On Evidence-Based Risk Management in Requirements Engineering

  title={On Evidence-Based Risk Management in Requirements Engineering},
  author={Daniel M{\'e}ndez Fern{\'a}ndez and Michaela Tiessler and Marcos Kalinowski and Michael Felderer and Marco Kuhrmann},
Background: The sensitivity of Requirements Engineering (RE) to the context makes it difficult to efficiently control problems therein, thus, hampering an effective risk management devoted to allow for early corrective or even preventive measures. 
Data-driven Risk Management for Requirements Engineering: An Automated Approach based on Bayesian Networks
A series of Bayesian Networks were trained on data from the NaPiRE survey to model relationships between RE problems, their causes, and effects in projects with different contextual characteristics, and these models were used to conduct a post-mortem analysis and a preventive analysis.
A Pragmatic Assessment of Approaches and Paradigms in Software Risk Management Frameworks
Software risk management involves the process of prior recognition and the assessment of vulnerabilities with the classification approach so that the risk avoidance mechanism can be implemented. It
Are These Requirements Risky: A Proposal of an IoT-Based Requirements Risk Estimation Framework
The presented work fills this prerequisite for IoT software system developers seeking a competitive edge by improving requirements risk assessment for IoT systems and handling developers’ subjective judgments of multiple conflicting criteria, yielding more concrete and more observable results.
The state-of-practice in requirements elicitation: an extended interview study at 12 companies
The objective is to investigate the state-of-practice with respect to requirements elicitation, by closely examining practitioners’ current practices, and to focus on the techniques that are used in industry, the roles that requirements elicit involves, and the challenges that the requirements elicit process is faced with.
Contemporary Empirical Methods in Software Engineering
This chapter presents the five iterations of the development of empirical software engineering mainly from a methodological perspective and additionally takes key papers, venues, and books, which are covered in chronological order in a separate section on recommended further readings, into account.
Index Terms: Artificial Neural Network, Random Forest Approach, Software Risk Management, Software Risk Prediction, Soft Computing for Software Bugs Prediction I. INTRODUCTION Software Risk Management involves the process of prior recognition and assessment of vulnerabilities with the classification
The pragmatic evaluation of random forest approach is done and compared with results with traditional artificial neural networks (ANN) so that the results can be compared and the outcomes obtained and presented are giving the variations in favor random forest based optimization for the software risk management and predictive mining.
Challenges in Survey Research
This chapter compiles a set of important and challenging issues in survey research based on experiences with several large-scale international surveys to cover theory building, sampling, invitation and follow-up, statistical as well as qualitative analysis of survey data and the usage of psychometrics in software engineering surveys.


Requirements engineering: a roadmap
An overview of the field of software systems requirements engineering (RE) is presented, describing the main areas of RE practice, and highlights some key open research issues for the future.
Goal-driven risk assessment in requirements engineering
This work extends the Tropos goal modeling formal framework proposing new concepts, qualitative reasoning techniques, and methodological procedures that are based on a conceptual framework composed of three main layers: assets, events, and treatments.
RisCal -- A Risk Estimation Tool for Software Engineering Purposes
This paper presents a novel risk estimation tool for software engineering pruposes called RisCal, based on a generic risk model and supports the integration of manually and automatically determined metrics into the risk estimation.
Risk management in software development: a technology overview and the riskit method
  • J. Kontio
  • Computer Science
    Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002)
  • 1999
This tutorial presents a critical overview of the current risk management technology, discussing the pros and cons of main approaches, as well as guidelines for their use.
Waltzing with Bears: Managing Risk on Software Projects
The Top Risks of Requirements Engineering
The article looks at how the whole point of requirements engineering is to steer development toward producing the right software.
Software Engineering Risk Management: A Just-in-Time Approach
Dale Karolak approaches software development from a just-in-time viewpoint and presents strategies that you can use to implement and plan software projects in a cost-effective and timely manner.
A spiral model of software development and enhancement
An outline is given of the process steps involved in the spiral model, an evolving risk-driven approach that provides a framework for guiding the software process and its application to a software project is shown.
Towards Guidelines for Preventing Critical Requirements Engineering Problems
This paper proposes empirically-based guidelines that can be used by different types of organisations according to their size and process model to help them in preventing critical RE problems.
A taxonomy of risk-based testing
A taxonomy of risk-based testing is presented providing a framework to understand, categorize, assess, and compare risk- based testing approaches to support their selection and tailoring for specific purposes and is aligned with the consideration of risks in all phases of the test process.