A Methodology for Architecture-Level Reliability Risk Analysis

Authors:
Sherif M. Yacoub;Hany H. Ammar
Affiliations:
Hewlett-Packard Lab., Palo Alto, CA;West Virginia Univ., Morgantown, WV
Venue:
IEEE Transactions on Software Engineering
Year:
2002

Citing 21
Cited 20

Statecharts: A visual formalism for complex systems

Science of Computer Programming
Real-time object-oriented modeling

Real-time object-oriented modeling
Software architecture: perspectives on an emerging discipline

Software architecture: perspectives on an emerging discipline
The operational profile

Handbook of software reliability engineering
Software metrics for reliability assessment

Handbook of software reliability engineering
A formal basis for architectural connection

ACM Transactions on Software Engineering and Methodology (TOSEM)
Software architecture in practice

Software architecture in practice
Performance evaluation of software architectures

Proceedings of the 1st international workshop on Software and performance
A Classification and Comparison Framework for Software Architecture Description Languages

IEEE Transactions on Software Engineering
Real-Time UML: Developing Efficient Objects for Embedded Systems

Real-Time UML: Developing Efficient Objects for Embedded Systems
A comparative analysis of hardware and software fault tolerance: Impact on software reliability engineering

Annals of Software Engineering
Emerald: Software Metrics and Models on the Desktop

IEEE Software
Scenarios in System Development: Current Practice

IEEE Software
A Metrics Suite for Object Oriented Design

IEEE Transactions on Software Engineering
Assessing Architectural Complexity

CSMR '98 Proceedings of the 2nd Euromicro Conference on Software Maintenance and Reengineering ( CSMR'98)
A Methodology For Risk Assessment Of Functional Specification Of Software Systems Using Colored Petri Nets

METRICS '97 Proceedings of the 4th International Symposium on Software Metrics
Coupling Metrics for Object-Oriented Design

METRICS '98 Proceedings of the 5th International Symposium on Software Metrics
Dynamic Metrics for Object Oriented Designs

METRICS '99 Proceedings of the 6th International Symposium on Software Metrics
A Component-Based Approach to Reliability Analysis of Distributed Systems

SRDS '99 Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems
Scenario-Based Reliability Analysis of Component-Based Software

ISSRE '99 Proceedings of the 10th International Symposium on Software Reliability Engineering
ARMOR: Analyzer for Reducing Module Operational Risk

FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing

An Empirically-Based Process for Software Architecture Evaluation

Empirical Software Engineering
ICSE 2003 workshop on Software Engineering for High Assurance Systems: synergies between process, product, and profiling (SEHAS 2003)

Proceedings of the 25th International Conference on Software Engineering
Architectural level risk assessment tool based on UML specifications

Proceedings of the 25th International Conference on Software Engineering
Model-Based Performance Risk Analysis

IEEE Transactions on Software Engineering
A Simulation Approach to Structure-Based Software Reliability Analysis

IEEE Transactions on Software Engineering
Study on Application of a Quantitative Evaluation Approach for Software Architecture Adaptability

QSIC '05 Proceedings of the Fifth International Conference on Quality Software
Early quality prediction of component-based systems - A generic framework

Journal of Systems and Software
Model-based performance analysis using block coverage measurements

Journal of Systems and Software
Middleware Architecture Evaluation for Dependable Self-managing Systems

QoSA '08 Proceedings of the 4th International Conference on Quality of Software-Architectures: Models and Architectures
Intelligent risk management tools for software development

Proceedings of the 2009 Annual Conference of the Southern African Computer Lecturers' Association
Resolving least privilege violations in software architectures

IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Analysis of the Risk Assessment Methods --- A Survey

IWSM '09 /Mensura '09 Proceedings of the International Conferences on Software Process and Product Measurement
Genetic algorithm based software integration with minimum software risk

Information and Software Technology
A quantitative approach for ranking change risk of component-based software

ICCSA'07 Proceedings of the 2007 international conference on Computational science and its applications - Volume Part III
Designing and prototyping dynamic software product lines: techniques and guidelines

SPLC'10 Proceedings of the 14th international conference on Software product lines: going beyond
Security based survivability risk analysis with extended HQPN

Proceedings of the 5th International Conference on Ubiquitous Information Management and Communication
A rule-based approach for estimating the reliability of component-based systems

Advances in Engineering Software
A comparative study of risk assessment methods, MEHARI & CRAMM with a new formal model of risk assessment (FoMRA) in information systems

CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Prototyping Dynamic Software Product Lines to evaluate run-time reconfigurations

Science of Computer Programming
An evaluation model for dependability of Internet-scale software on basis of Bayesian Networks and trustworthiness

Journal of Systems and Software

Quantified Score

Hi-index	0.00

Visualization

Abstract

Risk assessment is an essential process of every software risk management plan. Several risk assessment techniques are based on the subjective judgement of domain experts. Subjective risk assessment techniques are human intensive and error-prone. Risk assessment should be based on product attributes that we can quantitatively measure using product metrics. This paper presents a methodology for reliability risk assessment at the early stages of the development lifecycle, namely, the architecture level. We describe a heuristic risk assessment methodology that is based on dynamic metrics. The methodology uses dynamic complexity and dynamic coupling metrics to define complexity factors for the architecture elements (components and connectors). Severity analysis is performed using Failure Mode and Effect Analysis (FMEA) as applied to architecture models. We combine severity and complexity factors to develop heuristic risk factors for the architecture components and connectors. Based on analysis scenarios, we develop a risk assessment model that represents components, connectors, component risk factors, connector risk factors, and probabilities of component interactions. We also develop a risk analysis algorithm that aggregates risk factors of components and connectors to the architectural level. Using the risk aggregation and the risk analysis model, we show how to analyze the overall risk factor of the architecture as the function of the risk factors of its constituting components and connectors. A case study of a pacemaker architecture is used to illustrate the application of the methodology. The methodology is used to identify critical components and connectors and to investigate the sensitivity of the architecture risk factor to changes in the heuristic risk factors of the architecture elements.