Abstract
Background: The sensitivity of Requirements Engineering (RE) to the context makes it difficult to efficiently control problems therein, thus, hampering an effective risk management devoted to allow for early corrective or even preventive measures.
Problem: There is still little empirical knowledge about context-specific RE phenomena which would be necessary for an effective context-sensitive risk management in RE.
Goal: We propose and validate an evidence-based approach to assess risks in RE using cross-company data about problems, causes and effects.
Research Method: We use survey data from 228 companies and build a probabilistic network that supports the forecast of context-specific RE phenomena. We implement this approach using spreadsheets to support a light-weight risk assessment.
Results: Our results from an initial validation in 6 companies strengthen our confidence that the approach increases the awareness for individual risk factors in RE, and the feedback further allows for disseminating our approach into practice.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
References
Nuseibeh, B., Easterbrook, S.: Requirements engineering: a roadmap. In: Proceedings of the Conference on the Future of Software Engineering, pp. 35–46. ACM, New York (2000)
Damian, D., Chisan, J.: An empirical study of the complex relationships between requirements engineering processes and other processes that lead to payoffs in productivity, quality, and risk management. IEEE Trans. Softw. Eng. 32(7), 433–453 (2006)
Méndez Fernández, D., Wieringa, R.: Improving requirements engineering by artefact orientation. In: Heidrich, J., Oivo, M., Jedlitschka, A., Baldassarre, M.T. (eds.) PROFES 2013. LNCS, vol. 7983, pp. 108–122. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39259-7_11
Méndez Fernández, D., Wagner, S.: Naming the pain in requirements engineering: a design for a global family of surveys and first results from Germany. Inf. Softw. Technol. 57, 616–643 (2015)
Méndez Fernández, D., Wagner, S., Kalinowski, M., Felderer, M., Mafra, P., Vetro, A., Conte, T., Christiansson, M.T., Greer, D., Lassenius, C., Männistö, T., Nayebi, M., Oivo, M., Penzenstadler, B., Pfahl, D., Prikladnicki, R., Ruhe, G., Schekelmann, A., Sen, S., Spinola, R., de la Vara, J., Tuzcu, A., Wieringa, R.: Naming the pain in requirements engineering: contemporary problems, causes, and effects in practice. Empir. Softw. Eng. 22, 2298–2338 (2016)
Boehm, B.W.: Software risk management: principles and practices. IEEE Softw. 8(1), 32–41 (1991)
DeMarco, T., Lister, T.: Waltzing with Bears: Managing Risk on Software Projects. Dorset House Publishing Co., Inc., New York (2003)
Pfleeger, S.: Risky business: what we have yet to learn about risk management. J. Syst. Softw. 53(3), 265–273 (2000)
Boehm, B.: A spiral model of software development and enhancement. Computer 21(5), 61–72 (1988)
Kontio, J.: Risk management in software development: a technology overview and the riskit method. In: Proceedings of the 21st International Conference on Software Engineering, pp. 679–680. ACM (1999)
Karolak, D., Karolak, N.: Software Engineering Risk Management: A Just-in-Time Approach. IEEE Computer Society Press, Los Alamitos (1995)
ISO 31000:2009 risk management-principles and guidelines. International Organization for Standardization, Geneva, Switzerland (2009)
Felderer, M., Schieferdecker, I.: A taxonomy of risk-based testing. Softw. Tools Technol. Transf. 16(5), 559–568 (2014)
Kuhrmann, M., Diebold, P., Münch, J., Tell, P., Garousi, V., Felderer, M., Trektere, K., McCaffery, F., Prause, C.R., Hanser, E., Linssen, O.: Hybrid software and system development in practice: waterfall, scrum, and beyond. In: Proceedings of the International Conference on Software System Process ICSSP (2017)
Asnar, Y., Giorgini, P., Mylopoulos, J.: Goal-driven risk assessment in requirements engineering. Requir. Eng. 16(2), 101–116 (2011)
Haisjackl, C., Felderer, M., Breu, R.: RisCal-a risk estimation tool for software engineering purposes. In: 2013 39th EUROMICRO Conference on Software Engineering and Advanced Applications (SEAA), pp. 292–299. IEEE (2013)
Lawrence, B., Wiegers, K., Ebert, C.: The top risk of requirements engineering. IEEE Softw. 18(6), 62–63 (2001)
Kalinowski, M., Spinola, R., Conte, T., Prikladnicki, R., Méndez Fernández, D., Wagner, S.: Towards building knowledge on causes of critical requirements engineering problems. In: Proceedings of the 27th International Conference on Software Engineering and Knowledge Engineering (SEKE) (2015)
Méndez Fernández, D., Wagner, S., Kalinowski, M., Schekelmann, A., Tuzcu, A., Conte, T., Spinola, R., Prikladnicki, R.: Naming the pain in requirements engineering: comparing practices in Brazil and Germany. IEEE Softw. 32(5), 16–23 (2015)
Kalinowski, M., Felderer, M., Conte, T., Spínola, R., Prikladnicki, R., Winkler, D., Fernández, D.M., Wagner, S.: Preventing incomplete/hidden requirements: reflections on survey data from Austria and Brazil. In: Winkler, D., Biffl, S., Bergsmann, J. (eds.) SWQD 2016. LNBIP, vol. 238, pp. 63–78. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-27033-3_5
Wagner, S., Méndez Fernández, D., Felderer, M., Kalinowski, M.: Requirements engineering practice and problems in agile projects: results from an international survey. In: Proceedings of the XX Ibero-American Conference on Software Engineering (CIbSE) (2017)
Wieringa, R., Moralı, A.: Technical action research as a validation method in information systems design science. In: Peffers, K., Rothenberger, M., Kuechler, B. (eds.) DESRIST 2012. LNCS, vol. 7286, pp. 220–238. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29863-9_17
Gorschek, T., Garre, T., Larsson, S., Wohlin, C.: A model for technology transfer in practice. IEEE Softw. 23(6), 88–95 (2006)
Kalinowski, M., Curty, P., Paes, A., Ferreira, A., Spinola, R., Méndez Fernández, D., Felderer, M., Wagner, S.: Supporting defect causal analysis in practice with cross-company data on causes of requirements engineering problems. In: Proceedings of the 39th International Conference on Software Engineering (2017)
Mafra, P., Kalinowski, M., Méndez Fernández, D.M., Felderer, M., Wagner, S.: Towards guidelines for preventing critical requirements engineering problems. In: 42th Euromicro Conference on Software Engineering and Advanced Applications (SEAA) (2016)
Acknowledgements
We are grateful to all practitioners who participated in the evaluation and who shared their experiences and insights into their environments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Méndez Fernández, D., Tießler, M., Kalinowski, M., Felderer, M., Kuhrmann, M. (2018). On Evidence-Based Risk Management in Requirements Engineering. In: Winkler, D., Biffl, S., Bergsmann, J. (eds) Software Quality: Methods and Tools for Better Software and Systems. SWQD 2018. Lecture Notes in Business Information Processing, vol 302. Springer, Cham. https://doi.org/10.1007/978-3-319-71440-0_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-71440-0_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-71439-4
Online ISBN: 978-3-319-71440-0
eBook Packages: Computer ScienceComputer Science (R0)