Fuzzy Logic Model for Informed Decision-Making in Risk Assessment During Software Design
Abstract
1. Introduction
1.1. Aims and Objectives
- 1.
- To investigate the previous research on risk factors related to the design phase of software development projects: Firstly, we conduct an extensive literature review to explore the existing research on risk factors, analyzing academic papers, industry reports, and case studies to understand the current state of knowledge. Secondly, we identify gaps in the existing risk management tools and highlight the specific challenges associated with managing risks during the design phase.
- 2.
- To identify and categorize specific risk factors pertinent to the design phase of software development projects: Building on the insights gained from the literature review, the second objective is to identify and categorize the specific risk factors that are most relevant to the design phase of software development projects. This process involves systematically listing potential risks, such as ambiguity in requirements, design complexity, stakeholder misalignment, and technological constraints. The idea is to categorize each identified risk based on its nature (e.g., technical, organizational, or process-related), potential impact, and likelihood.
- 3.
- To develop a fuzzy logic-based model using MATLAB and Simulink: The development process involves creating the fuzzy inference system, defining membership functions, and simulating various risk scenarios to evaluate the model’s performance.
- 4.
- To validate the proposed fuzzy model through empirical data: We validate the accuracy and effectiveness of our proposed model using empirical data from past software development projects to ensure its reliability in assessing risk factors and predicting potential issues.
- 5.
- To provide practical guidelines for implementing the fuzzy model in real-world software development projects: The final objective is to translate the theoretical and technical aspects of the fuzzy model into practical guidelines to integrate the fuzzy model into existing risk management processes, offer best practices for its use, and suggest strategies for interpreting and acting on the model’s outputs. We provide generic guidelines so that it can be easily adopted by any software development team. The aim is to ensure that the fuzzy model is not just a theoretical tool but a practical solution that can be readily implemented in real-world projects, ultimately helping to improve risk management during the design phase and contributing to the success of software development initiatives.
1.2. Study Scope
2. Literature Review
Distinguishing the Current Research from the Existing Literature
- Focuses exclusively on software design, capturing the iterative nature of the design phase. Furthermore, it recognizes the fact that the risks during the design stage differ significantly from those in subsequent phases, such as implementation and testing.
- Creates a tailored fuzzy logic model that integrates key design-related risk elements, including changing architectural needs, challenges in technical feasibility, and stakeholder misalignment.
- Optimizes model accuracy and applicability by integrating expert-driven rule definitions. This ensures that risk assessments reflect actual challenges faced by software design teams.
- Provides practical guidelines for applying fuzzy risk assessments in real-world software projects.
3. Methodology
3.1. Approach
3.2. Research Methodology
3.3. Data Collection and Preprocessing
3.4. Mathematical Formulation
3.4.1. Fuzzification
3.4.2. Rule Base
3.4.3. Inference (Mandani Max–Min)
3.4.4. Aggregation
3.4.5. Defuzzification
3.5. Development of the Fuzzy Model
3.5.1. Simulation and Model Validation
3.5.2. Challenges in Model Development
4. Results and Analysis
4.1. Risk Factor Evaluation and Scoring
4.2. Descriptive Statistics
4.3. Risk Factor Ranking Analysis
4.4. Dynamic Fuzzy Model Output
4.5. Interpretation of Results and Overall Implications
4.6. Comparative Results and Summary of Improvements
5. Discussion
6. Conclusions and Future Work
Author Contributions
Funding
Conflicts of Interest
References
- Akbar, S.; Zubair, M.; Khan, R.; Akbar, U.U.; Ullah, R.; Zheng, Z. Weighted Multi-Skill Resource Constrained Project Scheduling: A Greedy and Parallel Scheduling Approach. IEEE Access 2024, 12, 29824–29836. [Google Scholar] [CrossRef]
- Cervantes, H.; Kazman, R. Designing Software Architectures: A Practical Approach; Addison-Wesley Professional: Boston, MA, USA, 2024. [Google Scholar]
- Fahmideh, M.; Beydoun, G. Big data analytics architecture design—An application in manufacturing systems. Comput. Ind. Eng. 2019, 128, 948–963. [Google Scholar] [CrossRef]
- Demir, M.Ö.; Chouseinoglou, O.; Tarhan, A.K. Factors affecting architectural decision-making process and challenges in software projects: An industrial survey. J. Softw. Evol. Process 2024, 36, e2703. [Google Scholar] [CrossRef]
- Masso, J.; Pino, F.J.; Pardo, C.; García, F.; Piattini, M. Risk management in the software life cycle: A systematic literature review. Comput. Stand. Interfaces 2020, 71, 103431. [Google Scholar] [CrossRef]
- Borowa, K.; de Almeida, R.R.; Wiese, M. Debiasing Architectural Decision-Making: An Experiment With Students and Practitioners. In Proceedings of the 2025 IEEE 22nd International Conference on Software Architecture (ICSA), Odense, Denmark, 31 March–4 April 2025; pp. 210–220. [Google Scholar]
- Akbar, S.; Ullah, R.; Khan, R.; Asghar, I.; Zubair, M.; Zheng, Z. A Multi-Criteria Decision-Making Framework for Software Project Management Tool Selection. In Proceedings of the 2023 9th International Conference on Computer Technology Applications, Vienna, Austria, 10–12 May 2023; pp. 184–191. [Google Scholar]
- Qurashi, J.A.; Sandhu, S.S.; Bhari, P.L. Benchmark for Investigating the Security in Software Development Phases. In Proceedings of the 4th International Conference on Information Management & Machine Intelligence, Jaipur India, 23–24 December 2022; pp. 1–12. [Google Scholar]
- Özakıncı, R.; Tarhan, A. Early software defect prediction: A systematic map and review. J. Syst. Softw. 2018, 144, 216–239. [Google Scholar] [CrossRef]
- Amna, A.R.; Poels, G. Ambiguity in user stories: A systematic literature review. Inf. Softw. Technol. 2022, 145, 106824. [Google Scholar] [CrossRef]
- Liu, H.; Huang, C.; Sun, K.; Yin, J.; Wu, X.; Wang, J.; Zhang, Q.; Zheng, Y.; Nigam, V.; Liu, F.; et al. Design for dependability—State of the art and trends. J. Syst. Softw. 2024, 211, 111989. [Google Scholar] [CrossRef]
- Roy, M.; Deb, N.; Cortesi, A.; Chaki, R.; Chaki, N. Requirement-oriented risk management for incremental software development. Innov. Syst. Softw. Eng. 2021, 17, 187–204. [Google Scholar] [CrossRef]
- Khan, M.J.; Jiang, S.; Ding, W.; Huang, J.; Wang, H. An infrared and visible image fusion using knowledge measures for intuitionistic fuzzy sets and Swin Transformer. Inf. Sci. 2024, 684, 121291. [Google Scholar] [CrossRef]
- Meidan, A.; García-García, J.A.; Ramos, I.; Escalona, M.J. Measuring software process: A systematic mapping study. ACM Comput. Surv. (CSUR) 2018, 51, 1–32. [Google Scholar] [CrossRef]
- Gondal, H.A.H.; Din, S.M.U.; Fayyaz, S.; Zeb, M.D.; Nadeem, B. Preeminent risk factor affecting software development. In Proceedings of the 2018 International Conference on Advancements in Computational Sciences (ICACS), Lahore, Pakistan, 19–21 February 2018; pp. 1–7. [Google Scholar]
- Rasul, N.; Malik, M.S.A.; Bakhtawar, B.; Thaheem, M.J. Risk assessment of fast-track projects: A systems-based approach. Int. J. Constr. Manag. 2021, 21, 1099–1114. [Google Scholar] [CrossRef]
- Ibraigheeth, M.A.; Fadzli, S.A. Fuzzy Logic Driven Expert System for the Assessment of Software Projects Risk. Int. J. Adv. Comput. Sci. Appl. 2019, 10. [Google Scholar] [CrossRef]
- Vasylkiv, N.; Turchenko, I.; Dubchak, L. Fuzzy model of the IT project environment impact on its completion. In Proceedings of the 2020 10th International Conference on Advanced Computer Information Technologies (ACIT), Deggendorf, Germany, 16–18 September 2020; pp. 302–305. [Google Scholar]
- Moreno-Cabezali, B.M.; Fernandez-Crehuet, J.M. Application of a fuzzy-logic based model for risk assessment in additive manufacturing R&D projects. Comput. Ind. Eng. 2020, 145, 106529. [Google Scholar]
- Suresh, K.; Dillibabu, R. A novel fuzzy mechanism for risk assessment in software projects. Soft Comput. 2020, 24, 1683–1705. [Google Scholar] [CrossRef]
- Khan, R.A.; Khan, S.U.; Akbar, M.A.; Alzahrani, M. Security risks of global software development life cycle: Industry practitioner’s perspective. J. Softw. Evol. Process 2024, 36, e2521. [Google Scholar] [CrossRef]
- Zhou, Y.; Hu, Y. Research on Software Risk Assessment Model based on AHP-Fuzzy Comprehensive Evaluation. In Proceedings of the 2020 4th International Conference on Management Engineering, Software Engineering and Service Sciences, Wuhan, China, 17–19 January 2020; pp. 16–20. [Google Scholar]
- Yi, B.; Cao, Y.P.; Song, Y. Network security risk assessment model based on fuzzy theory. J. Intell. Fuzzy Syst. 2020, 38, 3921–3928. [Google Scholar] [CrossRef]
- Akbar, S.; Ahmad, I.; Khan, R.; Lopes, I.O.; Ullah, R. Multi-skills resource constrained and personality traits based project scheduling. IEEE Access 2022, 10, 131419–131429. [Google Scholar] [CrossRef]
- Khan, R.A.; Khan, S.U.; Khan, H.U.; Ilyas, M. Systematic literature review on security risks and its practices in secure software development. Ieee Access 2022, 10, 5456–5481. [Google Scholar] [CrossRef]
- Thieme, C.A.; Mosleh, A.; Utne, I.B.; Hegde, J. Incorporating software failure in risk analysis–Part 1: Software functional failure mode classification. Reliab. Eng. Syst. Saf. 2020, 197, 106803. [Google Scholar] [CrossRef]
- Khan, A. Software Design Phase Risk Factors. Kaggle dataset: “Software Design Phase Risk Factors”. 2023. Available online: https://www.kaggle.com/datasets/asif05amu/software-design-phase-risk-factors (accessed on 6 March 2025).
Risk Factor | Expertise | Contingency | Cost | Schedule | Quality | Score | Rank |
---|---|---|---|---|---|---|---|
Inaccurate project scoping (PS1) | 7 | 6 | 9 | 8 | 8 | 7.75 | 1 |
Failure to meet scalability requirements (SR2) | 8 | 4 | 9 | 8 | 8 | 7.75 | 2 |
Improper choice of programming language (PL1) | 6 | 5 | 8 | 7 | 7 | 6.87 | 3 |
Insufficient quality control (QC1) | 6 | 5 | 8 | 7 | 8 | 6.87 | 3 |
Unforeseen technical challenges (TC2) | 4 | 7 | 7 | 8 | 7 | 6.87 | 3 |
Poor resource planning (RP1) | 4 | 4 | 7 | 7 | 8 | 6.87 | 3 |
Unclear roles and responsibilities (RR1) | 7 | 5 | 8 | 8 | 7 | 6.87 | 3 |
Inadequate project timeline (PT1) | 6 | 7 | 6 | 8 | 7 | 6.87 | 3 |
Failure to address user feedback (UF1) | 4 | 4 | 6 | 7 | 8 | 6.87 | 3 |
Insufficient documentation (ID1) | 7 | 4 | 8 | 7 | 7 | 6.87 | 3 |
Failure to meet security requirements (SR1) | 7 | 7 | 6 | 8 | 7 | 6.87 | 3 |
Technical debt accumulation (TD1) | 8 | 4 | 8 | 7 | 8 | 6.87 | 3 |
Misalignment with business objectives (BO1) | 5 | 7 | 6 | 7 | 8 | 6.87 | 3 |
Delayed decision-making (DM1) | 7 | 7 | 9 | 7 | 7 | 6.82 | 4 |
Inadequate risk management (RM1) | 8 | 7 | 9 | 8 | 7 | 6.82 | 4 |
Outdated technology stack (OT1) | 7 | 7 | 9 | 8 | 7 | 6.82 | 4 |
Statistic | Mean | Median | Standard Deviation | Minimum | Maximum |
---|---|---|---|---|---|
Risk Score | 6.12 | 6.25 | 1.42 | 4.81 | 7.75 |
Rank | Risk Factor | Risk Score |
---|---|---|
1 | Inaccurate project scoping (PS1) | 7.7510 |
2 | Failure to meet scalability requirements (SR2) | 7.7509 |
3 | Improper choice of programming language (PL1) | 6.8743 |
4 | Insufficient quality control (QC1) | 6.8743 |
5 | Unforeseen technical challenges (TC2) | 6.8743 |
6 | Stakeholder misalignment (SM1) | 6.7500 |
7 | Inadequate resource allocation (RA1) | 6.7432 |
8 | Ambiguous design specifications (DS1) | 6.7083 |
9 | Complex system integration (SI1) | 6.6501 |
10 | Evolving user requirements (UR1) | 6.5982 |
Risk Scenario | Traditional Weighted Score | Fuzzy Model Output | Interpretation |
---|---|---|---|
R1 | 7.3 | 6.9 | High |
R2 | 5.8 | 5.3 | Moderate |
R3 | 3.2 | 2.9 | Low |
Method | R1 Output | R2 Output | Stability |
---|---|---|---|
Centroid | 6.9 | 5.3 | High |
Bisector | 6.8 | 5.4 | High |
Risk Factor | Manual Risk | Fuzzy Rank | Consistency |
---|---|---|---|
Ambigious Requirements | 1 | 1 | ✓ |
Unrealistic Deadlines | 3 | 3 | ✓ |
Communication Gaps | 2 | 3 | ✓ |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Aregbesola, G.D.; Asghar, I.; Akbar, S.; Ullah, R. Fuzzy Logic Model for Informed Decision-Making in Risk Assessment During Software Design. Systems 2025, 13, 825. https://doi.org/10.3390/systems13090825
Aregbesola GD, Asghar I, Akbar S, Ullah R. Fuzzy Logic Model for Informed Decision-Making in Risk Assessment During Software Design. Systems. 2025; 13(9):825. https://doi.org/10.3390/systems13090825
Chicago/Turabian StyleAregbesola, Gbenga David, Ikram Asghar, Saeed Akbar, and Rahmat Ullah. 2025. "Fuzzy Logic Model for Informed Decision-Making in Risk Assessment During Software Design" Systems 13, no. 9: 825. https://doi.org/10.3390/systems13090825
APA StyleAregbesola, G. D., Asghar, I., Akbar, S., & Ullah, R. (2025). Fuzzy Logic Model for Informed Decision-Making in Risk Assessment During Software Design. Systems, 13(9), 825. https://doi.org/10.3390/systems13090825