System and method for calculating software certification risks

US 8,255,881 B2
Filed: 06/19/2008
Issued: 08/28/2012
Est. Priority Date: 06/19/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for certifying software based on composite risk, the method comprising:

receiving information for a plurality of risk factors associated with the software, wherein the information includes a timeline for each risk factor, the timeline including a plurality of discrete time points, and the plurality of risk factors include two or more of a software development life-cycle risk factor, an operating system release risk factor, a hardware change risk factor, and an infrastructure change risk factor;

determining risk values indicative of risk levels of each risk factor associated with the plurality of discrete time points;

calculating, using at least one computer processor, a composite risk based on the plurality of risk factors and using the determined risk values and a relationship between the composite risk and the plurality of risk factors, wherein the composite risk includes a plurality of composite risk values associated with the plurality of discrete time points; and

identifying a recommended software certification time, the recommended software certification time corresponding to a lowest value of the calculated composite risk.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for calculating a composite risk is disclosed. The method may include receiving information associated with a plurality of risk factors. The information may include a timeline for each risk factor, and the timeline may include a plurality of discrete time points. The method may further include determining risk values indicative of risk levels of each risk factor associated with the plurality of discrete time points. The method may also include calculating the composite risk using the determined risk values and a relationship between the composite risk and the plurality of risk factors. The composite risk may include a plurality of composite risk values associated with the plurality of discrete time points.

24 Citations

View as Search Results

18 Claims

1. A computer-implemented method for certifying software based on composite risk, the method comprising:
- receiving information for a plurality of risk factors associated with the software, wherein the information includes a timeline for each risk factor, the timeline including a plurality of discrete time points, and the plurality of risk factors include two or more of a software development life-cycle risk factor, an operating system release risk factor, a hardware change risk factor, and an infrastructure change risk factor;
  
  determining risk values indicative of risk levels of each risk factor associated with the plurality of discrete time points;
  
  calculating, using at least one computer processor, a composite risk based on the plurality of risk factors and using the determined risk values and a relationship between the composite risk and the plurality of risk factors, wherein the composite risk includes a plurality of composite risk values associated with the plurality of discrete time points; and
  
  identifying a recommended software certification time, the recommended software certification time corresponding to a lowest value of the calculated composite risk.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further including creating a risk look-up table, including:
    - collecting inputs regarding the risk values of each risk factor from multiple users;
      
      determining the risk values of each risk factor at the plurality of discrete time points based on the collected user inputs; and
      
      storing the risk values of each risk factor in the risk look-up table, wherein each risk value corresponds to a discrete time point.
  - 3. The method of claim 2, wherein the user inputs are collected using a voice of business (VOB) survey.
  - 4. The method of claim 2, wherein the risk values are determined using a failure mode effect analysis (FMEA).
  - 5. The method of claim 1, further including adjusting the timeline of one or more risk factors, if the identified time point is not within a threshold time range.
  - 6. The method of claim 1, further including:
    - creating a plot using the calculated composite risk, wherein the plot includes a risk axis and a time axis and the calculated composite risk is displayed as a risk-time curve; and
      
      displaying the plot.
  - 7. The method of claim 1, wherein calculating the composite risk further includes rating the composite risk based on a rating criteria, wherein the rating criteria defines a plurality of risk levels and each risk level corresponds to a range of risk values.
  - 8. The method of claim 1, further including adjusting the timelines of one or more risk factors until the recommended software certification time is within a threshold time range.
  - 9. The method of claim 1, wherein the relationship is defined by R=R_sd×
    - R_h×
      
      R_i+R_os, wherein R denotes a composite risk value, R_sddenotes a risk value for the software development life-cycle, R_hdenotes a risk value for the hardware change, R_idenotes a risk value for the infrastructure change, and R_osdenotes a risk value for the operating system release.

10. A risk calculator for certifying software based on composite risk, the risk calculator comprising:
- a storage device configured to store information for a plurality of risk factors associated with the software, including;
  
  a timeline for each risk factor, the timeline including a plurality of discrete time points; and
  
  risk values indicative of risk levels of each risk factor associated with the plurality of discrete time points,wherein the plurality of risk factors include two or more of a software development life-cycle risk factor, an operating system release risk factor, a hardware change risk factor, and an infrastructure change risk factor; and
  
  a processor coupled to the storage device, and being configured to;
  
  determine risk values indicative of risk levels of each risk factor associated with the plurality of discrete time points; and
  
  calculate a composite risk based on the plurality of risk factors, using the determined risk values and a relationship between the composite risk and the plurality of risk factors, wherein the composite risk includes a plurality of composite risk values associated with the plurality of discrete time points; and
  
  identify a recommended time to certify the software corresponding to a desired value of the plurality of composite risk values.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The risk calculator of claim 10, wherein the processor is further configured to create a plot using the calculated composite risk, wherein the plot includes a risk axis and a time axis and the calculated composite risk is displayed as a risk-time curve.
  - 12. The risk calculator of claim 11, further including a display device coupled to the processor, wherein the display device is configured to display the plot.
  - 13. The risk calculator of claim 10, wherein the processor is further configured to:
    - collect inputs regarding the risk values of each risk factor from multiple users;
      
      determine the risk values of each risk factor at the plurality of discrete time points based on the collected user inputs; and
      
      store the risk values of each risk factor in a risk look-up table.
  - 14. The risk calculator of claim 10, wherein the risk calculator further includes an input interface configured to receive a threshold time range, and wherein the processor is further configured to:
    - identify a time point, among the plurality of discrete time points, that corresponds to a lowest composite risk value; and
      
      adjust the timelines of one or more risk factors, if the identified time point is not within the threshold time range.
  - 15. The risk calculator of claim 10, wherein the storage device is further configured to store a rating criteria that defines a plurality of risk levels with each risk level corresponding to a range of risk values, and wherein the processor is further configured to rate the composite risk based on the rating criteria.

16. A computer readable medium having stored thereon instructions for causing a computer executing the instructions to perform a method for certifying software based on composite risk, the method including:
- receiving information for a plurality of risk factors associated with the software, wherein the information includes a timeline for each risk factor, the timeline including a plurality of discrete time points, and the plurality of risk factors include two or more of a software development life-cycle risk factor, an operating system release risk factor, a hardware change risk factor, and an infrastructure change risk factor;
  
  determining risk values indicative of risk levels of each risk factor associated with the plurality of discrete time points; and
  
  calculating a composite risk based on the plurality of risk factors, using the determined risk values and a relationship between the composite risk and the plurality of risk factors, wherein the composite risk includes a plurality of composite risk values associated with the plurality of discrete time points; and
  
  identifying a recommended time to certify the software corresponding to a desired value of the plurality of composite risk values.
- View Dependent Claims (17, 18)
- - 17. The computer readable medium of claim 16, the method further including adjusting the timeline of one or more risk factors, if the identified time point is not within a threshold time range.
  - 18. The computer readable medium of claim 16, the method further including:
    - creating a plot using the calculated composite risk, wherein the plot includes a risk axis and a time axis and the calculated composite risk is displayed as a risk-time curve; and
      
      displaying the plot.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Caterpillar Incorporated
Original Assignee
Caterpillar Incorporated
Inventors
Wilson, Nathan Lee, Streitmatter, Scott William, Bellrose, Frank Chapman, Howell, Bruce Gehlbach, Kaniecki, Stanley Russell
Primary Examiner(s)
Zhen, Wei
Assistant Examiner(s)
Rampuria, Satish

Application Number

US12/213,428
Publication Number

US 20090319980A1
Time in Patent Office

1,531 Days
Field of Search

717101-103, 717131-133, 717141-144, 717/38, 714/38
US Class Current

717/131
CPC Class Codes

G06Q 10/06 Resources, workflows, human...

G06Q 40/08 Insurance

System and method for calculating software certification risks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for calculating software certification risks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links