A New Approach for Reinforcement of Project DEMATEL-FMCDM-TODIM Fuzzy Approach

This chapter describes how an effective work towards software project risk plays a vital role in determining the accomplishment of any project. In this chapter, the aim is to associate fuzzy criteria decision-making based on the approaches for the development of an assessment framework. This framework will be helpful in terms of identification and ranking the software risk according to its characteristics which will be helpful in decision-making of a software lifecycle. For the assessment for the risk of a project, there is an integration of fuzzy decision-making trial, evaluation laboratory trial and fuzzy multi-criteria decision. This new method proposed will be effective in terms of ranking and as well as to measure the software risk factors.

Use of Software Metrics to Improve the Quality of Software Projects Using Regression Testing

Testing of software is broadly divided into three types i.e., code based, model based and specification based. To find faults at early stage, model based testing can be used in which testing can be started from design phase. Furthermore, in this chapter, to generate new test cases and to ensure the quality of changed software, regression testing is used. Early detection of faults will not only reduce the cost, time and effort of developers but also will help finding risks. We are using structural metrics to check the effect of changes made to software. Finally, the authors suggest identifying metrics and analyze the results using NDepend simulator. If results show deviation from standards then again perform regression testing to improve the quality of software.

Problems, Threats in Software Development Life Cycle and Their Analysis

Managerial and commercialization approach that operate software systems continue to look for assurance that software they acquire should have security attributes they hope for. Methods used to assess the security of software development are software design, coding, testing, and support and consideration of security as well. Researchers of software development face many issues which remain constant and very frequent as there was no development in earlier phase of software development to avoid threats and loopholes in the software. Researchers analyze existing methods and their efficiency for software development within an open-source software supply chain. These efforts yielded valuable insights for an automated tool and knowledge base that has the potential for overcoming some of the major and in practice limitations of secure development on a wider scale. As a summarized development of software services along with authenticated approach is mandatory to make its usage on wider expands.

Development and Enhancing of Software and Programming Products by Client Information Administration in Market

This chapter describes how client information administration (CIA) assumes a vital part in the creation of high-quality programming items or software products. As CIA in enterprise software (ES) advancement is relatively new, this raises inquiries on how CIA empowering agents can be utilized to help ES advancement organizations enhance their product quality. In this study, human, authoritative and mechanical CIA empowering influences were recognized from prior literature. The weights of these elements were dictated by specialists from the ES advancement organizations. In view of the essential factors, a hypothetical model was created. The proposed display was assessed by circulating an overview survey to chiefs in ES advancement organizations. The outcomes demonstrated that “client inclusion” together with “trust” were the most powerful factors, followed by the “CRA innovation framework” and the “cross-useful participation.” The proposed processes demonstrated in this investigation can be utilized as a rule for the use of CIA in ES advancement organizations to enhance product quality.

Meta-Heuristic Approach for Software Project Risk Schedule Analysis

This chapter illustrates a technique to shorten the time duration using structured method. This is done by considering multiple resource constraints apart from time for the software project. The resource constraints are due to limited availability of resources (hardware, software, people, etc.). The difficulty is to locate minimal duration schedule. This is done by assigning the start time for each activity with the clear representation of precedence among them and resources available. There are various optimization approaches available but authors have selected a genetic algorithm. This method emulates the concept of biological evolution that is based on natural selection. This chapter concludes that additional research is needed in this area to provide better outcomes.

Risks Assessment in Designing Phase: Its Impacts and Issues

This chapter describes how risk analysis is a phenomena or methodology which is considered to be an amalgamation of various contexts to analyze and reach upon a conclusion about the fragility, vulnerability, flaws, defects, possible threats and dangers, which a particular software or system is prone to. It is an organization-level decision support tool which helps in gathering all sorts of data. That data, further, helps in arriving at a conclusion about how fragile or vulnerable a particular system is. Being a risk analyst, possessing deep knowledge, requires that one will analyze all possibilities of any risk, possible in any form, limitations of every risk assessment technique being applied and finally, the practical possibility or possible outcome of a particular risk-calculation strategy applied in a real-time environment.

Software Vulnerability Management

This chapter describes how with the proliferation of internet users, internet-related security threats are also increasing rapidly because of the software vulnerabilities that arise in software. Basically, there are two terms: bug and vulnerability. No doubt, bug and vulnerability are due to programming errors but vulnerabilities are more dangerous than bugs. Software vulnerability is a kind of flaw that arises in software or is a hole in the security of the software that allows an attacker to exploit that flaw. Unlike bugs, software vulnerability can affect a whole network thereby allowing unauthorised access to the database itself. Integrity and confidentiality of the software product is compromised due to the software vulnerability. These flaws must be patched in order to minimalize the impact of software vulnerability on an organisation. This chapter familiarises the methods of managing software vulnerabilities and discusses mitigation of the risks of different vulnerabilities in a software.

Risk Management Metrics

This chapter describes how risk management deals with the detection, the evaluation and the precedence of the risks in the process of project management. There is always an uncertainty factor related to the decisions of an investment while managing a project. Risk management is a proactive approach to deal with such future events that can lead to slow performance of the software project management. For successful risk management; there are different metrics that have been used in the past and are being getting used in the present for inspecting the progress of a project at specific points in a timeline that help in reducing the amount of risk. For the adoption of effective metrics for risk management, data is required. All of the metrics can be applied to the different domains of project, process and product. The chapter also covers strategies to advance, distinguish, estimate, and forecast the risk management process. A review of the key point indicators (KPIs) are also integrated along with the project metrics to signify the future and the present renderings.

Risks Analysis and Mitigation Technique in EDA Sector

This chapter describes how as the semiconductor industry is growing at a streaming pace, it comprises a number of global business entities. The industry includes the designing of the VLSI chips, manufacturing of those chips, system integration and the distribution of the VLSI chip. With this the industry has raised the bar among its vendors to provide best possible IC solutions and a highly secure product. The authors thus present this chapter in calculating views on risk involved in this area which are prone to security risks and at the same time focuses on the VLSI supply chain with references to a recent survey that illustrates various ways to handle those risks. In the absence of an effective security mechanism, a varlet here viz. an intellectual property (IP)provider or an integrated circuit design industry, an EDA company, a foundry lab, a distributor of chips or a system integrator, may easily lead to design IP theft or tampering with a designed IC. Since these risks compromise the security system for the VLSI chips, this leads to have a sound security system for an apt risk management.

Role of Attacker Capabilities in Risk Estimation and Mitigation

This chapter describes how the impacts of risk, or we may say risk exposure, are dependent upon the losses already occurred by the risk and probability to occur. There are various methods for estimating the risks and its impacts. The loss created by the threat can be reduced if the attacker does not have access to the system's objects or resources which are vulnerable to the risk. Attacker capabilities play the major role in the risk estimation and mitigation approach. Use of appropriate knowledge, skill and time to exploit the system or to create the threat comes under Attacker Capability. In this chapter, we will discuss how to include attacker capabilities when the risk estimation or mitigation plan is made. We will conclude the chapter with an appropriate study of various examples which indicate that impacts of risks can be minimised or reduced if we include the attacker capability while estimating the risk impacts and preparing the risk mitigation approach.