Risk Models

The risk models listed below are used in combination with data stemming from SonarQube, OMM Form, Fossology and OpenHub in order to produce risk analysis. Each model consists of the following:

  • Normalization intervals, used to adjust absolute values measured on different scales to a common scale from 1 to 5
  • License risk function, which computes a global license score indicator from metrics stemming from Fossology and OMM
  • Quality risk function, computing a score based on SonarQube and OMM metrics
  • Activeness risk function, taking input from OMM and OpenHub
    Please note a Market Readiness Function is currently (December 2018) in development as well as a Market Readiness Model. Please ignore them. 

The initial effort for the creation of these models was supported by the RISCOSS EU project.

Market Readiness Model(Alpha version, for testing purpose only. Please ignore it.)
The Market Readiness Model emphasizes market readiness indicators on top of  all risk functions.
Activeness Sensitive Risk ModelThis model correlates low activeness to high risk.
License Sensitive Risk ModelThe strict-IP risk model puts the emphasis on license checking. It helps to identify projects having a large diversity of licenses with possible incompatibilities, or large number of files without an explicit license.
OW2 Risk ModelThe OW2 risk model is the risk model used by default on the OW2 projects' dashboards. Its normalization intervals are slightly more severe than the ones used by the basic risk model. It is less demanding in terms of license checking than the strict-IP model though.
Quality Sensitive Risk ModelThe strict quality risk model is emphasizing risks related to low test coverage or test success density.