An integrated risk measurement and optimization model for trustworthy software process management

Authors:
Jianping Li;Minglu Li;Dengsheng Wu;Hao Song
Affiliations:
Institute of Policy and Management, Chinese Academy of Sciences, Beijing 100190, China;Institute of Policy and Management, Chinese Academy of Sciences, Beijing 100190, China and Bureau of Planning, National Natural Science Foundation of China, Beijing 100085, China;Institute of Policy and Management, Chinese Academy of Sciences, Beijing 100190, China and Graduate University of Chinese Academy of Sciences, Beijing 100039, China;Institute of Policy and Management, Chinese Academy of Sciences, Beijing 100190, China and Graduate University of Chinese Academy of Sciences, Beijing 100039, China
Venue:
Information Sciences: an International Journal
Year:
2012

Citing 33
Cited 5

Probabilistic reasoning in intelligent systems: networks of plausible inference

Probabilistic reasoning in intelligent systems: networks of plausible inference
Applying fuzzy set theory to evaluate the rate of aggregative risk in software development

Fuzzy Sets and Systems
Software metrics: roadmap

Proceedings of the Conference on The Future of Software Engineering
Using Influence Diagrams for Software Risk Analysis

TAI '95 Proceedings of the Seventh International Conference on Tools with Artificial Intelligence
A new algorithm for applying fuzzy set theory to evaluate the rate of aggregative risk in software development

Information Sciences: an International Journal
Making Resource Decisions for Software Projects

Proceedings of the 26th International Conference on Software Engineering
Processes for Producing Secure Software: Summary of US National Cybersecurity Summit Subgroup Report

IEEE Security and Privacy
Trustworthy software systems

ACM SIGSOFT Software Engineering Notes
Establishing trustworthiness in services of the critical infrastructure through certification and accreditation

SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Toward Trustworthy Software Systems

Computer
How Much Software Quality Investment Is Enough: A Value-Based Approach

IEEE Software
Trustworthy Software: Why we need it, Why we don't have it, How we can get it

COMPSAC '06 Proceedings of the 30th Annual International Computer Software and Applications Conference - Volume 01
Trustworthy software systems: a discussion of basic concepts and terminology

ACM SIGSOFT Software Engineering Notes
Predicting software defects in varying development lifecycles using Bayesian nets

Information and Software Technology
Managing software process measurement: A metamodel-based approach

Information Sciences: an International Journal
Project Data Incorporating Qualitative Factors for Improved Software Defect Prediction

PROMISE '07 Proceedings of the Third International Workshop on Predictor Models in Software Engineering
Influence DiagramsHistorical and Personal Perspectives

Decision Analysis
Software maintenance project delays prediction using Bayesian Networks

Expert Systems with Applications: An International Journal
The Security Requirements Behavior Model for Trustworthy Software

MCETECH '08 Proceedings of the 2008 International MCETECH Conference on e-Technologies
Risk and risk management in software projects: A reassessment

Journal of Systems and Software
Estimating software readiness using predictive models

Information Sciences: an International Journal
Multiple criteria mathematical programming for multi-class classification and application in network intrusion detection

Information Sciences: an International Journal
A framework for developing measurement systems and its industrial evaluation

Information and Software Technology
Bayesian Networks and Decision Graphs

Bayesian Networks and Decision Graphs
A Bayesian network approach to assess and predict software quality using activity-based quality models

PROMISE '09 Proceedings of the 5th International Conference on Predictor Models in Software Engineering
Process Trustworthiness as a Capability Indicator for Measuring and Improving Software Trustworthiness

ICSP '09 Proceedings of the International Conference on Software Process: Trustworthy Software Development Processes
Choquet integral based aggregation approach to software development risk assessment

Information Sciences: an International Journal
Risk Management in the Trustworthy Software Process: A Novel Risk and Trustworthiness Measurement Model Framework

NCM '09 Proceedings of the 2009 Fifth International Joint Conference on INC, IMS and IDC
A survey of component based system quality assurance and assessment

Information and Software Technology
The future of software processes

SPW'05 Proceedings of the 2005 international conference on Unifying the Software Process Spectrum
A non-functional requirements tradeoff model in Trustworthy Software

Information Sciences: an International Journal
User preferences based software defect detection algorithms selection using MCDM

Information Sciences: an International Journal
The design of polynomial function-based neural network predictors for detection of software defects

Information Sciences: an International Journal

Editorial: Data mining for software trustworthiness

Information Sciences: an International Journal
Quantitative effects of software testing on reliability improvement in the presence of imperfect debugging

Information Sciences: an International Journal
Decision making support in CMMI process areas using multiparadigm simulation modeling

Proceedings of the Winter Simulation Conference
Search based risk mitigation planning in project portfolio management

Proceedings of the 2013 International Conference on Software and System Process
A security risk analysis model for information systems: Causal relationships of risk factors and vulnerability propagation analysis

Information Sciences: an International Journal

Quantified Score

Hi-index	0.07

Visualization

Abstract

The growing demand for higher trustworthiness of software poses an unprecedented challenge to the software industry. Risk management is the important part for high quality software development processes. However, under the constraints of project cost and duration, it is very difficult to establish the budget for risk management. To integrate efficient risk management and pure software process is the goal of this paper. We propose a software process model with risk management and cost control modules to help improve software process risk management. Furthermore, based on this process model, a measurement model that includes process risk and software trustworthiness metrics is presented. Through risk management effectiveness calculation methods and risk transfer assumptions, a software process risk optimization model is proposed. This model can be used to derive an optimized risk management scheme for the process of trustworthy software development, with constraints of process cost and duration. Simulation cases are then analyzed by this model framework. The results show that risk management is critical to enhance trustworthiness but risk management is an effective complement, rather than the most fundamental process, to enhance the trustworthiness of software. Software developers should adopt appropriate and optimal strategies about risk management inputs, especially in lower CMMI level companies.