Other Information


RISCOSS is designed to offer novel risk identification, management and mitigation tools and methods for community-based and industry-supported OSS development, composition and life cycle management to individually, collectively and collaboratively manage OSS adoption risks.

Open Source Software (OSS) has become a strategic asset for a number of reasons, such as its short time-to-market software service and product delivery, reduced development and maintenance costs, and its customization capabilities. OSS technologies are currently embedded in almost all commercial software. 

In spite of the increasing strategic importance of OSS technologies, IT companies and organisations face numerous difficulties and challenges when making the strategic move to integrate in their processes the open source way of working. This can lead to the perception of possible extra risk with respect to the traditional approaches of software development and provisioning. Such risks (e.g., evaluation, integration, context, process, quality and evolution risks) are not to be neglected since incorrect decisions may lead to expensive failures. Indeed, insufficient risk management has been recently reported as one of the five topmost mistakes to avoid when implementing OSS-based solutions. With proper risk management and mitigation, failures could be reduced or impact cost minimised. To take the most from OSS adoption, the understanding and management of all risks becomes necessary since they directly impact business, with strong effects on time-to- market, revenue and therefore customer satisfaction and brand image. 

The RISCOSS project was originally initiated to address issues raised by communication equipment manufacturers looking to integrate open source code into their products. They needed a comprehensive approach that would integrate the whole decision-making chain, from technology criteria to strategic concerns. RISCOSS develops both a methodology and a decision-making platform. The platform,  developed as an application integrated in OW2 project XWiki, will be an open source project freely available to all.

While leveraging recent advances in statistics, the RISCOSS platform is designed to cover the real-requirements provided by five use-cases. OW2 will leverage RISCOSS to complement its SQuAT (Software Quality Assurance and Trustworthiness) quality program. Telecommunications provider Ericsson Italia will use RISCOSS in the risk management program it is implementing to support its migration to a full open source paradigm. Spain's Cenatic will test RISCOSS in enabling the dissemination of open source solutions in the public sector. XWiki and Moodbile.org, two open source projects, will leverage RISCOSS to enhance the consistency of their user- and community-driven feature roadmaps, and put the focus on reliability, stability and support for backward compatibility.

The objective of RISCOSS is to assist conventional companies in overcoming the fear of adopting open source software. Understanding the possible risks and the possible solutions can help with addressing the inherent uncertainty that they tend, rightly or not, to expect with this type of software.

Developments funded by this project


This is a "crap repository" for work-in-progress DataCollectors for the riscoss project.


This project runs an analysis remotely because jSmile tends to crash and it's proprietary.


Risk Data Collectors (RDC) are the main agents that are in charge of collecting risk drivers about the entities that are taken into account for the risk analysis, and to send it to the Risk Data Repository to be made available to the other components within the platform.


This repository contains default configuration for the RISCOSS Platform Domain Manager. Please see https://github.com/RISCOSS/riscoss-platform-build for a starting point.


Example data for simulating the RISCOSS analyzer.


Development repo of riscoss subwiki user interface.

Created by Ludovic Dubost on 2015/02/20 14:42