Metrics of Risk Associated with Defects Rediscovery

TL;DR

This paper introduces a set of risk metrics for quantifying the impact of software defect rediscovery, aiding stakeholders in quality assurance, resource allocation, and risk assessment, validated through an industrial case study.

Contribution

It presents novel risk metrics based on advanced statistical models to quantify defect rediscovery risks in software engineering.

Findings

Metrics effectively quantify rediscovery risks

Validation confirms applicability to industrial data

Supports stakeholders in decision-making

Abstract

Software defects rediscovered by a large number of customers affect various stakeholders and may: 1) hint at gaps in a software manufacturer's Quality Assurance (QA) processes, 2) lead to an over-load of a software manufacturer's support and maintenance teams, and 3) consume customers' resources, leading to a loss of reputation and a decrease in sales. Quantifying risk associated with the rediscovery of defects can help all of these stake-holders. In this chapter we present a set of metrics needed to quantify the risks. The metrics are designed to help: 1) the QA team to assess their processes; 2) the support and maintenance teams to allocate their resources; and 3) the customers to assess the risk associated with using the software product. The paper includes a validation case study which applies the risk metrics to industrial data. To calculate the metrics we use mathematical instruments like the heavy-tailed Kappa distribution and the G/M/k queuing model.