Iwsm2014 defining technical risk in software development (vard antinyan)
description
Transcript of Iwsm2014 defining technical risk in software development (vard antinyan)
Defining Technical Risks in Software Development
Vard [email protected]
Software Center
Computer Science and Engineering
Chalmers | University of Gothenburg
Research Context
Software Center
Mission: Improve the software engineering capability of the Nordic Software-Intensive Industry with an order of magnitude
Project 3 – Organizational performance metrics
Perception of Technical Risks in Software Development
• How simple and unambiguous the delivered reqs. are?
• How maintainable the delivered code is?
• How well the design complies to architecture?
• …
Risk Definition
•Perception of possibility to lose health, property or reputation (Slovic)
•An effect of uncertainty on objectives (ISO 31000)
•an unwanted event which may or may not occur (Stanford encycl. of Philosophy)
•A combination of uncertainty and loss when taking on a decision (Kaplan and Garrick)
Technical Risks
• In SE technical risks are not manifested as a product of probability and impact of an adverse event
• They have continuous nature
• Example:
– Not, very, less, more, … - error prone
– Not, very, less, more, … - maintainable
• In practice never
– Either error-prone or not
– Either maintainable or not
Research Question
• How can we define technical risk in order to support effective risk assessment?
• The definition should imply that the value of impact should be continuous variable, not either 0 or x
• The definition should support the quantification of loss
Results
• Three workshops with companies for identifying technical risks
– Ericsson (specific)
– Volvo GTT (specifc)
– Ericsson, Volvo GTT, Volvo CC, Saab
• 24 technical risks were detected that software engineers face in industry
Technical Risks with Decision Making
• Should I deliver the code or do more tests? (error proneness vs. late integration)
• Should I refactor or develop the newly specified feature? (what’s optimal)
• Should we do a complete review of requirements or start development right away?
• Two commonalities in these risks:
– They all emerge when making decision
– There are always several solutions and uncertainties on how well these solutions will perform when applying
Defining Technical Risks
• For a given development operation, when there are several possible solutions to achieve an objective, we define the risk as:
• The technical risk is the degree of uncertainty on the magnitude of difference between the actual and optimal solutions.
– Degree of uncertainty
– Magnitude of difference between actual and optimal solutions
Defining Technical Risks
• Two factors matter:
– Uncertainty of how well a solution performs
– Difference between actual and optimal solutions (not known)
Assessing Technical Risks
• Software metrics can be used for assessing technical risks
– Measure unwanted consequences on the design artifact
– Measure properties of the design artifacts
– Develop a prediction model
Conclusions
• Technical risks usually accompany technical design solutions
• They have two components:
– Uncertainty of how well the (design) solution performs
– Cost of difference between optimal and actual solutions
• Metrics can be successfully used at companies for identifying and assessing technical risks
Questions