Assessing COTS integration risk using cost estimation inputs

  • Authors:

  • Ye Yang;Barry Boehm;Betsy Clark

  • Affiliations:

  • University of Southern California, Los Angeles, CA;University of Southern California, Los Angeles, CA;Software Metrics, Inc., Haymarket, VA

  • Venue:
  • Proceedings of the 28th international conference on Software engineering
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

Most risk analysis tools and techniques require the user to enter a good deal of information before they can provide useful diagnoses. In this paper, we describe an approach to enable the user to obtain a COTS glue code integration risk analysis with no inputs other than the set of glue code cost drivers the user submits to get a glue code integration effort estimate with the COnstructive COTS integration cost estimation (COCOTS) tool. The risk assessment approach is built on a knowledge base with 24 risk identification rules and a 3-level risk probability weighting scheme obtained from an expert Delphi analysis. Each risk rule is defined as one critical combination of two COCOTS cost drivers that may cause certain undesired outcome if they are both rated at their worst case ratings. The 3-level nonlinear risk weighting scheme represents the relative probability of risk occurring with respect to the individual cost driver ratings from the input. Further, to determine the relative risk impact, we use the productivity range of each cost driver in the risky combination to reflect the cost consequence of risk occurring. We also develop a prototype called COCOTS Risk Analyzer to automate our risk assessment method. The evaluation of our approach shows that it has done an effective job of estimating the relative risk levels of both small USC e-services and large industry COTS-based applications.