Risk assessment model of application development using Bayesian Network and Boehm's Software Risk Principles

Sipayung, Josua Johan Pandapotan; Sembiring, Jaka

doi:10.1109/icitsi.2015.7437722

Cited by 6 publications

(5 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The obtained grouping is shown in Table 1 to explain the relationship between risk areas. This result can also be seen in our previous research [10]. With this grouping, one can create a dependency model based on interrelation of risk category area shown in Figure 1.…”

Section: Methodssupporting

confidence: 81%

“…Based on these research result, we enhance the work of [7] to show the possibility of relation between the top 20 risks. Earlier effort on this topic can be seen in [10] where the theoretical background, context diagram, mapping table, and preliminary model were elaborated. Our paper investigates further on how to determine the probability and interrelationship of such risk in application development using Bayesian network concept.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Application Development Risk Assessment Model Based on Bayesian Network

Sembiring

Sipayung²,

Arman

2018

TELKOMNIKA

Self Cite

View full text Add to dashboard Cite

This paper describ es a new risk assessment model for application development and its implementation. The model is developed using a Bayesian network and Boehm's software risk principles. The Bayesian network is created after mapping top twenty risks in software projects with interrelationship digraph of risk area category. The prob ab ility of risk on the network is analyzed and validated using b oth numerical simulation and subjective probab ility from several experts in the field and a team of application developers. After ob taining the Bayesian network model, risk exposure is calculated using Boehm's risk principles. Finally, the implementation of the proposed model in a government institution is shown as a real case illustration.

show abstract

Section: Methodssupporting

confidence: 81%

Section: Introductionmentioning

confidence: 99%

Application Development Risk Assessment Model Based on Bayesian Network

Sembiring

Sipayung²,

Arman

2018

TELKOMNIKA

Self Cite

View full text Add to dashboard Cite

show abstract

“…• A3 -Risk identification: This is the process that makes it possible to find, recognise, and describe the different risks, the sources of the risks, and the events, in addition to identifying each of the causes and their potential consequences. Sipayung et al [56] define risk identification as an early stage in risk assessment which often allows the risks involved in the development projects for applications to be pinpointed. The authors use a set of risks identified in software projects as a guide in this stage; these are listed in [117].…”

Section: Tablementioning

confidence: 99%

“…Sipayung et al [56] contribute by presenting a model that enables calculation of the probability and impact of risk in application development projects. This probability is calculated using Bayesian networks.…”

Section: Rq4mentioning

confidence: 99%

Risk management in the software life cycle: A systematic literature review

Masso

Pino

Pardo

et al. 2020

Computer Standards & Interfaces

View full text Add to dashboard Cite

Risk management (RM) plays a key role in project management, as it allows identification and prompt management of threats that may arise during project execution. Furthermore, project management within the software industry is evolving rapidly nowadays, a fact that implies new challenges, because the emergence and use of fresh approaches has brought a greater degree of complexity to the RM process. The objective of this paper is to carry out a systematic literature review (SLR) in the field of software risk, in an attempt to characterize and present the state of the art of this field, identifying gaps and opportunities for further research. From the analysis of the results of this SLR it could be observed that interest on the part of the scientific community has turned away from the definition of research work that addressed an integrated risk management process, to pay attention to work that concentrates on specific activities of this process. It was also possible to see that there is a clear lack of scientific rigour as regards the process of validation in the different studies, and a deficiency in the use of standards or of de facto models to define these.

show abstract

“…The boom of the network security situation awareness has been laid out. In the past two decades, the experts and scholars not only use Analytic Hierarchy Process (AHP) [2,3], attacking graph [4,5], and Bayesian network [6,7] to study the risk assessment but also make use of the hidden Markov model [8,9] to discuss the field. With the advent of Computer Immunology, the researchers began to study the domain based on artificial immune [10,11], such as that based on antibody concentration [12] of network risk assessment.…”

Section: Introductionmentioning

confidence: 99%

A Quantitative Risk Evaluation Model for Network Security Based on Body Temperature

Jiang

Cao

Xiao

et al. 2016

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

These days, in allusion to the traditional network security risk evaluation model, which have certain limitations for real-time, accuracy, characterization. This paper proposed a quantitative risk evaluation model for network security based on body temperature (QREM-BT), which refers to the mechanism of biological immune system and the imbalance of immune system which can result in body temperature changes, firstly, through ther-contiguous bits nonconstant matching rate algorithm to improve the detection quality of detector and reduce missing rate or false detection rate. Then the dynamic evolution process of the detector was described in detail. And the mechanism of increased antibody concentration, which is made up of activating mature detector and cloning memory detector, is mainly used to assess network risk caused by various species of attacks. Based on these reasons, this paper not only established the equation of antibody concentration increase factor but also put forward the antibody concentration quantitative calculation model. Finally, because the mechanism of antibody concentration change is reasonable and effective, which can effectively reflect the network risk, thus body temperature evaluation model was established in this paper. The simulation results showed that, according to body temperature value, the proposed model has more effective, real time to assess network security risk.

show abstract

Risk assessment model of application development using Bayesian Network and Boehm's Software Risk Principles

Cited by 6 publications

References 10 publications

Application Development Risk Assessment Model Based on Bayesian Network

Application Development Risk Assessment Model Based on Bayesian Network

Risk management in the software life cycle: A systematic literature review

A Quantitative Risk Evaluation Model for Network Security Based on Body Temperature

Contact Info

Product

Resources

About