WANG Xueli,ZHANG Xuan,LI Tong,WANG Xu

DOI: https://doi.org/10.3778/j.issn.1002-8331.1411-0012

2016-01-01

Abstract:Risk management has been becoming an important component of the high-quality software development pro-cess. As a powerful tool of risk management, Bayesian networks are the effective method for handling the uncertainties. As one of the important activities of risk management, risk assessment is the prerequisite of risk control. Combined with the Bayesian networks and fuzzy theory, this paper proposes a method for risk assessment. First of all, it uses Bayesian networks to assess the risk probability of the risk factors which are affecting trustworthy software, then uses fuzzy compre-hensive evaluation method to evaluate the comprehensive effects of risks. This method is used to assess risks in the soft-ware project which can provide new strategies for developing high-quality trustworthy software.

Jing-chang WANG,Gen-cai CHEN

DOI: https://doi.org/10.3969/j.issn.1671-7147.2005.02.008

2005-01-01

Abstract:There are a lot of risks in the software developing process. To control the risk, the sorts of risk are defined from the software development and project management. The paper presents four main parts of risk identification and risk analysis. The risks during software development process and possible solutions are analyzed while the risk quantity method, parameter model and experience data are presented. According to these risk identification methods and every phase situation of software development, the strategy of risk control is proposed. About eighty percent risk can be identified and controlled in the statistic application.

Wang Fan,Yang Xiaohu,Zhu Xiaochun,Chen Lu

DOI: https://doi.org/10.1109/tencon.2009.5395821

2009-01-01

Abstract:Most of projects' cost exceeds 10% of yearly corporations' turnover, a major factor contributing to this loss is the overrun cost of software testing. A lot of events during software Quality Assurance(QA) cycles, the main execution part of testing process, lead the loss. Therefore, there is a great potential benefit to find a way to predict the loss when the risk events arise or when we know they will happen during the QA cycles. In this paper, a model is proposed to solve the above problem via Bayesian Belief Network (BBN), in this model, five independent factors, which may lead the loss in software testing, are extracted by exploring the historical documents and questionnaires back from QA managers, and they are used to classify the loss of the QA effort, and predict the probability distribution of the loss, the mean of the distribution is defined as the predicated loss. The model is proved effective according to the data collected from 45 delayed QA cycles.

唐爱国,王如龙,胡春华

DOI: https://doi.org/10.3778/j.issn.1002-8331.2010.07.019

2010-01-01

Abstract:In the early phase of software project life cycle or the research and development process of innovative project,the available case data are few or incomplete,and project risk mainly experiences the subjective assessment of experts which brings great difficulties for the objective measure of risk.A software project risk assessment method based on Bayesian network is provided,which is not only capable of measuring the risk equivalent of the risk impact,but also able to measure out the combined effect of a variety of risks on the consequences of a certain risk or an individual risk on the overall consequences,thus increasing the prediction and response capabilities of the software project risk,and thus providing a new way that can effectively reduce the risk probability and improve the success rate of software development.

Feng Nan,Li Minqiang,Xie Jing,Fang Deying

DOI: https://doi.org/10.1109/AMIGE.2008.ECP.16

2009-01-01

Abstract:In this paper, a data-driven model based on Bayesian Networks (BNs) is presented for the risk analysis of software development. The modeling process consists of three phases: BN initialization, conflict analysis, and risk monitoring and analysis. Using new project data obtained from the process of software development, the model can continually estimate risk probability, identify the sources of risk, and perform model revision. The significance of the work is that the model provides more objective and visible support for risk analysis in software development. © 2008 IEEE.

FENG Nan,LI Minqiang,KOU Jisong,FANG Deying

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.07.015

2007-01-01

Abstract:A software project risk management model based on Bayesian networks is presented.Using new project data obtained from the process of software development,it can continually predict risks,identify sources of risks,and take proper measure to reduce risk occurrence probability.Practice proves that the model is able to manage risks,and improve the success rate of software development.

Yong Hu,Juhua Chen,Jiaxing Huang,Jinghua Xiao,Kang Xie,Junbiao Tang

2007-01-01

Abstract:Uncertainty during the period of software project development will bring huge risks to contractors and clients. If we can establish an effective model to predict the cost and quality of software projects based on facts such as the project character and two-side cooperating capability at the beginning of the project, the risks may be mitigated. Bayesian Belief Network (BBN) is a good method for analyzing uncertain consequences, but it is difficult to produce precise network structure and conditional probability table. In this paper, we built up network structure by Delphi method for conditional probability table learning, and learn to update probability table and nodes' confidence levels continuously according to the application cases. This gives the evaluation network its learning abilities, and the software development risk of organization can be evaluated more accurately. In addition, we introduced EM algorithm to enhance the ability in producing hidden nodes caused by variant software projects.

FENG Nan,LI Min-qiang,KOU Ji-song,FANG De-ying

DOI: https://doi.org/10.3321/j.issn:1002-8331.2007.21.001

2007-01-01

Computer Engineering and Applications Journal

Abstract:An improved risk management model in software project development is presented in this paper.In the process of Bayesian Networks(BNs) modeling,the model utilities structure learning and parameter learning based on the sample data for building the BNs in accord with the feature of software project.In addition,the flow of risk management in software project development is adjusted and dynamic risk management of software project is realized using BNs belief update.Practice proves that the improved model can effectively accomplish the work of risk management in software project development.

Tabrez Khan,Mohd. Faisal

DOI: https://doi.org/10.1007/s41870-023-01244-4

2023-04-22

International Journal of Information Technology

Abstract:The primary purpose of a software risk assessment is to predict risks and vulnerabilities that may exist in each phase of the software development life cycle (SDLC). Risk factors have a significant impact on the timeline, budget, and quality of software development. It's very important to know and understand the risks before they can be effectively managed. Researchers have developed several tools to manage the risk that help reduce the number of failed software projects and increase the number of successful software projects. This study aims to ascertain which risks are important and how often they happen, and to explore and reveal the situations where the risks could lead to software failure in the design phase. We are developing a model that can predict risks during the design process so that we can find the risk factors that lead to risks in software development. These risks have been analyzed, classified, and incorporated into Risk Prediction Trees (RPTs). Bayesian network (BN) techniques have been used to propose a model for estimating the probability of risk during the software design phase. The Bayesian network approach is used because the data can be obtained from software that has already been used. It has the flexibility to predict risk in real-time. And it has the best risk prediction rates when it comes to potential risk factors. The outcome of this study shows that, compared to other standard machine-learning approaches, BN can be used to predict possible risks in the early software design phase.

唐爱国,王如龙

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.22.031

2008-01-01

Abstract:Focusing on the software project faced with failure risk problem,one kind of new software project risk assessment model is presented, it uses the Bayesian networks to infer the probability method which the risk occurres,uses the fuzziness language to appraise the risk consequence and the loss method.In particular,through using software project risk assessment model based on Bayesian networks,software enterprise risk management consciousness are reinforced,risk occurrence probability is reduced,and software development success rate is improved.

Zhang Junguang,Guo Lihong,Xu Zhenchao

DOI: https://doi.org/10.2991/isci-15.2015.148

2015-01-01

Abstract:Traditional Bayesian network (BN) can only have static analysis which could not reflect the impact of time factors on project risk adequately. For this reason, a software project risk probability assessment model based on dynamic Bayesian network (DBN) is proposed, which combines time series theory and Bayesian theory together to express the risk factor status change relationship between different time segments through probability and directed acyclic graph. Moreover, in the case of lack of sample data, using Leaky Noisy-or gate model to calculate the conditional probability of the nodes will come to a more objective evaluation result. Compared with the assessment results of static Bayesian network (SBN), dynamic Bayesian assessment model improves the accuracy of risk probability assessment of software projects, and provides a more scientific basis for risk control.

Quyet-Thang Huynh,Ngoc-Tuan Nguyen

DOI: https://doi.org/10.4018/ijitpm.2020070105

2020-07-01

International Journal of Information Technology Project Management

Abstract:Project management and project scheduling are crucial to help development teams keep track of timing as well as resource allocation. In order to manage software projects, project managers need to anticipate, analyze the risk factors that may occur as well as their impacts on the progress of the project, and assess and adapt the project resource allocation. This paper concentrates on a quantitative approach for risk analysis in software project scheduling by taking advantage of Bayesian networks capacity (including related mathematical calculations) in modeling and assessing uncertainty and incorporates them in software project scheduling with program evaluation and review technique (PERT). Common risk factors in project scheduling are also examined, and a Bayesian networks model of 19 common risk factors and their causal relationships is proposed and confirmed. The research also borrows and implements categories and levels of risk from construction projects into software projects. A tool was built to experiment and validate the proposed model.

Xue Yang,Yawei Zhu,Tao Zhou,Sheng Xu,Wenjun Zhang,Xiangyu Zhou,Xiangkun Meng

DOI: https://doi.org/10.3390/jmse12010004

IF: 2.744

2024-01-01

Journal of Marine Science and Engineering

Abstract:The autonomous shipping industry is increasingly focusing on enhancing the safety and reliability of software-based systems. Conducting a risk assessment is a requirement for demonstrating the safety equivalence of autonomous ships based on such systems to conventional vessels. Traditional risk assessment models, however, primarily focus on hardware failures, often overlooking potential software-related failures and functional inadequacies. This study proposes a framework integrating Software Failure Mode and Effects Analysis (FMEA), System–Theoretic Process Analysis (STPA), and Bayesian Network (BN) for risk identification of autonomous ship software systems. The results of a case study reveal that the framework sufficiently addresses the multifaceted nature of risks related to software in autonomous ships. Based on the findings of this study, we suggest the need for standardization of software architecture development in the autonomous ship industry and highlight the necessity for an enhanced understanding of AI-specific risks and the development of tailored risk assessment methodologies.

Zhihong Xu,Xin Zheng,Ping Guo

DOI: https://doi.org/10.1109/isda.2006.139

2006-01-01

Abstract:The software systems which are related to national projects are always very crucial. This kind of systems always involves hi-tech factors and has to spend a large amount of money, so the quality and reliability of the software deserve to be further studied. Hence, we propose to apply three classification techniques most used in data mining fields: Bayesian belief networks (BBN), nearest neighbor (NN) and decision tree (DT), to validate the usefulness of software metrics for risk prediction. Results show that comparing with metrics such as Lines of code (LOQ and Cyclomatic complexity (V(G)) which are traditionally used for risk prediction, Halstead program difficulty (D), Number of executable statements (EXEC) and Halstead program volume (V) are the more effective metrics as risk predictors. By analyzing we also found that BBN was more effective than the other two methods in risk prediction

I.A. Costa,M. Spínola,A. H. Librantz,L. Zerbinatti,G. Neto

DOI: https://doi.org/10.1080/00207543.2020.1825860

IF: 9.018

2020-11-02

International Journal of Production Research

Abstract:ABSTRACT In recent years, the software production industry has experienced significant changes largely caused by extensive growth of globalisation, outsourcing, and competitive pressure. With these changes, risks in the software supply chain (SSC) have become a growing concern. Such risks include product tampering during development or delivery, potential compromises in quality and assurance due to software defects, production delays, and increased production costs. In this context, this study is aimed at evaluating the primary risks in the software supply chain using Bayesian belief networks combined with the analytic hierarchy process and noisy-OR (a generalisation of the logical OR) techniques to reduce the number of queries required of a given decision maker. A numerical example was presented to illustrate the application in which software suppliers were ranked according to their level of risk. The results indicated that, by using the proposed model, decision makers would be able to select a low-risk supplier by evaluating the probability of system failure caused by tampering or the introduction of defective code in the software. In addition, the proposed approach contributes to a better understanding of the risk main factors in an SSC and could be used to support managerial decision-making related to software products.

Computer Science,Business

Baoping Cai,Yonghong Liu,Qian Fan,Yunwei Zhang

2013-01-01

International Journal of Control and Automation

Abstract:The work develops a redundant software system for subsea blowout preventers, including control logics, human-machine interface (HMI) programs, remote access and redundant databases inorder to meet the high reliability requirement of subsea drilling. The Bayesian networks (BN) for control logics, HMI programs and redundant databases are built and then the whole BN are established. The quantitative reliability evaluation is performed by using Netica software. Theprobability of software failure is evaluated via forward analysis, and the posterior probability given the failure is evaluated via backward analysis. The mutual information is researched in order to assess the important degree of basic events. The results show that the probabilityof software failure is 0.04%, which can meet the requirement of subsea drilling. The triple common cause failure should be paid more attention in order to improve the software performance.In addition, the control logics have the most important influences on software safety; the HMIprograms have the least important influences; and the redundant databases are in between.

Jianping Li,Minglu Li,Dengsheng Wu,Hao Song

DOI: https://doi.org/10.1016/j.ins.2011.09.040

IF: 8.1

2012-01-01

Information Sciences

Abstract:The growing demand for higher trustworthiness of software poses an unprecedented challenge to the software industry. Risk management is the important part for high quality software development processes. However, under the constraints of project cost and duration, it is very difficult to establish the budget for risk management. To integrate efficient risk management and pure software process is the goal of this paper. We propose a software process model with risk management and cost control modules to help improve software process risk management. Furthermore, based on this process model, a measurement model that includes process risk and software trustworthiness metrics is presented. Through risk management effectiveness calculation methods and risk transfer assumptions, a software process risk optimization model is proposed. This model can be used to derive an optimized risk management scheme for the process of trustworthy software development, with constraints of process cost and duration. Simulation cases are then analyzed by this model framework. The results show that risk management is critical to enhance trustworthiness but risk management is an effective complement, rather than the most fundamental process, to enhance the trustworthiness of software. Software developers should adopt appropriate and optimal strategies about risk management inputs, especially in lower CMMI level companies.

Hao Song,Dengsheng Wu,Minglu Li,Chen Cai

2010-01-01

Abstract:Software risk management is an important approach to obtain trustworthy software. In this paper, entropy was applied to uncover the reasons of chaos and gave the mechanism of risk management in development life cycle. Information entropy was introduced to assess risk uncertainty and a three-dimension risk assessment was obtained through a questionnaire survey. The finding of the study shows the necessity and importance of risk management for enhancing software trustworthiness. Additionally, risk uncertainty is a new assessment of software risks, providing a view of analyzing risk in software development process.

LIU Ting,LI Qian-mu,HOU Jun,ZHANG Hong,LI Lu

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.22.012

2012-01-01

Abstract:This paper proposes a risk evaluation method of software system.By building a Bayesian network,the method analyses the uncertainty contained in the main activities during requirements analysis phase.It determines the sources of risks related to every requirements-risk in the risk list.Then establish a structure-learning algorithm to evaluate the risk effects in order to get the general result of all risks during requirements analysis phase.Simulation result shows that the methods reflect the risk level during the software requirements analysis phase more accurately,list some of the common main requirements risks in the in risks classification,help to carry out the risk management,and enhance the reliability of the software.

蒋国萍,陈英武

DOI: https://doi.org/10.3321/j.issn:1001-506x.2005.02.044

2005-01-01

Abstract:A risk evaluation method based on object-oriented Bayesian network is put forward for evaluating software project risk quantitatively. The object-oriented Bayesian network's topology is constructed by analyzing the causal relation between risk and risk factors, and the probability parameters are determined by experts' judgment and experience. Then the occurrence probability is calculated with probability inference tool. The modeling procedure of risk Bayesian network is presented, and a simple example is given to show the method's application.