System and method to determine defect risks in software solutions

US 8,645,921 B2
Filed: 05/24/2013
Issued: 02/04/2014
Est. Priority Date: 09/11/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A method implemented in a computer infrastructure having computer executable code tangibly embodied on a computer readable storage medium having programming instructions operable to:

receive one or more risk factors;

receive one or more contexts and identify one or more context relationships;

associate the one or more contexts with the one or more risk factors;

map the one or more risk factors for an associated context to a software defect related risk consequence to determine a risk model; and

execute a risk-based testing based on the risk model to determine a defect related risk evaluation for a software development project,wherein the mapping is implemented using a processor of the computer infrastructure, andthe mapping comprises calculating a product of a weighted sum of relevant risk factors for failure damage risk factors and a weighted sum of relevant risk factors for failure possibility risk factors to determine an overall risk for the context.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is implemented in a computer infrastructure having computer executable code tangibly embodied on a computer readable storage medium having programming instructions. The programming instructions are operable to receive one or more risk factors, receive one or more contexts, identify one or more context relationships and associate the one or more contexts with the one or more risk factors. Additionally, the programming instructions are operable to map the one or more risk factors for an associated context to a software defect related risk consequence to determine a risk model and execute a risk-based testing based on the risk model to determine a defect related risk evaluation for a software development project.

Citations

15 Claims

1. A method implemented in a computer infrastructure having computer executable code tangibly embodied on a computer readable storage medium having programming instructions operable to:
- receive one or more risk factors;
  
  receive one or more contexts and identify one or more context relationships;
  
  associate the one or more contexts with the one or more risk factors;
  
  map the one or more risk factors for an associated context to a software defect related risk consequence to determine a risk model; and
  
  execute a risk-based testing based on the risk model to determine a defect related risk evaluation for a software development project,wherein the mapping is implemented using a processor of the computer infrastructure, andthe mapping comprises calculating a product of a weighted sum of relevant risk factors for failure damage risk factors and a weighted sum of relevant risk factors for failure possibility risk factors to determine an overall risk for the context.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the one or more risk factors are defined with one or more of a risk factor name, a risk factor category, a requirement type, a description, one or more scale definitions and a risk factor value.
  - 3. The method of claim 2, further comprising determining the risk factor value by at least one of measuring directly, calculating from risk sub factor values and using a questionnaire.
  - 4. The method of claim 1, further comprising refactoring the one or more risk factors to achieve an orthogonal list of risk factors by at least one of merging risk factors, deleting a risk factor, splitting risk factors and adding the risk factor.
  - 5. The method of claim 1, wherein the identifying the one or more context relationships comprises identifying one or more aggregate context relationships and one or more implementation context relationships.
  - 6. The method of claim 1, wherein the associating the one or more contexts with the one or more risk factors comprises, for each of the one or more risk factors identifying contexts from the one or more contexts for which the one or more risk factors are applicable.
  - 7. The method of claim 1, wherein the mapping the one or more risk factors for the associated context to the software defect related risk consequence comprises determining a dimension where the one or more risk factors generates a risk impact.
  - 8. The method of claim 7, wherein the dimension comprises at least one of:
    - a failure possibility dimension, which indicates a likelihood that a defect will occur within a specific context; and
      
      a failure damage dimension, which indicates a consequence of an occurrence of the defect in production.
  - 9. The method of claim 1, wherein a service provider at least one of creates, maintains, deploys and supports the computer infrastructure.
  - 10. The method of claim 1, wherein the programming instructions are provided by a service provider on a subscription, advertising, and/or fee basis.

11. A system implemented in hardware, comprising:
- a risk factor receiving (RFR) tool operable to receive one or more risk factors;
  
  a context receiving (CR) tool operable to receive;
  
  one or more contexts;
  
  one or more context relationships; and
  
  associations of the one or more contexts with the one or more risk factors;
  
  a mapping tool operable to map the one or more risk factors for an associated context to a software defect related risk consequence to determine a risk model;
  
  a software break-down (SB) tool operable to break-down software into risk evaluation units;
  
  a risk annotation tool operable to evaluate and annotate a software solution with selected risk factors for the risk evaluation units; and
  
  a risk-based testing tool operable to execute a risk-based testing on the software based on the risk model to determine a defect related risk evaluation for a software development project and collect test results and a test process from the risk-based testing,wherein the mapping comprises calculating a product of a weighted sum of relevant risk factors for failure damage risk factors and a weighted sum of relevant risk factors for failure possibility risk factors to determine an overall risk for the context.
- View Dependent Claims (12, 13, 14)
- - 12. The system of claim 11, further comprising at least one of:
    - a risk evaluation update (REU) tool operable to update the defect related risk evaluation; and
      
      a risk model update (RMU) tool operable to update the risk model by at least one of altering a relative weight of a risk factor, adding a new risk factor, adding or removing a context and altering one or more mapping definitions.
  - 13. The system of claim 11, wherein the one or more risk factors:
    - comprise an orthogonal list of risk factors, including at least one of technical risk factors, business risk factors, project management risk factors and user-added risk factors; and
      
      are defined with one or more of a risk factor name, a risk factor category, a requirement type, a description, one or more scale definitions and a risk factor value.
  - 14. The system of claim 11, wherein the mapping the one or more risk factors for the associated context to the software defect related risk consequence comprises determining a dimension where the one or more risk factors generates a risk impact, wherein the dimension comprises at least one of:
    - a failure possibility dimension, which indicates a likelihood that a defect will occur within a specific context; and
      
      a failure damage dimension, which indicates a consequence of an occurrence of the defect in production.

15. A computer program product comprising a computer usable storage device having readable program code embodied in the storage device, the computer program product includes at least one component operable to:
- receive one or more risk factors, wherein the one or more risk factors;
  
  comprise an orthogonal list of risk factors, including at least one of technical risk factors, business risk factors, project management risk factors and user-added risk factors; and
  
  are defined with one or more of a risk factor name, a risk factor category, a requirement type, a description, one or more scale definitions and a risk factor value;
  
  receive one or more contexts and identify one or more context relationships;
  
  associate the one or more contexts with the one or more risk factors;
  
  map the one or more risk factors for an associated context to a software defect related risk consequence to determine a risk model; and
  
  execute a risk-based testing based on the risk model to determine a defect related risk evaluation for a software development project,wherein the mapping comprises calculating a product of a weighted sum of relevant risk factors for failure damage risk factors and a weighted sum of relevant risk factors for failure possibility risk factors to determine an overall risk for the context.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
HCL Technologies Limited
Original Assignee
International Business Machines Corporation
Inventors
Hess, Howard M., Huang, Sheng, Kagan, Steven, Li, Shao C., Li, Zhong J., Liu, He H., Skrabanek, Susan E., Tan, Hua F., Zhu, Jun, Bassin, Kathryn A.
Primary Examiner(s)
Tsai, Henry
Assistant Examiner(s)
BARTELS, CHRISTOPHER A.

Application Number

US13/902,034
Publication Number

US 20130339921A1
Time in Patent Office

256 Days
Field of Search

None
US Class Current

717/127
CPC Class Codes

G06F 11/008   Reliability or availability...

G06F 11/3466   Performance evaluation by t...

G06F 8/10   Requirements analysis; Spec...

G06Q 10/0635   Risk analysis of enterprise...

System and method to determine defect risks in software solutions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

System and method to determine defect risks in software solutions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links