The RISCOSS Platform for Risk Management in Open Source Software Adoption

Managing risks related to OSS adoption is a must for organizations that need to smoothly integrate OSS-related practices in their development processes. Adequate tool support may pave the road to effective risk management and ensure the sustainability of such activity. In this paper, we present the RISCOSS platform for managing risks in OSS adoption. RISCOSS builds upon a highly configurable data model that allows customization to several types of scopes. It implements two different working modes: exploration, where the impact of decisions may be assessed before making them; and continuous assessment, where risk variables (and their possible consequences on business goals) are continuously monitored and reported to decision-makers. The blackboard-oriented architecture of the platform defines several interfaces for the identified techniques, allowing new techniques to be plugged in.

[1]  Martin Höst,et al.  OSS Integration Issues and Community Support: An Integrator Perspective , 2012, OSS.

[2]  Daniela Cruzes,et al.  Risks and Risk Mitigation in Open Source Software Adoption: Bridging the Gap between Literature and Practice , 2010, OSS.

[3]  Ron S. Kenett,et al.  Modern Industrial Statistics: with applications in R, MINITAB and JMP , 2014 .

[4]  Sandro Morasca,et al.  Predicting OSS trustworthiness on the basis of elementary code assessment , 2010, ESEM '10.

[5]  Audris Mockus,et al.  Towards building a universal defect prediction model , 2014, MSR 2014.

[6]  John Noll,et al.  A Qualitative Method for Mining Open Source Software Repositories , 2012, OSS.

[7]  Michael Joner Modern Industrial Statistics: With Applications in R, MINITAB, and JMP, 2nd edition , 2014 .

[8]  Georgios Gousios,et al.  The GHTorent dataset and tool suite , 2013, 2013 10th Working Conference on Mining Software Repositories (MSR).

[9]  Eric Yu,et al.  Modeling Strategic Relationships for Process Reengineering , 1995, Social Modeling for Requirements Engineering.

[10]  Thomas Brendan Murphy,et al.  Review of statistical network analysis: models, algorithms, and software , 2012, Stat. Anal. Data Min..

[11]  Wolfgang Faber,et al.  The DLV system for knowledge representation and reasoning , 2002, TOCL.

[12]  Michele Lanza,et al.  An extensive comparison of bug prediction approaches , 2010, 2010 7th IEEE Working Conference on Mining Software Repositories (MSR 2010).

[13]  Chintan Amrit,et al.  How Healthy Is My Project? Open Source Project Attributes as Indicators of Success , 2013, OSS.

[14]  Marco Torchiano,et al.  A State-of-the-Practice Survey of Risk Management in Development with Off-the-Shelf Software Components , 2008, IEEE Transactions on Software Engineering.

[15]  Alberto Sillitti,et al.  Comparing OpenBRR, QSOS, and OMM Assessment Models , 2010, OSS.

[16]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[17]  Ketil Stølen,et al.  ValidKI: A Method for Designing Key Indicators to Monitor the Fulfillment of Business Objectives , 2011 .

[18]  Nils J. Nilsson,et al.  Problem-solving methods in artificial intelligence , 1971, McGraw-Hill computer science series.

[19]  Tim Menzies,et al.  Better cross company defect prediction , 2013, 2013 10th Working Conference on Mining Software Repositories (MSR).

[20]  Xavier Franch,et al.  Managing Risk in Open Source Software Adoption , 2018, ICSOFT.

[21]  Jonas Gamalielsson,et al.  The Nagios Community: An Extended Quantitative Analysis , 2010, OSS.

[22]  S. B. Atienza-Samols,et al.  With Contributions by , 1978 .