was executed three times. The dataset was balanced so, that there was just as many very long bug resolution times included as there were bugs with resolution times less than 30 days. Random forest classifier algorithm was used. Three executions gave following results:

Area under curve (AUC) shows that the random forest classifier gave predictions, which were between 90 and 92% accurate. This gives an idea, that technical dept KPIs do have strong impact to the bug resolution times. However, one of the used KPIs from dataset [ 7 ] was the number of lines of code. It can be obvious, that the bigger the project grows, the more it takes to implement changes. Therefore, the second set of executions were using the exact same parameters, except the number of lines of code was removed from the list of dependent variables. 1st run: When comparing the results against the values with the number of lines of code icluded, the AUC number is still giving quite good accuracy from 86 to 88 percentages. MCC number shows also, that the classifier can be used in estimations. However, lines of code do boost the accuracy of the estimation, which was also logical guess at the beginning of the study.

One can make conclusion from the results, that with the help of machine learning classifiers one can build a model to predict SLA violations. Research question was:

Technical dept, by definition, impacts to the time which is used to add features or fix bugs [ 7 ]. Sometimes it is good to have technical dept, because it is important to focus resources on new features and to be quick in market [ 2 ]. The interest of technical dept can be seen in bug resolution times and in commercial software systems, it is typical to have SLAs which needs to be kept in order to avoid penalties. There is no industry standard way of fixing technical dept issues and fixing those ad-hoc is also risky [ 1 ]. One way of managing the costs of technical dept could be utilizing machine learning models in CI/CD pipeline and use the predictions which algorithms give as triggers for paying technical dept.

Dataset, which consist of 33 projects, approximately 1.9M SonarQube issues, 38K code smells, and 28K faults [ 7 ] was used to form a dataset for random forest classifier, which was used to study, whether it is possible for model to learn predict SLA violations. Various technical dept KPIs were used together with number of lines of code and bug resolution times to teach the model.

Results showed, that the model can predict bug resolution times to pass or meet 30 days threshold quite accurately. With all the selected KPIs included, the model predicted correct results with 90 – 92 percentage accuracy. Lines of codes was obvious easy single KPI to predict the resolution times, since it is assumed that the bigger the project is, the more time it takes to make changes. When the impact of number of lines of codes was taken away, accuracy remained high, 86 – 88 percentages. Research concludes, that machine learning models could be used to predict software products bug resolution times.

Limitations were seen also. Even the dataset [ 7 ] is big, it consists only of open source projects and open source projects may not have as strict SLA handling as commercial products may do. Also, the projects may have different ways of working compared to other projects and therefore the best possible environment for this kind of study would be a set of data from one company, consisting from various software products with similar size.