Sardar Muhammad Sulaman

A review of research on risk analysis methods for IT systems

Context: At the same time as our dependence on IT systems increases, the number of reports of problems caused by failures of critical IT systems has also increased. This means that there is a need for risk analysis in the development of this kind of systems. Risk analysis of technical systems has a long history in mechanical and electrical engineering. Objective: Even if a number of methods for risk analysis of technical systems exist, the failure behavior of information systems is typically very different from mechanical systems. Therefore, risk analysis of IT systems requires different risk analysis techniques, or at least adaptations of traditional approaches. This means that there is a need to understand what types of methods are available for IT systems and what research that has been conducted on these methods. Method: In this paper we present a systematic mapping study on risk analysis for IT systems. 1086 unique papers were identified in a database search and 57 papers were identified as relevant for this study. These papers were classified based on 5 different criteria. Results: This classification, for example, shows that most of the discussed risk analysis methods are qualitative and not quantitative and that most of the risk analysis methods that are presented in these papers are developed for IT systems in general and not for specific types of IT system. Conclusions: The results show that many new risk analysis methods have been proposed in the last decade but even more that there is a need for more empirical evaluations of the different risk analysis methods. Many papers were identified that propose new risk analysis methods, but few papers discuss a systematic evaluation of these methods or a comparison of different methods based on empirical data.

Development of Safety-Critical Software Systems Using Open Source Software -- A Systematic Map

The popularity of Open Source Software (OSS) has increased the interest in using it in safety critical applications. The aim of this study is to review research carried out on usage of open source code in development of safety-critical software and systems. We conducted a systematic mapping study through searches in library databases and manual identification of articles from open source conferences. We have identified 22 studies about using open source software, mainly in automotive, aerospace, medical and nuclear domains. Moreover, only a few studies present complete safety systems that are released as OSS in full. The most commonly used OSS functionalities are operating systems, imaging, control and data management. Finally most of the integrated OSS have mature code bases and a commit history of more than five years.

Perspective based risk analysis - a controlled experiment

Context: The increasing dependence on critical IT systems makes them more and more complex, which results in increased complexity and size. Risk analysis is an important activity for the development and operation of critical IT systems, but the increased complexity and size put additional requirements on the effectiveness of risk analysis methods. There complexity means that there is a need to involve different perspectives into risk analysis. Objective: The objective of the research carried out in this study is to investigate the effectiveness of perspective-based risk analysis (PBRA) methods compared to traditional risk analysis (TRA) methods. Method: A controlled experiment was designed and carried out. 43 subjects performed risk analysis of a software-controlled train door system using either TRA or PBRA. Results: The results suggest that PBRA helps to identify more relevant risks than TRA. On the other hand, our experiment failed to provide supporting evidence that PBRA helps to identify fewer non-relevant risks. This study also found that PBRA is more difficult to use than TRA. Conclusions: Some potential benefits of using perspective-based risk analysis are uncovered and experimentally confirmed. In particular, it was discovered that PBRA is more effective than the traditional method and identifies more relevant risks.

Comparison of the FMEA and STPA safety analysis methods–a case study

As our society becomes more and more dependent on IT systems, failures of these systems can harm more and more people and organizations. Diligently performing risk and hazard analysis helps to minimize the potential harm of IT system failures on the society and increases the probability of their undisturbed operation. Risk and hazard analysis is an important activity for the development and operation of critical software intensive systems, but the increased complexity and size puts additional requirements on the effectiveness of risk and hazard analysis methods. This paper presents a qualitative comparison of two hazard analysis methods, failure mode and effect analysis (FMEA) and system theoretic process analysis (STPA), using case study research methodology. Both methods have been applied on the same forward collision avoidance system to compare the effectiveness of the methods and to investigate what are the main differences between them. Furthermore, this study also evaluates the analysis process of both methods by using a qualitative criteria derived from the technology acceptance model (TAM). The results of the FMEA analysis were compared to the results of the STPA analysis, which were presented in a previous study. Both analyses were conducted on the same forward collision avoidance system. The comparison shows that FMEA and STPA deliver similar analysis results.

Mapping and scheduling of dataflow graphs — A systematic map

Dataflow is a natural way of modelling streaming applications, such as multimedia, networking and other signal processing applications. In order to cope with the computational and parallelism demands of such streaming applications, multiprocessor systems are replacing uniprocessor systems. Mapping and scheduling these applications on multiprocessor systems are crucial elements for efficient implementation in terms of latency, throughput, power and energy consumption etc. Performance of streaming applications running on multiprocessor systems may widely vary with mapping and scheduling strategy. This paper performs a systematic literature review of available research carried out in the area of mapping and scheduling of dataflow graphs.

An Industrial Case Study on Measuring the Quality of the Requirements Scoping Process

Decision making and requirements scoping occupy central roles in helping to develop products that are demanded by the customers and ensuring company strategies are accurately realized in product scope. Many companies experience continuous and frequent scope changes and fluctuations but struggle to measure the phenomena and correlate the measurement to the quality of the requirements process. We present the results from an exploratory interview study among 22 participants working with requirements management processes at a large company that develops embedded systems for a global market. Our respondents shared their opinions about the current set of requirements management process metrics as well as what additional metrics they envisioned as useful. We present a set of metrics that describe the quality of the requirements scoping process. The findings provide practical insights that can be used as input when introducing new measurement programs for requirements management and decision making.

A Method for Assessing Resilience of Socio-Technical IT-Systems

Modern society is increasingly dependent on IT-systems. Due to this dependence it is importantthat IT-networks are designed to be resilient, meaning that they will either maintain or quickly recover theirfunctionality when exposed to strain. Simulation-based methods that consider supply network topology as wellas system responsible for repairing supply network have previously been used and found to be beneficial forassessing resilience of electricity and water distribution systems. A method of this kind is here applied for ITnetworks.The aim of the present research is to test if such a method is applicable for assessing resilience ofIT-systems, meaning that: 1) it is possible to use based on available data, in this case gathered mainly throughinterviews with focus groups, 2) the results are relevant for users/owners/maintainers. The method is tested ina case study on the IT-network of one department of Lund university as well as the university core network.Results show that the method is applicable for the studied IT-network and that we can obtain the resiliencemetrics sought for. It is found that the method can enable system owners to see if and for what levels of strainthey are presently reaching their desired targets concerning system resilience. While applicable to the studiedsystem, feedback from system experts indicates that the method will primarily be useful for IT-systems whosefailure would 1) result in large economic values (e.g. IT-system of major private companies) or 2) lead to lossof health or safety (e.g. IT-systems of governmental organizations and hospitals). (Less)

Identification of IT Incidents for Improved Risk Analysis by Using Machine Learning

Today almost every system or service is dependent on IT systems, and failure of these systems have serious and negative effects on the society. IT incidents are critical for the society as they can stop the function of critical systems and services. Therefore, it is important to analyze these systems for potential risks before becoming dependent on them. Moreover, in a software engineering context risk analysis is an important activity for the development and operation of safe software intensive systems. However, the increased complexity and size of software-intensive systems put additional requirements on the effectiveness of the risk analysis process. This means that the risk analysis process needs to be improved and it is believed that this can be done by having an overview of already occurred IT incidents. This study investigates how difficult it is to find relevant risks from available sources and the effort required to set up such a system. It also investigates the accuracy of the found risks. In this study 58% of texts that potentially can contain information about IT incidents were correctly identified from an experiment dataset by using the presented method. It is concluded that the identifying texts about IT incidents with automated methods like the one presented in this study is possible, but it requires some effort to set up.