Modelling Risks in Open Source Software Component Selection
Adopting Open Source Software (OSS) components is a decision that offers many potential advantages – such as cost effectiveness and reputation – but even introduces a potentially high number of risks, which span from the inability of the OSS community to continue the development over time, to a poor quality of code. Differently from commercial off-the-shelf components, to assess risk in OSS component adoption, we can rely on the public availability of measurable information about the component code and the developing communities. In the present paper, we present a risk evaluation technique that uses conceptual modelling to assess OSS component adoption risks. We root it in the existing literature on OSS risk assessment and validate it by means of our industrial partners.
KeywordsRisk assessment Open Source Software Automated reasoning
Unable to display preview. Download preview PDF.
- 2.Barone, D., Jiang, L., Amyot, D., Mylopoulos, J.: Reasoning with key performance indicators. In: Johannesson, P., Krogstie, J., Opdahl, A.L. (eds.) A Calculus of Communication Systems. LNBIP, vol. 92, pp. 82–96. Springer, Heidelberg (1980)Google Scholar
- 4.Gangemi, A., Guarino, N., Masolo, C., Oltramari, A.: Sweetening wordnet with dolce. AI Magazine 24(3), 13–24 (2003)Google Scholar
- 6.Giorgini, P., Mylopoulos, J., Nicchiarelli, E., Sebastiani, R.: Formal reasoning techniques for goal models. J. Data Semantics 1, 1–20 (2003)Google Scholar
- 7.Kenett, R.S., Zacks, S.: Modern Industrial Statistics: with applications in R, MINITAB and JMP, 2nd edn. John Wiley and Sons (2014) With contributions by D. AmbertiGoogle Scholar
- 8.Lund, M.S., Solhaug, B., Stølen, K.: Model-Driven Risk Analysis - The CORAS Approach. Springer (2011)Google Scholar
- 9.Messerschmitt, D.G., Szyperski, C.: Software Ecosystem: Understanding an Indispensable Technology and Industry. The MIT Press (2003)Google Scholar
- 10.Morandini, M., Siena, A., Susi, A.: Systematic literature review: Risks in oss adoption. Technical report, FBK, Trento (2013), http://selab.fbk.eu/riscoss_ontology/riskSLR.html
- 11.Morandini, M., Siena, A., Susi, A.: A context-specific definition of risk for enterprise-level decision making. In: The 8th International Workshop on Value Modeling and Business Ontology (2014)Google Scholar
- 12.Nilsson, N.J.: Problem-solving Methods in Artificial Intelligence. McGraw-Hill, New York (1971)Google Scholar
- 16.Yu, E.S.-K.: Modelling strategic relationships for process reengineering. PhD thesis, University of Toronto, Toronto, Ont., Canada, Canada (1996)Google Scholar