The RISCOSS Platform for Risk Management in Open Source Software Adoption

Franch, Xavier; Kenett, Ron S.; Mancinelli, Fabio; Susi, Angelo; Ameller, David; Annosi, María Carmela; Ben-Jacob, Ron; Blumenfeld, Yehuda; Franco, Oscar H.; Groß, Daniel; López, Lidia; Morandini, Mirko; Oriol, Marc; Siena, Alberto

doi:10.1007/978-3-319-17837-0_12

Cited by 9 publications

(15 citation statements)

References 16 publications

(16 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For instance, it is reported that they fail on considering risk factors [20]. We envisage the need to provide full support to strategic decision making based on the analysis of the impact of QRs in such key criteria, reconciling: 1) QR-specific universes of discourse with definition of the concepts that matter in their management and assessment [17], 2) reasoning frameworks as the NFR framework [15], 3) a highly informative dashboard that provides full transparency to the decision making process [21].…”

Section: State Of the Artmentioning

confidence: 99%

Data-Driven Elicitation, Assessment and Documentation of Quality Requirements in Agile Software Development

Franch

Gómez

Jedlitschka

et al. 2018

Advanced Information Systems Engineering

View full text Add to dashboard Cite

Quality Requirements (QRs) are difficult to manage in agile software development. Given the pressure to deploy fast, quality concerns are often sacrificed for the sake of richer functionality. Besides, artefacts as user stories are not particularly well-suited for representing QRs. In this exploratory paper, we envisage a data-driven method, called Q-Rapids, to QR elicitation, assessment and documentation in agile software development. Q-Rapids proposes: 1) The collection and analysis of design and runtime data in order to raise quality alerts; 2) The suggestion of candidate QRs to address these alerts; 3) A strategic analysis of the impact of such requirements by visualizing their effect on a set of indicators rendered in a dashboard; 4) The documentation of the requirements (if finally accepted) in the backlog. The approach is illustrated with scenarios evaluated through a questionnaire by experts from a telecom company.

show abstract

Section: State Of the Artmentioning

confidence: 99%

Data-Driven Elicitation, Assessment and Documentation of Quality Requirements in Agile Software Development

Franch

Gómez

Jedlitschka

et al. 2018

Advanced Information Systems Engineering

View full text Add to dashboard Cite

show abstract

“…• Introducing the different capabilities of a risk analysis supporting platform [9]. The briefing considers the results of an EU project called RISCOSS (www.riscoss.eu) that has developed a software platform that implements this 3-layer view.…”

Section: Motivation and Objectivesmentioning

confidence: 99%

“…A set of scientific papers produced in the RISCOSS project serve to document the main concepts presented [3][6] [7] [8]. As for tool support, during the briefing we use the RISCOSS platform [9]. The current version of the platform can be accessed at https://github.com/RISCOSS/riscoss-corporate.…”

Section: Introductionmentioning

confidence: 99%

Risk assessment in open source systems

Franch

Susi

2016

Proceedings of the 38th International Conference on Software Engineering Companion

View full text Add to dashboard Cite

Adopting Open Source Software (OSS) components offers many advantages to organizations but also introduces risks related to the intrinsic fluidity of the OSS development projects. Choosing the right components is a critical decision, as it could contribute to the success of any adoption process. Making the right decision requires to evaluate the technical capabilities of the components and also related strategic aspects, including possible impacts on high level objectives. This can be achieved through a portfolio of risk assessment and mitigation methods. In this briefing we introduce the basic concepts related to OSS ecosystems and to risk representation and reasoning. We illustrate how risk management activities in OSS can benefit from the large amount of data available from OSS repositories and how they can be connected to business goals for strategic decision-making. The concepts are illustrated with a software platform developed in the context of the EU FP7 project RISCOSS. CCS Concepts• Software and its engineering➝Software notations and tools

show abstract

“…business software projects incorporating Open Source Software (OSS) components (Synopsys, 2020;Tidelift, 2019;Szulik, 2018). Managers and practitioners in software-intensive businesses using CBSD frequently make decisions concerning the adoption of OSS components to be integrated into their tools and products (Franch et al, 2015;López L. Costal et al, 2016;Hauge et al, 2009Hauge et al, , 2010Stol and Ali Babar, 2010a;Ayala et al, 2011a;Lundell et al, 2017;Lenarduzzi et al, 2019;Spinellis, 2019;Kazimierczak et al, 2020). A key economic motivation for many businesses is the use of OSS as a means of short-cutting resource intensive software development processes (Spinellis, 2019;European Commission, 2017;Kazimierczak et al, 2020;Petersen et al, 2018;Badampudi et al, 2016).…”

Section: Introductionmentioning

confidence: 99%

“…The challenge of OSS component adoption is more complex and nuanced than simply identifying functionally suitable software (Spinellis, 2019). Businesses need to consider multiple additional factors, for example, the software licence of the component in the context of their own licensing policy (Stol and Ali Babar, 2010a;van der Burg et al, 2014;Spinellis, 2019;Petersen et al, 2018), and also the viability and stability of the OSS project community that develops the component (Stol and Ali Babar, 2010a;TODO Goup, 2018;Franch et al, 2015;López L. Costal et al, 2015.…”

Section: Introductionmentioning

confidence: 99%