Risk Evaluation in Software Project Using Bayesian Network Modeling

Authors

DOI:

https://doi.org/10.33448/rsd-v9i11.10116

Keywords:

Software Project; Risk analysis; Bayesian modeling; Noisy-OR.

Abstract

Project risk events are often influenced by each other and rarely act independently. In this context, effective methods to identify, model and analyze these risks are necessary. The objective of this article is to apply the risk analysis in a software development project, based on the model of the Software Engineering Institute (SEI), using the Bayes model to calculate the event probabilities and also the Noisy-OR calculation structure to assign the initial weights of the network of factors that influence the project. In this way, it is expected to increase the chances of success of the risk analysis process. The results obtained by the techniques adopted prove to be promising in assisting the process of decision making by the managers of software development projects.

References

Agrawal, R., Singh, D., & Sharma, A. (2016). Prioritizing and optimizing risk factors in agile software development. In: 2016 Ninth international Conference on Contemporary Computing (IC3). doi:10.1109/IC3.2016.7880232

Alberts, C., & Dorofee, A. A. (2009). Framework for Categorizing Key Drivers of Risk. Software Engineering Institute (CMU/SEI-2009-TR-007), Carnegie Mellon University, Pittsburgh. Recuperado de: https://resources.sei.cmu.edu/asset_files/TechnicalReport/2009.

Albuquerque, M. A. de, Lucena, S. L. L. de, & Barros, K. N. N. de O. (2020). Comparison of classic and Bayesian model for data on perinatal deaths at ISEA, Campina Grande-PB. Research, Society and Development, 9(8), e464985477. Doi:10.33448/rsd-v9i8.5477

Badurdeen, F., Shuaib, M., Wijekoon. K., Brown, A., Faulkne, W., Amundson, J., Jawahir, I. S., Goldsby, T. J., Iyengar, D., & Boden, B. (2014). Quantitative modeling and analysis of supply chain risks using bayesian theory. Journal of Manufacturing Technology Management, 25(5), 631-654. Doi:10.1108/JMTM-10-2012-0097

Bernardo, J. M., & Smith, A. F. M. (2000). Bayesian theory. John Wiley & Sons, Ltd. ISBN 0471924164.

Bista, R., & Dongol, D. A. (2015). Model for software risk management. Technia - International Journal of Computing Science and Communication Technologies, 7(2), 1028-1035. ISSN:0974-3375.

Boehm, B. W. (1991). Software risk management: Principles and practices. Journals & Magazines, IEEE Software, 8(1), 32-41. Recuperado de: https://ieeexplore.ieee.org/document/62930.

Cao, W., & Zhang, X. (2016). Supply chain risk assessment based on support vector machine. Revista Ibérica de Sistemas e Tecnologias de Informação (RISTI), E5, 310-322. ISSN:1646-9895.

Chevers, D. A., & Grant, G. (2017). Developer's views on information systems quality and success in canadian software development firms. Journal of Information Systems and Technology Management: JISTEM, 14(1), 3-20. doi:10.4301/S1807-17752017000100001

Chin, K-S., Tang, D-W., Yang, J-B., Wong, S. Y., & Wang, H. (2009). Assessing New Product Development Project Risk by Bayesian Network with a Systematic Probability Generation Methodology. Expert Systems with Applications, 36(6), 9879–9890. doi:10.1016/j.eswa.2009.02.019

Danciulescu, A. (2014). Risk management an important tool in ict sme's in Romania. Journal of Information Systems & Operations Management, p. 1-13. Recuperado de: https://www.academia.edu/9042447.

Dutra, E., & Santos, G. (2014). Risks in initiatives to improve software processes: an investigation in the Brazilian context. In: XII Workshop on Thesis and Dissertation in Software Quality, 59-64. Recuperado de: sbqs.sbc.org.br/2014.

Fenton, N. E., Noguchi, T., & Neil, M. (2019). An Extension to the Noisy-OR Function to Resolve the 'Explaining Away' Deficiency for Practical Bayesian Network Problems. IEEE transactions on knowledge and data engineering, 31(‏1), 2441-2445, 2019. Recuperado de: https://www.ieeexplore.ieee.org/document/8607084.

Firdose, S., & Rao, L. M. (2016). 3LRM-3 Layer risk mitigation modelling of ICT software development projects. International Journal of Electrical and Computer Engineering (IJECE), 6(1), 349-356. doi:10.1159/ijece.v6i1.9026

Firdose, S., & Rao, L. M. (2018). PORM: Predictive optimization of risk management to control uncertainty problems in software engineering. International Journal of Electrical and Computer Engineering (IJECE), 8(6), 4735-4744. doi:10.1159/ijece.v8i6.pp4735-4744

Herrmann, J. W. (2015). Engineering decision making and risk management. New Jersey: John Wiley & Sons, Ltd. ISBN: 978-1-118-91933-0.

Herteliu, E., & Despa, M. L. (2014). Risk management in citizen oriented innovative software development projects. Journal of Information Systems & Operations Management, 8, 1-18.

HM Treasury. (2004). The Orange Book, Management of Risk - Principles and Concepts. UK, London: HM Treasury. Recuperado de: https://erm.ncsu.edu/library/article/orange-book-principles.

Hussain, A., Mkpojiogu, E., & Kamal, F. M. (2016). The role of requirements in the success or failure of software projects. International Review of Management and Marketing, 6(2016), 306-311. Recuperado de: http://www.econjournal.com

Iamandi, O., Popescu, S., Dragomir, M., & Morariu, C. (2015). A critical analysis of project management models and its potential risks in software development. Calitatea, 16(149), 55-61.

Islam, S., Mouratidis, H., & Weippi, E. (2014). An empirical study on the implementation and evaluation of a goal driven software development risk management model. Information and Software Technology. 56(2), 117-133. doi:10.1016/j.infsof.2013.06.003

ISO/IEC. (2009). International standards organization standard on risk management. ISO 31000: Risk Management – Risk Assessment Techniques. Recuperado de: https://www.iso.org/iso-31000-risk-management.html.

Janjua, U. I., Jaafar, J., & Lai, F. W. (2016). Expert's opinions on software project effective risk management. In: IEEE Software 2016 3rd International Conference on Computer and Information Sciences (ICCOINS). Recuperado de: https://ieeexplore.ieee.org.

Jenko, A., & Roblek, M. (2016). A primary human critical success factors model for the ERP system implementation. Organizacija, 49(3), 145-160. doi:10.1515/orga-2016-0014

Jiang, R. (2015). A novel risk metric for staff turnover in a software project based on information entropy. Entropy, 17(5), 2834-2852. doi:10.3390/e17052834

Khan, A. A., Keung, J., Niazi, M., Hussain, S., & Ahmad, A. (2017). Systematic literature review and empirical investigation of barriers to process improvement in global software development: Client–vendor perspective. Information and Software Technology, 87, 180-205. doi:10.1016/j.infso.2017.03.006

Kumar, C., & Yadav, D. K. (2015). A probabilistic software risk assessment and estimation model for software projects. In: Procedia Computer Science: Eleventh International Multi-Conference on Information Processing-2015, 54, 353-361. doi:10.1016/j.procs.2015.06.041

Kumar, M., Latha, P., & Praynlin, E. (2014). Software effort estimation using genetic algorithm. International Journal on Information Sciences and Computing, 8(1), 9-16. doi:10.18000/ijisac.50142

Kutsch, E., Denyer, D., Hall, M., & Lee-kelley, E. (2013). Does risk matter? disengagement from risk management practices in information systems projects. European Journal of Information Systems, 22, 637-649. doi:10.1057/ejis.2012.6

Leopoldino, C. B., & Borenstein, D. (2011). Componentes de risco para a gestão de projetos de software. READ - Revista Eletrônica de Administração (online), setembro-dezembro. doi:10.1590/S1413-23112011000300003

Li, X., Jiang, Q., Hsu, M. K., & Chen, Q. (2019). Support or risk? Software project risk assessment model based on rough set theory and backpropagation neural network. Sustainability. 11, 1-12. Doi:10.3390/su11174513

Librantz, A. F. H., Santos, F. C. R., Dias, C. G., Cunha, A. C. A., Costa, I., & Spinola M. M. (2016). AHP modelling and sensitivity analysis for evaluating the criticality of software programs. In: Advances in Production Management Systems. Initiatives for a Sustainable World. APMS 2016, IFIP Advances in Information and Communication Technology, Springer, Cham, 488. doi:10.1007/978-3-319-51133-7_30

Librantz, A. F. H., Costa, I., Spinola, M. M., Oliveira Neto, G., & Zerbinati, L. (2020). Risk assessment in software supply chains using the Bayesian method. International Journal of Production Research. doi: 10.1080/00207543.2020.1825860

Liu, J. Y., Yang, M., Klein, G., & Chen, H. (2013). Reducing user-related risks with user-developer partnering. Journal of Computer Information Systems, 54(1), 66-74. doi:10.1080/08874417.2013.11645672

Martins, M. R.; Maturana, M. C. (2013). Application of Bayesian Belief network to the human reliability analysis of na oil tanker operation focusing on collision accidents. Reliability Engineering & System Safety, 110, 89-109. doi:10.1016/j.ress.2012.09.008

Nasar, M., Johri, P., & Chanda, U. (2014). Software testing resource allocation and release time problem. International Journal of Modern Education and Computer Science, 6(2), 48-55. doi: 10.5815/ijmecs.2014.02.07

Norsys. (2017). Netica for MS Windows. Norsys Software Corporation. Recuperado de: https://www.norsys.com/download.html.

Organ, J., & Stapleton, L. (2016). Technologist engagement with risk management practices during systems development? approaches, effectiveness and challenges. AI & Society, 31(3), 347-359. doi:10.1007/s00146-015-0597-4

Pearl, J. (1998). Probabilistic reasoning in intelligent systems: Networks of plausible inference. Palo Alto, Morgan Kaufmann Publishers.

Penha, R., Kniess, C. T., Bergman, D. R., & Biancolino, C. A. (2014). Emprego de técnicas de gerenciamento de riscos técnicos em uma empresa de desenvolvimento de softwares. Revista Gestão & Tecnologia. jan-abr, 14(1), 151-173. Recuperado de: http://repositorio.uninove.br/xmlui/bitstream/handle/123456789/365/287-528-1-RV.pdf?sequence=1.

Perreault, L., Strasser S., Thornton M., & Sheppard, J. W. (2016). A Noisy-OR model for continuous time Bayesian networks. In: Proceedings of the Twenty-Ninth International – Florida Artificial Intelligence Research Society Conference, 668-673. Recuperado de: https://www.cs.montana.edu/sheppard/pubs/flairs-2016.pdf

Persson, S., & Schlichter, B. R. (2015). Managing risk areas in software development offshoring:A CMMI Level 5 Case. Journal of Information Technology Theory and Application, 16(1), 5-24. Recuperado de: https://aisel.aisnet.org/jitta/vol16/iss1/2.

Qu, Y., & Wang. H. (2015). Analysis on chaotic characteristics of software project risk system. International Journal of Security and Its Applications, 9(2), 49-60. doi:10.14257/ijsia.2015.9.2.06

Qu, Y., & Yang, T. (2016). Research on occurrence frequency of IT projects risk based on fuzzy influence diagram. In: The Institute of Electrical and Electronics Engineers, Inc. (ICMLC) - Conference Proceedings. Piscataway, 166-171. doi: 10.1109/ICMLC.2016.7860895

Rana, R., Staron, M., Berger, C., Hansson, J., Nilsson, M., & Meding, W. (2016). Analyzing defect inflow distribution and applying bayesian inference method for software defect prediction in large software projects. Journal of Systems and Software, 117, 229-244. doi: 10.1016/j.jss.2016.02.015

Reed, A. H., & Knight, L. V. (2013). Project duration and risk factors on virtual projects. The Journal of Computer Information Systems, 54(1), 75-83. Doi:10.1080/08874417.2013.11645673

Rodriguez, A., Ortega, F., & Concepcion, R. (2016). A method for the evaluation of risk in IT projects. Expert Systems with Applications, 45, 273-285. doi:10.1016/j.eswa.2015.09.056

Sareen, S., Sood, S. K., & Gupta, S. K. (2017). Secure internet of things-based cloud framework to control zika virus outbreak. International Journal of Technology Assessment in Health Care. 33. doi:10.1017/S0266462317000113

Sarigiannidis, L., & Chatzoglou, P. D. (2014). Quality vs risk: An investigation of their relationship in software development projects. International Journal of Project Management, 32(6), 1073-1082. doi:10.1016/j.ijproman.2013.11.001

Shankari, H. K., & Thirumalaiselvi, R. (2014). Guidelines to improve software engineering process using artificial intelligence techniques. I-Manager's Journal on Software Engineering, 8(4), 33-43. doi:10.26634/jse.8.4.3050

Shao, Z., Feng, Y., & Hu, Q. (2016). Effectiveness of top management support in enterprise systems success: a contingency perspective of fit between leadership style and system life cycle. European Journal of Information Systems. 25(2), 131-153. doi: 10.1057/ejis.2015.6

Sharma, A., Basora, D., Chhillar, N., & Yadav, D. (2013). A comprehensive study of software risk management. International Journal of Advanced Research in Computer Science, 4(10), 61-67. Recuperado de: www.ijarcs.info.

Song, H., & Jiang, J. (2016). Risks identification in embedded software development: evidence from MVBC project survey. Procedia Computer Science, 91, 798-806. doi:10.1016/j.procs.2016.07.082

Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2014). Case study on risk management practice in large offshore-outsourced agile software projects. IET Software, 8(6), 245-257. doi:10.1049/iet-sen.2013.0190

Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2019). Variation of risk profile across software life cycle in IS outsourcing. Software Quality Journal, 27, 1563-1582. doi: 10.1007/s11219-019-09451-8

Wanderley, M., Menezes, J., Gusmão, C., & Lima, F. Proposal of risk management metrics for multiple project software development. Procedia Computer Science, 64, 1001-1009. doi:10.1016/j.procs.2015.08.619

Wu, D., Dai, Q., & Zhu, X. (2016). Measuring the Effect of Project Risks Based on Shapley Value for Project Risk Response. Procedia Computer Science: Information Technology and Quantitative Management (ITQM-2016), 91, 774-778. doi:10.1016/j.procs.2016.07.076

Ye, Y., Jankovic, M., Kremer, G. E., & Bocquet, J. C. (2014). Managing uncertainty in potential supplier identification. Artificial Intelligence for Engineering Design, Analysis and Manufacturing, 28, 339-351. doi:10.1017/S0890060414000511

Ykhlef, M., & Algawiaz, D. (2014). A new strategic risk reduction. In: IEEE Software 5th International Conference on Computer Science and Information Technology (CSIT), 179-183. Doi:10.1080/18756891.2014.960236

Zagorecki, A.; Druzdzel, M. (2013). Knowledge Engineering for Bayesian Networks: How Common Are Noisy-MAX Distributions in Practice? IEEE transactions on systems man cybernetics-systems. 43(1), 186-195. Recuperado de: https://www.pitt.edu/~druz dzel/ftp/zagorecki13.pdf.

Published

27/11/2020

How to Cite

CASSIA, A. R. .; LIBRANTZ, A. F. .; COSTA, I.; SPINOLA, M. de M. .; KINJO, E. M. . Risk Evaluation in Software Project Using Bayesian Network Modeling. Research, Society and Development, [S. l.], v. 9, n. 11, p. e58991110116, 2020. DOI: 10.33448/rsd-v9i11.10116. Disponível em: https://rsdjournal.org/index.php/rsd/article/view/10116. Acesso em: 15 jan. 2025.

Issue

Section

Exact and Earth Sciences