Risk Evaluation in Software Project Using Bayesian Network Modeling
DOI:
https://doi.org/10.33448/rsd-v9i11.10116Keywords:
Software Project; Risk analysis; Bayesian modeling; Noisy-OR.Abstract
Project risk events are often influenced by each other and rarely act independently. In this context, effective methods to identify, model and analyze these risks are necessary. The objective of this article is to apply the risk analysis in a software development project, based on the model of the Software Engineering Institute (SEI), using the Bayes model to calculate the event probabilities and also the Noisy-OR calculation structure to assign the initial weights of the network of factors that influence the project. In this way, it is expected to increase the chances of success of the risk analysis process. The results obtained by the techniques adopted prove to be promising in assisting the process of decision making by the managers of software development projects.
References
Agrawal, R., Singh, D., & Sharma, A. (2016). Prioritizing and optimizing risk factors in agile software development. In: 2016 Ninth international Conference on Contemporary Computing (IC3). doi:10.1109/IC3.2016.7880232
Alberts, C., & Dorofee, A. A. (2009). Framework for Categorizing Key Drivers of Risk. Software Engineering Institute (CMU/SEI-2009-TR-007), Carnegie Mellon University, Pittsburgh. Recuperado de: https://resources.sei.cmu.edu/asset_files/TechnicalReport/2009.
Albuquerque, M. A. de, Lucena, S. L. L. de, & Barros, K. N. N. de O. (2020). Comparison of classic and Bayesian model for data on perinatal deaths at ISEA, Campina Grande-PB. Research, Society and Development, 9(8), e464985477. Doi:10.33448/rsd-v9i8.5477
Badurdeen, F., Shuaib, M., Wijekoon. K., Brown, A., Faulkne, W., Amundson, J., Jawahir, I. S., Goldsby, T. J., Iyengar, D., & Boden, B. (2014). Quantitative modeling and analysis of supply chain risks using bayesian theory. Journal of Manufacturing Technology Management, 25(5), 631-654. Doi:10.1108/JMTM-10-2012-0097
Bernardo, J. M., & Smith, A. F. M. (2000). Bayesian theory. John Wiley & Sons, Ltd. ISBN 0471924164.
Bista, R., & Dongol, D. A. (2015). Model for software risk management. Technia - International Journal of Computing Science and Communication Technologies, 7(2), 1028-1035. ISSN:0974-3375.
Boehm, B. W. (1991). Software risk management: Principles and practices. Journals & Magazines, IEEE Software, 8(1), 32-41. Recuperado de: https://ieeexplore.ieee.org/document/62930.
Cao, W., & Zhang, X. (2016). Supply chain risk assessment based on support vector machine. Revista Ibérica de Sistemas e Tecnologias de Informação (RISTI), E5, 310-322. ISSN:1646-9895.
Chevers, D. A., & Grant, G. (2017). Developer's views on information systems quality and success in canadian software development firms. Journal of Information Systems and Technology Management: JISTEM, 14(1), 3-20. doi:10.4301/S1807-17752017000100001
Chin, K-S., Tang, D-W., Yang, J-B., Wong, S. Y., & Wang, H. (2009). Assessing New Product Development Project Risk by Bayesian Network with a Systematic Probability Generation Methodology. Expert Systems with Applications, 36(6), 9879–9890. doi:10.1016/j.eswa.2009.02.019
Danciulescu, A. (2014). Risk management an important tool in ict sme's in Romania. Journal of Information Systems & Operations Management, p. 1-13. Recuperado de: https://www.academia.edu/9042447.
Dutra, E., & Santos, G. (2014). Risks in initiatives to improve software processes: an investigation in the Brazilian context. In: XII Workshop on Thesis and Dissertation in Software Quality, 59-64. Recuperado de: sbqs.sbc.org.br/2014.
Fenton, N. E., Noguchi, T., & Neil, M. (2019). An Extension to the Noisy-OR Function to Resolve the 'Explaining Away' Deficiency for Practical Bayesian Network Problems. IEEE transactions on knowledge and data engineering, 31(1), 2441-2445, 2019. Recuperado de: https://www.ieeexplore.ieee.org/document/8607084.
Firdose, S., & Rao, L. M. (2016). 3LRM-3 Layer risk mitigation modelling of ICT software development projects. International Journal of Electrical and Computer Engineering (IJECE), 6(1), 349-356. doi:10.1159/ijece.v6i1.9026
Firdose, S., & Rao, L. M. (2018). PORM: Predictive optimization of risk management to control uncertainty problems in software engineering. International Journal of Electrical and Computer Engineering (IJECE), 8(6), 4735-4744. doi:10.1159/ijece.v8i6.pp4735-4744
Herrmann, J. W. (2015). Engineering decision making and risk management. New Jersey: John Wiley & Sons, Ltd. ISBN: 978-1-118-91933-0.
Herteliu, E., & Despa, M. L. (2014). Risk management in citizen oriented innovative software development projects. Journal of Information Systems & Operations Management, 8, 1-18.
HM Treasury. (2004). The Orange Book, Management of Risk - Principles and Concepts. UK, London: HM Treasury. Recuperado de: https://erm.ncsu.edu/library/article/orange-book-principles.
Hussain, A., Mkpojiogu, E., & Kamal, F. M. (2016). The role of requirements in the success or failure of software projects. International Review of Management and Marketing, 6(2016), 306-311. Recuperado de: http://www.econjournal.com
Iamandi, O., Popescu, S., Dragomir, M., & Morariu, C. (2015). A critical analysis of project management models and its potential risks in software development. Calitatea, 16(149), 55-61.
Islam, S., Mouratidis, H., & Weippi, E. (2014). An empirical study on the implementation and evaluation of a goal driven software development risk management model. Information and Software Technology. 56(2), 117-133. doi:10.1016/j.infsof.2013.06.003
ISO/IEC. (2009). International standards organization standard on risk management. ISO 31000: Risk Management – Risk Assessment Techniques. Recuperado de: https://www.iso.org/iso-31000-risk-management.html.
Janjua, U. I., Jaafar, J., & Lai, F. W. (2016). Expert's opinions on software project effective risk management. In: IEEE Software 2016 3rd International Conference on Computer and Information Sciences (ICCOINS). Recuperado de: https://ieeexplore.ieee.org.
Jenko, A., & Roblek, M. (2016). A primary human critical success factors model for the ERP system implementation. Organizacija, 49(3), 145-160. doi:10.1515/orga-2016-0014
Jiang, R. (2015). A novel risk metric for staff turnover in a software project based on information entropy. Entropy, 17(5), 2834-2852. doi:10.3390/e17052834
Khan, A. A., Keung, J., Niazi, M., Hussain, S., & Ahmad, A. (2017). Systematic literature review and empirical investigation of barriers to process improvement in global software development: Client–vendor perspective. Information and Software Technology, 87, 180-205. doi:10.1016/j.infso.2017.03.006
Kumar, C., & Yadav, D. K. (2015). A probabilistic software risk assessment and estimation model for software projects. In: Procedia Computer Science: Eleventh International Multi-Conference on Information Processing-2015, 54, 353-361. doi:10.1016/j.procs.2015.06.041
Kumar, M., Latha, P., & Praynlin, E. (2014). Software effort estimation using genetic algorithm. International Journal on Information Sciences and Computing, 8(1), 9-16. doi:10.18000/ijisac.50142
Kutsch, E., Denyer, D., Hall, M., & Lee-kelley, E. (2013). Does risk matter? disengagement from risk management practices in information systems projects. European Journal of Information Systems, 22, 637-649. doi:10.1057/ejis.2012.6
Leopoldino, C. B., & Borenstein, D. (2011). Componentes de risco para a gestão de projetos de software. READ - Revista Eletrônica de Administração (online), setembro-dezembro. doi:10.1590/S1413-23112011000300003
Li, X., Jiang, Q., Hsu, M. K., & Chen, Q. (2019). Support or risk? Software project risk assessment model based on rough set theory and backpropagation neural network. Sustainability. 11, 1-12. Doi:10.3390/su11174513
Librantz, A. F. H., Santos, F. C. R., Dias, C. G., Cunha, A. C. A., Costa, I., & Spinola M. M. (2016). AHP modelling and sensitivity analysis for evaluating the criticality of software programs. In: Advances in Production Management Systems. Initiatives for a Sustainable World. APMS 2016, IFIP Advances in Information and Communication Technology, Springer, Cham, 488. doi:10.1007/978-3-319-51133-7_30
Librantz, A. F. H., Costa, I., Spinola, M. M., Oliveira Neto, G., & Zerbinati, L. (2020). Risk assessment in software supply chains using the Bayesian method. International Journal of Production Research. doi: 10.1080/00207543.2020.1825860
Liu, J. Y., Yang, M., Klein, G., & Chen, H. (2013). Reducing user-related risks with user-developer partnering. Journal of Computer Information Systems, 54(1), 66-74. doi:10.1080/08874417.2013.11645672
Martins, M. R.; Maturana, M. C. (2013). Application of Bayesian Belief network to the human reliability analysis of na oil tanker operation focusing on collision accidents. Reliability Engineering & System Safety, 110, 89-109. doi:10.1016/j.ress.2012.09.008
Nasar, M., Johri, P., & Chanda, U. (2014). Software testing resource allocation and release time problem. International Journal of Modern Education and Computer Science, 6(2), 48-55. doi: 10.5815/ijmecs.2014.02.07
Norsys. (2017). Netica for MS Windows. Norsys Software Corporation. Recuperado de: https://www.norsys.com/download.html.
Organ, J., & Stapleton, L. (2016). Technologist engagement with risk management practices during systems development? approaches, effectiveness and challenges. AI & Society, 31(3), 347-359. doi:10.1007/s00146-015-0597-4
Pearl, J. (1998). Probabilistic reasoning in intelligent systems: Networks of plausible inference. Palo Alto, Morgan Kaufmann Publishers.
Penha, R., Kniess, C. T., Bergman, D. R., & Biancolino, C. A. (2014). Emprego de técnicas de gerenciamento de riscos técnicos em uma empresa de desenvolvimento de softwares. Revista Gestão & Tecnologia. jan-abr, 14(1), 151-173. Recuperado de: http://repositorio.uninove.br/xmlui/bitstream/handle/123456789/365/287-528-1-RV.pdf?sequence=1.
Perreault, L., Strasser S., Thornton M., & Sheppard, J. W. (2016). A Noisy-OR model for continuous time Bayesian networks. In: Proceedings of the Twenty-Ninth International – Florida Artificial Intelligence Research Society Conference, 668-673. Recuperado de: https://www.cs.montana.edu/sheppard/pubs/flairs-2016.pdf
Persson, S., & Schlichter, B. R. (2015). Managing risk areas in software development offshoring:A CMMI Level 5 Case. Journal of Information Technology Theory and Application, 16(1), 5-24. Recuperado de: https://aisel.aisnet.org/jitta/vol16/iss1/2.
Qu, Y., & Wang. H. (2015). Analysis on chaotic characteristics of software project risk system. International Journal of Security and Its Applications, 9(2), 49-60. doi:10.14257/ijsia.2015.9.2.06
Qu, Y., & Yang, T. (2016). Research on occurrence frequency of IT projects risk based on fuzzy influence diagram. In: The Institute of Electrical and Electronics Engineers, Inc. (ICMLC) - Conference Proceedings. Piscataway, 166-171. doi: 10.1109/ICMLC.2016.7860895
Rana, R., Staron, M., Berger, C., Hansson, J., Nilsson, M., & Meding, W. (2016). Analyzing defect inflow distribution and applying bayesian inference method for software defect prediction in large software projects. Journal of Systems and Software, 117, 229-244. doi: 10.1016/j.jss.2016.02.015
Reed, A. H., & Knight, L. V. (2013). Project duration and risk factors on virtual projects. The Journal of Computer Information Systems, 54(1), 75-83. Doi:10.1080/08874417.2013.11645673
Rodriguez, A., Ortega, F., & Concepcion, R. (2016). A method for the evaluation of risk in IT projects. Expert Systems with Applications, 45, 273-285. doi:10.1016/j.eswa.2015.09.056
Sareen, S., Sood, S. K., & Gupta, S. K. (2017). Secure internet of things-based cloud framework to control zika virus outbreak. International Journal of Technology Assessment in Health Care. 33. doi:10.1017/S0266462317000113
Sarigiannidis, L., & Chatzoglou, P. D. (2014). Quality vs risk: An investigation of their relationship in software development projects. International Journal of Project Management, 32(6), 1073-1082. doi:10.1016/j.ijproman.2013.11.001
Shankari, H. K., & Thirumalaiselvi, R. (2014). Guidelines to improve software engineering process using artificial intelligence techniques. I-Manager's Journal on Software Engineering, 8(4), 33-43. doi:10.26634/jse.8.4.3050
Shao, Z., Feng, Y., & Hu, Q. (2016). Effectiveness of top management support in enterprise systems success: a contingency perspective of fit between leadership style and system life cycle. European Journal of Information Systems. 25(2), 131-153. doi: 10.1057/ejis.2015.6
Sharma, A., Basora, D., Chhillar, N., & Yadav, D. (2013). A comprehensive study of software risk management. International Journal of Advanced Research in Computer Science, 4(10), 61-67. Recuperado de: www.ijarcs.info.
Song, H., & Jiang, J. (2016). Risks identification in embedded software development: evidence from MVBC project survey. Procedia Computer Science, 91, 798-806. doi:10.1016/j.procs.2016.07.082
Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2014). Case study on risk management practice in large offshore-outsourced agile software projects. IET Software, 8(6), 245-257. doi:10.1049/iet-sen.2013.0190
Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2019). Variation of risk profile across software life cycle in IS outsourcing. Software Quality Journal, 27, 1563-1582. doi: 10.1007/s11219-019-09451-8
Wanderley, M., Menezes, J., Gusmão, C., & Lima, F. Proposal of risk management metrics for multiple project software development. Procedia Computer Science, 64, 1001-1009. doi:10.1016/j.procs.2015.08.619
Wu, D., Dai, Q., & Zhu, X. (2016). Measuring the Effect of Project Risks Based on Shapley Value for Project Risk Response. Procedia Computer Science: Information Technology and Quantitative Management (ITQM-2016), 91, 774-778. doi:10.1016/j.procs.2016.07.076
Ye, Y., Jankovic, M., Kremer, G. E., & Bocquet, J. C. (2014). Managing uncertainty in potential supplier identification. Artificial Intelligence for Engineering Design, Analysis and Manufacturing, 28, 339-351. doi:10.1017/S0890060414000511
Ykhlef, M., & Algawiaz, D. (2014). A new strategic risk reduction. In: IEEE Software 5th International Conference on Computer Science and Information Technology (CSIT), 179-183. Doi:10.1080/18756891.2014.960236
Zagorecki, A.; Druzdzel, M. (2013). Knowledge Engineering for Bayesian Networks: How Common Are Noisy-MAX Distributions in Practice? IEEE transactions on systems man cybernetics-systems. 43(1), 186-195. Recuperado de: https://www.pitt.edu/~druz dzel/ftp/zagorecki13.pdf.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2020 Adalberto Ramos Cassia; André Felipe Librantz; Ivanir Costa; Mauro de Mesquita Spinola; Erika Midori Kinjo
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the following terms:
1) Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2) Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3) Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
