A Generic Architecture Risk Model Candidate - Replication Dataset

Failure to manage risks is common in unsuccessful projects, despite risk management being core to software architecture practice. The limited support for describing risks in the ISO 42010 architecture description standard does not help software architecture practice. To improve upon this situation, we synthesised a candidate software architecture risk model from concepts found in literature. We then gathered feedback and refined our model by surveying experienced practitioners. Results of the survey demonstrate that practitioners prefer the model over textual risk descriptions due to the model’s fidelity, rigour and traceability. Our model enables the identified risks to be described in terms of implicated architecture elements, risk indicators, consequences, and controls. Understanding the risks associated with a software architecture enables stakeholders to better understand software trustworthiness. This dataset enables other researchers to understand and replicate our work.