Risk Management of COTS Based Systems Development

  • Louis C. Rose
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2693)


The use of commercial off-the-shelf (COTS) components to develop large-scale systems has become increasingly prominent over the past decade. This approach requires more attention to risk management. In addition to the classical risks that exist with developing large systems, the use COTS components requires managers to modify their typical mitigation strategies for some of the classic risks and develop new mitigation strategies for risks that are particular to the use of COTS in system development. This chapter discusses the risks particular to the development of COTS intensive systems and describes some strategies that can be employed to help with risk mitigation.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abst, C., Boehm, B., Clark, E.: COCOTS: A COTS Software Integration Lifecycle Cost Model – Model Overview and Preliminary Data Collection Findings. USC-CSE-2000-501, USC Center for Software Engineering (2000)Google Scholar
  2. 2.
    Albert, C., Brownsword, L.: Meeting the Challenges of COTS Products: Integrating Technology by a Structured Evolutionary Process (ITSEP). In: Dean, J., Gravel, A. (eds.) ICCBSS 2002. LNCS, vol. 2255, p. 10. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  3. 3.
    Albert, C., Brownsword, L.: Evolutionary Process for Integrating COTSBased Systems (EPIC): An Overview. Technical Report. CMU/SEI-2002-TR-009 (2002), Retrieved from http://www.sei.cmu.edu/pub/documents/02.reports/pdf/02tr009.pdf
  4. 4.
    Basili, V., Boehm, B.: COTS-Based Systems Top 10 List. IEEE Computer 34(5), 91–93 (2001)Google Scholar
  5. 5.
    Boehm, B.: A Spiral Model of Software Development and Enhancement. IEEE Computer 21, 61–72 (1988)Google Scholar
  6. 6.
    Charette, R.: Software Engineering Risk Analysis and Management. McGraw-Hill, New York (1989)Google Scholar
  7. 7.
    Department of Defense Architectural Framework (1997), Retrieved from http://www.c3i.osd.mil/org/cio/i3/AWG_Digital_Library/pdfdocs/fw.pdf
  8. 8.
    Engert, P., Clapp, J.: Common Risks and Risk Mitigation Actions for Management of a COTS-Based System (2001), Retrieved from http://www.mitre.org/pubs/edge_perspectives/march_01/risks.html
  9. 9.
    Moore, G.E.: The continuing silicon technology evolution inside the PC platform (1997), Retrieved from http://www.intel.com/update/archive/issue2/featrue.htm
  10. 10.
    Garlan, D., Allen, R., Ockerbloom, J.: Architectural Mismatch: Why Reuse is So Hard. IEEE Software (1994)Google Scholar
  11. 11.
    Kontio, J.: A Case Study in Applying a Systematic Method for COTS Selection. In: Proceedings of the International Conference on Software Engineering, Berlin (1996)Google Scholar
  12. 12.
    Morisio, M., Seaman, C., Basili, V., Parra, A., Kraft, S., Condon, S.: COTS-Based Software Development: Processes and Open Issues (2001), . Retrieved from http://www.research.umbc.edu/~cseaman/papers/jss2001.pdf
  13. 13.
    Shaffer, G., McPerson, G.: FAA COTS Risk Mitigation Guide: Practical Methods For Effective COTS Acquisition and Life Cycle Support (2002), Retrieved from http://www2.faa.gov/aua/resources/cots/Guide/CRMG.htm
  14. 14.
    Shaw, M.: Software Architecture and Component Integration. Keynote address. In: 5th Internaitional Symposium on Assessment of Software Tools (1997)Google Scholar
  15. 15.
    Software Productivity Consortium: Component Evaluation Process, SPC- 98091-CMC, Version 01.00.02 (1999), Retrieved, from http://www.software.org/pub/darpa/cep/spc-98091-cmc_pdf.zip
  16. 16.
    Software Productivity Consortium: COTS Architectural Analysis Method, SPC-2002002-CMC, Version 01.00.00 (2002), Retrieved from http://www.software.org/pub/darpa/CAAMPaper.zip
  17. 17.
    Software Productivity Consortium: COTS Integration Questions and Checklist, SPC-2000018-CMC, Version 01.00.01 (2000), Retrieved from http://www.software.org/pub/darpa/cots/spc2000018_cmc.doc
  18. 18.
    Software Productivity Consortium: Evolutionary Spiral Process Guidebook, SPC-91076-MC, Version 03.00.05 (1993)Google Scholar
  19. 19.
    Software Productivity Consortium: Phased-Integrated COTS Approach, SPC-2001006-CMC, Version 01.00.00 (2001), Retrieved from http://www.software.org/pub/pic
  20. 20.
    Zachman, J.: A Framework for Information Systems Architecture. IBM Systems Journal 26(3) (1987)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Louis C. Rose
    • 1
  1. 1.BAE SYSTEMSReston

Personalised recommendations