Article

A lightweight approach to technical risk estimation via probabilistic impact analysis

Authors:
Robert J. Walker

University of Calgary, Calgary, Alberta, Canada

University of Calgary, Calgary, Alberta, Canada
View Profile

,
Reid Holmes

University of Calgary, Calgary, Alberta, Canada

University of Calgary, Calgary, Alberta, Canada
View Profile

,
Ian Hedgeland

University of Calgary, Calgary, Alberta, Canada

University of Calgary, Calgary, Alberta, Canada
View Profile

,
Puneet Kapur

Chartwell Technology Inc., Calgary, Alberta, Canada

Chartwell Technology Inc., Calgary, Alberta, Canada
View Profile

,
Andrew Smith

Chartwell Technology Inc., Calgary, Alberta, Canada

Chartwell Technology Inc., Calgary, Alberta, Canada
View Profile

MSR '06: Proceedings of the 2006 international workshop on Mining software repositoriesMay 2006Pages 98–104https://doi.org/10.1145/1137983.1138008

Published:22 May 2006Publication History

MSR '06: Proceedings of the 2006 international workshop on Mining software repositories

Pages 98–104

ABSTRACT

An evolutionary development approach is increasingly commonplace in industry but presents increased difficulties in risk management, for both technical and organizational reasons. In this context, technical risk is the product of the probability of a technical event and the cost of that event. This paper presents a technique for more objectively assessing and communicating technical risk in an evolutionary development setting that (1) operates atop weakly-estimated knowledge of the changes to be made, (2) analyzes the past change history and current structure of a system to estimate the probability of change propagation, and (3) can be discussed vertically within an organization both with development staff and high-level management. A tool realizing this technique has been developed for the Eclipse IDE.

References

L. A. Belady and M. M. Lehman. A model of large program development. IBM Systems J., 15(3):225--252, 1976.Google ScholarDigital Library
B. I. Blum. Three paradigms for developing information systems. Proc. Int'l Conf. Softw. Eng., pages 534--543, 1984. Google ScholarDigital Library
C. Chittister and Y. Y. Haimes. Assessment and management of software technical risk. IEEE Trans. Systems, Man and Cybernetics, 24(2):187--202, 1994.Google ScholarCross Ref
E. W. Dijkstra. A note on two problems in connection with graphs. Numerische Mathematik, 1:169--271, 1959.Google ScholarDigital Library
H. Fischer. Computer system simulation of an on-line interactive command and control system. In Proc. Winter Simulation Conf., pages 333--340, 1971. Google ScholarDigital Library
M. Fischer, M. Pinzger, and H. Gall. Populating a release history database from version control and bug tracking systems. In Proc. Int'l Conf. Softw. Maintenance, pages 23--32, 2003. Google ScholarDigital Library
M. W. Godfrey and L. Zou. Using origin analysis to detect merging and splitting of source code entities. IEEE Trans. Softw. Eng., 31(2):166--181, 2005. Google ScholarDigital Library
S. Horwitz, T. Reps, and D. Binkley. Interprocedural slicing using dependence graphs. ACM Trans. Program. Lang. Sys., 12(1):26--60, Jan. 1990. Google ScholarDigital Library
J. Kontio, G. Getto, and D. Landes. Experiences in improving risk management processes using the concepts of the Riskit method. In Proc. ACM SIGSOFT Int'l Symp. Foundations Softw. Eng., pages 163--174, 1998. Google ScholarDigital Library
J. P. Loyall and S. A. Mathisen. Using dependence analysis to support the software maintenance process. In Proc. Conf. Softw. Maintenance, pages 282--291, 1993. Google ScholarDigital Library
A. Mockus, R. T. Fielding, and J. Herbsleb. Two case studies of open source software development: Apache and Mozilla. ACM Trans. Softw. Eng. Method., 11(3):1--38, 2002. Google ScholarDigital Library
A. Mockus and D. M. Weiss. Predicting risk of software changes. Bell Labs Technical J., 5(2):169--180, 2000.Google ScholarCross Ref
L. Moonen. Lightweight impact analysis using island grammars. In Proc. Int'l Wkshp. Program Comprehension, pages 219--228, 2002. Google ScholarDigital Library
M. Moriconi and T. C. Winkler. Approximate reasoning about the semantic effects of program changes. IEEE Trans. Softw. Eng., 16(9):980--992, 1990. Google ScholarDigital Library
G. C. Murphy and D. Notkin. Lightweight lexical source model extraction. ACM Trans. Softw. Eng. Method., 5(3):262--292, 1996. Google ScholarDigital Library
G. C. Murphy, D. Notkin, and K. Sullivan. Software reflexion models: Bridging the gap between source and high-level models. In Proc. ACM SIGSOFT Symp. Foundations Softw. Eng., pages 18--28, 1995. Google ScholarDigital Library
N. Nagappan, T. Ball, and A. Zeller. Mining metrics to predict component failures. In Proc. Int'l Conf. Softw. Eng., 2006. To appear. Google ScholarDigital Library
D. E. Neumann. An enhanced neural network technique for software risk analysis. IEEE Trans. Softw. Eng., 28(9):904--912, 2002. Google ScholarDigital Library
K. S. Rajeswari and R. N. Anantharaman. Development of an instrument to measure stress among software professionals: Factor analytic study. In Proc. SIGMIS Conf. Computer Personnel Research, pages 34--43, 2003. Google ScholarDigital Library
J. Ropponen and K. Lyytinen. Components of software development risk: How to address them? A project manager survey. IEEE Trans. Softw. Eng., 26(2):98--112, 2000. Google ScholarDigital Library
O. Saliu and G. Ruhe. Software release planning for evolving systems. Innovations in Systems and Softw. Eng., 1(2), 2005. To appear.Google Scholar
J. Śliwerski, T. Zimmermann, and A. Zeller. When do changes induce fixes? In Proc. Int'l Wkshp. Mining Software Repositories, pages 24--28, 2005. Google ScholarDigital Library
A. Tiwana and M. Keil. The one-minute risk assessment tool. Commun. ACM, 47(11):73--77, 2004. Google ScholarDigital Library
N. Tsantalis, A. Chatzigeorgiou, and G. Stephanides. Predicting the probability of change in object-oriented systems. IEEE Trans. Softw. Eng., 31(7):601--614, 2005. Google ScholarDigital Library
R. J. Turver and M. Munro. An early impact analysis technique for software maintenance. J. Softw. Maintenance: Res. and Pract., 6:35--52, 1994.Google ScholarCross Ref
R. J. Walker, R. Holmes, I. Hedgeland, P. Kapur, and A. Smith. A lightweight approach to technical risk estimation via probabilistic impact analysis. Tech. rep. 2006-817-10, Computer Science, Univ. of Calgary, 2006.Google Scholar
A. T. T. Ying, G. C. Murphy, R. Ng, and M. C. Chu-Carroll. Predicting source code changes by mining change history. IEEE Trans. Softw. Eng., 30(9):574--586, 2004. Google ScholarDigital Library
L. A. Zadeh. Fuzzy sets. Information and Control, 8(3):338--353, 1965.Google ScholarCross Ref
T. Zimmermann, P. Weißgerber, S. Diehl, and A. Zeller. Mining version histories to guide software changes. IEEE Trans. Softw. Eng., 31(6):429--445, 2005. Google ScholarDigital Library

Index Terms

A lightweight approach to technical risk estimation via probabilistic impact analysis
1. Social and professional topics
  1. Professional topics
    1. Management of computing and information systems
      1. Project and people management
      2. Software management
        Software maintenance
2. Software and its engineering
  1. Software creation and management
    1. Software development process management
    2. Software post-development issues
  2. Software notations and tools
    1. Software configuration management and version control systems

Recommendations

Risk attitudes in risk-based design: Considering risk attitude using utility theory in risk-based design

Engineering risk methods and tools account for and make decisions about risk using an expected-value approach. Psychological research has shown that stakeholders and decision makers hold domain-specific risk attitudes that often vary between individuals ...
Read More
Development and application of a geospatial wildfire exposure and risk calculation tool

Applying wildfire risk assessment models can inform investments in loss mitigation and landscape restoration, and can be used to monitor spatiotemporal trends in risk. Assessing wildfire risk entails the integration of fire modeling outputs, maps of ...
Read More
Probabilistic Risk Analysis of Diversion Tunnel Construction Simulation

Comprehensive and effective risk analysis is significant for studying construction simulation of diversion tunnel. Existing tunnel risk simulation approaches mainly analyze ordinary risk factors, and cannot quantitatively study risk events considering ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
MSR '06: Proceedings of the 2006 international workshop on Mining software repositories
May 2006
191 pages
ISBN:1595933972
DOI:10.1145/1137983
General Chairs:
Stephan Diehl
University Trier, Germany
,
Harald Gall
University of Zurich, Switzerland
,
Ahmed E. Hassan
Research in Motion RIM, Canada
Copyright © 2006 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 22 May 2006
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
decision support
probabilistic impact analysis
revision history
technical risk estimation
Qualifiers
- Article
Conference

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 13
  Total Citations
  View Citations
- 861
  Total Downloads
- Downloads (Last 12 months)8
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

A lightweight approach to technical risk estimation via probabilistic impact analysis

MSR '06: Proceedings of the 2006 international workshop on Mining software repositories

ABSTRACT

References

Cited By

Index Terms

Recommendations

Risk attitudes in risk-based design: Considering risk attitude using utility theory in risk-based design

Development and application of a geospatial wildfire exposure and risk calculation tool

Probabilistic Risk Analysis of Diversion Tunnel Construction Simulation