Abstract
Many different methods have been proposed for software risk analysis and assessment. These methods can be categorized in 3 groups: some methods are based on business owners and developers estimation about the probability and damage of a risk; some are based on software architecture analysis (using design diagrams), and some are based on source-code analysis. Each one of these approaches has some advantages and disadvantages, but none of them cover all risky aspects of a software project. The reason to this is that from one point of view software development is a heuristic process and it requires developers’ heuristic analysis and opinions. But from another point of view there is a high probability that these opinions contain faulty evaluations. In this paper we propose an approach based on combining different metrics which are obtained from all three approaches of risk analysis. In our approach both Risk Probability and Risk Damage are obtained using this compound technique. The architectural risk of the components is calculated based on the cyclomatic complexity of the statecharts; the source-based risk is obtained by a code weight association technique and these values are aggregated with the analysts opinions to produce the risk model. We provide a case study to present the results of our approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Tao, Y.: A Study of Software Development Project Risk Management. In: Proceedings of the 2008 International Seminar on Future Information Technology and Management Engineering, pp. 309–312 (2008)
Larman, C.: Applying UML and Patterns: An Introduction to Object-Oriented Analysis and Design and Iterative Development, 3rd edn. Addison Wesley, Reading (2004)
Pressman, R.S.: Software Engineering: A Practitioner’s Approach, 5th edn. McGraw-Hill, New York (2001)
Popstojanova, K.G.: Architectural-Level Risk Analysis Using UML. IEEE Transactions on Software Engineering 29(6), 946–960 (2003)
Yacoub, S.M., Ammar, H.H.: A Methodology for Architecture-Level Reliability Risk Analysis. IEEE Transactions on Software Engineering 28(6), 529–547 (2002)
Khoshgoftaar, T.M., Seliya, N., Liu, Y.: Genetic Programming-Based Decision Trees for Software Quality Classification. In: Proceedings of 15th IEEE International Conference on Tools with Artificial Intelligence, pp. 374–383 (2003)
NASA Safety Manual NPG 8719.13A, Software Safety (1997)
Wong, W.E., Qi, Y., Cooper, K.: Source Code-Based Software Risk Assessing. In: Proceedings of the 2005 ACM symposium on Applied computing, pp. 1485–1490 (2005)
Deursen, A., Kuipers, T.: Source-based software risk assessment. In: Proceedings of the International Conference on Software Maintenance, p. 385 (2003)
McCabe, T.J.: A Complexity Metrics. IEEE Transactions on Software Engineering 2(4), 308–320 (1976)
Khan, S.: An approach to facilitate software risk identification. In: Proceedings of 2nd International Conference on Computer, Control and Communication, pp. 1–5 (2009)
Emam, K.E., Melo, W.: The Prediction of Faulty Classes Using Object-Oriented Design Metrics. Technical Report NRC 43609, Nat’l. Research Council Canada, Inst. For Information Technology (1999)
Bass, L., Nord, R., Wood, W., Zubrow, D.: Risk Themes Discovered through Architecture Evaluations. In: Proceedings of the Working IEEE/IFIP Conference on Software Architecture, pp. 1–10 (2007)
Cortellessa, V., Popstojanova, K.G., Appukkutty, K., Guedem, A.R., Hassan, A., Elnaggar, R., Abdelmoez, W., Ammar, H.H.: Model-based performance risk analysis. IEEE Transactions on Software Engineering 31(1), 3–20 (2005)
Cheung, L., Roshandel, R., Medvidovic, N., Golubchik, L.: Early prediction of software component reliability. In: Proceedings of the 30th international conference on Software engineering, pp. 111–120 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Hosseingholizadeh, A., Abhari, A. (2010). A New Compound Metric for Software Risk Assessment. In: Lee, R., Ormandjieva, O., Abran, A., Constantinides, C. (eds) Software Engineering Research, Management and Applications 2010. Studies in Computational Intelligence, vol 296. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13273-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-13273-5_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13272-8
Online ISBN: 978-3-642-13273-5
eBook Packages: EngineeringEngineering (R0)