Dolors Costal, Daniel Gross, Lidia Lopez,
Mirko Morandini, Alberto Siena, Angelo Susi
Quantifying the Impact of OSS Adopti...
Agenda
 Introduction
 A method for risk assessment
 Modeling language for ecosystems and risks
– The two ingredients to...
Motivation
“Identifying and evaluating the risks of Open Source
Software (OSS) adoption exploiting the information
form th...
A layered approach for risk assessment
Quantifying the Impact of OSS Adoption Risks with the help of i* Models.
i* Worksho...
MODELING ECOSYSTEMS & RISKS
Modeling OSS ecosystems
 Strategic actors
 Strategic dependencies between actors
 Strategic goals and tasks depending o...
Modeling OSS strategies
Quantifying the Impact of OSS Adoption Risks with the help of i* Models.
i* Workshop, 15-16 June 2...
Modeling risks
 Risk characterized by
– Event; => “the community disappear” (what)
– Situation; => “the community is not ...
Levels of representation:
OSS ecosystems and risks together
Quantifying the Impact of OSS Adoption Risks with the help of ...
Meta-Model
 Connected to the
goal-models of
the ecosystems
to allow for the
modelling of risk
impact on goals,
activities...
REASONING ON THE MODELS
Risk and goal model reasoning
 Risk and Goal model analysis
– starting from the knowledge about values of properties of
s...
Reasoning techniques: based on evidence
 Input: measures and indicators gathered from online
repositories
– Some subjecti...
OSS measures and risk drivers
 Raw measures from OSS communities versioning systems,
forums, mailing lists:
– Bugs & Rele...
Propagation
in the
models
Quantifying the Impact of OSS Adoption Risks with the help of i* Models.
i* Workshop, 15-16 June...
A possible result of the analysis
Quantifying the Impact of OSS Adoption Risks with the help of i* Models.
i* Workshop, 15...
CONCLUSIONS & FUTURE WORK
Conclusions
Quantifying the Impact of OSS Adoption Risks with the help of i* Models.
i* Workshop, 15-16 June 2014.
Future Work
 Going deep in the study of the connections between
indicators, risks and goals
 Extending the analysis of t...
Lidia López – llopez@essi.upc.edu
Angelo Susi – susi@fbk.eu
www.riscoss.eu
Thank you
Upcoming SlideShare
Loading in...5
×

Quantifying the Impact of OSS Adoption Risks with the help of i* Models

234

Published on

Dolors Costal, Daniel Gross, Lidia Lopez, Mirko Morandini, Alberto Siena, Angelo Susi: Quantifying the Impact of OSS Adoption Risks with the help of i* Models. 7th i* Int. Workshop held at CAiSE 2014. Paper at http://ceur-ws.org/Vol-1157/paper10.pdf. Adopting Open Source Software (OSS) components in or ganisational settings requires evaluating the possible impact of adoption decisions on business goals. Measures available in OSS, capturing indicators such as the quality of open source code and the activeness of the developing community, can be used as a driver to assess various risks
in component adoption. In this paper we illustrate how risk and impact models are used to relate measures obtained from the component under analysis to business goals in i* -based OSS business strategy models.

Published in: Software, Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
234
On Slideshare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • In this example, we can see:
    2 strategic actors in this ecosystem: OSS Community and the Adopter company
    Some dependencies between both actors.
    The adopter expect some things from the OSS community: the component and the documentation, some quality and the OSS component evolves as the company desired features
    In return the company provides bug reports, some code (patches), but needs that he OSS community accept its contribution
    In the Adopter SR diagram there are:
    the high-level business goals: Benefit from co-creation, OSS involvement and OSS evolution influenced
    And the low-level goals and tasks that correspond to the concrete adoption strategy requirements. In this case,
    Acquiring some skills: user, technical and management
    Contribute to the community: bug reports and patches
    The requirements affect to the high-level goals in some way: in this case contributing OSS helps to the OSS involvement needed if the company wants to co-create

    Other adoption strategies have different requirements, for example the adopter may not contribute at all to the community (acquisition) or maybe it must control the community (take-over),…
  • Quantifying the Impact of OSS Adoption Risks with the help of i* Models

    1. 1. Dolors Costal, Daniel Gross, Lidia Lopez, Mirko Morandini, Alberto Siena, Angelo Susi Quantifying the Impact of OSS Adoption Risks with the help of i* Models
    2. 2. Agenda  Introduction  A method for risk assessment  Modeling language for ecosystems and risks – The two ingredients together  Reasoning on models  Conclusions and future work Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
    3. 3. Motivation “Identifying and evaluating the risks of Open Source Software (OSS) adoption exploiting the information form the OSS strategic and business ecosystems”*  The OSS ecosystem is composed by – Adopters (Companies, Public Administrations, OSS communities) – OSS communities *RISCOSS (Risks and Costs in Open Source Software Adoption) FP7 European project Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
    4. 4. A layered approach for risk assessment Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Strategic and Business Model Risk Drivers OSS project indicators OSS community indicators Contextual indicators Analyst OSS Project OSS Community Expert Layer 3 Business analysis Layer 2 Risk indicators Layer 1 Data Gathering
    5. 5. MODELING ECOSYSTEMS & RISKS
    6. 6. Modeling OSS ecosystems  Strategic actors  Strategic dependencies between actors  Strategic goals and tasks depending on the OSS adoption strategy – High-level business strategic goals – Low-level requirements goals and tasks Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
    7. 7. Modeling OSS strategies Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Strategic actors Strategic dependencies High-level goals Strategy requirements
    8. 8. Modeling risks  Risk characterized by – Event; => “the community disappear” (what) – Situation; => “the community is not active” (when) – Situation; => “(impossible to) maintain the final software product” (why)  Measures and Risk drivers – Measure raw and derived evidences Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Event Situation Measures Risk driver
    9. 9. Levels of representation: OSS ecosystems and risks together Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Timeliness Difficulty in code refinement people on project expose expose measure of bug fixing time impact Maintain software OSS Adopter OSS Commu nity OSS component Actor Goal Resource RIsk events situation Risk driver Layer of the Business / Strategic goal of the Ecosystem Layer of the risk indicators and risks Layer of measures and risk drivers Timeliness Difficulty in code refinement people on project expose expose measure of bug fixing time impact Maintain software OSS Adopter OSS Commu nity OSS component Actor Goal Resource RIsk events situation Risk driver
    10. 10. Meta-Model  Connected to the goal-models of the ecosystems to allow for the modelling of risk impact on goals, activities and other assets Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Risk Meta-Model Goal Meta-Model satisfied Situation probability extent Event expose protect Goal impact Actor desire propagate Task means-end govern increase mitigate performs Ecosystem provide depend value Measure evidence
    11. 11. REASONING ON THE MODELS
    12. 12. Risk and goal model reasoning  Risk and Goal model analysis – starting from the knowledge about values of properties of some nodes of the model (Risk events, Situations, Goals, Activities) infer knowledge about values of properties of other nodes Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Specification of models • Goal and risk models are specified Analysis of models • Logic based • Label prop. • … Analysis of results • Analysis of the possibility and severity of a risk
    13. 13. Reasoning techniques: based on evidence  Input: measures and indicators gathered from online repositories – Some subjective knowledge is partially available from involved stakeholders  Directed graph (in our case, goal and risk models) – To each node is associated an evidence – Each relation has a weight – Compound relations have a propagation function  Label propagation algorithm Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
    14. 14. OSS measures and risk drivers  Raw measures from OSS communities versioning systems, forums, mailing lists: – Bugs & Releases – Open Bugs – Messages in the posts  Risk drivers (from the raw measures) – Bug fix time: Critical & Blocker – Commit frequency per week & Number of Commits – Forum posts per day Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Statistical analysis of “Bug fix time” in XWiki (with R) Study of the behavior of the community 300Bugs$Fix_time count 1000 200 250 1000 1250 0 300
    15. 15. Propagation in the models Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
    16. 16. A possible result of the analysis Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014. Scenario1 Scenario2 Scenario3 Indicators’ Values (can make it possible) Tutorial Available X No Timeliness X X Needs from organisation ( can make it critical) Maintenance need X X X Product Quality Need X X X Risk Events Lack Of Support Critical Probable, Critical Probable Low Update Frequency Probable Probable Probable, Critical Error Proneness Probable, Critical Probable, Critical Critical Scenarios properties Risk events List of affected Goals Example: scenario analysis
    17. 17. CONCLUSIONS & FUTURE WORK
    18. 18. Conclusions Quantifying the Impact of OSS Adoption Risks with the help of i* Models. i* Workshop, 15-16 June 2014.
    19. 19. Future Work  Going deep in the study of the connections between indicators, risks and goals  Extending the analysis of the impact of a given risk to the ecosystem  Combination of model-based reasoning and statistical techniques to support different kind of reasoning at different level of detail based also on the availability of data 19
    20. 20. Lidia López – llopez@essi.upc.edu Angelo Susi – susi@fbk.eu www.riscoss.eu Thank you
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×