UNIT 5 Risk Management , Software Reliability

Maintenance & Reengineering

5.1 Risk Management

A software project can be concerned with a large variety of risks. In order to be adept to
systematically identify the significant risks which might affect a software project, it is
essential to classify risks into different classes. The project manager can then check which
risks from each class are relevant to the project.

There are three main classifications of risks which can affect a software project:

1. Project risks
2. Technical risks
3. Business risks

1. Project risks: Project risks concern differ forms of budgetary, schedule, personnel,
resource, and customer-related problems. A vital project risk is schedule slippage. Since the
software is intangible, it is very tough to monitor and control a software project. It is very
tough to control something which cannot be identified. For any manufacturing program, such
as the manufacturing of cars, the plan executive can recognize the product taking shape.

2. Technical risks: Technical risks concern potential method, implementation, interfacing,

testing, and maintenance issue. It also consists of an ambiguous specification, incomplete
specification, changing specification, technical uncertainty, and technical obsolescence. Most
technical risks appear due to the development team's insufficient knowledge about the
project.

3. Business risks: This type of risks contain risks of building an excellent product that no one
need, losing budgetary or personnel commitments, etc.

Other risk categories

1. 1. Known risks: Those risks that can be uncovered after careful assessment of the
project program, the business and technical environment in which the plan is being
developed, and more reliable data sources (e.g., unrealistic delivery date)
2. 2. Predictable risks: Those risks that are hypothesized from previous project
experience (e.g., past turnover)
3. 3. Unpredictable risks: Those risks that can and do occur, but are extremely tough to
identify in advance.
Principle of Risk Management
1. Global Perspective: In this, we review the bigger system description, design, and
implementation. We look at the chance and the impact the risk is going to have.
2. Take a forward-looking view: Consider the threat which may appear in the future
and create future plans for directing the next events.
3. Open Communication: This is to allow the free flow of communications between the
client and the team members so that they have certainty about the risks.
4. Integrated management: In this method risk management is made an integral part of
project management.
5. Continuous process: In this phase, the risks are tracked continuously throughout the
risk management paradigm.

Risk Management Activities

Risk management consists of three main activities, as shown in fig:

Risk Assessment

The objective of risk assessment is to division the risks in the condition of their loss, causing
potential. For risk assessment, first, every risk should be rated in two methods:

o The possibility of a risk coming true (denoted as r).

2
 o The consequence of the issues relates to that risk (denoted as s).

Based on these two methods, the priority of each risk can be estimated:

p=r*s

Where p is the priority with which the risk must be controlled, r is the probability of the risk
becoming true, and s is the severity of loss caused due to the risk becoming true. If all
identified risks are set up, then the most likely and damaging risks can be controlled first, and
more comprehensive risk abatement methods can be designed for these risks.

1. Risk Identification: The project organizer needs to anticipate the risk in the project as
early as possible so that the impact of risk can be reduced by making effective risk
management planning.

A project can be of use by a large variety of risk. To identify the significant risk, this might
affect a project. It is necessary to categories into the different risk of classes.

There are different types of risks which can affect a software project:

1. Technology risks: Risks that assume from the software or hardware technologies that
are used to develop the system.
2. People risks: Risks that are connected with the person in the development team.
3. Organizational risks: Risks that assume from the organizational environment where
the software is being developed.
4. Tools risks: Risks that assume from the software tools and other support software
used to create the system.
5. Requirement risks: Risks that assume from the changes to the customer requirement
and the process of managing the requirements change.
6. Estimation risks: Risks that assume from the management estimates of the resources
required to build the system

2. Risk Analysis: During the risk analysis process, you have to consider every identified risk
and make a perception of the probability and seriousness of that risk.

There is no simple way to do this. You have to rely on your perception and experience of
previous projects and the problems that arise in them.

It is not possible to make an exact, the numerical estimate of the probability and seriousness
of each risk. Instead, you should authorize the risk to one of several bands:

1. The probability of the risk might be determined as very low (0-10%), low (10-25%),
moderate (25-50%), high (50-75%) or very high (+75%).

3
 2. The effect of the risk might be determined as catastrophic (threaten the survival of the
plan), serious (would cause significant delays), tolerable (delays are within allowed
contingency), or insignificant.

Risk Control

It is the process of managing risks to achieve desired outcomes. After all, the identified risks
of a plan are determined; the project must be made to include the most harmful and the most
likely risks. Different risks need different containment methods. In fact, most risks need
ingenuity on the part of the project manager in tackling the risk.

There are three main methods to plan for risk management:

1. Avoid the risk: This may take several ways such as discussing with the client to
change the requirements to decrease the scope of the work, giving incentives to the
engineers to avoid the risk of human resources turnover, etc.
2. Transfer the risk: This method involves getting the risky element developed by a
third party, buying insurance cover, etc.
3. Risk reduction: This means planning method to include the loss due to risk. For
instance, if there is a risk that some key personnel might leave, new recruitment can
be planned.

Risk Leverage: To choose between the various methods of handling risk, the project plan
must consider the amount of controlling the risk and the corresponding reduction of risk. For
this, the risk leverage of the various risks can be estimated.

Risk leverage is the variation in risk exposure divided by the amount of reducing the risk.

Risk leverage = (risk exposure before reduction - risk exposure after reduction) / (cost
of reduction)

Risk planning: The risk planning method considers each of the key risks that have been
identified and develop ways to maintain these risks.

AD

For each of the risks, you have to think of the behavior that you may take to minimize the
disruption to the plan if the issue identified in the risk occurs.

You also should think about data that you might need to collect while monitoring the plan so
that issues can be anticipated.

Again, there is no easy process that can be followed for contingency planning. It rely on the
judgment and experience of the project manager.

4
Risk Monitoring: Risk monitoring is the method king that your assumption about the
product, process, and business risks has not changed.

5.2 Software Reliability

Software Reliability means Operational reliability. It is described as the ability of a system

or component to perform its required functions under static conditions for a specific period.

Software reliability is also defined as the probability that a software system fulfills its
assigned task in a given environment for a predefined number of input cases, assuming that
the hardware and the input are free of error.

Software Reliability is an essential connect of software quality, composed with functionality,

usability, performance, serviceability, capability, installability, maintainability, and
documentation. Software Reliability is hard to achieve because the complexity of software
turn to be high. While any system with a high degree of complexity, containing software, will
be hard to reach a certain level of reliability, system developers tend to push complexity into
the software layer, with the speedy growth of system size and ease of doing so by upgrading
the software.

For example, large next-generation aircraft will have over 1 million source lines of software
on-board; next-generation air traffic control systems will contain between one and two
million lines; the upcoming International Space Station will have over two million lines on-
board and over 10 million lines of ground support software; several significant life-critical
defense systems will have over 5 million source lines of software. While the complexity of
software is inversely associated with software reliability, it is directly related to other vital
factors in software quality, especially functionality, capability, etc.

Software Failure Mechanisms

The software failure can be classified as:

Transient failure: These failures only occur with specific inputs.

Permanent failure: This failure appears on all inputs.

Recoverable failure: System can recover without operator help.

Unrecoverable failure: System can recover with operator help only.

Non-corruption failure: Failure does not corrupt system state or data.

Corrupting failure: It damages the system state or data.

5
Software failures may be due to bugs, ambiguities, oversights or misinterpretation of the
specification that the software is supposed to satisfy, carelessness or incompetence in writing
code, inadequate testing, incorrect or unexpected usage of the software or other unforeseen
problems.

Hardware vs. Software Reliability

Hardware Reliability Software Reliability

Hardware faults are mostly physical faults. Software faults are design faults, which are tough
detect, and correct.

Hardware components generally fail due to wear and Software component fails due to bugs.
tear.

In hardware, design faults may also exist, but In software, we can simply find a strict correspo
physical faults generally dominate. "manufacturing" as the hardware manufacturing
action of uploading software modules into pla
Therefore, the quality of the software will not chan
into the storage and start running

Hardware exhibits the failure features shown in the Software reliability does not show the same feature
following figure: A possible curve is shown in the

It is called the bathtub curve. Period A, B, and C

stand for burn-in phase, useful life phase, and end-of- If we projected software reliability on the same axe
life phase respectively.

There are two significant differences between hardware and software curves are:

One difference is that in the last stage, the software does not have an increasing failure
rate as hardware does. In this phase, the software is approaching obsolescence; there are no
motivations for any upgrades or changes to the software. Therefore, the failure rate will not
change.

6
The second difference is that in the useful-life phase, the software will experience a radical
increase in failure rate each time an upgrade is made. The failure rate levels off gradually,
partly because of the defects create and fixed after the updates.

The upgrades in above figure signify feature upgrades, not upgrades for reliability. For
feature upgrades, the complexity of software is possible to be increased, since the
functionality of the software is enhanced. Even error fixes may be a reason for more software
failures if the bug fix induces other defects into the software. For reliability upgrades, it is
likely to incur a drop in software failure rate, if the objective of the upgrade is enhancing
software reliability, such as a redesign or reimplementation of some modules using better
engineering approaches, such as clean-room method.

A partial list of the distinct features of software compared to hardware is listed below:

Failure cause: Software defects are primarily designed defects.

Wear-out: Software does not have an energy-related wear-out phase. Bugs can arise without
warning.

7
Repairable system: Periodic restarts can help fix software queries.

Time dependency and life cycle: Software reliability is not a purpose of operational time.

AD

Environmental factors: Do not affect Software reliability, except it may affect program
inputs.

Reliability prediction: Software reliability cannot be predicted from any physical basis since
it depends entirely on human factors in design.

Redundancy: It cannot improve Software reliability if identical software elements are used.

Interfaces: Software interfaces are merely conceptual other than visual.

Failure rate motivators: It is generally not predictable from analyses of separate statements.

AD

Built with standard components: Well-understood and extensively tested standard element
will help improve maintainability and reliability. But in the software industry, we have not
observed this trend. Code reuse has been around for some time but to a minimal extent. There
are no standard elements for software, except for some standardized logic structures.

5.3 Maintenance And Reengineering

Software Maintenance refers to the process of modifying and updating a software system
after it has been delivered to the customer. This can include fixing bugs, adding new
features, improving performance, or updating the software to work with new hardware or
software systems. The goal of software maintenance is to keep the software system working
correctly, efficiently, and securely, and to ensure that it continues to meet the needs of the
users.
Software maintenance is a continuous process that occurs throughout the entire life cycle of
the software system. It is important to have a well-defined maintenance process in place,
which includes testing and validation , version control, and communication with
stakeholders.
Several Key Aspects of Software Maintenance
 Bug Fixing: The process of finding and fixing errors and problems in the
software.
 Enhancements: The process of adding new features or improving existing
features to meet the evolving needs of the users.
 Performance Optimization: The process of improving the speed, efficiency,
and reliability of the software.

8
  Porting and Migration: The process of adapting the software to run on new
hardware or software platforms.
 Re-Engineering: The process of improving the design and architecture of the
software to make it more maintainable and scalable.
 Documentation: The process of creating, updating, and maintaining the
documentation for the software, including user manuals, technical specifications,
and design documents.
Software maintenance is a critical part of the software development life cycle (SDLC) and
is necessary to ensure that the software continues to meet the needs of the users over time.
It is also important to consider the cost and effort required for software maintenance when
planning and developing a software system.
Software maintenance is the process of modifying a software system after it has been
delivered to the customer. The goal of maintenance is to improve the system’s
functionality, performance, and reliability and to adapt it to changing requirements and
environments.
Several Types of Software Maintenance
 Corrective Maintenance: This involves fixing errors and bugs in the software
system.
 Patching: It is an emergency fix implemented mainly due to pressure from
management. Patching is done for corrective maintenance but it gives rise to
unforeseen future errors due to lack of proper impact analysis.
 Adaptive Maintenance: This involves modifying the software system to adapt
it to changes in the environment, such as changes in hardware or software,
government policies, and business rules.
 Perfective Maintenance: This involves improving functionality, performance,
and reliability, and restructuring the software system to improve changeability.
 Preventive Maintenance: This involves taking measures to prevent future
problems, such as optimization, updating documentation, reviewing and testing
the system, and implementing preventive measures such as backups.
It’s important to note that software maintenance can be costly and complex, especially for
large and complex systems. Therefore, the cost and effort of maintenance should be taken
into account during the planning and development phases of a software project. It’s also
important to have a clear and well-defined maintenance plan that includes regular
maintenance activities, such as testing, backup, and bug fixing.
Software Maintenance is the process of modifying a software product after it has been
delivered to the customer. The main purpose of software maintenance is to modify and
update software applications after delivery to correct faults and improve
performance. Maintenance can be categorized into proactive and reactive types. Proactive
maintenance involves taking preventive measures to avoid problems from occurring, while
reactive maintenance involves addressing problems that have already occurred.
Maintenance can be performed by different stakeholders, including the original
development team, an in-house maintenance team, or a third-party maintenance provider.
Maintenance activities can be planned or unplanned. Planned activities include regular
maintenance tasks that are scheduled in advance, such as updates and backups. Unplanned
activities are reactive and are triggered by unexpected events, such as system crashes or
security breaches. Software maintenance can involve modifying the software code, as well
as its documentation, user manuals, and training materials. This ensures that the software is
up-to-date and continues to meet the needs of its users.
Software maintenance can also involve upgrading the software to a new version or
platform. This can be necessary to keep up with changes in technology and to ensure that

9
the software remains compatible with other systems. The success of software maintenance
depends on effective communication with stakeholders, including users, developers, and
management. Regular updates and reports can help to keep stakeholders informed and
involved in the maintenance process.
Software maintenance is also an important part of the Software Development Life
Cycle(SDLC). To update the software application and do all modifications in software
application so as to improve performance is the main focus of software maintenance.
Software is a model that runs on the basis of the real world. so, whenever any change
requires in the software that means the need for real-world changes wherever possible.
Need for Maintenance
Software Maintenance must be performed in order to:
 Correct faults.
 Improve the design.
 Implement enhancements.
 Interface with other systems.
 Accommodate programs so that different hardware, software, system features,
and telecommunications facilities can be used.
 Migrate legacy software.
 Retire software.
 Requirement of user changes.
 Run the code fast
Challenges in Software Maintenance
The various challenges in software maintenance are given below:
 The popular age of any software program is taken into consideration up to ten to
fifteen years. As software program renovation is open-ended and might maintain
for decades making it very expensive.
 Older software programs, which had been intended to paint on sluggish
machines with much less reminiscence and garage ability can not maintain
themselves tough in opposition to newly coming more advantageous software
programs on contemporary-day hardware.
 Changes are frequently left undocumented which can also additionally reason
greater conflicts in the future.
 As the era advances, it turns into high prices to preserve vintage software
programs.
 Often adjustments made can without problems harm the authentic shape of the
software program, making it difficult for any next adjustments.
 There is a lack of Code Comments.
 Lack of documentation: Poorly documented systems can make it difficult to
understand how the system works, making it difficult to identify and fix
problems.
 Legacy code: Maintaining older systems with outdated technologies can be
difficult, as it may require specialized knowledge and skills.
 Complexity: Large and complex systems can be difficult to understand and
modify, making it difficult to identify and fix problems.
 Changing requirements: As user requirements change over time, the software
system may need to be modified to meet these new requirements, which can be
difficult and time-consuming.
 Interoperability issues: Systems that need to work with other systems or
software can be difficult to maintain, as changes to one system can affect the
other systems.

10
  Lack of test coverage: Systems that have not been thoroughly tested can be
difficult to maintain as it can be hard to identify and fix problems without
knowing how the system behaves in different scenarios.
 Lack of personnel: A lack of personnel with the necessary skills and knowledge
to maintain the system can make it difficult to keep the system up-to-date and
running smoothly.
 High-Cost: The cost of maintenance can be high, especially for large and
complex systems, which can be difficult to budget for and manage.
To overcome these challenges, it is important to have a well-defined maintenance process
in place, which includes testing and validation, version control, and communication with
stakeholders. It is also important to have a clear and well-defined maintenance plan that
includes regular maintenance activities, such as testing, backup, and bug fixing.
Additionally, it is important to have personnel with the necessary skills and knowledge to
maintain the system.
Categories of Software Maintenance
Maintenance can be divided into the following categories.
 Corrective maintenance: Corrective maintenance of a software product may be
essential either to rectify some bugs observed while the system is in use, or to
enhance the performance of the system.
 Adaptive maintenance: This includes modifications and updations when the
customers need the product to run on new platforms, on new operating systems,
or when they need the product to interface with new hardware and software.
 Perfective maintenance: A software product needs maintenance to support the
new features that the users want or to change different types of functionalities of
the system according to the customer’s demands.
 Preventive maintenance: This type of maintenance includes modifications and
updations to prevent future problems with the software. It goals to attend to
problems, which are not significant at this moment but may cause serious issues
in the future.
Reverse Engineering
Reverse Engineering is the process of extracting knowledge or design information from
anything man-made and reproducing it based on the extracted information. It is also called
back engineering. The main objective of reverse engineering is to check out how the system
works. There are many reasons to perform reverse engineering. Reverse engineering is used
to know how the thing works. Also, reverse engineering is to recreate the object by adding
some enhancements.
Software Reverse Engineering
Software Reverse Engineering is the process of recovering the design and the requirements
specification of a product from an analysis of its code. Reverse Engineering is becoming
important, since several existing software products, lack proper documentation, are highly
unstructured, or their structure has degraded through a series of maintenance efforts.
Why Reverse Engineering?
 Providing proper system documentation.
 Recovery of lost information.
 Assisting with maintenance.
 The facility of software reuse.
 Discovering unexpected flaws or faults.
 Implements innovative processes for specific use.
 Easy to document the things how efficiency and power can be improved.
Uses of Software Reverse Engineering

11
  Software Reverse Engineering is used in software design, reverse engineering
enables the developer or programmer to add new features to the existing
software with or without knowing the source code.
 Reverse engineering is also useful in software testing, it helps the testers to
study or detect the virus and other malware code.
 Software reverse engineering is the process of analyzing and understanding the
internal structure and design of a software system. It is often used to improve the
understanding of a software system, to recover lost or inaccessible source code,
and to analyze the behavior of a system for security or compliance purposes.
 Malware analysis: Reverse engineering is used to understand how malware
works and to identify the vulnerabilities it exploits, in order to develop
countermeasures.
 Legacy systems: Reverse engineering can be used to understand and maintain
legacy systems that are no longer supported by the original developer.
 Intellectual property protection: Reverse engineering can be used to detect and
prevent intellectual property theft by identifying and preventing the
unauthorized use of code or other assets.
 Security: Reverse engineering is used to identify security vulnerabilities in a
system, such as backdoors, weak encryption, and other weaknesses.
 Compliance: Reverse engineering is used to ensure that a system meets
compliance standards, such as those for accessibility, security, and privacy.
 Reverse-engineering of proprietary software: To understand how a software
works, to improve the software, or to create new software with similar features.
 Reverse-engineering of software to create a competing product: To create a
product that functions similarly or to identify the features that are missing in a
product and create a new product that incorporates those features.
 It’s important to note that reverse engineering can be a complex and time-
consuming process, and it is important to have the necessary skills, tools, and
knowledge to perform it effectively. Additionally, it is important to consider the
legal and ethical implications of reverse engineering, as it may be illegal or
restricted in some jurisdictions.
Advantages of Software Maintenance
 Improved Software Quality: Regular software maintenance helps to ensure
that the software is functioning correctly and efficiently and that it continues to
meet the needs of the users.
 Enhanced Security: Maintenance can include security updates and patches,
helping to ensure that the software is protected against potential threats and
attacks.
 Increased User Satisfaction: Regular software maintenance helps to keep the
software up-to-date and relevant, leading to increased user satisfaction and
adoption.
 Extended Software Life: Proper software maintenance can extend the life of
the software, allowing it to be used for longer periods of time and reducing the
need for costly replacements.
 Cost Savings: Regular software maintenance can help to prevent larger, more
expensive problems from occurring, reducing the overall cost of software
ownership.
 Better Alignment with business goals: Regular software maintenance can help
to ensure that the software remains aligned with the changing needs of the
business. This can help to improve overall business efficiency and productivity.

12
  Competitive Advantage: Regular software maintenance can help to keep the
software ahead of the competition by improving functionality, performance, and
user experience.
 Compliance with Regulations: Software maintenance can help to ensure that
the software complies with relevant regulations and standards. This is
particularly important in industries such as healthcare, finance, and government,
where compliance is critical.
 Improved Collaboration: Regular software maintenance can help to improve
collaboration between different teams, such as developers, testers, and users.
This can lead to better communication and more effective problem-solving.
 Reduced Downtime: Software maintenance can help to reduce downtime
caused by system failures or errors. This can have a positive impact on business
operations and reduce the risk of lost revenue or customers.
 Improved Scalability: Regular software maintenance can help to ensure that the
software is scalable and can handle increased user demand. This can be
particularly important for growing businesses or for software that is used by a
large number of users.
Disadvantages of Software Maintenance
 Cost: Software maintenance can be time-consuming and expensive, and may
require significant resources and expertise.
 Schedule disruptions: Maintenance can cause disruptions to the normal
schedule and operations of the software, leading to potential downtime and
inconvenience.
 Complexity: Maintaining and updating complex software systems can be
challenging, requiring specialized knowledge and expertise.
 Risk of introducing new bugs: The process of fixing bugs or adding new features
can introduce new bugs or problems, making it important to thoroughly test the
software after maintenance.
 User resistance: Users may resist changes or updates to the software, leading to
decreased satisfaction and adoption.
 Compatibility issues: Maintenance can sometimes cause compatibility issues
with other software or hardware, leading to potential integration problems.
 Lack of documentation: Poor documentation or lack of documentation can
make software maintenance more difficult and time-consuming, leading to
potential errors or delays.
 Technical debt: Over time, software maintenance can lead to technical debt,
where the cost of maintaining and updating the software becomes increasingly
higher than the cost of developing a new system.
 Skill gaps: Maintaining software systems may require specialized skills or
expertise that may not be available within the organization, leading to potential
outsourcing or increased costs.
 Inadequate testing: Inadequate testing or incomplete testing after maintenance
can lead to errors, bugs, and potential security vulnerabilities.
 End-of-life: Eventually, software systems may reach their end-of-life, making
maintenance and updates no longer feasible or cost-effective. This can lead to
the need for a complete system replacement, which can be costly and time-
consuming.

13
 5.4 Unit End Question

Very Short Questions

Q1. What is Forward Engineering?

Q2. Explain Restructuring Engineering?

Q3. What is Reverse Engineering?

Q4. What is Software Supportability?

Q5. Explain Software Safety?

Q6. What is Risk?

Q7. Explain principles of Risk Management?

Q8. Explain main methods to plan for risk management?

Q9. What is a Risk Management Strategy?

Q10. Define Software Failure Mechanisms?

Q11. What is a software reliability model?

Short Questions

Q1. What are the techniques of risk management?

Q2. What are the main classification and other categories of Risk?

Q3. What are the types of Risk Management Strategy?

Q4. Explain Software Fault Tolerance Techniques?

Q5. What are different types of Software Metrics?

Q6. What are the types of Software Maintenance & causes of Software

Maintenance problems?

Long Questions

14
Q1. Explain Risk Assessment?

Q2. What is Risk Control?

Q3. Explain Measures of Reliability & Availability?

Q4. Explain Reliability Models in detail?

Q5. Explain Reengineering?

15