面向可信软件的开发过程风险相关性研究与调查分析
详细信息 查看官网全文
- 英文论文题名:Trustworthy Software Oriented Development Risk Correlation Study and Investigation Analysis
- 论文作者:宋浩 ; 周锋波 ; 姜计荣
- 英文论文作者:SONG Hao ; ZHOU Feng-bo ; JIANG Ji-rong ; School of Mathematics and Quantitative Economics ; Shandong University of Finance and Economics
- 年:2016
- 作者机构:山东财经大学数学与数量经济学院;
- 论文关键词:可信软件 ; 风险管理 ; 风险相关性 ; 结构方程模型 ; 问卷调查
- 英文论文关键词:trustworthy software ; risk management ; risk correlation ; structural equation model ; questionnaire survey
- 会议召开时间:2016-11-12
- 会议录名称:第十八届中国管理科学学术年会论文集
- 英文会议录名称:Proceedings of the 18th Chinese Annual Conference on Management Science
- 语种:中文
- 分类号:TP311.52
- 学会代码:ZHYJ
- 会议名称:第十八届中国管理科学学术年会
- 会议地点:中国陕西西安
- 主办单位:中国优选法统筹法与经济数学研究会、西安交通大学、中国科学院科技战略咨询研究院、《中国管理科学》编辑部
- 学会名称:中国优选法统筹法与经济数学研究会
- 页数:8
- 文件大小:702k
- 原文格式:O
- 会议级别:全国
摘要
可信软件的提出和研究,是近年来国内外学术界和产业界普遍关注的热点问题。在可信软件开发的过程中,不同风险间相互影响和关联,给软件项目风险管理提出了很大的挑战,直接影响开发过程质量和最终软件产品的可信性。该文基于风险管理的视角,提出六类开发过程风险、开发过程质量和最终产品质量之间的相关性模型,在向国内数家高CMMI等级企业发放调查问卷的基础上,运用结构方程建模方法对相关性模型进行定量分析,得到用户风险和开发商风险与需求风险显著正相关,需求风险、开发商风险、项目风险与开发过程质量显著负相关,开发过程质量与最终产品质量显著正相关等结论。该文不仅对时下热议的可信软件开发具有一定理论贡献意义,其定性相关模型和定量分析结果,亦可直接为大型软件开发企业提供风险管理实践指导依据。
In recent years,the research of trustworthy software is hot issues in academic and industrial fields throughout the whole world.However,the interaction and correlation among the risks in development process not only pose a daunting challenge for the software project risk management,but also directly affect the development quality and the trustworthiness of software product.From the perspective of risk management,the correlation model,which covered the relationships among 6 kinds of risks,quality of development and software product,were brought forward in this paper.Questionnaires were collected from several Chinese software enterprises with high CMMI level and Structural Equation Model was performed to analyze the model quantitatively.The final conclusions include user risk and developer risk have significant positive effects on requirements risk,requirements risk,developer risk and project risk have significant negative effects on development process quality,development process quality has significant positive effect on product quality etc.This paper not only contributes to the theory of popular trustworthy software development,but also directly provides risk management guidances for large software enterprises.
In recent years,the research of trustworthy software is hot issues in academic and industrial fields throughout the whole world.However,the interaction and correlation among the risks in development process not only pose a daunting challenge for the software project risk management,but also directly affect the development quality and the trustworthiness of software product.From the perspective of risk management,the correlation model,which covered the relationships among 6 kinds of risks,quality of development and software product,were brought forward in this paper.Questionnaires were collected from several Chinese software enterprises with high CMMI level and Structural Equation Model was performed to analyze the model quantitatively.The final conclusions include user risk and developer risk have significant positive effects on requirements risk,requirements risk,developer risk and project risk have significant negative effects on development process quality,development process quality has significant positive effect on product quality etc.This paper not only contributes to the theory of popular trustworthy software development,but also directly provides risk management guidances for large software enterprises.
引文
[1]刘克,单志广,王戟,等.“可信软件基础研究”重大研究计划综述[J].中国科学基金,2008,22(3):145-151.
[2]Amoroso E,Taylor C,Watson J,et al.A process-oriented methodology for assessing and improving software trustworthinesses/Proceedings of the 2nd ACM Conference on Computer and Communications Security.Virginia,USA,1994:39-50.
[3]Wegner C M.An Analysis of the relationship between risk alignment and cost performance[D].Air Force Institute of Technology,1996.
[4]Charette R.Software engineering risk analysis and management[M].New York:McGraw-Hill,Inc.,1989.
[5]Barki H.Rivard S,Talbot J.Toward an assessment of software development risk[J].Journal of Management Information Systems,1993,10(2):203-225.
[6]Neumann D.An enhanced neural network technique for software risk analysis[J].IEEE Transactions on Software Engineering,2002,28(9):904-912.
[7]Ropponen J,Lyytinen K.Components of software development risk:How to address them?A project manager survey[J].IEEE Transactions on Software Engineering,2000,26(2):98-112.
[8]Huang S J,Han Wenming.Exploring the relationship between software project duration and risk exposure;A cluster analysis[J].Information&Management,2008,45(3):175-182.
[9]Han Wenming,Huang S J.An empirical analysis of risk components and performance on software projects[J].Journal of Systems and Software,2007,80(1):42-50.
[10]Wallace L,Keil M,Rai A.Understanding software project Risk:A cluster analysis[J].Information&Management,2004,42(1):115-125.
[11]Wu Dengsheng,Song Hao.Li Minglu.et al.Modeling risk factors dependence using copula method for assessing software schedule risk[C]//Proceedings of the 2nd International Conference on Software Engineering and Data Mining.Chengdu,2010:571-574.
[12]De Melo A C V,Sanchez A J.Software maintenance project delays prediction using Bayesian networks[J].Expert Systems with Applications,2008,34(2):908-919.
[13]Luu V,Kim S,Tuan N,et al.Quantifying schedule risk in construction projects using Bayesian belief networks[J].International Journal of Project Management,2009,27(1):39-50.
[14]Fan Chinfeng,Yu Yuanchang.BBN-Based software project risk management[J].Journal of Systems and Software,2004,73(2):193-203.
[15]Li Jianping,Li Minglu.Wu Dengsheng,et al.An integrated risk measurement and optimization model for trustworthy software process management[J].Information Sciences,2012,191:47-60.
[16]杨洁,杨育,王小磊.面向可信软件的风险管理模型研究[J].计算机应用研究,2008,25(10):3010-3011.
[17]Pearl J.Graphs,causality,and structural equation models[J].Sociological Methods&Research,1998,27(2):226.
[18]Kim D Y,Han S H.Kim H,et al.Structuring the prediction model of project performance for international construction projects:A comparative analysis[J].Expert Systems with Applications,2009,36(2):1961-1971.
[19]Wallace L.Keil M,Rai A.How software project risk affects project performance:An investigation of the dimensions of risk and an exploratory model[J].Decision Sciences,2004,35(2):289-321.
[20]Na K S,Simpson J T.Li Xiaotong.et al.Software development risk and project performance measurement:Evidence in Korea[J].Journal of Systems and Software,2007,80(4):596-605.
[21]陈劲,景劲松,沈祖志.复杂产品系统创新项目风险作用机理研究[J].中国管理科学,2005,13(S):157-164.
[22]王求真,马庆国.基于两阶段风险的定制类信息系统开发项目绩效模型构建与实证研究[J].浙江大学学报(人文社会科学版),2007,37(4):134-143.
[23]徐菊芬.中小软件企业项目风险发生机理分析及预警研究[D].杭州;浙江大学,2007.
[24]Gupta S.Kim H W.Linking structural equation modeling to Bayesian networks:Decision support for customer retention in virtual communities[J].European Journal of Operational Research,2008,190(3):818-833.
[25]Ewusi-Mensah K,Przasnyski Z H.On information systems project abandonment:An exploratory study of organizational practices[J].MIS quarterly,1991,15(1):67-86.
[26]Boehm B W.Software risk management-principles and practices[J].IEEE Software,1991,8(1):32-41.
[27]Moynihan T.How experienced project managers Assess risk[J].IEEE Software,1997,14(3):35-41.
[28]Keil M.Cule P E.Lyytinen K,et al.A framework for identifying software project risks[J].Communications of the ACM,1998,41(11):76-83.
[29]Schmidt R.Lyytinen K.Keil M,et al.Identifying software project risks:An international delphi study[J].Journal of Management Information Systems,2001,17(4):5-36.
[30]Paulk M,Curtis B,Chrissis M,et al.Capability maturity model for software[R].Pittsburgh,PA:Software Engineering Institute,1993.
[31]Chen J,Huang S.An empirical analysis of the impact of software development problem factors on software maintainability[J].Journal of Systems and Software,2009,82(6):981-992.
[32]Reel J S.Critical success factors in software projects[J].IEEE Software,1999,16(3):18-23.
[33]侯杰泰,温忠麟,成子娟.结构方程模型及其应用[M].北京:教育科学出版社,2004.
[34]钱鸿生,黄立平.基于风险管理的软件生命周期模型研究[J].通信学报,2006,27(5):135-140.
[35]Jiang J J,Klein G,Chen H.The effects of user partnering and user non-support on project performance[J].Journal of the association for Information Systems,2006,7(2):68-88.
[36]Vanlommel E,Brabander B D.The organization of electronic data processing(EDP)activities and computer use[J].The Journal of Business,1975,48(3):391-410.
[37]Jiang J,Klein G,Hwang H,et al.An exploration of the relationship between software development process maturity and project performance[J].Information&Management,2004,41(3):279-288.
[38]Wallace L,Keil M.Software project risks and their effect on outcomes[J].Communications of the ACM,2004,47(4):68-73.
[2]Amoroso E,Taylor C,Watson J,et al.A process-oriented methodology for assessing and improving software trustworthinesses/Proceedings of the 2nd ACM Conference on Computer and Communications Security.Virginia,USA,1994:39-50.
[3]Wegner C M.An Analysis of the relationship between risk alignment and cost performance[D].Air Force Institute of Technology,1996.
[4]Charette R.Software engineering risk analysis and management[M].New York:McGraw-Hill,Inc.,1989.
[5]Barki H.Rivard S,Talbot J.Toward an assessment of software development risk[J].Journal of Management Information Systems,1993,10(2):203-225.
[6]Neumann D.An enhanced neural network technique for software risk analysis[J].IEEE Transactions on Software Engineering,2002,28(9):904-912.
[7]Ropponen J,Lyytinen K.Components of software development risk:How to address them?A project manager survey[J].IEEE Transactions on Software Engineering,2000,26(2):98-112.
[8]Huang S J,Han Wenming.Exploring the relationship between software project duration and risk exposure;A cluster analysis[J].Information&Management,2008,45(3):175-182.
[9]Han Wenming,Huang S J.An empirical analysis of risk components and performance on software projects[J].Journal of Systems and Software,2007,80(1):42-50.
[10]Wallace L,Keil M,Rai A.Understanding software project Risk:A cluster analysis[J].Information&Management,2004,42(1):115-125.
[11]Wu Dengsheng,Song Hao.Li Minglu.et al.Modeling risk factors dependence using copula method for assessing software schedule risk[C]//Proceedings of the 2nd International Conference on Software Engineering and Data Mining.Chengdu,2010:571-574.
[12]De Melo A C V,Sanchez A J.Software maintenance project delays prediction using Bayesian networks[J].Expert Systems with Applications,2008,34(2):908-919.
[13]Luu V,Kim S,Tuan N,et al.Quantifying schedule risk in construction projects using Bayesian belief networks[J].International Journal of Project Management,2009,27(1):39-50.
[14]Fan Chinfeng,Yu Yuanchang.BBN-Based software project risk management[J].Journal of Systems and Software,2004,73(2):193-203.
[15]Li Jianping,Li Minglu.Wu Dengsheng,et al.An integrated risk measurement and optimization model for trustworthy software process management[J].Information Sciences,2012,191:47-60.
[16]杨洁,杨育,王小磊.面向可信软件的风险管理模型研究[J].计算机应用研究,2008,25(10):3010-3011.
[17]Pearl J.Graphs,causality,and structural equation models[J].Sociological Methods&Research,1998,27(2):226.
[18]Kim D Y,Han S H.Kim H,et al.Structuring the prediction model of project performance for international construction projects:A comparative analysis[J].Expert Systems with Applications,2009,36(2):1961-1971.
[19]Wallace L.Keil M,Rai A.How software project risk affects project performance:An investigation of the dimensions of risk and an exploratory model[J].Decision Sciences,2004,35(2):289-321.
[20]Na K S,Simpson J T.Li Xiaotong.et al.Software development risk and project performance measurement:Evidence in Korea[J].Journal of Systems and Software,2007,80(4):596-605.
[21]陈劲,景劲松,沈祖志.复杂产品系统创新项目风险作用机理研究[J].中国管理科学,2005,13(S):157-164.
[22]王求真,马庆国.基于两阶段风险的定制类信息系统开发项目绩效模型构建与实证研究[J].浙江大学学报(人文社会科学版),2007,37(4):134-143.
[23]徐菊芬.中小软件企业项目风险发生机理分析及预警研究[D].杭州;浙江大学,2007.
[24]Gupta S.Kim H W.Linking structural equation modeling to Bayesian networks:Decision support for customer retention in virtual communities[J].European Journal of Operational Research,2008,190(3):818-833.
[25]Ewusi-Mensah K,Przasnyski Z H.On information systems project abandonment:An exploratory study of organizational practices[J].MIS quarterly,1991,15(1):67-86.
[26]Boehm B W.Software risk management-principles and practices[J].IEEE Software,1991,8(1):32-41.
[27]Moynihan T.How experienced project managers Assess risk[J].IEEE Software,1997,14(3):35-41.
[28]Keil M.Cule P E.Lyytinen K,et al.A framework for identifying software project risks[J].Communications of the ACM,1998,41(11):76-83.
[29]Schmidt R.Lyytinen K.Keil M,et al.Identifying software project risks:An international delphi study[J].Journal of Management Information Systems,2001,17(4):5-36.
[30]Paulk M,Curtis B,Chrissis M,et al.Capability maturity model for software[R].Pittsburgh,PA:Software Engineering Institute,1993.
[31]Chen J,Huang S.An empirical analysis of the impact of software development problem factors on software maintainability[J].Journal of Systems and Software,2009,82(6):981-992.
[32]Reel J S.Critical success factors in software projects[J].IEEE Software,1999,16(3):18-23.
[33]侯杰泰,温忠麟,成子娟.结构方程模型及其应用[M].北京:教育科学出版社,2004.
[34]钱鸿生,黄立平.基于风险管理的软件生命周期模型研究[J].通信学报,2006,27(5):135-140.
[35]Jiang J J,Klein G,Chen H.The effects of user partnering and user non-support on project performance[J].Journal of the association for Information Systems,2006,7(2):68-88.
[36]Vanlommel E,Brabander B D.The organization of electronic data processing(EDP)activities and computer use[J].The Journal of Business,1975,48(3):391-410.
[37]Jiang J,Klein G,Hwang H,et al.An exploration of the relationship between software development process maturity and project performance[J].Information&Management,2004,41(3):279-288.
[38]Wallace L,Keil M.Software project risks and their effect on outcomes[J].Communications of the ACM,2004,47(4):68-73.