Software Quality Assurance

Project Planning

- Quality Concepts
- Quality
- Quality Control
- Quality Assurance
- Cost of Quality
- Software Quality Assurance
- Software Reviews
- Formal Technical Reviews
- The Review Meeting
- Review Reporting and Record Keeping
- Review Guidelines
- Formal Approaches to SQA
- Statistical Quality Assurance
- Software Reliability
- The SQA Plan
 Quality
- Quality means consistently meeting customer in term of – Requirements, cost,
service and delivery schedule.
- Quality-software is reasonably bug-free, delivered on time, within budget, meets
requirement and/or expectations, and is MAINTAINABLE.
- Software quality is also defined in terms of three factors :-
1. Failures
2. Reliability
3. Customer satisfaction
- A software product is said to have good quality if :-
- It has few failures when used by customer
- It is reliable, meaning that it hardly ever crashes or demonstrates unexpected
behavior when used in the customer environment.
- It satisfies a majority of customers.
There are two kinds of quality :-
- Quality of design :- Refers to characteristics, designers specify, for the end product to
be constructed.
- It include requirements, specifications, and the design of the system.
- Quality of Conformance :- Degree to which the design specifications are followed in
manufacturing the product.
- It Primarily focuses on implementation.
 Quality Concepts

Software quality assurance is an umbrella activity that is applied throughout

the software process.

SQA encompasses:
(1) a quality management approach
(2) effective software engineering technology
(3) formal technical reviews
(4) a multi-tiered testing strategy
(5) document change control
(6) software development standard and its control procedure
(7) measurement and reporting mechanism

Quality --> refers to measurable characteristics of a software.

These items can be compared based on a given standard

Two types of quality control:

- Quality design -> the characteristics that designers specify for an item.
--> includes: requirements, specifications, and the design of the system.

- Quality of conformance -> the degree to which the design specification are
followed. It focuses on implementation based on the design.
 Quality Control
What is quality control
-- the series of inspections, reviews, and test used throughout the develop cycle of a
software product

-- Focuses on operational techniques and the activities used to fulfill and verify the
requirement of quality.

-- It involves a series of inspection, reviews, and tests used throughout the software
process to ensure that each work product meets its specification/requirements.

-- Key concept of quality control is that “ all work products have defined and
measurable specification ”, which are compared with the output of each process.

Quality control includes a feedback loop to the process.

 Quality Control
Objective ---> minimize the produced defects, increase the product quality
Implementation approaches:
- Fully automated
- Entirely manual
- Combination of automated tools and human interactions

Key concept of quality control:

--> compare the work products with the specified and measurable
standards

Quality assurance consists of:

- the auditing and reporting function of management

Goal --> provide management with the necessary data about product quality.
--> gain the insight and confidence of product quality
 Quality Assurance
-- QA consists of auditing and reporting procedures, which are used to provide
necessary data to management in order to make proactive decisions.

-- The goal of QA is to provide adequate confidence that a product or service is of the

type and quality expected by the customer.

-- If the data provided through quality assurance identifies problems, it is

management’s responsibility to address the problems and apply the necessary resoures
to resolve quality issues.
 Cost of Quality
Cost of quality --> includes all costs incurred in the pursuit of quality
or perform quality related work
Quality cost includes:
- prevention cost:
- quality planning
- formal technical reviews
- testing equipment
- training
i.e. the cost of customer dissatisfaction, including errors, or weaknesses in
software , design documentation and support
- appraisal cost:
- in-process and inter-process inspection
- equipment calibration and maintenance
- testing
i.e. cost of inspection and testing
- failure cost:
internal failure cost:
- rework, repair, and failure mode analysis
external failure cost:
- complaint resolution
- product return and replacement
- help line support
- warranty work
 Software Quality Assurance
Goal: to achieve high-quality software product

Quality definition:
“Conformance to explicitly stated functional and performance
requirements, explicitly documented development standards,
and implicit characteristics that expected of al professional
developed software.”

Three import points for quality measurement:

- Use requirements as the foundation
- Use specified standards as the criteria
- Considering implicit requirements

About quality assurance:

- The first formal quality assurance and control function was
introduced at Bell Labs in 1916 in the manufacturing world.
- During the 1950s and 1960s, the programmers controls their product quality.
- During the 1970s, quality assurance standards were introduced first in
military contract software development.
- In 1987, the extending definition is given in [SCH87].
 SQA Group

Who involves quality assurance activities?

Software engineers, project managers, customers, sale people, SQA group

Engineers involved the quality assurance work:

- apply technical methods and measures
- conduct formal technical review
- perform well-planned software testing

The SQA group’s role -> serves as the customer’s in-house representative
assist the software engineering team in achieving high-quality

The SQA group’s responsibility:

- quality assurance planning oversight, record keeping, analysis and reporting

The SQA group’s tasks:

- Prepare a SQA plan for a project

- Participate in the development of the project’s software process description
- Review engineering activities to verify compliance with the defined process
- Audits designated software work products to verify compliance the defined process
- Ensure the deviations in software work and products according to a documented procedure
- Records any noncompliance and reports to senior management
 Software Reviews
What is software reviews?
- a “filter” for the software engineering process.

Purpose: serves to uncover errors in analysis, design, coding, and testing.

Why software reviews?

- To err is human
- Easy to catch the errors in engineers’ work

A review --> a way to

- identify the needed improvements of the parts in a product
- confirm the improvement parts of a product.
- achieve technical work of more uniform, predicable, and manageable.

Different types of reviews:

- Informal reviews:
informal meeting and informal desk checking
- Formal reviews: (design to an audience of customers, management, and staff)
Walkthrough, inspection, and round-robin reviews

The terms “defect” and “fault” are synonymous

--> quality problems found after software release

Software “error” refers to a quality problem found b y engineers before software release
 Formal Technical Reviews (FTR)

Objectives of FTR:

- to uncover errors in function, logic, or implementation

- to verify the software under review meets its requirements
- to ensure that the software has been represented according to predefined standards
- to develop software in a uniform manner
- to make projects more manageable

Purposes of FTR:

- serves as a training ground for junior engineers

- promote backup and continuity

Review meeting’s constraints:

- 3-5 people involved in a review
- advanced preparation (no more than 2 hours for each person)
- the duration of the review meeting should be less than 2 hours
- focus on a specific part of a software product

People involved in a review meeting:

- producer, review leader, 2 or 3 reviewers (one of them is recorder)
 Formal Technical Review Meeting
The preparation of a review meeting:
- a meeting agenda and schedule (by review leader)
- review material and distribution (by the producer)
- review in advance (by reviewers)

Review meeting results:

- a review issues list
- a simple review summary report (called meeting minutes)
- meeting decisions:
- accept the work product w/o further modification
- reject the work product due to errors
- accept the work under conditions (such as change and review)
- sign-off sheet

Review summary report (a project historical record) answers the following questions:
- what was reviewed?
- who reviewed it?
- what were the findings and conclusions

Review issues list serves two purposes:

- to identify problem areas in the project
- to serve as an action item checklist (a follow-up procedure is needed)
 Review Guidelines (for FTR)

A minimum set of guidelines for FTR:

- Review the product, not the producer

- Set an agenda and maintain it
- Limit debate and rebuttal
- Enunciate problem areas, but don’t attempt to solve every problem noted
- Take written notes
- Limit the number of participants and insist upon advance preparation
- Develop a checklist for each work product that is likely to be reviewed
- Allocate resources and time schedule for FTRs
- Conduct meaningful training for all reviewers
- Review your early reviews
 Statistical Quality Assurance
Statistical quality assurance reflects a growing trend throughout industry to become more
quantitative about quality.

Statistical quality assurance implies the following steps:

- Information about software defects is collected and categorized
- An attempt is made to trace each defect to its underlying cause
- Using the Pareto principle (80 percent of the defects can be traced to 20 percent,
and isolate the 20 percent)
- Once the vital few causes have been identified, correct the defects.

Causes of errors:
- incomplete or erroneous specification (IES)
- misinterpretation of customer communication (MCC)
- intentional deviation from specification (IDS)
- violation of programming standards (VPS)
- error in data representation (EDR)
- inconsistent module interface (IMI)
- error in design logic (EDL)
- incomplete or erroneous testing (IET)
- inaccurate or incomplete documentation (IID)
- error in programming language translation of design (PLT)
- ambiguous or inconsistent human-computer interface (HCI)
- miscellaneous (MIS)
 Statistical Quality Assurance
In conjunction with the collection of defect information, software developers can calculate an
error index (EI) for each major step in the software engineering process.

After analysis, design, coding, testing, and release, the following data are collected:

Ei = the total no. of errors uncovered during the ith step in the process.

Si = the no. of serious errors

Mi = the no. of moderate errors

Ti = the no. of minor errors

PS = the size of the product at the ith step.

At each step in the software engineering process, a phase index (PI i ) is computed:

PI i = ws (Si/Ei) + wm(Mi/Ei) + wt(Ti/Ei)

Error index (EI) can be computed as follows:

EI = (PI 1 + 2 PI 2 + 3 PI 3 + iPI I)/PS

 The SQA Plan
The SQA plan provides a road map for instituting software quality assurance.

Figure 8.5 presents an outline for SQA plans by IEEE [IEEE94].

Basic items:
- purpose of plan and its scope
- management
- organization structure, SQA tasks, their placement in the process
- roles and responsibilities related to product quality
- documentation
- project documents, models, technical documents, user documents.
- standards, practices, and conventions
- reviews and audits
- test - test plan and procedure
- problem reporting, and correction actions
- tools
- code control
- media control
- supplier control
- records collection, maintenance, and retention
- training
- risk management