Architectural-Level Risk Analysis Using UML

Katerina Goseva-Popstojanova, Ahmed Hassan, Ajith Guedem, Walid Abdelmoez, Diaa Eldin M. Nassar, Hany Ammar, Ali Mili

Research output: Contribution to journalArticlepeer-review

133 Scopus citations


Risk assessment is an essential part in managing software development. Performing risk assessment during the early development phases enhances resource allocation decisions. In order to improve the software development process and the quality of software products, we need to be able to build risk analysis models based on data that can be collected early in the development process. These models will help Identify the high-risk components and connectors of the product architecture, so that remedial actions may be taken in order to control and optimize the development process and Improve the quality of the product, In this paper, we present a risk assessment methodology which can be used In the early phases of the software life cycle. We use the Unified Modeling Language (UML) and commercial modeling environment Rational Rose Real Time (RoseRT) to obtain UML model statistics. First, for each component and connector in software architecture, a dynamic heuristic risk factor is obtained and severity is assessed based on hazard analysis. Then, a Markov model Is constructed to obtain scenarios risk factors. The risk factors of use cases and the overall system risk factor are estimated using the scenarios risk factors. Within our methodology, we also identify critical components and connectors that would require careful analysis, design, implementation, and more testing effort. The risk assessment methodology is applied on a pacemaker case study.

Original languageEnglish (US)
Pages (from-to)946-959
Number of pages14
JournalIEEE Transactions on Software Engineering
Issue number10
StatePublished - Oct 2003

All Science Journal Classification (ASJC) codes

  • Software


  • Dynamic complexity
  • Dynamic coupling
  • Markov model
  • Risk assessment
  • Severity of failure
  • Software architecture
  • UML specification


Dive into the research topics of 'Architectural-Level Risk Analysis Using UML'. Together they form a unique fingerprint.

Cite this