A State-of-the-Practice Survey of Risk Management in Development with Off-the-Shelf Software Components
Issue No. 02 - March/April (2008 vol. 34)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TSE.2008.14
Jingyue Li , Norwegian University of Science and Technology
Reidar Conradi , Norwegian University of Science and Technology
Odd Petter Slyngstad , Norwegian University of Science and Technology
Marco Torchiano , Politecnico di Torino
Maurizio Morisio , Politecnico di Torino, Italy
Christian Bunse , the International University in Germany
An international survey on risk management in software development with OTS (Off-The-Shelf) components is reported upon and discussed. The survey investigated actual risk-management activities and their correlations with the occurrences of typical risks in OTS component-based development. Data from 133 software projects in Norway, Italy, and Germany were collected using a stratified random sample of IT companies. The results show that OTS components normally do not contribute negatively to the quality of the software system as a whole, as what is commonly expected. However, issues such as the underestimation of integration effort and inefficient debugging remain problematic and require further investigation. The results also illustrate several promising effective risk-reduction activities, e.g. putting more effort into learning relevant OTS components, integrating unfamiliar components first, evaluating the quality of candidate OTS components thoroughly, and regularly monitoring the support capability of OTS providers. Five hypotheses are proposed regarding these risk reduction activities. The results also indicate that several other factors, such as project, cultural, and human-social factors, have to be investigated to deal with the possible risks of OTS-based projects thoroughly.
Software Engineering/Reusable Software, Software Engineering/Management, Software Engineering/Software Engineering Process
J. Li, M. Morisio, C. Bunse, R. Conradi, O. P. Slyngstad and M. Torchiano, "A State-of-the-Practice Survey of Risk Management in Development with Off-the-Shelf Software Components," in IEEE Transactions on Software Engineering, vol. 34, no. , pp. 271-286, 2008.