ABSTRACT
An evolutionary development approach is increasingly commonplace in industry but presents increased difficulties in risk management, for both technical and organizational reasons. In this context, technical risk is the product of the probability of a technical event and the cost of that event. This paper presents a technique for more objectively assessing and communicating technical risk in an evolutionary development setting that (1) operates atop weakly-estimated knowledge of the changes to be made, (2) analyzes the past change history and current structure of a system to estimate the probability of change propagation, and (3) can be discussed vertically within an organization both with development staff and high-level management. A tool realizing this technique has been developed for the Eclipse IDE.
- L. A. Belady and M. M. Lehman. A model of large program development. IBM Systems J., 15(3):225--252, 1976.Google ScholarDigital Library
- B. I. Blum. Three paradigms for developing information systems. Proc. Int'l Conf. Softw. Eng., pages 534--543, 1984. Google ScholarDigital Library
- C. Chittister and Y. Y. Haimes. Assessment and management of software technical risk. IEEE Trans. Systems, Man and Cybernetics, 24(2):187--202, 1994.Google ScholarCross Ref
- E. W. Dijkstra. A note on two problems in connection with graphs. Numerische Mathematik, 1:169--271, 1959.Google ScholarDigital Library
- H. Fischer. Computer system simulation of an on-line interactive command and control system. In Proc. Winter Simulation Conf., pages 333--340, 1971. Google ScholarDigital Library
- M. Fischer, M. Pinzger, and H. Gall. Populating a release history database from version control and bug tracking systems. In Proc. Int'l Conf. Softw. Maintenance, pages 23--32, 2003. Google ScholarDigital Library
- M. W. Godfrey and L. Zou. Using origin analysis to detect merging and splitting of source code entities. IEEE Trans. Softw. Eng., 31(2):166--181, 2005. Google ScholarDigital Library
- S. Horwitz, T. Reps, and D. Binkley. Interprocedural slicing using dependence graphs. ACM Trans. Program. Lang. Sys., 12(1):26--60, Jan. 1990. Google ScholarDigital Library
- J. Kontio, G. Getto, and D. Landes. Experiences in improving risk management processes using the concepts of the Riskit method. In Proc. ACM SIGSOFT Int'l Symp. Foundations Softw. Eng., pages 163--174, 1998. Google ScholarDigital Library
- J. P. Loyall and S. A. Mathisen. Using dependence analysis to support the software maintenance process. In Proc. Conf. Softw. Maintenance, pages 282--291, 1993. Google ScholarDigital Library
- A. Mockus, R. T. Fielding, and J. Herbsleb. Two case studies of open source software development: Apache and Mozilla. ACM Trans. Softw. Eng. Method., 11(3):1--38, 2002. Google ScholarDigital Library
- A. Mockus and D. M. Weiss. Predicting risk of software changes. Bell Labs Technical J., 5(2):169--180, 2000.Google ScholarCross Ref
- L. Moonen. Lightweight impact analysis using island grammars. In Proc. Int'l Wkshp. Program Comprehension, pages 219--228, 2002. Google ScholarDigital Library
- M. Moriconi and T. C. Winkler. Approximate reasoning about the semantic effects of program changes. IEEE Trans. Softw. Eng., 16(9):980--992, 1990. Google ScholarDigital Library
- G. C. Murphy and D. Notkin. Lightweight lexical source model extraction. ACM Trans. Softw. Eng. Method., 5(3):262--292, 1996. Google ScholarDigital Library
- G. C. Murphy, D. Notkin, and K. Sullivan. Software reflexion models: Bridging the gap between source and high-level models. In Proc. ACM SIGSOFT Symp. Foundations Softw. Eng., pages 18--28, 1995. Google ScholarDigital Library
- N. Nagappan, T. Ball, and A. Zeller. Mining metrics to predict component failures. In Proc. Int'l Conf. Softw. Eng., 2006. To appear. Google ScholarDigital Library
- D. E. Neumann. An enhanced neural network technique for software risk analysis. IEEE Trans. Softw. Eng., 28(9):904--912, 2002. Google ScholarDigital Library
- K. S. Rajeswari and R. N. Anantharaman. Development of an instrument to measure stress among software professionals: Factor analytic study. In Proc. SIGMIS Conf. Computer Personnel Research, pages 34--43, 2003. Google ScholarDigital Library
- J. Ropponen and K. Lyytinen. Components of software development risk: How to address them? A project manager survey. IEEE Trans. Softw. Eng., 26(2):98--112, 2000. Google ScholarDigital Library
- O. Saliu and G. Ruhe. Software release planning for evolving systems. Innovations in Systems and Softw. Eng., 1(2), 2005. To appear.Google Scholar
- J. Śliwerski, T. Zimmermann, and A. Zeller. When do changes induce fixes? In Proc. Int'l Wkshp. Mining Software Repositories, pages 24--28, 2005. Google ScholarDigital Library
- A. Tiwana and M. Keil. The one-minute risk assessment tool. Commun. ACM, 47(11):73--77, 2004. Google ScholarDigital Library
- N. Tsantalis, A. Chatzigeorgiou, and G. Stephanides. Predicting the probability of change in object-oriented systems. IEEE Trans. Softw. Eng., 31(7):601--614, 2005. Google ScholarDigital Library
- R. J. Turver and M. Munro. An early impact analysis technique for software maintenance. J. Softw. Maintenance: Res. and Pract., 6:35--52, 1994.Google ScholarCross Ref
- R. J. Walker, R. Holmes, I. Hedgeland, P. Kapur, and A. Smith. A lightweight approach to technical risk estimation via probabilistic impact analysis. Tech. rep. 2006-817-10, Computer Science, Univ. of Calgary, 2006.Google Scholar
- A. T. T. Ying, G. C. Murphy, R. Ng, and M. C. Chu-Carroll. Predicting source code changes by mining change history. IEEE Trans. Softw. Eng., 30(9):574--586, 2004. Google ScholarDigital Library
- L. A. Zadeh. Fuzzy sets. Information and Control, 8(3):338--353, 1965.Google ScholarCross Ref
- T. Zimmermann, P. Weißgerber, S. Diehl, and A. Zeller. Mining version histories to guide software changes. IEEE Trans. Softw. Eng., 31(6):429--445, 2005. Google ScholarDigital Library
Index Terms
- A lightweight approach to technical risk estimation via probabilistic impact analysis
Recommendations
Risk attitudes in risk-based design: Considering risk attitude using utility theory in risk-based design
Engineering risk methods and tools account for and make decisions about risk using an expected-value approach. Psychological research has shown that stakeholders and decision makers hold domain-specific risk attitudes that often vary between individuals ...
Development and application of a geospatial wildfire exposure and risk calculation tool
Applying wildfire risk assessment models can inform investments in loss mitigation and landscape restoration, and can be used to monitor spatiotemporal trends in risk. Assessing wildfire risk entails the integration of fire modeling outputs, maps of ...
Probabilistic Risk Analysis of Diversion Tunnel Construction Simulation
Comprehensive and effective risk analysis is significant for studying construction simulation of diversion tunnel. Existing tunnel risk simulation approaches mainly analyze ordinary risk factors, and cannot quantitatively study risk events considering ...
Comments