SlideShare una empresa de Scribd logo

Quantifying the Impact of OSS Adoption Risks with the help of i* Models

Descargar como PPTX, PDF
GESSI UPC
GESSI UPC

Dolors Costal, Daniel Gross, Lidia Lopez, Mirko Morandini, Alberto Siena, Angelo Susi: Quantifying the Impact of OSS Adoption Risks with the help of i* Models. 7th i* Int. Workshop held at CAiSE 2014. Paper at http://ceur-ws.org/Vol-1157/paper10.pdf. Adopting Open Source Software (OSS) components in or ganisational settings requires evaluating the possible impact of adoption decisions on business goals. Measures available in OSS, capturing indicators such as the quality of open source code and the activeness of the developing community, can be used as a driver to assess various risks in component adoption. In this paper we illustrate how risk and impact models are used to relate measures obtained from the component under analysis to business goals in i* -based OSS business strategy models.

SoftwareTecnologíaEmpresariales
1 de 20
Dolors Costal, Daniel Gross, Lidia Lopez, Mirko Morandini, Alberto Siena, Angelo Susi Quantifying the Impact of OSS Adoption Risks with the help of i* Models
Agenda  Introduction  A method for risk assessment  Modeling language for ecosystems and risks – The two ingredients together  Reasoning on models  Conclusions and future work Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
Motivation “Identifying and evaluating the risks of Open Source Software (OSS) adoption exploiting the information form the OSS strategic and business ecosystems”*  The OSS ecosystem is composed by – Adopters (Companies, Public Administrations, OSS communities) – OSS communities *RISCOSS (Risks and Costs in Open Source Software Adoption) FP7 European project Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
A layered approach for risk assessment Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Strategic and Business Model Risk Drivers OSS project indicators OSS community indicators Contextual indicators Analyst OSS Project OSS Community Expert Layer 3 Business analysis Layer 2 Risk indicators Layer 1 Data Gathering
MODELING ECOSYSTEMS & RISKS
Modeling OSS ecosystems  Strategic actors  Strategic dependencies between actors  Strategic goals and tasks depending on the OSS adoption strategy – High-level business strategic goals – Low-level requirements goals and tasks Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
Modeling OSS strategies Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Strategic actors Strategic dependencies High-level goals Strategy requirements
Modeling risks  Risk characterized by – Event; => “the community disappear” (what) – Situation; => “the community is not active” (when) – Situation; => “(impossible to) maintain the final software product” (why)  Measures and Risk drivers – Measure raw and derived evidences Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Event Situation Measures Risk driver
Levels of representation: OSS ecosystems and risks together Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Timeliness Difficulty in code refinement people on project expose expose measure of bug fixing time impact Maintain software OSS Adopter OSS Commu nity OSS component Actor Goal Resource RIsk events situation Risk driver Layer of the Business / Strategic goal of the Ecosystem Layer of the risk indicators and risks Layer of measures and risk drivers Timeliness Difficulty in code refinement people on project expose expose measure of bug fixing time impact Maintain software OSS Adopter OSS Commu nity OSS component Actor Goal Resource RIsk events situation Risk driver
Meta-Model  Connected to the goal-models of the ecosystems to allow for the modelling of risk impact on goals, activities and other assets Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Risk Meta-Model Goal Meta-Model satisfied Situation probability extent Event expose protect Goal impact Actor desire propagate Task means-end govern increase mitigate performs Ecosystem provide depend value Measure evidence
REASONING ON THE MODELS
Risk and goal model reasoning  Risk and Goal model analysis – starting from the knowledge about values of properties of some nodes of the model (Risk events, Situations, Goals, Activities) infer knowledge about values of properties of other nodes Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Specification of models • Goal and risk models are specified Analysis of models • Logic based • Label prop. • … Analysis of results • Analysis of the possibility and severity of a risk
Reasoning techniques: based on evidence  Input: measures and indicators gathered from online repositories – Some subjective knowledge is partially available from involved stakeholders  Directed graph (in our case, goal and risk models) – To each node is associated an evidence – Each relation has a weight – Compound relations have a propagation function  Label propagation algorithm Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
OSS measures and risk drivers  Raw measures from OSS communities versioning systems, forums, mailing lists: – Bugs & Releases – Open Bugs – Messages in the posts  Risk drivers (from the raw measures) – Bug fix time: Critical & Blocker – Commit frequency per week & Number of Commits – Forum posts per day Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Statistical analysis of “Bug fix time” in XWiki (with R) Study of the behavior of the community 300Bugs$Fix_time count 1000 200 250 1000 1250 0 300
Propagation in the models Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
A possible result of the analysis Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Scenario1 Scenario2 Scenario3 Indicators’ Values (can make it possible) Tutorial Available X No Timeliness X X Needs from organisation ( can make it critical) Maintenance need X X X Product Quality Need X X X Risk Events Lack Of Support Critical Probable, Critical Probable Low Update Frequency Probable Probable Probable, Critical Error Proneness Probable, Critical Probable, Critical Critical Scenarios properties Risk events List of affected Goals Example: scenario analysis
CONCLUSIONS & FUTURE WORK
Conclusions Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
Future Work  Going deep in the study of the connections between indicators, risks and goals  Extending the analysis of the impact of a given risk to the ecosystem  Combination of model-based reasoning and statistical techniques to support different kind of reasoning at different level of detail based also on the availability of data 19
Lidia López – llopez@essi.upc.edu Angelo Susi – susi@fbk.eu www.riscoss.eu Thank you

Recomendados

A Context Ontology for Service Provisioning and Consumption
A Context Ontology for Service Provisioning and ConsumptionA Context Ontology for Service Provisioning and Consumption
A Context Ontology for Service Provisioning and ConsumptionGESSI UPC
 
PABRE: Pattern-Based Requirements Elicitation
PABRE: Pattern-Based Requirements ElicitationPABRE: Pattern-Based Requirements Elicitation
PABRE: Pattern-Based Requirements ElicitationGESSI UPC
 
iStarJSON: A Lightweight Data-Format for i* Models
iStarJSON: A Lightweight Data-Format for i* ModelsiStarJSON: A Lightweight Data-Format for i* Models
iStarJSON: A Lightweight Data-Format for i* ModelsGESSI UPC
 
PABRE System - Software Requirement Patterns
PABRE System - Software Requirement PatternsPABRE System - Software Requirement Patterns
PABRE System - Software Requirement PatternsGESSI UPC
 
Practical Experiences in Designing and Conducting Empirical Studies in Indust...
Practical Experiences in Designing and Conducting Empirical Studies in Indust...Practical Experiences in Designing and Conducting Empirical Studies in Indust...
Practical Experiences in Designing and Conducting Empirical Studies in Indust...GESSI UPC
 
MoDRE 2014 @ RE keynote -- NFR-Aware MDD Processes
MoDRE 2014 @ RE keynote -- NFR-Aware MDD ProcessesMoDRE 2014 @ RE keynote -- NFR-Aware MDD Processes
MoDRE 2014 @ RE keynote -- NFR-Aware MDD ProcessesGESSI UPC
 
Specialization in i* Strategic Rationale Diagrams
Specialization in i* Strategic Rationale DiagramsSpecialization in i* Strategic Rationale Diagrams
Specialization in i* Strategic Rationale DiagramsGESSI UPC
 
Monitoring services with SALMon.
Monitoring services with SALMon.Monitoring services with SALMon.
Monitoring services with SALMon.GESSI UPC
 

Recomendados

A Context Ontology for Service Provisioning and Consumption
A Context Ontology for Service Provisioning and ConsumptionA Context Ontology for Service Provisioning and Consumption
A Context Ontology for Service Provisioning and ConsumptionGESSI UPC
 
PABRE: Pattern-Based Requirements Elicitation
PABRE: Pattern-Based Requirements ElicitationPABRE: Pattern-Based Requirements Elicitation
PABRE: Pattern-Based Requirements ElicitationGESSI UPC
 
iStarJSON: A Lightweight Data-Format for i* Models
iStarJSON: A Lightweight Data-Format for i* ModelsiStarJSON: A Lightweight Data-Format for i* Models
iStarJSON: A Lightweight Data-Format for i* ModelsGESSI UPC
 
PABRE System - Software Requirement Patterns
PABRE System - Software Requirement PatternsPABRE System - Software Requirement Patterns
PABRE System - Software Requirement PatternsGESSI UPC
 
Practical Experiences in Designing and Conducting Empirical Studies in Indust...
Practical Experiences in Designing and Conducting Empirical Studies in Indust...Practical Experiences in Designing and Conducting Empirical Studies in Indust...
Practical Experiences in Designing and Conducting Empirical Studies in Indust...GESSI UPC
 
MoDRE 2014 @ RE keynote -- NFR-Aware MDD Processes
MoDRE 2014 @ RE keynote -- NFR-Aware MDD ProcessesMoDRE 2014 @ RE keynote -- NFR-Aware MDD Processes
MoDRE 2014 @ RE keynote -- NFR-Aware MDD ProcessesGESSI UPC
 
Specialization in i* Strategic Rationale Diagrams
Specialization in i* Strategic Rationale DiagramsSpecialization in i* Strategic Rationale Diagrams
Specialization in i* Strategic Rationale DiagramsGESSI UPC
 
Monitoring services with SALMon.
Monitoring services with SALMon.Monitoring services with SALMon.
Monitoring services with SALMon.GESSI UPC
 
Applying Business Strategy Models in Organizations
Applying Business Strategy Models in OrganizationsApplying Business Strategy Models in Organizations
Applying Business Strategy Models in OrganizationsGESSI UPC
 
Assessing Open Source Communities' using Service Oritented Computing concepts
Assessing Open Source Communities' using Service Oritented Computing conceptsAssessing Open Source Communities' using Service Oritented Computing concepts
Assessing Open Source Communities' using Service Oritented Computing conceptsGESSI UPC
 
iStar 2013: Using i* to Represent OSS Ecosystems for Risk Assessment
iStar 2013: Using i* to Represent OSS Ecosystems for Risk AssessmentiStar 2013: Using i* to Represent OSS Ecosystems for Risk Assessment
iStar 2013: Using i* to Represent OSS Ecosystems for Risk AssessmentGESSI UPC
 
A Catalogue of Software Requirement Patterns for the Domain of CMSs
A Catalogue of Software Requirement Patterns for the Domain of CMSsA Catalogue of Software Requirement Patterns for the Domain of CMSs
A Catalogue of Software Requirement Patterns for the Domain of CMSsGESSI UPC
 
Lecture on "QoS in Web Services" - Master course
Lecture on "QoS in Web Services" - Master courseLecture on "QoS in Web Services" - Master course
Lecture on "QoS in Web Services" - Master courseGESSI UPC
 
Software Requirement Patterns (SRP)
Software Requirement Patterns (SRP)Software Requirement Patterns (SRP)
Software Requirement Patterns (SRP)GESSI UPC
 
Er14
Er14Er14
Er14GESSI UPC
 
Slides refsq'14 ds v1
Slides refsq'14 ds v1Slides refsq'14 ds v1
Slides refsq'14 ds v1GESSI UPC
 
How do Software Architects consider Non-Functional Requirements
How do Software Architects consider Non-Functional RequirementsHow do Software Architects consider Non-Functional Requirements
How do Software Architects consider Non-Functional RequirementsGESSI UPC
 
Riscoss models u-qasar meeting
Riscoss models u-qasar meetingRiscoss models u-qasar meeting
Riscoss models u-qasar meetingXavier Franch
 
Expert mining compsac-2014
Expert mining compsac-2014Expert mining compsac-2014
Expert mining compsac-2014GESSI UPC
 
Oss2015
Oss2015Oss2015
Oss2015GESSI UPC
 
PetroSync - Project Risk Assessment & Management
PetroSync - Project Risk Assessment & ManagementPetroSync - Project Risk Assessment & Management
PetroSync - Project Risk Assessment & ManagementPetroSync
 
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approach
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approachOW2con'14 - Managing risks in OSS adoption: the RISCOSS approach
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approachOW2
 
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...VijiPriya Jeyamani
 
Defining an Open Source Software Trustworthiness Model
Defining an Open Source Software Trustworthiness Model Defining an Open Source Software Trustworthiness Model
Defining an Open Source Software Trustworthiness Model Davide Taibi
 
Open source-software-adoption-in-public-sector.ppt
Open source-software-adoption-in-public-sector.ppt Open source-software-adoption-in-public-sector.ppt
Open source-software-adoption-in-public-sector.ppt Androklis Mavridis
 
A GQM plan for the evaluation of the trustworthiness of open-source software
A GQM plan for the evaluation of the trustworthiness of open-source softwareA GQM plan for the evaluation of the trustworthiness of open-source software
A GQM plan for the evaluation of the trustworthiness of open-source softwareDavide Taibi
 
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...Nesma
 
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...riscoss-eu
 
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...Nesma
 
WISER: the European innovative framework on cybersecurity
WISER: the European innovative framework on cybersecurityWISER: the European innovative framework on cybersecurity
WISER: the European innovative framework on cybersecurityCYBERWISER .eu
 

Más contenido relacionado

Destacado

Applying Business Strategy Models in Organizations
Applying Business Strategy Models in OrganizationsApplying Business Strategy Models in Organizations
Applying Business Strategy Models in OrganizationsGESSI UPC
 
Assessing Open Source Communities' using Service Oritented Computing concepts
Assessing Open Source Communities' using Service Oritented Computing conceptsAssessing Open Source Communities' using Service Oritented Computing concepts
Assessing Open Source Communities' using Service Oritented Computing conceptsGESSI UPC
 
iStar 2013: Using i* to Represent OSS Ecosystems for Risk Assessment
iStar 2013: Using i* to Represent OSS Ecosystems for Risk AssessmentiStar 2013: Using i* to Represent OSS Ecosystems for Risk Assessment
iStar 2013: Using i* to Represent OSS Ecosystems for Risk AssessmentGESSI UPC
 
A Catalogue of Software Requirement Patterns for the Domain of CMSs
A Catalogue of Software Requirement Patterns for the Domain of CMSsA Catalogue of Software Requirement Patterns for the Domain of CMSs
A Catalogue of Software Requirement Patterns for the Domain of CMSsGESSI UPC
 
Lecture on "QoS in Web Services" - Master course
Lecture on "QoS in Web Services" - Master courseLecture on "QoS in Web Services" - Master course
Lecture on "QoS in Web Services" - Master courseGESSI UPC
 
Software Requirement Patterns (SRP)
Software Requirement Patterns (SRP)Software Requirement Patterns (SRP)
Software Requirement Patterns (SRP)GESSI UPC
 
Slides refsq'14 ds v1
Slides refsq'14 ds v1Slides refsq'14 ds v1
Slides refsq'14 ds v1GESSI UPC
 
How do Software Architects consider Non-Functional Requirements
How do Software Architects consider Non-Functional RequirementsHow do Software Architects consider Non-Functional Requirements
How do Software Architects consider Non-Functional RequirementsGESSI UPC
 

Destacado (9)

Applying Business Strategy Models in Organizations
Applying Business Strategy Models in OrganizationsApplying Business Strategy Models in Organizations
Applying Business Strategy Models in Organizations
 
Assessing Open Source Communities' using Service Oritented Computing concepts
Assessing Open Source Communities' using Service Oritented Computing conceptsAssessing Open Source Communities' using Service Oritented Computing concepts
Assessing Open Source Communities' using Service Oritented Computing concepts
 
iStar 2013: Using i* to Represent OSS Ecosystems for Risk Assessment
iStar 2013: Using i* to Represent OSS Ecosystems for Risk AssessmentiStar 2013: Using i* to Represent OSS Ecosystems for Risk Assessment
iStar 2013: Using i* to Represent OSS Ecosystems for Risk Assessment
 
A Catalogue of Software Requirement Patterns for the Domain of CMSs
A Catalogue of Software Requirement Patterns for the Domain of CMSsA Catalogue of Software Requirement Patterns for the Domain of CMSs
A Catalogue of Software Requirement Patterns for the Domain of CMSs
 
Lecture on "QoS in Web Services" - Master course
Lecture on "QoS in Web Services" - Master courseLecture on "QoS in Web Services" - Master course
Lecture on "QoS in Web Services" - Master course
 
Software Requirement Patterns (SRP)
Software Requirement Patterns (SRP)Software Requirement Patterns (SRP)
Software Requirement Patterns (SRP)
 
Er14
Er14Er14
Er14
 
Slides refsq'14 ds v1
Slides refsq'14 ds v1Slides refsq'14 ds v1
Slides refsq'14 ds v1
 
How do Software Architects consider Non-Functional Requirements
How do Software Architects consider Non-Functional RequirementsHow do Software Architects consider Non-Functional Requirements
How do Software Architects consider Non-Functional Requirements
 

Similar a Quantifying the Impact of OSS Adoption Risks with the help of i* Models

Riscoss models u-qasar meeting
Riscoss models u-qasar meetingRiscoss models u-qasar meeting
Riscoss models u-qasar meetingXavier Franch
 
Expert mining compsac-2014
Expert mining compsac-2014Expert mining compsac-2014
Expert mining compsac-2014GESSI UPC
 
PetroSync - Project Risk Assessment & Management
PetroSync - Project Risk Assessment & ManagementPetroSync - Project Risk Assessment & Management
PetroSync - Project Risk Assessment & ManagementPetroSync
 
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approach
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approachOW2con'14 - Managing risks in OSS adoption: the RISCOSS approach
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approachOW2
 
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...VijiPriya Jeyamani
 
Defining an Open Source Software Trustworthiness Model
Defining an Open Source Software Trustworthiness Model Defining an Open Source Software Trustworthiness Model
Defining an Open Source Software Trustworthiness Model Davide Taibi
 
Open source-software-adoption-in-public-sector.ppt
Open source-software-adoption-in-public-sector.ppt Open source-software-adoption-in-public-sector.ppt
Open source-software-adoption-in-public-sector.ppt Androklis Mavridis
 
A GQM plan for the evaluation of the trustworthiness of open-source software
A GQM plan for the evaluation of the trustworthiness of open-source softwareA GQM plan for the evaluation of the trustworthiness of open-source software
A GQM plan for the evaluation of the trustworthiness of open-source softwareDavide Taibi
 
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...Nesma
 
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...riscoss-eu
 
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...Nesma
 
WISER: the European innovative framework on cybersecurity
WISER: the European innovative framework on cybersecurityWISER: the European innovative framework on cybersecurity
WISER: the European innovative framework on cybersecurityCYBERWISER .eu
 
Process, design, implementation and evaluation of a mobile collaboration layer
Process, design, implementation and evaluation of a mobile collaboration layerProcess, design, implementation and evaluation of a mobile collaboration layer
Process, design, implementation and evaluation of a mobile collaboration layerMauro Pichiliani
 
Riskope 5 days course on Risk and Crisis Management for top managers and key ...
Riskope 5 days course on Risk and Crisis Management for top managers and key ...Riskope 5 days course on Risk and Crisis Management for top managers and key ...
Riskope 5 days course on Risk and Crisis Management for top managers and key ...Oboni Riskope Associates Inc.
 
Open Source Software Resilience Framework
Open Source Software Resilience FrameworkOpen Source Software Resilience Framework
Open Source Software Resilience FrameworkApostolos Kritikos
 
Summer school bz_fp7research_20100708
Summer school bz_fp7research_20100708Summer school bz_fp7research_20100708
Summer school bz_fp7research_20100708Sandro D'Elia
 
CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...
CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...
CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...OW2
 
Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...
Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...
Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...Matthias Braunhofer
 

Similar a Quantifying the Impact of OSS Adoption Risks with the help of i* Models (20)

Riscoss models u-qasar meeting
Riscoss models u-qasar meetingRiscoss models u-qasar meeting
Riscoss models u-qasar meeting
 
Expert mining compsac-2014
Expert mining compsac-2014Expert mining compsac-2014
Expert mining compsac-2014
 
Oss2015
Oss2015Oss2015
Oss2015
 
PetroSync - Project Risk Assessment & Management
PetroSync - Project Risk Assessment & ManagementPetroSync - Project Risk Assessment & Management
PetroSync - Project Risk Assessment & Management
 
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approach
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approachOW2con'14 - Managing risks in OSS adoption: the RISCOSS approach
OW2con'14 - Managing risks in OSS adoption: the RISCOSS approach
 
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...
Human Computer Interaction Chapter 4 Implementation Support and Evaluation Te...
 
Defining an Open Source Software Trustworthiness Model
Defining an Open Source Software Trustworthiness Model Defining an Open Source Software Trustworthiness Model
Defining an Open Source Software Trustworthiness Model
 
Open source-software-adoption-in-public-sector.ppt
Open source-software-adoption-in-public-sector.ppt Open source-software-adoption-in-public-sector.ppt
Open source-software-adoption-in-public-sector.ppt
 
A GQM plan for the evaluation of the trustworthiness of open-source software
A GQM plan for the evaluation of the trustworthiness of open-source softwareA GQM plan for the evaluation of the trustworthiness of open-source software
A GQM plan for the evaluation of the trustworthiness of open-source software
 
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...
Iwsm2014 an iso iec 33000-compliant measurement framework for software proc...
 
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
Managing Risks in Open Source Software adoption: the RISCOSS Approach, OW2con...
 
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...
IWSM2014 MEGSUS14 - software sustainability - a broader perspective (Luigi ...
 
WISER: the European innovative framework on cybersecurity
WISER: the European innovative framework on cybersecurityWISER: the European innovative framework on cybersecurity
WISER: the European innovative framework on cybersecurity
 
Process, design, implementation and evaluation of a mobile collaboration layer
Process, design, implementation and evaluation of a mobile collaboration layerProcess, design, implementation and evaluation of a mobile collaboration layer
Process, design, implementation and evaluation of a mobile collaboration layer
 
Riskope 5 days course on Risk and Crisis Management for top managers and key ...
Riskope 5 days course on Risk and Crisis Management for top managers and key ...Riskope 5 days course on Risk and Crisis Management for top managers and key ...
Riskope 5 days course on Risk and Crisis Management for top managers and key ...
 
Open Source Software Resilience Framework
Open Source Software Resilience FrameworkOpen Source Software Resilience Framework
Open Source Software Resilience Framework
 
CVSS
CVSSCVSS
CVSS
 
Summer school bz_fp7research_20100708
Summer school bz_fp7research_20100708Summer school bz_fp7research_20100708
Summer school bz_fp7research_20100708
 
CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...
CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...
CROSSMINER - Developer-Centric Knowledge Mining from Large Open-Source Softwa...
 
Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...
Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...
Usability Assessment of a Context-Aware and Personality-Based Mobile Recommen...
 

Más de GESSI UPC

Towards iStarML 2.0: Closing Gaps from Evolved Requirements
Towards iStarML 2.0: Closing Gaps from Evolved RequirementsTowards iStarML 2.0: Closing Gaps from Evolved Requirements
Towards iStarML 2.0: Closing Gaps from Evolved RequirementsGESSI UPC
 
Monitoring the service-based system lifecycle with SALMon
Monitoring the service-based system lifecycle with SALMonMonitoring the service-based system lifecycle with SALMon
Monitoring the service-based system lifecycle with SALMonGESSI UPC
 
Aligning Business Goals and Risks in OSS Adoption
Aligning Business Goals and Risks in OSS AdoptionAligning Business Goals and Risks in OSS Adoption
Aligning Business Goals and Risks in OSS AdoptionGESSI UPC
 
Jcis 2015-Towards Assessing Open Source Communities' Health using SOC Concepts
Jcis 2015-Towards Assessing Open Source Communities' Health using SOC ConceptsJcis 2015-Towards Assessing Open Source Communities' Health using SOC Concepts
Jcis 2015-Towards Assessing Open Source Communities' Health using SOC ConceptsGESSI UPC
 
RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)
RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)
RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)GESSI UPC
 
Open expo2015 riscoss
Open expo2015 riscossOpen expo2015 riscoss
Open expo2015 riscossGESSI UPC
 
Mobility4 all
Mobility4 allMobility4 all
Mobility4 allGESSI UPC
 
QuESo: a Quality Model for Open Source Software Ecosystems
QuESo: a Quality Model for Open Source Software EcosystemsQuESo: a Quality Model for Open Source Software Ecosystems
QuESo: a Quality Model for Open Source Software EcosystemsGESSI UPC
 
DB searches vs. snowballing
DB searches vs. snowballingDB searches vs. snowballing
DB searches vs. snowballingGESSI UPC
 
Arteon: Architectural and Technology Ontology
Arteon: Architectural and Technology OntologyArteon: Architectural and Technology Ontology
Arteon: Architectural and Technology OntologyGESSI UPC
 
Systematic Architecture Design
Systematic Architecture DesignSystematic Architecture Design
Systematic Architecture DesignGESSI UPC
 
Likert scales and statistics
Likert scales and statisticsLikert scales and statistics
Likert scales and statisticsGESSI UPC
 
Industry-academia collaboration
Industry-academia collaborationIndustry-academia collaboration
Industry-academia collaborationGESSI UPC
 

Más de GESSI UPC (16)

Towards iStarML 2.0: Closing Gaps from Evolved Requirements
Towards iStarML 2.0: Closing Gaps from Evolved RequirementsTowards iStarML 2.0: Closing Gaps from Evolved Requirements
Towards iStarML 2.0: Closing Gaps from Evolved Requirements
 
Monitoring the service-based system lifecycle with SALMon
Monitoring the service-based system lifecycle with SALMonMonitoring the service-based system lifecycle with SALMon
Monitoring the service-based system lifecycle with SALMon
 
Ossap final
Ossap finalOssap final
Ossap final
 
Aligning Business Goals and Risks in OSS Adoption
Aligning Business Goals and Risks in OSS AdoptionAligning Business Goals and Risks in OSS Adoption
Aligning Business Goals and Risks in OSS Adoption
 
Jcis 2015-Towards Assessing Open Source Communities' Health using SOC Concepts
Jcis 2015-Towards Assessing Open Source Communities' Health using SOC ConceptsJcis 2015-Towards Assessing Open Source Communities' Health using SOC Concepts
Jcis 2015-Towards Assessing Open Source Communities' Health using SOC Concepts
 
RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)
RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)
RISCOSS: Gestión del riesgo en proyectos open source (Open Expo Day2015)
 
Open expo2015 riscoss
Open expo2015 riscossOpen expo2015 riscoss
Open expo2015 riscoss
 
Mobility4 all
Mobility4 allMobility4 all
Mobility4 all
 
QuESo: a Quality Model for Open Source Software Ecosystems
QuESo: a Quality Model for Open Source Software EcosystemsQuESo: a Quality Model for Open Source Software Ecosystems
QuESo: a Quality Model for Open Source Software Ecosystems
 
Cesi2014
Cesi2014Cesi2014
Cesi2014
 
DB searches vs. snowballing
DB searches vs. snowballingDB searches vs. snowballing
DB searches vs. snowballing
 
AK+MDD+NFRs
AK+MDD+NFRsAK+MDD+NFRs
AK+MDD+NFRs
 
Arteon: Architectural and Technology Ontology
Arteon: Architectural and Technology OntologyArteon: Architectural and Technology Ontology
Arteon: Architectural and Technology Ontology
 
Systematic Architecture Design
Systematic Architecture DesignSystematic Architecture Design
Systematic Architecture Design
 
Likert scales and statistics
Likert scales and statisticsLikert scales and statistics
Likert scales and statistics
 
Industry-academia collaboration
Industry-academia collaborationIndustry-academia collaboration
Industry-academia collaboration
 

Último

%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...masabamasaba
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...SelfMade bd
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Hararemasabamasaba
 
tonesoftg
tonesoftgtonesoftg
tonesoftglanshi9
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 

Último (20)

%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 

Quantifying the Impact of OSS Adoption Risks with the help of i* Models

  • 1. Dolors Costal, Daniel Gross, Lidia Lopez, Mirko Morandini, Alberto Siena, Angelo Susi Quantifying the Impact of OSS Adoption Risks with the help of i* Models
  • 2. Agenda  Introduction  A method for risk assessment  Modeling language for ecosystems and risks – The two ingredients together  Reasoning on models  Conclusions and future work Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
  • 3. Motivation “Identifying and evaluating the risks of Open Source Software (OSS) adoption exploiting the information form the OSS strategic and business ecosystems”*  The OSS ecosystem is composed by – Adopters (Companies, Public Administrations, OSS communities) – OSS communities *RISCOSS (Risks and Costs in Open Source Software Adoption) FP7 European project Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
  • 4. A layered approach for risk assessment Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Strategic and Business Model Risk Drivers OSS project indicators OSS community indicators Contextual indicators Analyst OSS Project OSS Community Expert Layer 3 Business analysis Layer 2 Risk indicators Layer 1 Data Gathering
  • 6. Modeling OSS ecosystems  Strategic actors  Strategic dependencies between actors  Strategic goals and tasks depending on the OSS adoption strategy – High-level business strategic goals – Low-level requirements goals and tasks Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
  • 7. Modeling OSS strategies Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Strategic actors Strategic dependencies High-level goals Strategy requirements
  • 8. Modeling risks  Risk characterized by – Event; => “the community disappear” (what) – Situation; => “the community is not active” (when) – Situation; => “(impossible to) maintain the final software product” (why)  Measures and Risk drivers – Measure raw and derived evidences Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Event Situation Measures Risk driver
  • 9. Levels of representation: OSS ecosystems and risks together Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Timeliness Difficulty in code refinement people on project expose expose measure of bug fixing time impact Maintain software OSS Adopter OSS Commu nity OSS component Actor Goal Resource RIsk events situation Risk driver Layer of the Business / Strategic goal of the Ecosystem Layer of the risk indicators and risks Layer of measures and risk drivers Timeliness Difficulty in code refinement people on project expose expose measure of bug fixing time impact Maintain software OSS Adopter OSS Commu nity OSS component Actor Goal Resource RIsk events situation Risk driver
  • 10. Meta-Model  Connected to the goal-models of the ecosystems to allow for the modelling of risk impact on goals, activities and other assets Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Risk Meta-Model Goal Meta-Model satisfied Situation probability extent Event expose protect Goal impact Actor desire propagate Task means-end govern increase mitigate performs Ecosystem provide depend value Measure evidence
  • 12. Risk and goal model reasoning  Risk and Goal model analysis – starting from the knowledge about values of properties of some nodes of the model (Risk events, Situations, Goals, Activities) infer knowledge about values of properties of other nodes Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Specification of models • Goal and risk models are specified Analysis of models • Logic based • Label prop. • … Analysis of results • Analysis of the possibility and severity of a risk
  • 13. Reasoning techniques: based on evidence  Input: measures and indicators gathered from online repositories – Some subjective knowledge is partially available from involved stakeholders  Directed graph (in our case, goal and risk models) – To each node is associated an evidence – Each relation has a weight – Compound relations have a propagation function  Label propagation algorithm Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
  • 14. OSS measures and risk drivers  Raw measures from OSS communities versioning systems, forums, mailing lists: – Bugs & Releases – Open Bugs – Messages in the posts  Risk drivers (from the raw measures) – Bug fix time: Critical & Blocker – Commit frequency per week & Number of Commits – Forum posts per day Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Statistical analysis of “Bug fix time” in XWiki (with R) Study of the behavior of the community 300Bugs$Fix_time count 1000 200 250 1000 1250 0 300
  • 15. Propagation in the models Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
  • 16. A possible result of the analysis Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Scenario1 Scenario2 Scenario3 Indicators’ Values (can make it possible) Tutorial Available X No Timeliness X X Needs from organisation ( can make it critical) Maintenance need X X X Product Quality Need X X X Risk Events Lack Of Support Critical Probable, Critical Probable Low Update Frequency Probable Probable Probable, Critical Error Proneness Probable, Critical Probable, Critical Critical Scenarios properties Risk events List of affected Goals Example: scenario analysis
  • 18. Conclusions Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
  • 19. Future Work  Going deep in the study of the connections between indicators, risks and goals  Extending the analysis of the impact of a given risk to the ecosystem  Combination of model-based reasoning and statistical techniques to support different kind of reasoning at different level of detail based also on the availability of data 19
  • 20. Lidia López – llopez@essi.upc.edu Angelo Susi – susi@fbk.eu www.riscoss.eu Thank you

Notas del editor

  1. In this example, we can see: 2 strategic actors in this ecosystem: OSS Community and the Adopter company Some dependencies between both actors. The adopter expect some things from the OSS community: the component and the documentation, some quality and the OSS component evolves as the company desired features In return the company provides bug reports, some code (patches), but needs that he OSS community accept its contribution In the Adopter SR diagram there are: the high-level business goals: Benefit from co-creation, OSS involvement and OSS evolution influenced And the low-level goals and tasks that correspond to the concrete adoption strategy requirements. In this case, Acquiring some skills: user, technical and management Contribute to the community: bug reports and patches The requirements affect to the high-level goals in some way: in this case contributing OSS helps to the OSS involvement needed if the company wants to co-create Other adoption strategies have different requirements, for example the adopter may not contribute at all to the community (acquisition) or maybe it must control the community (take-over),…