Research in the reverse engineering field is predominantly fuelled by the need to develop solutions to known problems. A review of the major research contributions in the field can be gleaned from the earlier proceedings of this conference series. These show that, typically, research has been undertaken using traditional scientific and quantitative methods. To date there has been little work utilising qualitative research methodologies. I believe that there is a case for more explicit use of qualitative approaches in reverse engineering research. This is because the adoption of a particular research strategy is often inextricably connected with the problem being studied and the domain within which its solution will be relevant.
In the RAMESES project we are using qualitative techniques, and in particular a grounded theory approach. RAMESES aims to provide small-medium sized enterprises (SMEs) not with a purely technical solution to a reverse engineering problem but rather with a risk assessment strategy that will aid them either (i) in deciding upon changes in business processes, or (ii) in a strategic review of the options available for coping with their existing systems. For many SMEs, although information technology is not a main business function, their success is bound up with the management and control of their legacy systems. To identify the problems that such organisation have with legacy systems (and their needs and ability to undertake reverse engineering activities) requires detailed analysis. Our experience with SMEs at the University of Sunderland has shown that reliance of technical approaches and solutions is not always possible: and in this environment sociotechnical remedies have great potential.
The issues that have a bearing upon any SMEs* decision making process (which will be supported by a risk assessment model) will not be purely technical in nature: the systems must be evaluated in the context of their organisations and in the interaction between the human and automated processes of the business system. Although assessment strategies based solely on technical issues and metrics are valuable, they are of secondary importance to those approaches that take a holistic view of business legacy systems as intertwined social, organisational and technical components. We are using grounded theory as a framework and within this other qualitative techniques, such as case study analysis of three SMEs, to identify the emergent properties and factors that will populate the risk assessment model.
It is important to assess where such a qualitative approach may be beneficial in software (and reverse) engineering research. Qualitative approaches allow researchers to study issues in depth and detail without being constrained by predetermined categories. Whereas quantitative approaches allow users to measure factors against predetermined scales. Qualitative approaches are essentially "looking at" phenomena whereas the quantitative approach is "looking for" elements that are expected to be important. This difference in emphasis (between inductive and deductive studies) is significant in determining the types of results that may emerge.