QUALITY ANALYSIS AND QUANTITATIVE ASSESSMENT OF RISKS METHODS OF SOFTWARE DEVELOPMENT
DOI:
https://doi.org/10.26906/SUNZ.2018.3.116Keywords:
risk assessment, software developmentAbstract
In the article, one of the contradictions arising in the development of software is defined and solved, which consists in neglecting software developers of software vulnerability vulnerabilities. All risks in the development of software, with more or less admission, can be considered a subjective result of the process, which is associated with a lack of quantitative or qualitative information about the process, as well as its uncertainty. These factors can be considered the main reason, generates and accompanies risks throughout their life cycle. As a solution to this problem, the use of developed methods of analysis and quantitative assessment of the risks of software development is suggested. Its distinctive feature is the consideration of operational risk factors, especially the risk of identifying software vulnerabilities and evaluating an arbitrary, consistent, finite set of "information quanta". It is proved that the method of qualitative risk assessment of the project is descriptive and represents a process aimed at identifying specific project risks, as well as the causes that generate them, with subsequent assessment of possible consequences and development of measures to deal with risks. In the process of risk analysis, the development of metrics that are responsible for determining the limiting indicators of factors that signal the manifestation of risks. A method for quantifying software development risks has been developed. Its distinctive feature is the integrated use of the "Failure Tree Analysis" methodology and a method for estimating the net present value of a software development project taking into account the negative factors of possible detection of software security vulnerabilities. At the same time, the use of the method of estimating the net present value of the software development project allows the project to be considered in a comprehensive manner, taking into account the need to take into account security and vulnerability testing of the software with the use of tools that overcome the complexity, uncertainty and long-term nature of projects.Downloads
References
Tom DeMarco, Timothy Lister, Waltzing with Bears. Managing Risk on Software Projects. Dorset House Publ/, 2003. 542 p.
Boehm B.W., Egyed A. A. Spiral model of software development and enhancement. IEEE Computer.1988. May. P. 61-72.
Sandra M. N., Sandra M.N., Carlos S. da S. Eduardo Risk management applied to software development projects in incubated technology-based companies: literature review, classification, and analysis. Gest. Prod., São Carlos. 2016, №23(4). P. 798-814.
Yet, B, Constantinou, A., Fenton, N., Neil, M., Luedeling, E., & Shepherd, K. A Bayesian Network Framework for Project Cost, Benefit and Risk Analysis with an Agricultural Development Case Study. Expert Systems with Applic. 2016. № 60. P. 141–155.
James J. J., Jamie Y. T. Chang, Houn-Gee Chen, Eric T. G. Wang, G. KleinJiang J. J. Achieving IT Program Goals with Integrative Conflict Management. Journal of Management Information Systems. 2014. № 31(1). P. 79-106.
Tavares B. G., C. Eduardo S. da Silva, A. D. de Souza. Risk Management in Scrum Projects: A Bibliometric Study. Journal of communications software and systems. 2017. № 13(1). P. 25-41.
Tomanek M., Juricek J. Project Risk Management Model Based on PRINCE2 and Scrum Frameworks/ M. Tomanek. The International Journal of Software Engineering & Applications (IJSEA). 2015. № 6(1). P. 81-88.
Power K. Impediment Impact Diagrams: Understanding the Impact of Impediments in Agile Teams and Organizations. Agile Conference (Orlando, Florida, 28 July - 1 August 2014, ), Orlando, 2014. P. 18-32
Коваленко А.В., Смирнов А.А.,Якименко Н.Н., Доренский А.П. Проблемы анализа и оценки рисков информационной деятельности. Збірник наукових праць "Системи обробки інформації". 2016. №3(140). С. 40-42.
Коваленко А.В., Смирнов A.A.. Использование псевдобулевых методов бивалентного программирования для управления рисками разработки программного обеспечения. Системи управління, навігації та зв’язку.2016. №1 (37). С. 98-103.
Исикава К. Японские методы управления качеством/ под ред. А. В. Гличева. Москва: Экономика, 1988. 214 с.
Clifton A Ericson II Fault Tree Analysis Primer Create space Inc., Charlestone, NC. 2011. 136 p.
Guidelines and Methods for Conducting the Safety Assessment Process on Civil Airborne Systems and Equipment. 1996. 331 p.
Military Handbook “MIL-HDBK-338B” Electronic. Reliability Design Handbook. 1998. 1046 p.
Fault tree analysis (FTA). First edition. Geneve, 1990. 56 p.
Krishnan M. Soumya Software Development Risk Aspects and Success Frequency on Spiral and Agile Model. International Journal of Innovative Research in Computer and Communication Engineering. 2015. № 3(1). P. 301-310.
Araszkiewicz K. Building information modelling: an innovative way to manage risk in construction projects. International Journal of Contemporary Management. 2015. № 14(3). P. 23–40.
