A Methodology for Measuring the Risk Associated with A Software Requirements Specification
نویسندگان
چکیده
This paper presents a six-step metrics-based methodology for assessing the risks associated with and hence the resources required to implement the requirements contained within a software requirements specification (SRS). The method seeks to eliminate the use of subjective probability assessments in models of risk exposure (RE) and risk reduction leverage (RRL). Measurements are taken of the number of requirements and the class of risk, the number of change requests and their date of issue, and the cost of each requirement change. The class of requirements risks are tailored to a given organisation using the Delphi method. The information collected is stored as an historical database for use in the analysis of subsequent SRSs.
منابع مشابه
Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملMeasuring Hospital Performance Using Mortality Rates: An Alternative to the RAMR
Background The risk-adjusted mortality rate (RAMR) is used widely by healthcare agencies to evaluate hospital performance. The RAMR is insensitive to case volume and requires a confidence interval for proper interpretation, which results in a hypothesis testing framework. Unfamiliarity with hypothesis testing can lead to erroneous interpretations by the public and other stakeholders. We argue t...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملارائه یک روش نرم افزاری جهت استفاده از ارزیابی ریسک در بهینه سازی اقدامات حفاظت حریق ساختمان
Background and aims: The property loss and physical injuries due to fire events in buildings demonstrate the necessity of implementation of efficient and performance based fire safety measures. Effective and high efficiency protection is possible when design and selection of protection measures are based on risk assessment. This study aims at presenting a software method to make possible sele...
متن کاملOOExpert: An Agent Based System for Identifying and Refining Objects from Software Requirements Based on Object Based Formal Specification
This paper examines the issues associated with the methodology for object identification and refinement, and also the use of multi-agent system approach for collaborative object-oriented analysis and design. We propose an agent based system called OOExpert for solving problems on object model creation process by identifying and refining objects from software requirements based on object based f...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Australasian J. of Inf. Systems
دوره 4 شماره
صفحات -
تاریخ انتشار 1996