TY - JOUR
T1 - Architectural-Level Risk Analysis Using UML
AU - Goseva-Popstojanova, Katerina
AU - Hassan, Ahmed
AU - Guedem, Ajith
AU - Abdelmoez, Walid
AU - Nassar, Diaa Eldin M.
AU - Ammar, Hany
AU - Mili, Ali
N1 - Funding Information:
This work is funded in part by a grant from the NASA Office of Safety and Mission Assurance (OSMA) Software Assurance Research Program (SARP), managed through the NASA Independent Verification and Validation (IV&V) Facility, Fairmont, West Virgina, and by a grant to the West Virginia University Research Corporation from the US National Science Foundation Information Technology Research (ITR) Program grant number CCR-0082574.
PY - 2003/10
Y1 - 2003/10
N2 - Risk assessment is an essential part in managing software development. Performing risk assessment during the early development phases enhances resource allocation decisions. In order to improve the software development process and the quality of software products, we need to be able to build risk analysis models based on data that can be collected early in the development process. These models will help Identify the high-risk components and connectors of the product architecture, so that remedial actions may be taken in order to control and optimize the development process and Improve the quality of the product, In this paper, we present a risk assessment methodology which can be used In the early phases of the software life cycle. We use the Unified Modeling Language (UML) and commercial modeling environment Rational Rose Real Time (RoseRT) to obtain UML model statistics. First, for each component and connector in software architecture, a dynamic heuristic risk factor is obtained and severity is assessed based on hazard analysis. Then, a Markov model Is constructed to obtain scenarios risk factors. The risk factors of use cases and the overall system risk factor are estimated using the scenarios risk factors. Within our methodology, we also identify critical components and connectors that would require careful analysis, design, implementation, and more testing effort. The risk assessment methodology is applied on a pacemaker case study.
AB - Risk assessment is an essential part in managing software development. Performing risk assessment during the early development phases enhances resource allocation decisions. In order to improve the software development process and the quality of software products, we need to be able to build risk analysis models based on data that can be collected early in the development process. These models will help Identify the high-risk components and connectors of the product architecture, so that remedial actions may be taken in order to control and optimize the development process and Improve the quality of the product, In this paper, we present a risk assessment methodology which can be used In the early phases of the software life cycle. We use the Unified Modeling Language (UML) and commercial modeling environment Rational Rose Real Time (RoseRT) to obtain UML model statistics. First, for each component and connector in software architecture, a dynamic heuristic risk factor is obtained and severity is assessed based on hazard analysis. Then, a Markov model Is constructed to obtain scenarios risk factors. The risk factors of use cases and the overall system risk factor are estimated using the scenarios risk factors. Within our methodology, we also identify critical components and connectors that would require careful analysis, design, implementation, and more testing effort. The risk assessment methodology is applied on a pacemaker case study.
KW - Dynamic complexity
KW - Dynamic coupling
KW - Markov model
KW - Risk assessment
KW - Severity of failure
KW - Software architecture
KW - UML specification
UR - http://www.scopus.com/inward/record.url?scp=0242411475&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=0242411475&partnerID=8YFLogxK
U2 - 10.1109/TSE.2003.1237174
DO - 10.1109/TSE.2003.1237174
M3 - Article
AN - SCOPUS:0242411475
SN - 0098-5589
VL - 29
SP - 946
EP - 959
JO - IEEE Transactions on Software Engineering
JF - IEEE Transactions on Software Engineering
IS - 10
ER -