Risk management models in software engineering

With the tremendous growth in the complexity of software development in the last 10–15 years, the management of risks in software engineering activities is becoming an important and non-trivial issue from three perspectives: project, process and product. Therefore, researchers and practitioners are continually trying to find effective risk management approaches. In this paper, we briefly discuss the principles of risk management in software engineering, review some of the process models popular in the software engineering community, and finally discuss some of the important works conducted recently in this area in the last five years. While writing the paper, we have focused mostly on project, and process-based risks and not on product risks.

[1]  Julio Cesar Sampaio do Prado Leite,et al.  On Non-Functional Requirements in Software Engineering , 2009, Conceptual Modeling: Foundations and Applications.

[2]  Eric K. Clemons,et al.  Software risk assessment , 1899 .

[3]  Barry W. Boehm,et al.  Theory-W Software Project Management: Principles and Examples , 1989, IEEE Trans. Software Eng..

[4]  L. Darrell Whitley,et al.  Using neural networks in reliability prediction , 1992, IEEE Software.

[5]  Geoffrey G. Roy,et al.  A risk management framework for software engineering practice , 2004, 2004 Australian Software Engineering Conference. Proceedings..

[6]  Chris Ford,et al.  Non-Functional Requirements , 2007 .

[7]  Yacov Y. Haimes,et al.  Software Risk Management , 1996 .

[8]  Barry Boehm,et al.  A collaborative spiral software process model based on Theory W , 1994, Proceedings of the Third International Conference on the Software Process. Applying the Software Process.

[9]  D. Bernoulli Exposition of a New Theory on the Measurement of Risk , 1954 .

[10]  Amrit Tiwana,et al.  The one-minute risk assessment tool , 2004, CACM.

[11]  Sandra G. Behrens,et al.  Software risk evaluation (SRE) method description (version 2.0) , 1999 .

[12]  Arie van Deursen,et al.  Source-based software risk assessment , 2003, International Conference on Software Maintenance, 2003. ICSM 2003. Proceedings..

[13]  Vinod Kumar,et al.  An Approach for Modeling Information Systems Security Risk Assessment , 2005, WOSIS.

[14]  A. Tversky,et al.  On the psychology of prediction , 1973 .

[15]  John McManus Risk Management in Software Development Projects , 2003 .

[16]  Victor R. Basili,et al.  The Experience Factory and its Relationship to Other Improvement Paradigms , 1993, ESEC.

[17]  Vinod Kumar,et al.  Modeling Strategic Actor Relationships to Support Risk Analysis and Control in Software Projects , 2005, ICEIS.

[18]  Taghi M. Khoshgoftaar,et al.  A neural network approach for early detection of program modules having high risk in the maintenance phase , 1995, J. Syst. Softw..

[19]  Barry W. Boehm,et al.  Theory-W software project management: a case study , 1988, Proceedings. [1989] 11th International Conference on Software Engineering.

[20]  D. Read Judgment and Choice , 2005 .

[21]  Elaine M. Hall,et al.  Managing Risk: Methods for Software Systems Development , 1998 .

[22]  Barry W. Boehm,et al.  A spiral model of software development and enhancement , 1986, Computer.

[23]  John D. Musa,et al.  Software Reliability Engineering , 1998 .

[24]  B. Boehm Software risk management: principles and practices , 1991, IEEE Software.

[25]  John D. Musa,et al.  Software reliability engineering : more reliable software, faster development and testing , 1999 .

[26]  Barry W. Boehm,et al.  Using the WinWin Spiral Model: A Case Study , 1998, Computer.

[27]  Dale Karolak,et al.  Software engineering risk management , 1995 .

[28]  Jyrki Kontio,et al.  Software engineering risk management : a method, improvement framework, and empirical evaluation , 2001 .

[29]  H. Simon Rational Decision Making in Business Organizations , 1978 .

[30]  Say Wei Foo,et al.  Software risk assessment model , 2000, Proceedings of the 2000 IEEE International Conference on Management of Innovation and Technology. ICMIT 2000. 'Management in the 21st Century' (Cat. No.00EX457).

[31]  A. Tversky,et al.  Judgment under Uncertainty: Heuristics and Biases , 1974, Science.