Software Engineering Assignment

Ritesh Shakya
2018UIT2521

----------------------------------------------------------------
Q.1: A project size of 200 KLOC is to be developed. Software development team has average
experience on similar types of projects. The project schedule is not very tight. Calculate the effort,
development time, average staff size and productivity of the project.

Ans:

Effort = a*(KLOC)^b

Development Time = c * (Effort)^d

For this scenario, semi-detached mode is the most appropriate.

For semi-detached, a = 3.0 , b=1.12 , c=2.5 , d=0.35.

Thus, Effort = 3.0 * (200)^1.12 = 3.0 * 377.70 = 1133.12 PM

Development Time = 2.5 * (1133.12)^0.35 = 2.5 * 11.72 = 29.30 PM.

Average Staff Size = (Effort)/(Development Time) Persons

= 1133.12/29.30 = 38.67 Persons

Productivity = KLOC / Effort

= 200 / 1133.12 = 0.176 KLOC/PM

Q.2: What is risk? Is it economical to do risk management? What is the effect of this activity on the
overall cost of the project?

Ans:

Risk: Risk is an expectation of loss, a potential problem that may or may not occur in the future. It is
generally caused due to lack of information, control or time. A possibility of suffering from loss in
software dev process is called a software risk. Loss can be anything, increase in production cost,
development of poor quality software, not being able to complete the project in time. Software risk
exists because the future is uncertain and there are many known and unknown things that cannot be
incorporated in the project plan.

Risk management is not an economical procedure and not all parties can pay for good risk
management. So small projects usually have zero or very low risk management budget.

But for a large scale project risk management process is highly beneficial. It points out and solves all
the threats and risks that a project can pose to a big firm thereby making sure that that firm doesn’t
run in loss after that project.
Q.3: What is risk exposure? What techniques can be used to control each risk?

Ans:

Risk exposure is the measure of potential future loss that the company might experience due to a
specific activity. It is usually used as a measure to rank the probability of certain risks and identifying
them as acceptable or unacceptable based on the level of threat they pose. In technical terms we
can define it as the product of the probability of incurring a loss due to the risk and the potential
magnitude of that loss.

For most software development projects, we can define five main risk impact areas:

1. New, unproven tech

2. User and functional requirements.
3. Application and system architecture
4. Performance
5. Organizational

Six techniques can be used to control risks, which are:

1. Avoidance – It is the best method of risk control. We avoid the risk altogether

2. Loss Prevention -In this method, risk is accepted, but rather than trying to resolve the risk, we
attempt to minimize the loss. Since we can’t avoid it, we try to prevent it.

3. Loss Reduction -Risk is accepted and we try to only make sure that the losses are no too much
when a threat occurs.

4. Separation - We try to disperse our major assets. So, that when a situation of threat occurs at a
location, it only affects that particular location, others remain unaffected.

5. Duplication – It involves a backup plan in case the risk is severe and poses serious threat.

6. Diversification – It allocates the resources to multiple businesses offering a variety of products in

several different industries. Thus, loss in one line would not spread to others.

Q.4: What are risk management activities? Is it possible to prioritize the risk?

Ans:

Risk management activities are divided into 2 categories:

Risk Assessment and Risk control.

1. Risk Assessment - The objective of risk assessment is to divide the risks in the condition of
their loss, causing potential. For risk assessment, every risk should be rated in two methods,
possibility of risk being true and consequences of issues related to that risk. Risk Assessment
is divided into 3 parts – Risk Identification , Risk Analysis , Risk Prioritization.

• Risk Identification – Risk must be anticipated as early as possible so that the impact of the
risk is reduced by taking appropriate measures. Risks are separated into different categories
for convenience, such as, Technology risks, Tools risk etc.
 • Risk Analysis – Risk analysis means the analyzing all the risks that are identified and rate
them based on the probability and the seriousness of the risk, there is no way to make an
exact numerical of the probability thus a certain range is used to measure the seriousness of
a risk.
• Risk Prioritization - A Risk Analysis may identify a number of risks that appear to be of
similar ranking or severity. When too many risks are clustered at or about the same level, a
method is needed to prioritize risk responses and where to apply limited resources.

2. Risk Control - It is the process of managing risks in order to achieve desired outcomes. the
project must be made to include the most harmful and the most likely risks. Different risks
need different containment methods. In fact, most risks need ingenuity on the part of the
project manager in tackling the risk.
• Risk Management Planning - The risk planning method considers each of the key risks
that have been identified and develop ways to maintain these risks.
• Risk Monitoring – It is the method where we observe and keep track of how the risk
behaves and make sure that risk responses are implemented successfully. It tracks the
execution of risk management and continues to identify new risks.
• Risk Resolution – It is the method where we either eliminate the items that possess risk or
we resolve the risk itself.

It is possible to prioritize risks however it can only be done if the risks are properly identified, using
risk prioritization we can classify them based on their threat levels and take prevention measures
accordingly.

Q.5: Discuss the Putnam resources allocation model. Derive the time and effort equations. What
are the limitations of this model?

Ans:

The Lawrence Putnam model describes the time and effort requires finishing a software project of a
specified size. Putnam makes a use of a so-called The Norden/Rayleigh Curve to estimate project
effort, schedule & defect rate as shown in fig:
Putnam further stated that the curve can be applied not only to the complete life cycle but also the
individual phases i.e., coding, testing, assigning people to a project etc. Area under the curve can be
used to compute number of valid lines of code, errors found and corrected etc. According to Putnam
relationship between size, schedule and effort matched the Norden/Rayleigh function which is :

m(t) = 2Kat (exp (-at2 )) where,

m(t) = number of persons at any time t (in years)

K = Total project effort in staff years

a = Acceleration factor (which determines sharpness of curve)

Acceleration factor is given by: a = 1/2td 2

He also introduced D (difficulty metric) which shows that when either manpower demand is very
high or development time is short, product is difficult to develop. Here td = development time.

D = K/td 2 ----(2)

So, peak manpower is given by :

m0 = K/td e ½ ----(3)

from (2) and (3) we get,

D = K/td 2 = ( m0e 1/2) / td\

Productivity Measure = (Size) / ((Time)^4/3 *(Effort/B)^1/3)

The given equation could be rearranged for time and effort such as:

E = (B*(Size)^3 ) / ((Time)^4 * (Productivity Measure)^3 )

Time = [(B*(Size)^3 ) / (Effort * (Productivity Measure)^3 )] ^1/4

Q.6: Explain the COCOMO-II in detail. What types of categories of projects are identified? Which
stage is more popular and why?

Ans:

COCOMO-II is the revised version of the original Cocomo (Constructive Cost Model) and is developed
at University of Southern California. It is the model that allows one to estimate the cost, effort and
schedule when planning a new software development activity.
It consists of three sub-models:

1.End User Programming: Application generators are used in this sub-model. End user write the
code by using these application generators.

2.Intermediate Sector:

• Application Generators and Composition Aids – This category will create largely prepackaged
capabilities for user programming. Their product will have many reusable components. Typical firms
operating in this sector are Microsoft, Lotus, Oracle, IBM, Borland, Novell.

• Application Composition Sector – This category is too diversified and to be handled by

prepackaged solutions. It includes GUI, Databases, domain specific components such as financial,
medical or industrial process control packages.

• System Integration – This category deals with large scale and highly embedded systems.
3.Infrastructure Sector: This category provides infrastructure for the software development like
Operating System, Database Management System, User Interface Management System, Networking
System, etc.

Stages of COCOMO-II:

A. Stage - I: It supports estimation of prototyping. For this it uses Application Composition

Estimation Model. This model is used for the prototyping stage of application generator and system
integration.

B. Stage – II: It supports estimation in the early design stage of the project, when we less know
about it. For this it uses Early Design Estimation Model. This model is used in early design stage of
application generators, infrastructure, system integration.
C. Stage - III: It supports estimation in the post architecture stage of a project. For this it uses Post
Architecture Estimation Model. This model is used after the completion of the detailed architecture
of application generator, infrastructure, system integration.