Error detection/correction and fault detection/recovery – Data processing system error or fault handling – Reliability and availability
Reexamination Certificate
1998-09-15
2001-04-17
Wright, Norman Michael (Department: 2184)
Error detection/correction and fault detection/recovery
Data processing system error or fault handling
Reliability and availability
C714S047300, C714S048000, C714S033000, C714S025000
Reexamination Certificate
active
06219805
ABSTRACT:
FIELD OF THE INVENTION
The present invention generally relates to software development tools, and more particularly, to a method and system for assessing risks associated with software systems.
BACKGROUND OF THE ART
Software systems are growing in complexity and are playing an important role in various industries. As a result, the users of software systems are demanding higher quality software systems, which, for example, have zero service downtime. Furthermore, the software industry is also placing greater demands on software developers by continually raising software quality standards. For example, in the telecommunications industry, network outages or even brief interruptions of service can have significant effect on users. A user, such as a bank, may lose millions of dollars during a brief service outage. On a more global scale, failure of densely interconnected networks essential to government operations may pose a national security risk.
To minimize the risk associated with software systems, and thus to increase the quality of the software systems, existing quality assurance tools generate and track, at various phases of the software development life cycle, risk factor data, for example, metrics associated with the modifications made to software systems during the development life cycle. Risk factor data typically includes code complexity metrics and development process metrics, which aid software developers in assessing or predicting risk associated with software systems.
Software developers have integrated these tools into various phases of the software development life cycle. For example, software developers use the code complexity metrics to identify the components that have greater risk to intensify the line-by-line inspection of the identified components. Similarly, development process metrics aid software testers to identify high risk components and to develop comprehensive plans for testing these components.
The existing quality assurance tools, however, narrowly focus on only one type of risk factor such as code complexities and development process metrics. As a result, the resulting risk assessment is not useful in many circumstances because accurate risk assessments generally cannot be based on a single risk factor. Although various other types of risk factor data can be measured separately or collectively by the existing tools, these factors generally are not used in making risk assessments, in part, because the interaction of these factors among each other and the effect of these factors on the risk assessments are not known.
Thus, it is desirable to have a method and system for assessing risks of software systems without the above-mentioned disadvantages.
DISCLOSURE OF THE INVENTION
Methods and systems consistent with the present invention, as embodied and broadly described herein, assess risks associated with the components of a software system by identifying a set of risk factors associated with the components, defining a risk model based on the identified set of risk factors, dynamically retrieving, from a plurality of external database systems, data associated with the set of risk factors, and determining risk values associated with the components, respectively, by inputting into the risk model the retrieved data. Furthermore, methods and systems consistent with the present invention determine risk ratings associated with the components by comparing the determined risk values with a set of predetermined thresholds, respectively. The risk ratings can directly or indirectly suggest an appropriate action in a process control environment.
The retrieved risk factor data represents a multi-dimensional view of the potential risks associated with the components, and may include, for example, two or more of code complexities, architectural relationships, fault histories, development activities, designer profiles, component contention, and/or usage profiles of the software components. The risk model includes a set of risk relations that associate the retrieved risk factor data with the risk values of the components.
A risk value represents, for example, a likelihood of discovering a fault or an expected number of faults associated with a component (fault-proneness), probability of a component failure due to a fault (reliability), probability of injecting or unmasking a fault over time (fault rate), and/or an expected repair cost due to potential faults associated with a component (cost of poor quality). A risk measurement represents a measurable aspect of a risk value associated with a component, which may include, for example, number of faults per component, number of faults per lines of code, number of failures per usage time, and/or cost of fault repair per failure. In other words, a risk value represents a forecast or an expectation of what a risk measurement will be at some future time.
This summary and the following description of the invention should not restrict the scope of the claimed invention. Both provide examples and explanations to enable others to practice the invention. The accompanying drawings, which form part of the description of the invention, show several embodiments of the invention, and together with the description, explain the principles of the invention.
REFERENCES:
patent: 5655074 (1997-08-01), Rauscher
patent: 6079031 (2000-06-01), Haley et al.
patent: 6151688 (2000-11-01), Wipfel et al.
V. Basili et al., “A Validation of Object-Oriented Design Metrics as Quality Indicators,” IEEE Transactions on Software Engineering, vol. 22, No. 10, Oct. 1996, pp. 751-761.
C. Ebert, “Classification Techniques for Metri-based Software Development,” Software Quality Journal 5, Dec. 1996, pp. 255-272.
Evanco et al., “A Composite Complexity Approach for Software Defect Modelling,” Software Quality Journal 3, Mar. 1994, pp. 27-44.
J. Henry et al., “Improving Software Maintenance at Martin Marietta,” IEEE Software, Jul. 1994, pp. 67-75.
T.M. Khoshgoftaar et al., “Using Process History to Predict Software Quality,” Computer, Apr. 1998, pp. 66-72.
T.M. Khoshgoftaar et al., “Software Metrics: Charting the Course,” Computer, Sep. 1994, pp. 13-15.
B. Kitchenham et al., “Software Quality: The Elusive Target,” IEEE Software, Jan. 1996, pp 12-21.
J. Mayrand et al., “System Acquisition Based On Software Product Assessment,” In Proceedings of 18thInternational Conference on Software Engineering, IEEE Computer Society Press, Mar. 1996, pp. 210-219.
H. Ogasawara et al., “Experiences of Software Quality Management using Metrics through the Life-Cycle”, In Proceedings of 18thInternational Conference on Software Engineering, IEEE Computer Society Press, Mar. 1996, pp 179-188.
N. Ohlsson et al., “Predicting Fault-Prone Software Modules in Telephone Switches,” IEEE Transactions on Software Engineering, vol. 22, No. 12, Dec. 1996, pp. 886-894.
N. Ohlsson et al., “Application of Multivariate Analysis for Software Fault Prediction,” Software Quality, Journal 7, 1998, pp. 51-66.
S.L. Pfleeger, “Assessing Measurement,” IEEE Software, Mar. 1997, pp. 25-26.
N. Schneidewind, “Controlling and Predicting the Quality of Space Shuttle software Using Metrics,” Software Quality Journal 4, Jan. 1995, pp. 49-68.
N. Schneidewind, “Software Metrics Model for Integrating Quality Control and Prediction,” IEEE Computer Society, Nov. 1997, pp. 402-415.
G. Stark et al., “Using Metrics in Management Decision Making,” Computer, Sep. 1994, pp. 42-48.
R. Hochman et al., “Using the genetic Algorithm to Build Optimal Neural Networks for Fault-Prone Module Detection,” IEEE Computer Society, Oct. 1996, pp 152-162.
J.P. Hudepohl et al., “Emerald: Software Metrics and Models on the Desktop,” IEEE Software, 13, Sep. 1996, pp. 56-60.
S. Lauesen et al., “Is Software Quality Visible in the Code,” IEEE Software, 15, Jul./Aug. 1998, pp. 69-73.
T.M. Khoshgoftaar et al., “Detection of Fault-Prone Program Modules in a Very Large Telecommunications System,” IEEE Computer Society, Oct. 1995, pp. 24-33.
T. M. Khoshgoftaar et al., “Early Quality Prediction: A Case Study in Telecommunications,” IEEE Software, Jan.
Aud Stephen J.
Flournory Martin L.
Hudepohl John P.
Jones Wendell Davis
Schutz Eric C.
Nortel Networks Limited
Wright Norman Michael
LandOfFree
Method and system for dynamic risk assessment of software... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for dynamic risk assessment of software..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for dynamic risk assessment of software... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2462274