Measuring software failure risk: Methodology and an example

https://doi.org/10.1016/0164-1212(94)90034-5Get rights and content

Abstract

The economic significance of failure is incorporated with software reliability theory to assess software failure risk—the expected loss resulting from software failure. The methodology draws upon probabilistic risk assessment and safety techniques to assess the potential consequence of failures in the environment in which the software will operate. The potential loss due to failures caused by faults in different modules is estimated by relating the module's function and expected use to these consequences. Loss estimates are combined with failure likelihood estimates from a time-dependent software reliability model. A case study illustrates application of the methodology to a payables processing system.

References (46)

  • K. Okumoto et al.

    Optimum Release Time for Software Systems Based on Reliability and Cost Criteria

    J. Systems Software

    (1980)
  • S. Yamada et al.

    Software Reliability Growth Models for Testing-Effort Control

    European J. Oper. Res.

    (1990)
  • V.R. Basili et al.

    The Future Engineering of Software: A Management Perspective

    Computer

    (1991)
  • B. Boehm

    A Spiral Model of Software Development and Enhancement

    Computer

    (1988)
  • B. Boehm et al.

    Understanding and Controlling Software Costs

    IEEE Trans. Software Engrg.

    (1988)
  • S. Brocklehurst et al.

    Recalibrating Software Reliability Models

    IEEE Trans. Software Engrg.

    (1990)
  • S.S. Cha et al.

    Safety Verification in Murphy Using Fault Tree Analysis

  • R.C. Cheung

    A User-Oriented Software Reliability Model

    IEEE Trans. Software Engrg.

    (1980)
  • J. Dunham

    Measuring Software Safety

  • W. Ehrlich et al.

    Applying Reliability Measurement: A Case Study

    IEEE Software

    (1990)
  • W. Everett

    Software Reliability Measurement

    IEEE J. Selected Areas Comm.

    (1990)
  • B. Fischhoff et al.

    Acceptable Risk

    (1981)
  • E.H. Forman et al.

    An Empirical Stopping Rule for Debugging and Testing Computer Software

    J. Am. Statist. Assoc.

    (1987)
  • M.O. Fryer

    Risk Assessment of Computer Controlled Systems

    IEEE Trans. Software Engrg.

    (1985)
  • E. Henley et al.

    Reliability Engineering and Risk Assessment

    (1981)
  • P.K. Kapur et al.

    Optimal Release Policies for Software Systems with Testing Effort

    Int. J. Systems Sci.

    (1991)
  • N. Karunanithi et al.

    Using Neural Networks in Reliability Prediction

    IEEE Software

    (1992)
  • T. Khoshgoftaar et al.

    Predicting Software Errors, During Development, Using Nonlinear Regression Models: A Comparative Study

    IEEE Trans. Reliability

    (1992)
  • P. Kubat et al.

    Managing Test-Procedures to Achieve Reliable Software

    IEEE Trans. Reliability

    (1983)
  • N.G. Leveson

    Software Safety: Why, What, and How

    Comput. Surveys

    (1986)
  • N.G. Leveson et al.

    Analyzing Software Safety

    IEEE Trans. Software Engrg.

    (1983)
  • N.G. Leveson et al.

    Safety Verification of Ada Programs Using Software Fault Trees

    IEEE Software

    (1991)
  • B. Littlewood

    MTBF is Meaningless in Software Reliability

    IEEE Trans. Reliability

    (1975)
  • Cited by (8)

    • IT managers’ vs. IT auditors’ perceptions of risks: An actor–observer asymmetry perspective

      2018, Information and Management
      Citation Excerpt :

      Risk is generally regarded as the combination of the probability of an undesirable event occurring and the magnitude of the loss that is associated with the event [47] and has been treated as such in the IS literature (see, e.g., Barki et al. [13]). Therefore, these two factors have often been used together to define and describe risk [12,48,49]. As both probability of risk and impact of risk can, in theory, influence risk perception, we included both elements in our model.

    • Cost estimation of software projects: A sub-additive approach

      2017, Journal of Modern Project Management
    • Measuring the risk of software projects

      2015, International Journal of Software Engineering and its Applications
    View all citing articles on Scopus
    View full text