| Risk analysis and management has become an essential activity for software projects in industrial circles. This research and dissertation effort focuses on software risk analysis activities. The aim of the effort is to develop innovative techniques for objective risk analysis. As detailed herein, improved algorithms for software risk-categorization and models for risk-prediction have been provided and validated.; Risk categorization methods provide improved capability to discriminate high-risk software. The approach draws on the combined strengths of pattern recognition, multivariate statistics and neural networks. Principal component analysis provides a means of normalizing and orthogonalizing the input data to eliminate the ill effects of multicollinearity. A significant innovation within this approach is cross-normalization, which provides the capability to discriminate data sets that include disproportionately large numbers of high-risk software modules.; Risk predictors focus on the technical risk associated with software defects, examining both the numbers of defects and the fault repair process. These new techniques extend current software risk analysis techniques by examining risks along the technical axis of the triple constraint. An estimator for technical risk, the 3rd dimension of the triple constraint has been devised. The estimation model is validated using data from a number of software projects.; A second risk estimator is provided to explain the fault repair process. A balls & urn model is extended to account for the fault repair processes. The expanded version includes defect queuing, problem examination, and fault correction. Solutions for these models, under conditions of both proportional and constant repair-rate conditions, are defined for both single- and multiple-release conditions. The models are compared to actual industry data, with favorable results.; Finally, an enhanced software development process model has been offered. This model includes definition of specific risk analyses in relation to phases of software development.; Overall, the results offer means for improvements to the software process in the area of risk analysis. The methods provide assessment capability throughout the software development effort. It is anticipated that the combination of these new techniques, together with existing approaches, will benefit the software development team. |
