Avaliação de Riscos em Projetos de Software usando Modelagem de Redes Bayesianas
DOI:
https://doi.org/10.33448/rsd-v9i11.10116Palavras-chave:
Projeto de Software; Análise de Risco; Modelagem Bayesiana; Noisy-OR.Resumo
Os eventos de risco de projeto geralmente são influenciados um pelo outro e raramente agem de forma independente. Nesse contexto, são necessários métodos eficazes para identificar, modelar e analisar esses riscos. O objetivo deste artigo é aplicar a análise de risco em um projeto de desenvolvimento de software, com base no modelo do Software Engineering Institute (SEI), usando o modelo Bayes para calcular as probabilidades de riscos e também a estrutura de cálculo Noisy-OR para atribuir pesos iniciais à rede de fatores de riscos que influenciam o projeto. Dessa forma, espera-se aumentar as chances de sucesso do processo de análise de risco. Os resultados obtidos pelas técnicas adotadas demonstram ser promissores no auxílio ao processo de tomada de decisão pelos gerentes de projetos de desenvolvimento de software.
Referências
Agrawal, R., Singh, D., & Sharma, A. (2016). Prioritizing and optimizing risk factors in agile software development. In: 2016 Ninth international Conference on Contemporary Computing (IC3). doi:10.1109/IC3.2016.7880232
Alberts, C., & Dorofee, A. A. (2009). Framework for Categorizing Key Drivers of Risk. Software Engineering Institute (CMU/SEI-2009-TR-007), Carnegie Mellon University, Pittsburgh. Recuperado de: https://resources.sei.cmu.edu/asset_files/TechnicalReport/2009.
Albuquerque, M. A. de, Lucena, S. L. L. de, & Barros, K. N. N. de O. (2020). Comparison of classic and Bayesian model for data on perinatal deaths at ISEA, Campina Grande-PB. Research, Society and Development, 9(8), e464985477. Doi:10.33448/rsd-v9i8.5477
Badurdeen, F., Shuaib, M., Wijekoon. K., Brown, A., Faulkne, W., Amundson, J., Jawahir, I. S., Goldsby, T. J., Iyengar, D., & Boden, B. (2014). Quantitative modeling and analysis of supply chain risks using bayesian theory. Journal of Manufacturing Technology Management, 25(5), 631-654. Doi:10.1108/JMTM-10-2012-0097
Bernardo, J. M., & Smith, A. F. M. (2000). Bayesian theory. John Wiley & Sons, Ltd. ISBN 0471924164.
Bista, R., & Dongol, D. A. (2015). Model for software risk management. Technia - International Journal of Computing Science and Communication Technologies, 7(2), 1028-1035. ISSN:0974-3375.
Boehm, B. W. (1991). Software risk management: Principles and practices. Journals & Magazines, IEEE Software, 8(1), 32-41. Recuperado de: https://ieeexplore.ieee.org/document/62930.
Cao, W., & Zhang, X. (2016). Supply chain risk assessment based on support vector machine. Revista Ibérica de Sistemas e Tecnologias de Informação (RISTI), E5, 310-322. ISSN:1646-9895.
Chevers, D. A., & Grant, G. (2017). Developer's views on information systems quality and success in canadian software development firms. Journal of Information Systems and Technology Management: JISTEM, 14(1), 3-20. doi:10.4301/S1807-17752017000100001
Chin, K-S., Tang, D-W., Yang, J-B., Wong, S. Y., & Wang, H. (2009). Assessing New Product Development Project Risk by Bayesian Network with a Systematic Probability Generation Methodology. Expert Systems with Applications, 36(6), 9879–9890. doi:10.1016/j.eswa.2009.02.019
Danciulescu, A. (2014). Risk management an important tool in ict sme's in Romania. Journal of Information Systems & Operations Management, p. 1-13. Recuperado de: https://www.academia.edu/9042447.
Dutra, E., & Santos, G. (2014). Risks in initiatives to improve software processes: an investigation in the Brazilian context. In: XII Workshop on Thesis and Dissertation in Software Quality, 59-64. Recuperado de: sbqs.sbc.org.br/2014.
Fenton, N. E., Noguchi, T., & Neil, M. (2019). An Extension to the Noisy-OR Function to Resolve the 'Explaining Away' Deficiency for Practical Bayesian Network Problems. IEEE transactions on knowledge and data engineering, 31(1), 2441-2445, 2019. Recuperado de: https://www.ieeexplore.ieee.org/document/8607084.
Firdose, S., & Rao, L. M. (2016). 3LRM-3 Layer risk mitigation modelling of ICT software development projects. International Journal of Electrical and Computer Engineering (IJECE), 6(1), 349-356. doi:10.1159/ijece.v6i1.9026
Firdose, S., & Rao, L. M. (2018). PORM: Predictive optimization of risk management to control uncertainty problems in software engineering. International Journal of Electrical and Computer Engineering (IJECE), 8(6), 4735-4744. doi:10.1159/ijece.v8i6.pp4735-4744
Herrmann, J. W. (2015). Engineering decision making and risk management. New Jersey: John Wiley & Sons, Ltd. ISBN: 978-1-118-91933-0.
Herteliu, E., & Despa, M. L. (2014). Risk management in citizen oriented innovative software development projects. Journal of Information Systems & Operations Management, 8, 1-18.
HM Treasury. (2004). The Orange Book, Management of Risk - Principles and Concepts. UK, London: HM Treasury. Recuperado de: https://erm.ncsu.edu/library/article/orange-book-principles.
Hussain, A., Mkpojiogu, E., & Kamal, F. M. (2016). The role of requirements in the success or failure of software projects. International Review of Management and Marketing, 6(2016), 306-311. Recuperado de: http://www.econjournal.com
Iamandi, O., Popescu, S., Dragomir, M., & Morariu, C. (2015). A critical analysis of project management models and its potential risks in software development. Calitatea, 16(149), 55-61.
Islam, S., Mouratidis, H., & Weippi, E. (2014). An empirical study on the implementation and evaluation of a goal driven software development risk management model. Information and Software Technology. 56(2), 117-133. doi:10.1016/j.infsof.2013.06.003
ISO/IEC. (2009). International standards organization standard on risk management. ISO 31000: Risk Management – Risk Assessment Techniques. Recuperado de: https://www.iso.org/iso-31000-risk-management.html.
Janjua, U. I., Jaafar, J., & Lai, F. W. (2016). Expert's opinions on software project effective risk management. In: IEEE Software 2016 3rd International Conference on Computer and Information Sciences (ICCOINS). Recuperado de: https://ieeexplore.ieee.org.
Jenko, A., & Roblek, M. (2016). A primary human critical success factors model for the ERP system implementation. Organizacija, 49(3), 145-160. doi:10.1515/orga-2016-0014
Jiang, R. (2015). A novel risk metric for staff turnover in a software project based on information entropy. Entropy, 17(5), 2834-2852. doi:10.3390/e17052834
Khan, A. A., Keung, J., Niazi, M., Hussain, S., & Ahmad, A. (2017). Systematic literature review and empirical investigation of barriers to process improvement in global software development: Client–vendor perspective. Information and Software Technology, 87, 180-205. doi:10.1016/j.infso.2017.03.006
Kumar, C., & Yadav, D. K. (2015). A probabilistic software risk assessment and estimation model for software projects. In: Procedia Computer Science: Eleventh International Multi-Conference on Information Processing-2015, 54, 353-361. doi:10.1016/j.procs.2015.06.041
Kumar, M., Latha, P., & Praynlin, E. (2014). Software effort estimation using genetic algorithm. International Journal on Information Sciences and Computing, 8(1), 9-16. doi:10.18000/ijisac.50142
Kutsch, E., Denyer, D., Hall, M., & Lee-kelley, E. (2013). Does risk matter? disengagement from risk management practices in information systems projects. European Journal of Information Systems, 22, 637-649. doi:10.1057/ejis.2012.6
Leopoldino, C. B., & Borenstein, D. (2011). Componentes de risco para a gestão de projetos de software. READ - Revista Eletrônica de Administração (online), setembro-dezembro. doi:10.1590/S1413-23112011000300003
Li, X., Jiang, Q., Hsu, M. K., & Chen, Q. (2019). Support or risk? Software project risk assessment model based on rough set theory and backpropagation neural network. Sustainability. 11, 1-12. Doi:10.3390/su11174513
Librantz, A. F. H., Santos, F. C. R., Dias, C. G., Cunha, A. C. A., Costa, I., & Spinola M. M. (2016). AHP modelling and sensitivity analysis for evaluating the criticality of software programs. In: Advances in Production Management Systems. Initiatives for a Sustainable World. APMS 2016, IFIP Advances in Information and Communication Technology, Springer, Cham, 488. doi:10.1007/978-3-319-51133-7_30
Librantz, A. F. H., Costa, I., Spinola, M. M., Oliveira Neto, G., & Zerbinati, L. (2020). Risk assessment in software supply chains using the Bayesian method. International Journal of Production Research. doi: 10.1080/00207543.2020.1825860
Liu, J. Y., Yang, M., Klein, G., & Chen, H. (2013). Reducing user-related risks with user-developer partnering. Journal of Computer Information Systems, 54(1), 66-74. doi:10.1080/08874417.2013.11645672
Martins, M. R.; Maturana, M. C. (2013). Application of Bayesian Belief network to the human reliability analysis of na oil tanker operation focusing on collision accidents. Reliability Engineering & System Safety, 110, 89-109. doi:10.1016/j.ress.2012.09.008
Nasar, M., Johri, P., & Chanda, U. (2014). Software testing resource allocation and release time problem. International Journal of Modern Education and Computer Science, 6(2), 48-55. doi: 10.5815/ijmecs.2014.02.07
Norsys. (2017). Netica for MS Windows. Norsys Software Corporation. Recuperado de: https://www.norsys.com/download.html.
Organ, J., & Stapleton, L. (2016). Technologist engagement with risk management practices during systems development? approaches, effectiveness and challenges. AI & Society, 31(3), 347-359. doi:10.1007/s00146-015-0597-4
Pearl, J. (1998). Probabilistic reasoning in intelligent systems: Networks of plausible inference. Palo Alto, Morgan Kaufmann Publishers.
Penha, R., Kniess, C. T., Bergman, D. R., & Biancolino, C. A. (2014). Emprego de técnicas de gerenciamento de riscos técnicos em uma empresa de desenvolvimento de softwares. Revista Gestão & Tecnologia. jan-abr, 14(1), 151-173. Recuperado de: http://repositorio.uninove.br/xmlui/bitstream/handle/123456789/365/287-528-1-RV.pdf?sequence=1.
Perreault, L., Strasser S., Thornton M., & Sheppard, J. W. (2016). A Noisy-OR model for continuous time Bayesian networks. In: Proceedings of the Twenty-Ninth International – Florida Artificial Intelligence Research Society Conference, 668-673. Recuperado de: https://www.cs.montana.edu/sheppard/pubs/flairs-2016.pdf
Persson, S., & Schlichter, B. R. (2015). Managing risk areas in software development offshoring:A CMMI Level 5 Case. Journal of Information Technology Theory and Application, 16(1), 5-24. Recuperado de: https://aisel.aisnet.org/jitta/vol16/iss1/2.
Qu, Y., & Wang. H. (2015). Analysis on chaotic characteristics of software project risk system. International Journal of Security and Its Applications, 9(2), 49-60. doi:10.14257/ijsia.2015.9.2.06
Qu, Y., & Yang, T. (2016). Research on occurrence frequency of IT projects risk based on fuzzy influence diagram. In: The Institute of Electrical and Electronics Engineers, Inc. (ICMLC) - Conference Proceedings. Piscataway, 166-171. doi: 10.1109/ICMLC.2016.7860895
Rana, R., Staron, M., Berger, C., Hansson, J., Nilsson, M., & Meding, W. (2016). Analyzing defect inflow distribution and applying bayesian inference method for software defect prediction in large software projects. Journal of Systems and Software, 117, 229-244. doi: 10.1016/j.jss.2016.02.015
Reed, A. H., & Knight, L. V. (2013). Project duration and risk factors on virtual projects. The Journal of Computer Information Systems, 54(1), 75-83. Doi:10.1080/08874417.2013.11645673
Rodriguez, A., Ortega, F., & Concepcion, R. (2016). A method for the evaluation of risk in IT projects. Expert Systems with Applications, 45, 273-285. doi:10.1016/j.eswa.2015.09.056
Sareen, S., Sood, S. K., & Gupta, S. K. (2017). Secure internet of things-based cloud framework to control zika virus outbreak. International Journal of Technology Assessment in Health Care. 33. doi:10.1017/S0266462317000113
Sarigiannidis, L., & Chatzoglou, P. D. (2014). Quality vs risk: An investigation of their relationship in software development projects. International Journal of Project Management, 32(6), 1073-1082. doi:10.1016/j.ijproman.2013.11.001
Shankari, H. K., & Thirumalaiselvi, R. (2014). Guidelines to improve software engineering process using artificial intelligence techniques. I-Manager's Journal on Software Engineering, 8(4), 33-43. doi:10.26634/jse.8.4.3050
Shao, Z., Feng, Y., & Hu, Q. (2016). Effectiveness of top management support in enterprise systems success: a contingency perspective of fit between leadership style and system life cycle. European Journal of Information Systems. 25(2), 131-153. doi: 10.1057/ejis.2015.6
Sharma, A., Basora, D., Chhillar, N., & Yadav, D. (2013). A comprehensive study of software risk management. International Journal of Advanced Research in Computer Science, 4(10), 61-67. Recuperado de: www.ijarcs.info.
Song, H., & Jiang, J. (2016). Risks identification in embedded software development: evidence from MVBC project survey. Procedia Computer Science, 91, 798-806. doi:10.1016/j.procs.2016.07.082
Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2014). Case study on risk management practice in large offshore-outsourced agile software projects. IET Software, 8(6), 245-257. doi:10.1049/iet-sen.2013.0190
Sundararajan, S., Bhasi, M., & Vijayaraghavan, P. K. (2019). Variation of risk profile across software life cycle in IS outsourcing. Software Quality Journal, 27, 1563-1582. doi: 10.1007/s11219-019-09451-8
Wanderley, M., Menezes, J., Gusmão, C., & Lima, F. Proposal of risk management metrics for multiple project software development. Procedia Computer Science, 64, 1001-1009. doi:10.1016/j.procs.2015.08.619
Wu, D., Dai, Q., & Zhu, X. (2016). Measuring the Effect of Project Risks Based on Shapley Value for Project Risk Response. Procedia Computer Science: Information Technology and Quantitative Management (ITQM-2016), 91, 774-778. doi:10.1016/j.procs.2016.07.076
Ye, Y., Jankovic, M., Kremer, G. E., & Bocquet, J. C. (2014). Managing uncertainty in potential supplier identification. Artificial Intelligence for Engineering Design, Analysis and Manufacturing, 28, 339-351. doi:10.1017/S0890060414000511
Ykhlef, M., & Algawiaz, D. (2014). A new strategic risk reduction. In: IEEE Software 5th International Conference on Computer Science and Information Technology (CSIT), 179-183. Doi:10.1080/18756891.2014.960236
Zagorecki, A.; Druzdzel, M. (2013). Knowledge Engineering for Bayesian Networks: How Common Are Noisy-MAX Distributions in Practice? IEEE transactions on systems man cybernetics-systems. 43(1), 186-195. Recuperado de: https://www.pitt.edu/~druz dzel/ftp/zagorecki13.pdf.
Downloads
Publicado
Como Citar
Edição
Seção
Licença
Copyright (c) 2020 Adalberto Ramos Cassia; André Felipe Librantz; Ivanir Costa; Mauro de Mesquita Spinola; Erika Midori Kinjo
Este trabalho está licenciado sob uma licença Creative Commons Attribution 4.0 International License.
Autores que publicam nesta revista concordam com os seguintes termos:
1) Autores mantém os direitos autorais e concedem à revista o direito de primeira publicação, com o trabalho simultaneamente licenciado sob a Licença Creative Commons Attribution que permite o compartilhamento do trabalho com reconhecimento da autoria e publicação inicial nesta revista.
2) Autores têm autorização para assumir contratos adicionais separadamente, para distribuição não-exclusiva da versão do trabalho publicada nesta revista (ex.: publicar em repositório institucional ou como capítulo de livro), com reconhecimento de autoria e publicação inicial nesta revista.
3) Autores têm permissão e são estimulados a publicar e distribuir seu trabalho online (ex.: em repositórios institucionais ou na sua página pessoal) a qualquer ponto antes ou durante o processo editorial, já que isso pode gerar alterações produtivas, bem como aumentar o impacto e a citação do trabalho publicado.