Risk Management in the Trustworthy Software Process: A Novel Risk and Trustworthiness Measurement Model Framework

The growing demands for the trustworthiness of software pose an unprecedented challenge to software industry. An integrated trustworthy software process model is proposed to help improve software process risk management towards trustworthy software, which contains risk management, development process management and deliverables monitoring. Furthermore, based on this process model, a model framework including process risk metrics and trustworthiness metrics is presented. Great efforts have been put to the software trustworthiness measurement model. Simulation cases are then analyzed by this model framework, and some results about process risk and trustworthiness are discussed.

[1]  Paul L. Bannerman,et al.  Risk and risk management in software projects: A reassessment , 2008, J. Syst. Softw..

[2]  Robin A. Gandhi,et al.  Establishing trustworthiness in services of the critical infrastructure through certification and accreditation , 2005, ACM SIGSOFT Softw. Eng. Notes.

[3]  B. Boehm Software risk management: principles and practices , 1991, IEEE Software.

[4]  John McLean Trustworthy Software: Why we need it, Why we don't have it, How we can get it , 2006, COMPSAC.

[5]  Mark Keil,et al.  Software project risks and their effect on outcomes , 2004, CACM.

[6]  Carol Alexander,et al.  The Professional risk Managers' Handbook:A Comprehensive Guide to Current Theory and Best Practices , 2005 .

[7]  Sun-Jen Huang,et al.  An empirical analysis of risk components and performance on software projects , 2007, J. Syst. Softw..

[8]  K. Saleh,et al.  The Security Requirements Behavior Model for Trustworthy Software , 2008, 2008 International MCETECH Conference on e-Technologies (mcetech 2008).

[9]  Robin A. Gandhi,et al.  Establishing trustworthiness in services of the critical infrastructure through certification and accreditation , 2005, ACM SIGSOFT Softw. Eng. Notes.

[10]  Zheng Yan,et al.  An Adaptive Trust Control Model for a Trustworthy Component Software Platform , 2007, ATC.

[11]  Miroslaw Staron,et al.  A framework for developing measurement systems and its industrial evaluation , 2009, Inf. Softw. Technol..

[12]  Larry Bernstein Trustworthy software systems , 2005, SOEN.

[13]  Sajjad Mahmood,et al.  A survey of component based system quality assurance and assessment , 2005, Inf. Softw. Technol..

[14]  Heinz W. Schmidt,et al.  Trustworthy components - compositionality and prediction , 2003, J. Syst. Softw..

[15]  Wilhelm Hasselbring,et al.  Toward trustworthy software systems , 2006, Computer.