Evaluación de riesgos en proyectos de software mediante el modelado de redes bayesianas
DOI:
https://doi.org/10.33448/rsd-v9i11.10116Palabras clave:
Proyecto de software; Análisis de riesgo; Modelado bayesiano; Ruidoso-OR.Resumen
Los eventos de riesgo del proyecto a menudo están influenciados entre sí y rara vez actúan de forma independiente. En este contexto, se necesitan métodos efectivos para identificar, modelar y analizar estos riesgos. El propósito de este artículo es aplicar el análisis de riesgo a un proyecto de desarrollo de software, basado en el modelo del Software Engineering Institute (SEI), utilizando el modelo de Bayes para calcular las probabilidades de riesgo y también la estructura de cálculo Noisy-OR Asignar pesos iniciales a la red de factores de riesgo que influyen en el proyecto. Por lo tanto, se espera que aumente las posibilidades de éxito del proceso de análisis de riesgos. Los resultados obtenidos por las técnicas adoptadas resultan prometedores para ayudar en la toma de decisiones por parte de los responsables de proyectos de desarrollo de software.
Citas
Agrawal, R., Singh, D., & Sharma, A. (2016). Prioritizing and optimizing risk factors in agile software development. In: 2016 Ninth international Conference on Contemporary Computing (IC3). doi:10.1109/IC3.2016.7880232
Alberts, C., & Dorofee, A. A. (2009). Framework for Categorizing Key Drivers of Risk. Software Engineering Institute (CMU/SEI-2009-TR-007), Carnegie Mellon University, Pittsburgh. Recuperado de: https://resources.sei.cmu.edu/asset_files/TechnicalReport/2009.
Albuquerque, M. A. de, Lucena, S. L. L. de, & Barros, K. N. N. de O. (2020). Comparison of classic and Bayesian model for data on perinatal deaths at ISEA, Campina Grande-PB. Research, Society and Development, 9(8), e464985477. Doi:10.33448/rsd-v9i8.5477
Badurdeen, F., Shuaib, M., Wijekoon. K., Brown, A., Faulkne, W., Amundson, J., Jawahir, I. S., Goldsby, T. J., Iyengar, D., & Boden, B. (2014). Quantitative modeling and analysis of supply chain risks using bayesian theory. Journal of Manufacturing Technology Management, 25(5), 631-654. Doi:10.1108/JMTM-10-2012-0097
Bernardo, J. M., & Smith, A. F. M. (2000). Bayesian theory. John Wiley & Sons, Ltd. ISBN 0471924164.
Bista, R., & Dongol, D. A. (2015). Model for software risk management. Technia - International Journal of Computing Science and Communication Technologies, 7(2), 1028-1035. ISSN:0974-3375.
Boehm, B. W. (1991). Software risk management: Principles and practices. Journals & Magazines, IEEE Software, 8(1), 32-41. Recuperado de: https://ieeexplore.ieee.org/document/62930.
Cao, W., & Zhang, X. (2016). Supply chain risk assessment based on support vector machine. Revista Ibérica de Sistemas e Tecnologias de Informação (RISTI), E5, 310-322. ISSN:1646-9895.
Chevers, D. A., & Grant, G. (2017). Developer's views on information systems quality and success in canadian software development firms. Journal of Information Systems and Technology Management: JISTEM, 14(1), 3-20. doi:10.4301/S1807-17752017000100001
Chin, K-S., Tang, D-W., Yang, J-B., Wong, S. Y., & Wang, H. (2009). Assessing New Product Development Project Risk by Bayesian Network with a Systematic Probability Generation Methodology. Expert Systems with Applications, 36(6), 9879–9890. doi:10.1016/j.eswa.2009.02.019
Danciulescu, A. (2014). Risk management an important tool in ict sme's in Romania. Journal of Information Systems & Operations Management, p. 1-13. Recuperado de: https://www.academia.edu/9042447.
Dutra, E., & Santos, G. (2014). Risks in initiatives to improve software processes: an investigation in the Brazilian context. In: XII Workshop on Thesis and Dissertation in Software Quality, 59-64. Recuperado de: sbqs.sbc.org.br/2014.
Fenton, N. E., Noguchi, T., & Neil, M. (2019). An Extension to the Noisy-OR Function to Resolve the 'Explaining Away' Deficiency for Practical Bayesian Network Problems. IEEE transactions on knowledge and data engineering, 31(1), 2441-2445, 2019. Recuperado de: https://www.ieeexplore.ieee.org/document/8607084.
Firdose, S., & Rao, L. M. (2016). 3LRM-3 Layer risk mitigation modelling of ICT software development projects. International Journal of Electrical and Computer Engineering (IJECE), 6(1), 349-356. doi:10.1159/ijece.v6i1.9026
Firdose, S., & Rao, L. M. (2018). PORM: Predictive optimization of risk management to control uncertainty problems in software engineering. International Journal of Electrical and Computer Engineering (IJECE), 8(6), 4735-4744. doi:10.1159/ijece.v8i6.pp4735-4744
Herrmann, J. W. (2015). Engineering decision making and risk management. New Jersey: John Wiley & Sons, Ltd. ISBN: 978-1-118-91933-0.
Herteliu, E., & Despa, M. L. (2014). Risk management in citizen oriented innovative software development projects. Journal of Information Systems & Operations Management, 8, 1-18.
HM Treasury. (2004). The Orange Book, Management of Risk - Principles and Concepts. UK, London: HM Treasury. Recuperado de: https://erm.ncsu.edu/library/article/orange-book-principles.
Hussain, A., Mkpojiogu, E., & Kamal, F. M. (2016). The role of requirements in the success or failure of software projects. International Review of Management and Marketing, 6(2016), 306-311. Recuperado de: http://www.econjournal.com
Iamandi, O., Popescu, S., Dragomir, M., & Morariu, C. (2015). A critical analysis of project management models and its potential risks in software development. Calitatea, 16(149), 55-61.
Islam, S., Mouratidis, H., & Weippi, E. (2014). An empirical study on the implementation and evaluation of a goal driven software development risk management model. Information and Software Technology. 56(2), 117-133. doi:10.1016/j.infsof.2013.06.003
ISO/IEC. (2009). International standards organization standard on risk management. ISO 31000: Risk Management – Risk Assessment Techniques. Recuperado de: https://www.iso.org/iso-31000-risk-management.html.
Janjua, U. I., Jaafar, J., & Lai, F. W. (2016). Expert's opinions on software project effective risk management. In: IEEE Software 2016 3rd International Conference on Computer and Information Sciences (ICCOINS). Recuperado de: https://ieeexplore.ieee.org.
Jenko, A., & Roblek, M. (2016). A primary human critical success factors model for the ERP system implementation. Organizacija, 49(3), 145-160. doi:10.1515/orga-2016-0014
Jiang, R. (2015). A novel risk metric for staff turnover in a software project based on information entropy. Entropy, 17(5), 2834-2852. doi:10.3390/e17052834
Khan, A. A., Keung, J., Niazi, M., Hussain, S., & Ahmad, A. (2017). Systematic literature review and empirical investigation of barriers to process improvement in global software development: Client–vendor perspective. Information and Software Technology, 87, 180-205. doi:10.1016/j.infso.2017.03.006
Kumar, C., & Yadav, D. K. (2015). A probabilistic software risk assessment and estimation model for software projects. In: Procedia Computer Science: Eleventh International Multi-Conference on Information Processing-2015, 54, 353-361. doi:10.1016/j.procs.2015.06.041
Kumar, M., Latha, P., & Praynlin, E. (2014). Software effort estimation using genetic algorithm. International Journal on Information Sciences and Computing, 8(1), 9-16. doi:10.18000/ijisac.50142
Kutsch, E., Denyer, D., Hall, M., & Lee-kelley, E. (2013). Does risk matter? disengagement from risk management practices in information systems projects. European Journal of Information Systems, 22, 637-649. doi:10.1057/ejis.2012.6
Leopoldino, C. B., & Borenstein, D. (2011). Componentes de risco para a gestão de projetos de software. READ - Revista Eletrônica de Administração (online), setembro-dezembro. doi:10.1590/S1413-23112011000300003
Li, X., Jiang, Q., Hsu, M. K., & Chen, Q. (2019). Support or risk? Software project risk assessment model based on rough set theory and backpropagation neural network. Sustainability. 11, 1-12. Doi:10.3390/su11174513
Librantz, A. F. H., Santos, F. C. R., Dias, C. G., Cunha, A. C. A., Costa, I., & Spinola M. M. (2016). AHP modelling and sensitivity analysis for evaluating the criticality of software programs. In: Advances in Production Management Systems. Initiatives for a Sustainable World. APMS 2016, IFIP Advances in Information and Communication Technology, Springer, Cham, 488. doi:10.1007/978-3-319-51133-7_30
Librantz, A. F. H., Costa, I., Spinola, M. M., Oliveira Neto, G., & Zerbinati, L. (2020). Risk assessment in software supply chains using the Bayesian method. International Journal of Production Research. doi: 10.1080/00207543.2020.1825860
Liu, J. Y., Yang, M., Klein, G., & Chen, H. (2013). Reducing user-related risks with user-developer partnering. Journal of Computer Information Systems, 54(1), 66-74. doi:10.1080/08874417.2013.11645672
Martins, M. R.; Maturana, M. C. (2013). Application of Bayesian Belief network to the human reliability analysis of na oil tanker operation focusing on collision accidents. Reliability Engineering & System Safety, 110, 89-109. doi:10.1016/j.ress.2012.09.008
Nasar, M., Johri, P., & Chanda, U. (2014). Software testing resource allocation and release time problem. International Journal of Modern Education and Computer Science, 6(2), 48-55. doi: 10.5815/ijmecs.2014.02.07
Norsys. (2017). Netica for MS Windows. Norsys Software Corporation. Recuperado de: https://www.norsys.com/download.html.
Organ, J., & Stapleton, L. (2016). Technologist engagement with risk management practices during systems development? approaches, effectiveness and challenges. AI & Society, 31(3), 347-359. doi:10.1007/s00146-015-0597-4
Pearl, J. (1998). Probabilistic reasoning in intelligent systems: Networks of plausible inference. Palo Alto, Morgan Kaufmann Publishers.
Penha, R., Kniess, C. T., Bergman, D. R., & Biancolino, C. A. (2014). Emprego de técnicas de gerenciamento de riscos técnicos em uma empresa de desenvolvimento de softwares. Revista Gestão & Tecnologia. jan-abr, 14(1), 151-173. Recuperado de: http://repositorio.uninove.br/xmlui/bitstream/handle/123456789/365/287-528-1-RV.pdf?sequence=1.
Perreault, L., Strasser S., Thornton M., & Sheppard, J. W. (2016). A Noisy-OR model for continuous time Bayesian networks. In: Proceedings of the Twenty-Ninth International – Florida Artificial Intelligence Research Society Conference, 668-673. Recuperado de: https://www.cs.montana.edu/sheppard/pubs/flairs-2016.pdf
Persson, S., & Schlichter, B. R. (2015). Managing risk areas in software development offshoring:A CMMI Level 5 Case. Journal of Information Technology Theory and Application, 16(1), 5-24. Recuperado de: https://aisel.aisnet.org/jitta/vol16/iss1/2.
Qu, Y., & Wang. H. (2015). Analysis on chaotic characteristics of software project risk system. International Journal of Security and Its Applications, 9(2), 49-60. doi:10.14257/ijsia.2015.9.2.06
Qu, Y., & Yang, T. (2016). Research on occurrence frequency of IT projects risk based on fuzzy influence diagram. In: The Institute of Electrical and Electronics Engineers, Inc. (ICMLC) - Conference Proceedings. Piscataway, 166-171. doi: 10.1109/ICMLC.2016.7860895
Rana, R., Staron, M., Berger, C., Hansson, J., Nilsson, M., & Meding, W. (2016). Analyzing defect inflow distribution and applying bayesian inference method for software defect prediction in large software projects. Journal of Systems and Software, 117, 229-244. doi: 10.1016/j.jss.2016.02.015
Reed, A. H., & Knight, L. V. (2013). Project duration and risk factors on virtual projects. The Journal of Computer Information Systems, 54(1), 75-83. Doi:10.1080/08874417.2013.11645673
Rodriguez, A., Ortega, F., & Concepcion, R. (2016). A method for the evaluation of risk in IT projects. Expert Systems with Applications, 45, 273-285. doi:10.1016/j.eswa.2015.09.056
Sareen, S., Sood, S. K., & Gupta, S. K. (2017). Secure internet of things-based cloud framework to control zika virus outbreak. International Journal of Technology Assessment in Health Care. 33. doi:10.1017/S0266462317000113
Sarigiannidis, L., & Chatzoglou, P. D. (2014). Quality vs risk: An investigation of their relationship in software development projects. International Journal of Project Management, 32(6), 1073-1082. doi:10.1016/j.ijproman.2013.11.001
Shankari, H. K., & Thirumalaiselvi, R. (2014). Guidelines to improve software engineering process using artificial intelligence techniques. I-Manager's Journal on Software Engineering, 8(4), 33-43. doi:10.26634/jse.8.4.3050
Shao, Z., Feng, Y., & Hu, Q. (2016). Effectiveness of top management support in enterprise systems success: a contingency perspective of fit between leadership style and system life cycle. European Journal of Information Systems. 25(2), 131-153. doi: 10.1057/ejis.2015.6
Sharma, A., Basora, D., Chhillar, N., & Yadav, D. (2013). A comprehensive study of software risk management. International Journal of Advanced Research in Computer Science, 4(10), 61-67. Recuperado de: www.ijarcs.info.
Song, H., & Jiang, J. (2016). Risks identification in embedded software development: evidence from MVBC project survey. Procedia Computer Science, 91, 798-806. doi:10.1016/j.procs.2016.07.082
Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2014). Case study on risk management practice in large offshore-outsourced agile software projects. IET Software, 8(6), 245-257. doi:10.1049/iet-sen.2013.0190
Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2019). Variation of risk profile across software life cycle in IS outsourcing. Software Quality Journal, 27, 1563-1582. doi: 10.1007/s11219-019-09451-8
Wanderley, M., Menezes, J., Gusmão, C., & Lima, F. Proposal of risk management metrics for multiple project software development. Procedia Computer Science, 64, 1001-1009. doi:10.1016/j.procs.2015.08.619
Wu, D., Dai, Q., & Zhu, X. (2016). Measuring the Effect of Project Risks Based on Shapley Value for Project Risk Response. Procedia Computer Science: Information Technology and Quantitative Management (ITQM-2016), 91, 774-778. doi:10.1016/j.procs.2016.07.076
Ye, Y., Jankovic, M., Kremer, G. E., & Bocquet, J. C. (2014). Managing uncertainty in potential supplier identification. Artificial Intelligence for Engineering Design, Analysis and Manufacturing, 28, 339-351. doi:10.1017/S0890060414000511
Ykhlef, M., & Algawiaz, D. (2014). A new strategic risk reduction. In: IEEE Software 5th International Conference on Computer Science and Information Technology (CSIT), 179-183. Doi:10.1080/18756891.2014.960236
Zagorecki, A.; Druzdzel, M. (2013). Knowledge Engineering for Bayesian Networks: How Common Are Noisy-MAX Distributions in Practice? IEEE transactions on systems man cybernetics-systems. 43(1), 186-195. Recuperado de: https://www.pitt.edu/~druz dzel/ftp/zagorecki13.pdf.
Descargas
Publicado
Cómo citar
Número
Sección
Licencia
Derechos de autor 2020 Adalberto Ramos Cassia; André Felipe Librantz; Ivanir Costa; Mauro de Mesquita Spinola; Erika Midori Kinjo
Esta obra está bajo una licencia internacional Creative Commons Atribución 4.0.
Los autores que publican en esta revista concuerdan con los siguientes términos:
1) Los autores mantienen los derechos de autor y conceden a la revista el derecho de primera publicación, con el trabajo simultáneamente licenciado bajo la Licencia Creative Commons Attribution que permite el compartir el trabajo con reconocimiento de la autoría y publicación inicial en esta revista.
2) Los autores tienen autorización para asumir contratos adicionales por separado, para distribución no exclusiva de la versión del trabajo publicada en esta revista (por ejemplo, publicar en repositorio institucional o como capítulo de libro), con reconocimiento de autoría y publicación inicial en esta revista.
3) Los autores tienen permiso y son estimulados a publicar y distribuir su trabajo en línea (por ejemplo, en repositorios institucionales o en su página personal) a cualquier punto antes o durante el proceso editorial, ya que esto puede generar cambios productivos, así como aumentar el impacto y la cita del trabajo publicado.