Modelling Risks in Open Source Software Component Selection

Adopting Open Source Software (OSS) components is a decision that offers many potential advantages – such as cost effectiveness and reputation – but even introduces a potentially high number of risks, which span from the inability of the OSS community to continue the development over time, to a poor quality of code. Differently from commercial off-the-shelf components, to assess risk in OSS component adoption, we can rely on the public availability of measurable information about the component code and the developing communities. In the present paper, we present a risk evaluation technique that uses conceptual modelling to assess OSS component adoption risks. We root it in the existing literature on OSS risk assessment and validate it by means of our industrial partners.

[1]  S. B. Atienza-Samols,et al.  With Contributions by , 1978 .

[2]  John Mylopoulos,et al.  Capturing Variability of Law with Nómos 2 , 2012, ER.

[3]  David G. Messerschmitt,et al.  Software Ecosystem: Understanding an Indispensable Technology and Industry , 2003 .

[4]  Nicola Guarino,et al.  Sweetening WORDNET with DOLCE , 2003, AI Mag..

[5]  John Mylopoulos,et al.  Formal Reasoning Techniques for Goal Models , 2003, J. Data Semant..

[6]  Eric Yu,et al.  Modeling Strategic Relationships for Process Reengineering , 1995, Social Modeling for Requirements Engineering.

[7]  John Mylopoulos,et al.  Goal-driven risk assessment in requirements engineering , 2011, Requirements Engineering.

[8]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[9]  Ketil Stølen,et al.  Model-Driven Risk Analysis - The CORAS Approach , 2010 .

[10]  John Mylopoulos,et al.  Reasoning with Goal Models , 2002, ER.

[11]  Ron S. Kenett,et al.  Modern Industrial Statistics: with applications in R, MINITAB and JMP , 2014 .

[12]  Axel van Lamsweerde,et al.  Assessing requirements-related risks through probabilistic goals and obstacles , 2013, Requirements Engineering.

[13]  Nils J. Nilsson,et al.  Problem-solving methods in artificial intelligence , 1971, McGraw-Hill computer science series.

[14]  John Mylopoulos,et al.  Reasoning with Key Performance Indicators , 2011, PoEM.

[15]  Colette Rolland,et al.  Enterprise knowledge development: the process view , 1999, Inf. Manag..