Risk themes from ATAM data: preliminary results

Similar documents
Reducing System Acquisition Risk with Software Architecture Analysis and Evaluation

Integrating Software Architecture Evaluation in a DoD System Acquisition

When and Where to Apply the Family of Architecture- Centric Methods

Mission Thread Workshop (MTW): Preparation and Execution

Overview of the New Introduction to CMMI Course and Changes to the Intermediate Concepts and Instructor Training Courses

Software Architecture and Product Quality

Mission Threads: Bridging Mission and Systems Engineering

Sustaining Software-Intensive Systems - A Conundrum

Note, many of the following scenarios also ask you to report additional information. Include this additional information in your answers.

Mission Assurance Analysis Protocol (MAAP)

The CMMI Product Suite and International Standards

Collaborative coordination of fire support mission execution

METHODOLOGY - Scope of Work

CWE FB MC project. PLEF SG1, March 30 th 2012, Brussels

UNIT 2: ICS FUNDAMENTALS REVIEW

Applying CMMI for Services (CMMI-SVC) to Health Care

EXECUTIVE SUMMARY. 1. Introduction

Applying client churn prediction modelling on home-based care services industry

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE D8Z: Central Test and Evaluation Investment Program (CTEIP) FY 2013 OCO

A Game-Theoretic Approach to Optimizing Behaviors in Acquisition

Nevada Department of Transportation Traffic Operations Policy Memorandum Traffic Signal Warrant Approval Process

CMMI: The DoD Perspective

EVERGREEN IV: STRATEGIC NEEDS

Inventory Management Practices for Biomedical Equipment in Public Hospitals : An Evaluative Study

Offshoring and Social Exchange

Barriers & Incentives to Obtaining a Bachelor of Science Degree in Nursing

CHAPTER 5 AN ANALYSIS OF SERVICE QUALITY IN HOSPITALS

Course Instructor Karen Migl, Ph.D, RNC, WHNP-BC

2. This SA does not apply if the entity does not have an internal audit function. (Ref: Para. A2)

EXHIBIT R-2, RDT&E BUDGET ITEM JUSTIFICATION N/Space and Electronic Warfare (SEW) Support

GAO. FORCE STRUCTURE Capabilities and Cost of Army Modular Force Remain Uncertain

WARFIGHTER MODELING, SIMULATION, ANALYSIS AND INTEGRATION SUPPORT (WMSA&IS)

Lifecycle Models for Survivable Systems

SCAMPI B&C Tutorial. Software Engineering Process Group Conference SEPG Will Hayes Gene Miluk Jack Ferguson

NICU Graduates: Using the Model for Improvement and Learning from Data

Software Sustainment: Continuous Engineering to

National Incident Management System (NIMS) & the Incident Command System (ICS)

Test and Evaluation of Highly Complex Systems

GRADUATE PROGRAM IN PUBLIC HEALTH

2. Title Of Initiative Quality Improvement Project

practice standards CFP CERTIFIED FINANCIAL PLANNER Financial Planning Practice Standards

Risk Adjustment Methods in Value-Based Reimbursement Strategies

A Balanced Scorecard Approach to Determine Accreditation Measures with Clinical Governance Orientation: A Case Study of Sarem Women s Hospital

UNCLASSIFIED. R-1 ITEM NOMENCLATURE PE F: Requirements Analysis and Maturation. FY 2011 Total Estimate. FY 2011 OCO Estimate

Thomas W. Vijn 1*, Hub Wollersheim 1, Marjan J. Faber 1, Cornelia R. M. G. Fluit 2 and Jan A. M. Kremer 1

Assessment of Level 3 and Level 4 Nursing

Baptist Health Nurse Leader Competency Model

The Examination for Professional Practice in Psychology (EPPP Part 1 and 2): Frequently Asked Questions

RESEARCH METHODOLOGY

Common Errors on the T3010 related to fundraising costs. Know how to avoid them

Critique of a Nurse Driven Mobility Study. Heather Nowak, Wendy Szymoniak, Sueann Unger, Sofia Warren. Ferris State University

Open Data as Enabler for ITS Factory

UNCLASSIFIED FY 2016 OCO. FY 2016 Base

FIGHTER DATA LINK (FDL)

Driving Business Value for Healthcare Through Unified Communications

2013, Vol. 2, Release 1 (October 21, 2013), /10/$3.00

A Canadian Perspective: Implementing Tiered Licensing in the Province of Ontario

The Pediatric Pathology Milestone Project

WarmWise Audits & Rebates Contest Drawing PA-7 OFFICIAL RULES

Inteligencia Artificial. Revista Iberoamericana de Inteligencia Artificial ISSN:

Mission Thread Workshop

Next Generation NCLEX (NGN) Overview. Phil Dickison, PhD Chief Officer, Operations & Examinations

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

The Hashemite University- School of Nursing Master s Degree in Nursing Fall Semester

Administrative Policies and Procedures. Policy No.: N/A Title: Medical Equipment Management Plan

To see the detailed Instructor Class Description, click on the underlined instructor name following the course description.

Root Cause Analysis of Emergency Department Crowding and Ambulance Diversion in Massachusetts

Employers are essential partners in monitoring the practice

Nursing Theory Critique

State of Florida Department of Transportation. DISTRICT SIX Attachment A Scope of Services 1/19/2018

HIMSS Submission Leveraging HIT, Improving Quality & Safety

American Board of Dental Examiners (ADEX) Clinical Licensure Examinations in Dental Hygiene. Technical Report Summary

EVALUATING THE SAFETY ASPECTS OF ADAPTIVE SIGNAL CONTROL SYSTEMS

Case-mix Analysis Across Patient Populations and Boundaries: A Refined Classification System

Defective Backhoe Breaks Line

SURGEONS ATTITUDES TO TEAMWORK AND SAFETY

Using An APCD to Inform Healthcare Policy, Strategy, and Consumer Choice. Maine s Experience

This Brief is Classified: UNCLASSIFIED. NORAD and USNORTHCOM Theater Strategy

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Adult-Gerontology Clinical Nurse Specialist (AG-CNS MSN)

COTS Selection and Adoption in a Small Business Environment. How Do You Downsize the Process?

The Milestones provide a framework for the assessment

Uses a standard template but may have errors of omission

Nicolas H. Malloy Systems Engineer

Work of Internal Auditors

IMPROVING QUALITY. Clinical Governance Strategy & Framework

Call for Posters. Deadline for Submissions: May 15, Washington, DC Gaylord National Harbor Hotel October 18 21, 2015

Caring for the Whole Patient Predictive Analytics Technology, Socio-demographic Insights, and Improved Patient Outcomes Randy K.

In order to analyze the relationship between diversion status and other factors within the

Clarifications III. Published on 8 February A) Eligible countries. B) Eligible sectors and technologies

High Risk Operations in Healthcare

The Post-Afghanistan IED Threat Assessment: Executive Summary

DEPARTMENT OF THE NAVY MARINE CORPS POLICY FOR COORDINATED IMPLEMENTATION OF MILITARY STANDARDS 6017, , AND

UNCLASSIFIED R-1 ITEM NOMENCLATURE

Subj: MISSION, FUNCTIONS, AND TASKS OF NAVAL SPECIAL WARFARE COMMAND

GLOBAL BROADCAST SERVICE (GBS)

Yes, Non-Profit Organizations Are Different!

IMPACT OF SIMULATION EXPERIENCE ON STUDENT PERFORMANCE DURING RESCUE HIGH FIDELITY PATIENT SIMULATION

Integrating Battlefield Objects of C4ISR Systems by Using CAPS

THE INTEGRATED EMERGENCY POST

Transcription:

Pittsburgh, PA 15213-3890 Risk themes from ATAM data: preliminary results Len Bass Rod Nord Bill Wood Software Engineering Institute Sponsored by the U.S. Department of Defense 2006 by Carnegie Mellon University page 1

Overview The data set Process followed in categorizing data Initial results Implications 2006 by Carnegie Mellon University page 2

Conceptual Flow of the ATAM Business Drivers Software Architecture Quality Attributes Architectural Approaches Scenarios Architectural Decisions Analysis impacts 18 reports Risk Themes distilled into Tradeoffs Sensitivity Points Non-Risks Risks 2006 by Carnegie Mellon University page 3

Data Set 18 ATAMs 12 DoD 2 other government agency 4 commercial The ATAMs were performed between 2000-2005. Domains range from embedded to information systems 137 Business Goals 99 Risk themes 2006 by Carnegie Mellon University page 4

Affinity Diagram Bottom up process to discover groups in raw data Developed by an anthropologist Relies on intuition Two data items are in the same group if the grouping team feels they have something in common A data item can be placed into multiple groups Groups are then categorized based on judgment, literature. 2006 by Carnegie Mellon University page 5

Risk Theme Categories Risk themes Architecture Process Organization Run time qualities availability Development time qualities modifiability Development process and tool support requirements uncertainty Big picture Addressing important considerations Product lines performance integration allocation of functionality Organizational awareness security documentation scope coordination 2006 by Carnegie Mellon University page 6

Risk theme distribution 14 12 10 number 8 6 4 2 0 2006 by Carnegie Mellon University page 7

Interesting risk themes Exhibited by over 50% of ATAMs Performance Requirements uncertainty Lack of addressing important considerations (samples Organizational awareness on next slides) Documentation Occurred in exactly last 5 ATAMs May be due to - Increased sensitivity on part of evaluation team - Better documentation of system 2006 by Carnegie Mellon University page 8

Sample risk themes addressing important considerations There are many risks arising from decisions not yet made. The volume of decisions not yet made suggests that the project schedule is at risk. There is a lack of support for data management: There is no uniform specification for managing meta-data and its persistence. There is no strategy for ensuring that data sets are accessible outside of an implementation of a sub domain. This means that while data is, in theory, exchanged by all sub domains, they may not be sharing the same assumptions about the data. And it may not be easy for one sub domain to gain access to data sets from another domain. There is a trend to move toward an integration role for the development organization. This increases exposure to liability risks in customer and 3rd party software integrated with development organization software. The market is forcing the development organization to be an integrator, but there is no clear business goal that states this. 2006 by Carnegie Mellon University page 9

Sample risk themes organizational awareness There are risks arising from a lack of an adequate training program especially for the pool of developers that will be implementing the system under review The new architecture may not be institutionalized for two primary reasons: 1. Not everyone is sensitive to the benefits that the architecture can offer. 2. The guidelines and rules for developers regarding when to use which architectural mechanisms are not complete yet." The new component-based product-line approach provides extensive potential which cannot be exercised without training, application development guidance, and tool support. There is a lack of attention to support and training issues in the architecture of the system under review. There is a test requirement to interoperate with other systems but neither test plan nor test capabilities have been detailed beyond those internal to the system under review 2006 by Carnegie Mellon University page 10

A Different Categorization of Risk Themes Risks of commission - those risk themes that refer to a decision in the architecture that is problematic Risks of omission those risk themes that refer to the lack of a decision or investigation Other those risk themes that are neither commission or omission Commission: 25 of 99 Omission: 57 of 99 (inter-rater reliability test is Other: 18 of 99.82) 2006 by Carnegie Mellon University page 11

Risk Themes Categorized by Omission and Commission 2006 by Carnegie Mellon University page 12

Possible factors to predict risk themes Came to the SEI not a random sample of systems by any means Business goals e.g. do systems with performance as a business goal have performance risks? Domain of system e.g. do embedded systems display different set of risk themes than information systems? Dominant architectural style e.g. do client server systems display a different set of risk themes than cyclic executives? Evaluation team are risks result of examiners? Development team maturity of team, size of system, skill set of team? 2006 by Carnegie Mellon University page 13

We have explored two possible causes for risk theme patterns: Business goals Domain In each case, we are looking for patterns in risk themes that share either business goals or are in the same domain. 2006 by Carnegie Mellon University page 14

Business goal categories Business goals Total cost of ownership Improve quality or capability Improve market position Improved business processes Development Deployment and operations performance Reliability/ availability Product lines End user ease Expand or retain market share Maintain or improve reputation maintenance Security Enter new markets retirement Safety Scalability Reduce time to market functionality functionality Create standard System constraints internationalization 2006 by Carnegie Mellon University page 15

Business goal distribution 16 14 12 number of ATAMs 10 8 6 4 2 0 2006 by Carnegie Mellon University page 16 business goals

Do systems with performance as business goals exhibit higher probability of performance risk? Interval by Interval Ordinal by Ordinal N of Valid Cases Pearson's R Spearman Correlation a. Not assuming the null hypothesis. Symmetric Measures b. Using the asymptotic standard error assuming the null hypothesis. c. Based on normal approximation. Asymp. Value Std. Error a Approx. T b Approx. Sig..194.233.792.440 c.194.233.792.440 c 18 NO! 2006 by Carnegie Mellon University page 17

How about domains? 2006 by Carnegie Mellon University page 18

Identified the following domains in the 18 ATAMs Domain Number of ATAMs Avionics 3 C4ISR 1 Command and control 4 Command and Intelligence 1 Distributed infrastructure 1 Embedded information systems 2 Embedded control systems 2 Information Systems 1 Information, Surveillance, Reconnaissance 1 Mission computing 1 Modeling and simulation 1 2006 by Carnegie Mellon University page 19

Do systems from the same domain exhibit a pattern of risk themes? For domains with more than 1 ATAM, we calculated a measure of similarity of risk themes. We are still thinking about what constitutes a good measure of similarity (.7 means significant similarity for the measure we are using.) Domain N Measure of similarity Avionics 3.245 Command and control Embedded information system Embedded control system 4.131 2.293 2.415 NO! 2006 by Carnegie Mellon University page 20

What about other possible predictors of risk themes? Found no predictors of risk themes in business goals or domains. Have not analyzed based on architectural styles. 18 is a limited data set and ATAM does not necessarily collect the correct information for predicting risk themes. Conjecture: Organization setting is a significant factor in predicting risk themes. 2006 by Carnegie Mellon University page 21

Recommendations based on what is known so far Practitioner Use checklists early in the project to mitigate likely risks Use known techniques for mitigating performance and requirements volatility risks. Researcher Explore hypothesis that risks are related to organizational setting Determine techniques to mitigate risks of organizational awareness and lack of addressing important considerations. 2006 by Carnegie Mellon University page 22

ATAM Evolution Initial thoughts: Integrate business goals into utility tree Develop risk themes based on categories presented here. We welcome ideas as to how this data can be used to improve the ATAM method. 2006 by Carnegie Mellon University page 23

More information Categorizing Business Goals for Software Architectures Rick Kazman Len Bass Technical Report CMU/SEI-2005-TR-021 Report on risk themes in preparation. 2006 by Carnegie Mellon University page 24

Questions? 2006 by Carnegie Mellon University page 25

2024 © careersdocbox.com Privacy Policy | Terms of Service | Feedback