A State-of-the-Practice Survey of Risk Management in Development with Off-the-Shelf Software Components

An international survey on risk management in software development with off-the-shelf (OTS) components is reported upon and discussed. The survey investigated actual risk-management activities and their correlations with the occurrences of typical risks in OTS component-based development. Data from...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on software engineering Vol. 34; no. 2; pp. 271 - 286
Main Authors Jingyue Li, Slyngstad, O.P.N., Torchiano, M., Morisio, M., Bunse, C.
Format Journal Article
LanguageEnglish
Published New York IEEE 01.03.2008
IEEE Computer Society
Subjects
Computer industry
Computer programs
Computer Society
Debugging
Digital Object Identifier
Hypotheses
Information technology
Investigations
Investments
Learning
Monitoring
Open source software
Product design
Programming
Project management
Risk
Risk management
Society
Software
Software development
Software engineering
Software Engineering/Management
Software Engineering/Reusable Software
Software Engineering/Software Engineering Process
Software industry
Software systems
Studies
Success
Software Engineering/Reusable Software
Software Engineering/Management
Software Engineering/Software Engineering Process
Online AccessGet full text

Cover

More Information
Summary:An international survey on risk management in software development with off-the-shelf (OTS) components is reported upon and discussed. The survey investigated actual risk-management activities and their correlations with the occurrences of typical risks in OTS component-based development. Data from 133 software projects in Norway, Italy, and Germany were collected using a stratified random sample of IT companies. The results show that OTS components normally do not contribute negatively to the quality of the software system as a whole, as is commonly expected. However, issues such as the underestimation of integration effort and inefficient debugging remain problematic and require further investigation. The results also illustrate several promising effective risk-reduction activities, e.g., putting more effort into learning relevant OTS components, integrating unfamiliar components first, thoroughly evaluating the quality of candidate OTS components, and regularly monitoring the support capability of OTS providers. Five hypotheses are proposed regarding these risk-reduction activities. The results also indicate that several other factors, such as project, cultural, and human-social factors, have to be investigated to thoroughly deal with the possible risks of OTS-based projects.
Bibliography:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
ISSN:0098-5589
1939-3520
DOI:10.1109/TSE.2008.14