SlideShare une entreprise Scribd logo
1
Software Quality Assurance
by Mark J. Tseytlin
Sr. SQE, Raytheon Company
2
Let’s Get Acquainted…
Instructor: Mark Tseytlin
Phone: 978-440-2098
E-mail: Mark_J_Tseytlin@raytheon.com
3
What is Software Quality
Assurance?
4
What is Quality?
Quality – developed product meets it’s specification
Problems:
• Development organization has requirements exceeding customer's
specifications (added cost of product development)
• Certain quality characteristics can not be specified in
unambiguous terms (i.e. maintainability)
• Even if the product conforms to it’s specifications, users may
not consider it to be a quality product (because users may not be involved in
the development of the requirements)
5
Quality Management – ensuring that required level of
product quality is achieved
• Defining procedures and standards
• Applying procedures and standards to the product and process
• Checking that procedures are followed
• Collecting and analyzing various quality data
Problems:
• Intangible aspects of software quality can’t be standardized
(i.e elegance and readability)
What is Quality Management?
6
What are SQA, SQP, SQC, and SQM?
SQA includes all 4 elements…
• Software Quality Assurance – establishment of network of
organizational procedures and standards leading to high-
quality software
2. Software Quality Planning – selection of appropriate
procedures and standards from this framework and adaptation
of these to specific software project
3. Software Quality Control – definition and enactment of
processes that ensure that project quality procedures and
standards are being followed by the software development
team
4. Software Quality Metrics – collecting and analyzing quality
data to predict and control quality of the software product
being developed
7
Software Development Process
8
Software Development Process Spiral
Software Development Phases
IPDS
Top-Down Design Model
9
Software Development Cycle
Software Development Phase
• Software requirements
• Preliminary Design
• Detailed Design
• Code
• Unit Test
• Software integration
• Software Component Test
• Software System Test
• Maintenance and Support
End product
• SRS, IRS
• SDD, PQT/FAT/SAT
Plans & Proc.’s, ICD, IDD
• PDL, User Manuals
• Code, UT Plan & Proc.’s
• UT Results
•VDD
• PQT Report
• FAT & SAT Reports
• ECP’s leading to updates
10
Software Development Cycle (contd.)
Req.
PD
DD
CUT
Int
PQT
FAT
SAT
Maint
11
Integrated Product Development System
12
Software Quality Assurance
Element I
13
Software Development Standards
14
Why are Standards Important?
• Standards provide encapsulation of best, or at least most
appropriate, practice
• Standards provide a framework around which the quality
assurance process may be implemented
• Standards assist in continuity of work when it’s carried out by
different people throughout the software product lifecycle
Standards should not be avoided. If they are too extensive
for the task at hand, then they should be tailored.
15
SDS a Simplistic approach
In most mature organizations:
• ISO is not the only source of SDS
• Process and Product standards are derived independently
• Product standards are not created by SQA
16
Process Standards
Process Standards – standards that define the process
which should be followed during software development
ISO CMM CMMI
Organizational
Quality Manual
Organizational
SD Process STD’s
IPDS
Project SD Process STD’s
(SDP, IP, Method Sheets)
Project
SQP
Project
SCMP
17
Product Standards
Product Standards – standards that apply to software
product being developed
ISO
STD’s
MIL/ Industry
STD’s
Organizational
Product STD’s
COTS
STD’s
Project Product STD’s
(SDP, IP, Method Sheets)
18
Quality Models
19
ISO - 9001 Elements
• Quality System Requirements
• Management Responsibility
• Quality system
• Contract review
• Design Control
• Document control
• Purchasing
• Purchaser supplied product
• Product identification and traceability
• Process control
• Inspection and testing
• Inspection, measuring and test equipment
• Inspection and test status
• Control of non-conforming product
• Corrective action
• Handling, storage, preservation, packaging
and shipping
• Quality records
• Internal quality audits
• Training
• Servicing
• Statistical techniques
• Software Quality Responsibilities
• Management Responsibility
• Quality system
• Contract review
• Design Control
• Document control
• Purchasing
• -
• Product identification and traceability
• Process control
• Inspection and testing
• -
• Inspection and test status
• -
• Corrective action
• -
• Quality records
• Internal quality audits
• Training
• -
• Statistical techniques
20
Capability Maturity Model KPA’s
21
CMM Level’s 2-5
22
CMM Integration Model Architecture
23
CMM to CMMI Mapping
24
Documentation
25
Documentation Hierarchy
• Documents are not the only tangible way of representing software
products. The working software system is the most tangible way of
representing software products.
• Documents are the best way to ensure software products’
understandability
26
Process and Product Quality
Quality of development process directly affects the quality of
delivered products.
This is the factory approach. It doesn’t work because software is
designed rather then manufactured.
27
Process and Product Quality Creative Approach
• Quality Improvement – identifying good quality products,
examining the processes used to develop these products, and then
generalizing these processes so that they can be applied everywhere
28
Quality Improvement – The Wheel of 6Sigma
Six Sigma
29
Quality Improvement – Six Sigma Process
• Visualize – Understand how it works now and imagine how it
will work in the future
• Commit – Obtain commitment to change from the stakeholders
• Prioritize – Define priorities for incremental improvements
• Characterize – Define existing process and define the time
progression for incremental improvements
• Improve – Design and implement identified improvements
• Achieve – Realize the results of the change
30
Continuity and Independence of SQA
• Software Quality Assurance team must be independent in order to
take an objective view of the process and report problems to senior
management directly
• If prescribed process is inappropriate for the type of software
product which is being developed, then it should be tailored
• The standards must be upheld no matter how small the task.
Prototyping doesn’t mean no standards. It means tailored standards.
• Quality is FREE, if it’s Everyone’s Responsibility!
31
Software Quality Planning
Element II
32
Software Quality Plan
• Tailoring - SQP should select those organizational standards that
are appropriate to a particular product
• Standardization - SQP should use (call out) only approved
organizational process and product standards
• If new standards are required a quality improvement should be
initiated
• Elements - SQP elements are usually based on the ISO-9001
model elements
• SQP is not written for software developers. It’s written for SQE’s
as a guide for SQC and for the customer to monitor development
activities
• Things like software production, software product plans and risk
management should be defined in SDP, IP
• Quality Factor’s shouldn’t be sacrificed to achieve efficiency.
Don’t take the job if quality process can’t be upheld
33
Software Quality Control
Element III
34
Methods of Software Quality Control
SQC involves overseeing the software development process to ensure that the
procedures and STD’s are being followed
The following activities constitute SQC:
• Quality Reviews - in-process reviews of processes and products
Reviews are the most widely used method of validating the quality of processes and
products. Reviews make quality everyone's responsibility. Quality must be built-in.
SQE is responsible for writing Quality Engineering Records (QERs) documenting their
participation in these reviews.
• Tests - end-result verifications of products. These verifications are conducted after the
software has been developed. Test procedures are followed during conduct of these
activities. SQE is responsible for keeping the logs and some times for writing the test
report.
• Quality Audits - in-process verifications of processes. These audits are conducted
periodically (twice a month) to assess compliance to the process STD’s.
35
Quality Reviews
• Peer reviews - reviews of processes and products by groups of people. These
reviews require pre-review preparation by all participants. If a participant is not
prepared, then the review is not effective. This type of review requires
participation of the SQE, moderator, recorder, author(s), and one or more critical
reviewers. All issues found during these reviews are documented on AR forms.
• Walkthroughs - reviews of products by groups of people mostly without
preparation. For example a requirements traceability review is a walkthrough. It
involves tracing a requirement from customer requirements to the test procedures.
All issues found during these reviews are documented on CAR forms.
• Desk inspections - reviews of products by individuals. These reviews involve
people reviewing products by themselves (not in a group) and then submitting
their comments to the author(s). The issues found during these reviews are
treated in informal manner.
36
Tests
• Engineering Dry-run - test conducted by engineering without SQE. These tests
include Unit Tests and engineering dry-runs of the formal tests. These engineering dry-
runs are used to verify correctness and completeness of the test procedures. Also, these
is the final engineering verification of the end-product before sell-off to SQE. All
issues found during these tests are documented on STR forms.
• SQE Dry-run - test conducted by SQE. These tests include PQT, FAT and SAT dry-
runs. These tests are used to verify the end-product before the formal test with the
customer. An SQE is sometimes responsible for writing the test report. However, if a
separate test group is available, then SQE is relived of this obligation. All issues found
during these tests are documented on STR forms.
• TFR - test conducted as “RFR - run-for-record” with the SQE and the customer.
These tests include FAT and SAT. These tests are conducted to sell the end-product off
to the customer. SQE is present at all such tests. All issues found during these tests are
documented on STR forms.
37
Quality Audits
• SQE Audits - audits conducted by SQE to verify that the process STD’s are
being followed. Examples of these audits are IPDS compliance, Configuration
Control, and Software Engineering Management. All findings for these audits are
documented on QER forms. The results of the audits are distributed to the next
level of management (above project level). If the issue(s) are not fixed then the
findings are elevated to upper management.
• Independent Audits - audits conducted by ISO generalists or other independent
entities to verify that the process STD’s are being followed. These audits are
usually conducted on a division/facility level. The results of these audits are
distributed to upper management.
38
Defect Detection
Formal bug finding activities include Quality Reviews and Tests
From
Baseline
Capture
System
Requirem
ents
Analysis
Softw
are
Requirem
ents
Analysis
Prelim
inary
Design
Detailed
D
esign
Code
Unit Test
Softw
are
Integration
Softw
are
Q
ualific
S
T
A
G
E
D
E
T
E
C
T
E
D
At Baseline Capture 0
System Requirements Analysis 0 79
Software Requirements Analysis 0 0 1
Preliminary Design 0 6 2 10
Detailed Design 1 0 0 0 42
Code 0 0 0 1 2 37
Unit Test 0 0 0 0 0 0 0
Software Integration 1 0 0 0 4 1 0 0
Software Qualification Test 0 0 0 0 0 0 0 0 0
System Integration 1 0 0 0 4 5 0 0 0
System Test 0 0 0 0 0 0 0 0
Post System Test 0 0 0 0 0 0 0 0 0
93% 33% 91% 81% 86%
93% 11% 95% 79% 74% 0% 36% 0%
44% 2% 6% 27% 22% 0% 0% 0%
Chart Data Last Updated: 10/3/01
S
T
A
G
E
D
E
T
E
C
T
E
D
% Defects Originated In This Phase Out Of All Defects
% Defects Originated in This Phase That Were Contained By This Phase
% Defects Originated in This Phase Plus Defects
That Escaped From Earlier Phases That Were Contained By This Phase
39
A Bug’s Life
V
Verified
SCCB
Engineer
Engineer
Resolves STR
N A O
D
P
New Assigned
Postponed
Open
Duplicate
Tested
Approves STR Accepts STR
Software Lead
Plans Merge
Integrator
Performs Merge
R M
Resolved Merged
T
Tester
Verifies Fix
SCCB
Agrees Closure
X
Rejected
40
Software Configuration Management
SCM – activities assuring that software products are properly
identified and their transition is tracked. In many mature
organizations SCM is not part of SQA responsibilities.
• Baseline Identification – identification of initial state of the
product
• Change Identification – identification of changes made to the
baseline
• Change Control – documentation of changes via revision history,
change summary, or using automated development tools
(ClearCase or Apex)
• Status Accounting – reporting changes to others and monitoring
completeness of the project archives
• Preservation – keeper of the software products
41
Software Quality Metrics
Element IV
42
Metrics Collection
• Software measurement - the process of deriving a numeric value
for some attribute of a software product or a software process. Comparison of these
values to each other and to STD’s allows drawing conclusions about the quality of
software products or the process.
• The focus of the metrics collecting programs is usually on collecting metrics on
program defects and the V&V process.
• Metrics can be either Control Metrics or Predictor Metrics
• Most of the “Ilities” can not be measured directly unless there’s historical data.
Instead tangible software product attributes are measured and the “Ility” factors are
derived using predefined relationships between measurable and synthetic attributes.
• The boundary conditions for all measurements should be established in advance
and then revised once a large databank of historical data has been established
43
The Process of Product Measurement
1. Decide what data is to be collected
2. Assess critical (core) components first
3. Measuring component characteristics might require automated tools
4. Look for consistently (unusually only works in a factory) high or low values
5. Analysis of anomalous components should reveal if the quality of product is
compromised
44
Predictor and Control Metrics
Examples of Predictor Analysis:
• Code Reuse: SLOC = ELOC = Ported Code
• Nesting Depth: ND > 5 = Low Readability
• Risk Analysis: # STR P1 > 0 at SAT = Low Product Reliability
Examples of Control Analysis:
• STR aging: Old STRs = Low Productivity
• Requirements Volatility: High Volatility = Scope Creep
45
Software Product Metrics
There are two categories of software product metrics:
1. Dynamic metrics – this metrics is collected by measuring elements
during program’s execution. This metrics help to asses efficiency and
reliability of a software product. The parameters collected can be
easily measured (i.e. execution time, mean time between failures)
2. Static metrics – this metrics is collected by measuring parameters of
the end products of the software development. This metrics help to
asses the complexity, understandability, and maintainability of a
software product. The SLOC size and ND are the most reliable
predictors of understandability, complexity, and maintainability.
46
The Ilities
The specific metrics that are relevant
depend on the on the project, the goals of
the SQA, and the type of SW that is being
developed.
47
Examples of Software Metric – Chapter 24
48
Examples of OO Software Metric – Chapter 24
49
Defect Prevention
Defect Prevention – establishment of practices that lower the reliance
on defect detection techniques to find majority of the bugs
• Lessons learned – learning from other peoples experiences and sharing own
experiences with the other projects
• Managing With Metrics – collecting the metrics, understanding it, and making
changes to the product or process based on analysis. Metrics must be standardized to
be effective.
• Risk Analysis – identifying potential risks and opportunities early in the program
and tracking them to realization.
• Build freeze – no changes are made to the code during formal tests.
• Unit-level testing guidelines – test plans and procedures for each UT
• Baseline acceptance criteria – establishment of closure criteria in advance (i.e. no
P1 STRs at FAT TRR)
50
The end

Contenu connexe

Tendances

Risk based auditing
Risk based auditingRisk based auditing
Risk based auditing
Tunde Elijah Kelani
 
Celonis_TISAX_Compliance_1_.pdf
Celonis_TISAX_Compliance_1_.pdfCelonis_TISAX_Compliance_1_.pdf
Celonis_TISAX_Compliance_1_.pdf
Chandra Rao
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
Anu Damodaran
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...
Hassan Zaitoun
 
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Resolver Inc.
 
Human Resource Management - Bhel vs Tata steel
Human Resource Management - Bhel vs Tata steelHuman Resource Management - Bhel vs Tata steel
Human Resource Management - Bhel vs Tata steel
Hari Kumar
 
Strategic Management- Strategic Audit- MBA
Strategic Management- Strategic Audit- MBAStrategic Management- Strategic Audit- MBA
Strategic Management- Strategic Audit- MBA
Chandra Shekar Immani
 
Risk Management in Life Insurance
Risk Management in Life InsuranceRisk Management in Life Insurance
Risk Management in Life Insurance
Sonjai Kumar, SIRM
 
Organisation Appraisal and Strategy Formulation
Organisation Appraisal and Strategy FormulationOrganisation Appraisal and Strategy Formulation
Organisation Appraisal and Strategy Formulation
Dr. Pinki Insan
 
Risk governance framework
Risk governance frameworkRisk governance framework
Risk governance framework
estelleelizabeth
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
Tanmay Shinde
 
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
Instansi
 
Managing talent at Lupin
Managing talent at LupinManaging talent at Lupin
Managing talent at Lupin
Pranab Bain
 
What is Business Value?
What is Business Value?What is Business Value?
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Corporater
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
McKonly & Asbury, LLP
 
Human resource information system HIRS
Human resource information system HIRSHuman resource information system HIRS
Human resource information system HIRS
David Jaison
 
Enterprise Risk Management Framework
Enterprise Risk Management FrameworkEnterprise Risk Management Framework
Enterprise Risk Management Framework
Nigel Tebbutt
 
Corporate governance
Corporate governanceCorporate governance
Corporate governance
ravi516
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
International Federation of Accountants
 

Tendances (20)

Risk based auditing
Risk based auditingRisk based auditing
Risk based auditing
 
Celonis_TISAX_Compliance_1_.pdf
Celonis_TISAX_Compliance_1_.pdfCelonis_TISAX_Compliance_1_.pdf
Celonis_TISAX_Compliance_1_.pdf
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
 
A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...A structured approach to Enterprise Risk Management (ERM) and the requirement...
A structured approach to Enterprise Risk Management (ERM) and the requirement...
 
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and Performance
 
Human Resource Management - Bhel vs Tata steel
Human Resource Management - Bhel vs Tata steelHuman Resource Management - Bhel vs Tata steel
Human Resource Management - Bhel vs Tata steel
 
Strategic Management- Strategic Audit- MBA
Strategic Management- Strategic Audit- MBAStrategic Management- Strategic Audit- MBA
Strategic Management- Strategic Audit- MBA
 
Risk Management in Life Insurance
Risk Management in Life InsuranceRisk Management in Life Insurance
Risk Management in Life Insurance
 
Organisation Appraisal and Strategy Formulation
Organisation Appraisal and Strategy FormulationOrganisation Appraisal and Strategy Formulation
Organisation Appraisal and Strategy Formulation
 
Risk governance framework
Risk governance frameworkRisk governance framework
Risk governance framework
 
ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2ISO 27001 - information security user awareness training presentation -part 2
ISO 27001 - information security user awareness training presentation -part 2
 
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
ISO 37001 : Anti Bribery Management System Fraud & Bribery Concepts, Laws & R...
 
Managing talent at Lupin
Managing talent at LupinManaging talent at Lupin
Managing talent at Lupin
 
What is Business Value?
What is Business Value?What is Business Value?
What is Business Value?
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment QuestionnairesThird-Party Risk Management (TPRM) | Risk Assessment Questionnaires
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
 
Cybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect MatchCybersecurity Frameworks and You: The Perfect Match
Cybersecurity Frameworks and You: The Perfect Match
 
Human resource information system HIRS
Human resource information system HIRSHuman resource information system HIRS
Human resource information system HIRS
 
Enterprise Risk Management Framework
Enterprise Risk Management FrameworkEnterprise Risk Management Framework
Enterprise Risk Management Framework
 
Corporate governance
Corporate governanceCorporate governance
Corporate governance
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
 

Similaire à SQA.ppt

SQA.ppt
SQA.pptSQA.ppt
SQA.ppt
SQA.pptSQA.ppt
SE - Lecture 7 - Software Quality Reliability Mgmt - in lecture.pptx
SE - Lecture 7 - Software Quality  Reliability Mgmt - in lecture.pptxSE - Lecture 7 - Software Quality  Reliability Mgmt - in lecture.pptx
SE - Lecture 7 - Software Quality Reliability Mgmt - in lecture.pptx
TangZhiSiang
 
SOFTWARE QUALITY ASSURANCE.ppt
SOFTWARE QUALITY ASSURANCE.pptSOFTWARE QUALITY ASSURANCE.ppt
SOFTWARE QUALITY ASSURANCE.ppt
DrTThendralCompSci
 
Software Quality.pptx
Software Quality.pptxSoftware Quality.pptx
Software Quality.pptx
AnupamaSharma80
 
Quality assurance and management, software engineering
Quality assurance and management, software engineeringQuality assurance and management, software engineering
Quality assurance and management, software engineering
Rupesh Vaishnav
 
7.quality management chapter 7
7.quality management chapter 77.quality management chapter 7
7.quality management chapter 7
Warui Maina
 
Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)
ShudipPal
 
4S Akademi - QAI - Software Testing Principles and Concepts
4S Akademi - QAI - Software Testing Principles and Concepts4S Akademi - QAI - Software Testing Principles and Concepts
4S Akademi - QAI - Software Testing Principles and Concepts
Serdar Zeybek
 
05softwarequalitymanagement-150802165244-lva1-app6891.pdf
05softwarequalitymanagement-150802165244-lva1-app6891.pdf05softwarequalitymanagement-150802165244-lva1-app6891.pdf
05softwarequalitymanagement-150802165244-lva1-app6891.pdf
Samar954063
 
05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf
05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf
05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf
Samar954063
 
Lecture 05 Software Quality Management
Lecture 05 Software Quality ManagementLecture 05 Software Quality Management
Lecture 05 Software Quality Management
Achmad Solichin
 
Chapter 5 Software Quality Assurance-Finalised_BW.ppt
Chapter 5 Software Quality Assurance-Finalised_BW.pptChapter 5 Software Quality Assurance-Finalised_BW.ppt
Chapter 5 Software Quality Assurance-Finalised_BW.ppt
Bule Hora University
 
Software Quality Assurance - Software Engineering
Software Quality Assurance - Software EngineeringSoftware Quality Assurance - Software Engineering
Software Quality Assurance - Software Engineering
Purvik Rana
 
Ch24
Ch24Ch24
Software Quality Management
Software Quality ManagementSoftware Quality Management
Software Quality Management
Krishna Sujeer
 
SQA_Lec#01-1.ppt
SQA_Lec#01-1.pptSQA_Lec#01-1.ppt
SQA_Lec#01-1.ppt
Ahmad Abbas
 
Software quality assurance
Software quality assuranceSoftware quality assurance
Software quality assurance
Rizky Munggaran
 
Apply quality standards.pdf
Apply quality standards.pdfApply quality standards.pdf
Apply quality standards.pdf
Danilign Mekonnen
 
Controlling Quality by Waqas Ali Tunio
Controlling Quality by Waqas Ali TunioControlling Quality by Waqas Ali Tunio
Controlling Quality by Waqas Ali Tunio
Waqas Ali Tunio
 

Similaire à SQA.ppt (20)

SQA.ppt
SQA.pptSQA.ppt
SQA.ppt
 
SQA.ppt
SQA.pptSQA.ppt
SQA.ppt
 
SE - Lecture 7 - Software Quality Reliability Mgmt - in lecture.pptx
SE - Lecture 7 - Software Quality  Reliability Mgmt - in lecture.pptxSE - Lecture 7 - Software Quality  Reliability Mgmt - in lecture.pptx
SE - Lecture 7 - Software Quality Reliability Mgmt - in lecture.pptx
 
SOFTWARE QUALITY ASSURANCE.ppt
SOFTWARE QUALITY ASSURANCE.pptSOFTWARE QUALITY ASSURANCE.ppt
SOFTWARE QUALITY ASSURANCE.ppt
 
Software Quality.pptx
Software Quality.pptxSoftware Quality.pptx
Software Quality.pptx
 
Quality assurance and management, software engineering
Quality assurance and management, software engineeringQuality assurance and management, software engineering
Quality assurance and management, software engineering
 
7.quality management chapter 7
7.quality management chapter 77.quality management chapter 7
7.quality management chapter 7
 
Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)Software Engineering (Software Quality Assurance)
Software Engineering (Software Quality Assurance)
 
4S Akademi - QAI - Software Testing Principles and Concepts
4S Akademi - QAI - Software Testing Principles and Concepts4S Akademi - QAI - Software Testing Principles and Concepts
4S Akademi - QAI - Software Testing Principles and Concepts
 
05softwarequalitymanagement-150802165244-lva1-app6891.pdf
05softwarequalitymanagement-150802165244-lva1-app6891.pdf05softwarequalitymanagement-150802165244-lva1-app6891.pdf
05softwarequalitymanagement-150802165244-lva1-app6891.pdf
 
05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf
05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf
05softwarequalitymanagement-150802165244-lva1-app6891 (2).pdf
 
Lecture 05 Software Quality Management
Lecture 05 Software Quality ManagementLecture 05 Software Quality Management
Lecture 05 Software Quality Management
 
Chapter 5 Software Quality Assurance-Finalised_BW.ppt
Chapter 5 Software Quality Assurance-Finalised_BW.pptChapter 5 Software Quality Assurance-Finalised_BW.ppt
Chapter 5 Software Quality Assurance-Finalised_BW.ppt
 
Software Quality Assurance - Software Engineering
Software Quality Assurance - Software EngineeringSoftware Quality Assurance - Software Engineering
Software Quality Assurance - Software Engineering
 
Ch24
Ch24Ch24
Ch24
 
Software Quality Management
Software Quality ManagementSoftware Quality Management
Software Quality Management
 
SQA_Lec#01-1.ppt
SQA_Lec#01-1.pptSQA_Lec#01-1.ppt
SQA_Lec#01-1.ppt
 
Software quality assurance
Software quality assuranceSoftware quality assurance
Software quality assurance
 
Apply quality standards.pdf
Apply quality standards.pdfApply quality standards.pdf
Apply quality standards.pdf
 
Controlling Quality by Waqas Ali Tunio
Controlling Quality by Waqas Ali TunioControlling Quality by Waqas Ali Tunio
Controlling Quality by Waqas Ali Tunio
 

Plus de BUSHRASHAIKH804312

Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.pptAndrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
BUSHRASHAIKH804312
 
3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx
3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx
3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx
BUSHRASHAIKH804312
 
Direct infection: virus can infect files every time a user opens that specif...
Direct infection: virus can infect files every time a user  opens that specif...Direct infection: virus can infect files every time a user  opens that specif...
Direct infection: virus can infect files every time a user opens that specif...
BUSHRASHAIKH804312
 
1-SoftwareEngineeringandBestPractices.ppt
1-SoftwareEngineeringandBestPractices.ppt1-SoftwareEngineeringandBestPractices.ppt
1-SoftwareEngineeringandBestPractices.ppt
BUSHRASHAIKH804312
 
Ch4-ControlFlowTesting.ppt
Ch4-ControlFlowTesting.pptCh4-ControlFlowTesting.ppt
Ch4-ControlFlowTesting.ppt
BUSHRASHAIKH804312
 
knowledge-portal-150406070618-conversion-gate01.pdf
knowledge-portal-150406070618-conversion-gate01.pdfknowledge-portal-150406070618-conversion-gate01.pdf
knowledge-portal-150406070618-conversion-gate01.pdf
BUSHRASHAIKH804312
 
chapter5-file system implementation.ppt
chapter5-file system implementation.pptchapter5-file system implementation.ppt
chapter5-file system implementation.ppt
BUSHRASHAIKH804312
 

Plus de BUSHRASHAIKH804312 (7)

Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.pptAndrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
Andrew and Zac RVA-Beyond-Automated-Testing-2016.ppt
 
3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx
3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx
3-db-er_3-db-er_3-db-er_3-db-er_3-db-er.pptx
 
Direct infection: virus can infect files every time a user opens that specif...
Direct infection: virus can infect files every time a user  opens that specif...Direct infection: virus can infect files every time a user  opens that specif...
Direct infection: virus can infect files every time a user opens that specif...
 
1-SoftwareEngineeringandBestPractices.ppt
1-SoftwareEngineeringandBestPractices.ppt1-SoftwareEngineeringandBestPractices.ppt
1-SoftwareEngineeringandBestPractices.ppt
 
Ch4-ControlFlowTesting.ppt
Ch4-ControlFlowTesting.pptCh4-ControlFlowTesting.ppt
Ch4-ControlFlowTesting.ppt
 
knowledge-portal-150406070618-conversion-gate01.pdf
knowledge-portal-150406070618-conversion-gate01.pdfknowledge-portal-150406070618-conversion-gate01.pdf
knowledge-portal-150406070618-conversion-gate01.pdf
 
chapter5-file system implementation.ppt
chapter5-file system implementation.pptchapter5-file system implementation.ppt
chapter5-file system implementation.ppt
 

Dernier

What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
GeorgeMilliken2
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
WaniBasim
 
How to deliver Powerpoint Presentations.pptx
How to deliver Powerpoint  Presentations.pptxHow to deliver Powerpoint  Presentations.pptx
How to deliver Powerpoint Presentations.pptx
HajraNaeem15
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Mohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
Celine George
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
Nguyen Thanh Tu Collection
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
National Information Standards Organization (NISO)
 
How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience
Wahiba Chair Training & Consulting
 
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptxPrésentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
siemaillard
 
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
Nguyen Thanh Tu Collection
 
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
Celine George
 
Advanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docxAdvanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docx
adhitya5119
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
Celine George
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Excellence Foundation for South Sudan
 
PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.
Dr. Shivangi Singh Parihar
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
Celine George
 
Walmart Business+ and Spark Good for Nonprofits.pdf
Walmart Business+ and Spark Good for Nonprofits.pdfWalmart Business+ and Spark Good for Nonprofits.pdf
Walmart Business+ and Spark Good for Nonprofits.pdf
TechSoup
 
writing about opinions about Australia the movie
writing about opinions about Australia the moviewriting about opinions about Australia the movie
writing about opinions about Australia the movie
Nicholas Montgomery
 
Cognitive Development Adolescence Psychology
Cognitive Development Adolescence PsychologyCognitive Development Adolescence Psychology
Cognitive Development Adolescence Psychology
paigestewart1632
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
Dr. Mulla Adam Ali
 

Dernier (20)

What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
What is Digital Literacy? A guest blog from Andy McLaughlin, University of Ab...
 
Liberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdfLiberal Approach to the Study of Indian Politics.pdf
Liberal Approach to the Study of Indian Politics.pdf
 
How to deliver Powerpoint Presentations.pptx
How to deliver Powerpoint  Presentations.pptxHow to deliver Powerpoint  Presentations.pptx
How to deliver Powerpoint Presentations.pptx
 
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxChapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
 
How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17How to Make a Field Mandatory in Odoo 17
How to Make a Field Mandatory in Odoo 17
 
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
 
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
Pollock and Snow "DEIA in the Scholarly Landscape, Session One: Setting Expec...
 
How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience How to Create a More Engaging and Human Online Learning Experience
How to Create a More Engaging and Human Online Learning Experience
 
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptxPrésentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
 
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
 
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRMHow to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
 
Advanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docxAdvanced Java[Extra Concepts, Not Difficult].docx
Advanced Java[Extra Concepts, Not Difficult].docx
 
How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17How to Fix the Import Error in the Odoo 17
How to Fix the Import Error in the Odoo 17
 
Your Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective UpskillingYour Skill Boost Masterclass: Strategies for Effective Upskilling
Your Skill Boost Masterclass: Strategies for Effective Upskilling
 
PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.PCOS corelations and management through Ayurveda.
PCOS corelations and management through Ayurveda.
 
How to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 InventoryHow to Setup Warehouse & Location in Odoo 17 Inventory
How to Setup Warehouse & Location in Odoo 17 Inventory
 
Walmart Business+ and Spark Good for Nonprofits.pdf
Walmart Business+ and Spark Good for Nonprofits.pdfWalmart Business+ and Spark Good for Nonprofits.pdf
Walmart Business+ and Spark Good for Nonprofits.pdf
 
writing about opinions about Australia the movie
writing about opinions about Australia the moviewriting about opinions about Australia the movie
writing about opinions about Australia the movie
 
Cognitive Development Adolescence Psychology
Cognitive Development Adolescence PsychologyCognitive Development Adolescence Psychology
Cognitive Development Adolescence Psychology
 
Hindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdfHindi varnamala | hindi alphabet PPT.pdf
Hindi varnamala | hindi alphabet PPT.pdf
 

SQA.ppt

  • 1. 1 Software Quality Assurance by Mark J. Tseytlin Sr. SQE, Raytheon Company
  • 2. 2 Let’s Get Acquainted… Instructor: Mark Tseytlin Phone: 978-440-2098 E-mail: Mark_J_Tseytlin@raytheon.com
  • 3. 3 What is Software Quality Assurance?
  • 4. 4 What is Quality? Quality – developed product meets it’s specification Problems: • Development organization has requirements exceeding customer's specifications (added cost of product development) • Certain quality characteristics can not be specified in unambiguous terms (i.e. maintainability) • Even if the product conforms to it’s specifications, users may not consider it to be a quality product (because users may not be involved in the development of the requirements)
  • 5. 5 Quality Management – ensuring that required level of product quality is achieved • Defining procedures and standards • Applying procedures and standards to the product and process • Checking that procedures are followed • Collecting and analyzing various quality data Problems: • Intangible aspects of software quality can’t be standardized (i.e elegance and readability) What is Quality Management?
  • 6. 6 What are SQA, SQP, SQC, and SQM? SQA includes all 4 elements… • Software Quality Assurance – establishment of network of organizational procedures and standards leading to high- quality software 2. Software Quality Planning – selection of appropriate procedures and standards from this framework and adaptation of these to specific software project 3. Software Quality Control – definition and enactment of processes that ensure that project quality procedures and standards are being followed by the software development team 4. Software Quality Metrics – collecting and analyzing quality data to predict and control quality of the software product being developed
  • 8. 8 Software Development Process Spiral Software Development Phases IPDS Top-Down Design Model
  • 9. 9 Software Development Cycle Software Development Phase • Software requirements • Preliminary Design • Detailed Design • Code • Unit Test • Software integration • Software Component Test • Software System Test • Maintenance and Support End product • SRS, IRS • SDD, PQT/FAT/SAT Plans & Proc.’s, ICD, IDD • PDL, User Manuals • Code, UT Plan & Proc.’s • UT Results •VDD • PQT Report • FAT & SAT Reports • ECP’s leading to updates
  • 10. 10 Software Development Cycle (contd.) Req. PD DD CUT Int PQT FAT SAT Maint
  • 14. 14 Why are Standards Important? • Standards provide encapsulation of best, or at least most appropriate, practice • Standards provide a framework around which the quality assurance process may be implemented • Standards assist in continuity of work when it’s carried out by different people throughout the software product lifecycle Standards should not be avoided. If they are too extensive for the task at hand, then they should be tailored.
  • 15. 15 SDS a Simplistic approach In most mature organizations: • ISO is not the only source of SDS • Process and Product standards are derived independently • Product standards are not created by SQA
  • 16. 16 Process Standards Process Standards – standards that define the process which should be followed during software development ISO CMM CMMI Organizational Quality Manual Organizational SD Process STD’s IPDS Project SD Process STD’s (SDP, IP, Method Sheets) Project SQP Project SCMP
  • 17. 17 Product Standards Product Standards – standards that apply to software product being developed ISO STD’s MIL/ Industry STD’s Organizational Product STD’s COTS STD’s Project Product STD’s (SDP, IP, Method Sheets)
  • 19. 19 ISO - 9001 Elements • Quality System Requirements • Management Responsibility • Quality system • Contract review • Design Control • Document control • Purchasing • Purchaser supplied product • Product identification and traceability • Process control • Inspection and testing • Inspection, measuring and test equipment • Inspection and test status • Control of non-conforming product • Corrective action • Handling, storage, preservation, packaging and shipping • Quality records • Internal quality audits • Training • Servicing • Statistical techniques • Software Quality Responsibilities • Management Responsibility • Quality system • Contract review • Design Control • Document control • Purchasing • - • Product identification and traceability • Process control • Inspection and testing • - • Inspection and test status • - • Corrective action • - • Quality records • Internal quality audits • Training • - • Statistical techniques
  • 22. 22 CMM Integration Model Architecture
  • 23. 23 CMM to CMMI Mapping
  • 25. 25 Documentation Hierarchy • Documents are not the only tangible way of representing software products. The working software system is the most tangible way of representing software products. • Documents are the best way to ensure software products’ understandability
  • 26. 26 Process and Product Quality Quality of development process directly affects the quality of delivered products. This is the factory approach. It doesn’t work because software is designed rather then manufactured.
  • 27. 27 Process and Product Quality Creative Approach • Quality Improvement – identifying good quality products, examining the processes used to develop these products, and then generalizing these processes so that they can be applied everywhere
  • 28. 28 Quality Improvement – The Wheel of 6Sigma Six Sigma
  • 29. 29 Quality Improvement – Six Sigma Process • Visualize – Understand how it works now and imagine how it will work in the future • Commit – Obtain commitment to change from the stakeholders • Prioritize – Define priorities for incremental improvements • Characterize – Define existing process and define the time progression for incremental improvements • Improve – Design and implement identified improvements • Achieve – Realize the results of the change
  • 30. 30 Continuity and Independence of SQA • Software Quality Assurance team must be independent in order to take an objective view of the process and report problems to senior management directly • If prescribed process is inappropriate for the type of software product which is being developed, then it should be tailored • The standards must be upheld no matter how small the task. Prototyping doesn’t mean no standards. It means tailored standards. • Quality is FREE, if it’s Everyone’s Responsibility!
  • 32. 32 Software Quality Plan • Tailoring - SQP should select those organizational standards that are appropriate to a particular product • Standardization - SQP should use (call out) only approved organizational process and product standards • If new standards are required a quality improvement should be initiated • Elements - SQP elements are usually based on the ISO-9001 model elements • SQP is not written for software developers. It’s written for SQE’s as a guide for SQC and for the customer to monitor development activities • Things like software production, software product plans and risk management should be defined in SDP, IP • Quality Factor’s shouldn’t be sacrificed to achieve efficiency. Don’t take the job if quality process can’t be upheld
  • 34. 34 Methods of Software Quality Control SQC involves overseeing the software development process to ensure that the procedures and STD’s are being followed The following activities constitute SQC: • Quality Reviews - in-process reviews of processes and products Reviews are the most widely used method of validating the quality of processes and products. Reviews make quality everyone's responsibility. Quality must be built-in. SQE is responsible for writing Quality Engineering Records (QERs) documenting their participation in these reviews. • Tests - end-result verifications of products. These verifications are conducted after the software has been developed. Test procedures are followed during conduct of these activities. SQE is responsible for keeping the logs and some times for writing the test report. • Quality Audits - in-process verifications of processes. These audits are conducted periodically (twice a month) to assess compliance to the process STD’s.
  • 35. 35 Quality Reviews • Peer reviews - reviews of processes and products by groups of people. These reviews require pre-review preparation by all participants. If a participant is not prepared, then the review is not effective. This type of review requires participation of the SQE, moderator, recorder, author(s), and one or more critical reviewers. All issues found during these reviews are documented on AR forms. • Walkthroughs - reviews of products by groups of people mostly without preparation. For example a requirements traceability review is a walkthrough. It involves tracing a requirement from customer requirements to the test procedures. All issues found during these reviews are documented on CAR forms. • Desk inspections - reviews of products by individuals. These reviews involve people reviewing products by themselves (not in a group) and then submitting their comments to the author(s). The issues found during these reviews are treated in informal manner.
  • 36. 36 Tests • Engineering Dry-run - test conducted by engineering without SQE. These tests include Unit Tests and engineering dry-runs of the formal tests. These engineering dry- runs are used to verify correctness and completeness of the test procedures. Also, these is the final engineering verification of the end-product before sell-off to SQE. All issues found during these tests are documented on STR forms. • SQE Dry-run - test conducted by SQE. These tests include PQT, FAT and SAT dry- runs. These tests are used to verify the end-product before the formal test with the customer. An SQE is sometimes responsible for writing the test report. However, if a separate test group is available, then SQE is relived of this obligation. All issues found during these tests are documented on STR forms. • TFR - test conducted as “RFR - run-for-record” with the SQE and the customer. These tests include FAT and SAT. These tests are conducted to sell the end-product off to the customer. SQE is present at all such tests. All issues found during these tests are documented on STR forms.
  • 37. 37 Quality Audits • SQE Audits - audits conducted by SQE to verify that the process STD’s are being followed. Examples of these audits are IPDS compliance, Configuration Control, and Software Engineering Management. All findings for these audits are documented on QER forms. The results of the audits are distributed to the next level of management (above project level). If the issue(s) are not fixed then the findings are elevated to upper management. • Independent Audits - audits conducted by ISO generalists or other independent entities to verify that the process STD’s are being followed. These audits are usually conducted on a division/facility level. The results of these audits are distributed to upper management.
  • 38. 38 Defect Detection Formal bug finding activities include Quality Reviews and Tests From Baseline Capture System Requirem ents Analysis Softw are Requirem ents Analysis Prelim inary Design Detailed D esign Code Unit Test Softw are Integration Softw are Q ualific S T A G E D E T E C T E D At Baseline Capture 0 System Requirements Analysis 0 79 Software Requirements Analysis 0 0 1 Preliminary Design 0 6 2 10 Detailed Design 1 0 0 0 42 Code 0 0 0 1 2 37 Unit Test 0 0 0 0 0 0 0 Software Integration 1 0 0 0 4 1 0 0 Software Qualification Test 0 0 0 0 0 0 0 0 0 System Integration 1 0 0 0 4 5 0 0 0 System Test 0 0 0 0 0 0 0 0 Post System Test 0 0 0 0 0 0 0 0 0 93% 33% 91% 81% 86% 93% 11% 95% 79% 74% 0% 36% 0% 44% 2% 6% 27% 22% 0% 0% 0% Chart Data Last Updated: 10/3/01 S T A G E D E T E C T E D % Defects Originated In This Phase Out Of All Defects % Defects Originated in This Phase That Were Contained By This Phase % Defects Originated in This Phase Plus Defects That Escaped From Earlier Phases That Were Contained By This Phase
  • 39. 39 A Bug’s Life V Verified SCCB Engineer Engineer Resolves STR N A O D P New Assigned Postponed Open Duplicate Tested Approves STR Accepts STR Software Lead Plans Merge Integrator Performs Merge R M Resolved Merged T Tester Verifies Fix SCCB Agrees Closure X Rejected
  • 40. 40 Software Configuration Management SCM – activities assuring that software products are properly identified and their transition is tracked. In many mature organizations SCM is not part of SQA responsibilities. • Baseline Identification – identification of initial state of the product • Change Identification – identification of changes made to the baseline • Change Control – documentation of changes via revision history, change summary, or using automated development tools (ClearCase or Apex) • Status Accounting – reporting changes to others and monitoring completeness of the project archives • Preservation – keeper of the software products
  • 42. 42 Metrics Collection • Software measurement - the process of deriving a numeric value for some attribute of a software product or a software process. Comparison of these values to each other and to STD’s allows drawing conclusions about the quality of software products or the process. • The focus of the metrics collecting programs is usually on collecting metrics on program defects and the V&V process. • Metrics can be either Control Metrics or Predictor Metrics • Most of the “Ilities” can not be measured directly unless there’s historical data. Instead tangible software product attributes are measured and the “Ility” factors are derived using predefined relationships between measurable and synthetic attributes. • The boundary conditions for all measurements should be established in advance and then revised once a large databank of historical data has been established
  • 43. 43 The Process of Product Measurement 1. Decide what data is to be collected 2. Assess critical (core) components first 3. Measuring component characteristics might require automated tools 4. Look for consistently (unusually only works in a factory) high or low values 5. Analysis of anomalous components should reveal if the quality of product is compromised
  • 44. 44 Predictor and Control Metrics Examples of Predictor Analysis: • Code Reuse: SLOC = ELOC = Ported Code • Nesting Depth: ND > 5 = Low Readability • Risk Analysis: # STR P1 > 0 at SAT = Low Product Reliability Examples of Control Analysis: • STR aging: Old STRs = Low Productivity • Requirements Volatility: High Volatility = Scope Creep
  • 45. 45 Software Product Metrics There are two categories of software product metrics: 1. Dynamic metrics – this metrics is collected by measuring elements during program’s execution. This metrics help to asses efficiency and reliability of a software product. The parameters collected can be easily measured (i.e. execution time, mean time between failures) 2. Static metrics – this metrics is collected by measuring parameters of the end products of the software development. This metrics help to asses the complexity, understandability, and maintainability of a software product. The SLOC size and ND are the most reliable predictors of understandability, complexity, and maintainability.
  • 46. 46 The Ilities The specific metrics that are relevant depend on the on the project, the goals of the SQA, and the type of SW that is being developed.
  • 47. 47 Examples of Software Metric – Chapter 24
  • 48. 48 Examples of OO Software Metric – Chapter 24
  • 49. 49 Defect Prevention Defect Prevention – establishment of practices that lower the reliance on defect detection techniques to find majority of the bugs • Lessons learned – learning from other peoples experiences and sharing own experiences with the other projects • Managing With Metrics – collecting the metrics, understanding it, and making changes to the product or process based on analysis. Metrics must be standardized to be effective. • Risk Analysis – identifying potential risks and opportunities early in the program and tracking them to realization. • Build freeze – no changes are made to the code during formal tests. • Unit-level testing guidelines – test plans and procedures for each UT • Baseline acceptance criteria – establishment of closure criteria in advance (i.e. no P1 STRs at FAT TRR)