550 likes | 797 Vues
Software Quality Assurance and Quality Control. presentation by -Somashekhar Paple. Introduction. Successful and smooth running of software product is very important. The success of a software product depends on its ability to satisfy client needs consistently.
E N D
Software Quality Assurance and Quality Control presentation by -Somashekhar Paple
Introduction Successful and smooth running of software product is very important. The success of a software product depends on its ability to satisfy client needs consistently. It is the quality of the product that separates the great application from good ones.
Agenda • Definitions • The Process of QA • Phase Specific QA Activities • Techniques of Quality Control • Standards and Concepts related to Quality • Cost of Quality • Conclusion • Discussions
Definitions QUALITY • The totality of characteristics of an entity that bear on its ability to satisfy stated or implied needs. –PMI • In simple terms - meeting expected standards in performance, reliability and consistency.
Definitions cont’d • SQA- The process of evaluating overall project performance on a regular basis to provide confidence that the project will satisfy the relevant quality standards. • SQC- The process of monitoring specific project results to determine if they comply with relevant quality standards and identifying ways to eliminate causes of unsatisfactory performance.
Definitions • The Process of QA • Phase Specific QA Activities • Techniques of Quality Control • Standards and Concepts related to Quality • Cost of Quality • Conclusion • Discussions
The Process of QA QA involves set of tasks • Formulating the Quality Plan • Applying Software Engineering Techniques • Conducting Formal Technical Reviews • Applying Testing Strategies • Enforcing Process Adherence • Change Management • SQA Audits • Records and Reporting
The Process of QA cont’d • Formulating the Quality Plan IEEE Standards for SQA Plan • It identifies the quality aspects of the software product to be developed. • It is tracked as a live plan through-out the SDLC • Applying Software Engineering Techniques • For requirement gathering • Project estimation using SLOC, FP technique
The Process of QA cont’d • Conducting Formal Technical Reviews • Basically to assess the quality and design of the prototype • Aims at error detection at the early stage • Applying Testing Strategies • Involves • Unit Testing • Integration Testing • System Level Testing
The Process of QA cont’d • Enforcing Process Adherence It ensures that the project-related procedures and standards are followed • Process Adherence w.r.t. Product Evaluation • Ensures standards set for the particular project are followed • Compliance of the software product to the standards defined in the project plan is verified • Process Adherence w.r.t Process Monitoring • Ensures the appropriate procedures are followed in product development as specified in the project plan
The Process of QA cont’d • Change Management It deals with the changes occurring in the software product features because of customer request or other reasons • Change Control • Formalizing the request for change • Evaluating the nature of change • Measuring the Impact of the Change • Use Software quality metrics • Enables monitoring of the activities and proposed changes
The Process of QA cont’d • SQA Audits • Ensures the proper control is maintained over the documents required during SDLC • Also ensures the status of the activity performed is recorded in the status report • Records and Reporting • Collection and Circulation of the information regarding the SQA activities • The results of every task performed under SQA are reported and compiled for future reference.
Definitions • The Process of QA • Phase Specific QA Activities • Techniques of Quality Control • Standards and Concepts related to Quality • Cost of Quality • Conclusion • Discussions
Phase Specific SQA Activities Analysis Design Development Testing Implementation
Phase Specific SQA Activities • Analysis Phase • Ensures that the Processes, Procedures and Standards followed are appropriate • Assures that the software product requirements are complete and testable • And clear identification of requirements as • Functional Requirements • Performance Requirements • Interface Requirements
Analysis Design Development Testing Implementation Helps in getting the right requirements
Phase Specific SQA Activities cont’d • Design Phase SQA Ensures • Adherence to approved design standards • Software requirements gathered are allocated to respective software components • Documents pertaining to Interface Design, Conceptual Design Review and Physical Design Reviews are maintained • Placing the approved design under the configuration management
Analysis Design Development Testing Implementation Ensures requirement reviews and configuration management
Phase Specific SQA Activities cont’d • Development and Testing Phase SQA Ensures • Readiness of the deliverable items for testing • Tests are conducted as per Test Plan • Testing is complete • Test reports are complete and correct • Software Product and Documentation are ready for delivery
Analysis Design Development Ensures proper testing and documentation Testing Implementation
Phase Specific SQA Activities cont’d • Implementation SQA activities include • Audit of results of testing and design activities • Reviewing the schedule contained in the Project Plan and status of all the deliverables • Monitor Configuration Management Activities • Report non-conformance • Verifying the corrective actions
Analysis Design Development Testing Implementation Audit the test results and reporting
Definitions • The Process of QA • Phase Specific QA Activities • Techniques of Quality Control • Standards and Concepts related to Quality • Cost of Quality • Conclusion • Discussions
Techniques of Quality Control Quality Control - The operational techniques and activities that are used to fulfill requirements for quality. • Software Testing • Walkthrough • Inspection
Software Testing • Quality control activity performed to detect errors in a software program. • To find the difference between the expected and observed behavior of the program. • Should have a comprehensive test plan • A test plan would include • Details of testing tools and strategies • Reviews and Inspection Details • Details of staff performing testing • Product release criteria • Entry and exit criteria
Software Testing cont’d • Types of testing • Based on the approach • White box testing • Black box testing • Based on the levels • Unit Testing • Integration Testing • Validation Testing • Security Testing • Stress Testing • Performance Testing • Alpha Testing • Beta Testing
Software Testing cont’d • Unit Testing • Performed on a module • Performed by the developer • Requires detailed knowledge of design/code • Integration Testing • For determining the functionality of the combined software modules • For detecting the errors associated with interfacing • More relevant for client/server and distributed systems
Software Testing cont’d • Validation Testing • To test the conformance to the requirements • Configuration review is performed to ensure that all the elements in the software are properly developed and catalogued • Security Testing • To test the protection mechanisms • To verify the security system for protection against the unauthorized access (hacking).
Software Testing cont’d • Stress Testing • Also known as load testing • To verify the maximum stress a system can withstand • Performance Testing • To test the run time performance of the application • Should meet the performance criteria defined in the requirements documents
Software Testing cont’d • Functional Testing • Performed to check the functionality of the application • To check the accuracy of the output • Alpha Testing • Testing of the completely operational software by a set of internal users/external users at the developer's site • Beta Testing • Testing of the completely operational software by a set of users • Done prior to the final release of the software
Walkthrough • A software review process • Developer guides the progress of the review • Two approaches • Group Reviews Typically Involves • Developer • Moderator • Reader • Recorder • Individual peer-desk check • Performed by a single person
Inspection Basic Steps • Overview—When the producer satisfies the entrance criteria, the inspection is scheduled. The producer then conducts an overview. It acquaints the rest of the inspection team with the product to be inspected. • Preparation—The inspection team members study the product. The time spent in preparing is controlled based on the size of the product in KLOC. The members may use a checklist to focus on significant issues. • Inspection meeting—The moderator supervises the inspection meeting. Some approaches use a reader other than the producer to actually conduct the inspection. The recorder makes a complete record of issues raised. All members of the inspection team sign the report. Any team member may produce a minority report if there is a disagreement. • Rework—The producer reviews the report and corrects the product. • Follow-up—The moderator reviews the report and the correction. If it satisfies the exit criteria, the inspection is completed. If not, the moderator can either have the producer rework the product or re-inspection can be scheduled.
Definitions • The Process of QA • Phase Specific QA Activities • Techniques of Quality Control • Standards and Concepts related to Quality • Cost of Quality • Conclusion • Discussions
Standards and Concepts related to Quality • ISO Standards • TQM- Total Quality Management • Kaizen- Continuous Improvement process • CMM- Capability Maturity Model
ISO Standards ISO (International Organization for Standardization) • The work of preparing international standards is done by ISO technical committees. • ISO 9001 and ISO 9004 are a set of complementary standards with a focus on quality. • ISO 9001 specifies requirements for a quality management system that can be used for internal application, ISO certification, or for contractual purposes. • ISO 9004 provides guidance on a wider range of objectives of a quality management system than ISO 9001. It emphasizes the continual improvement of an organization’s overall performance, efficiency, and effectiveness. Used in organizations whose top management wishes to move beyond the requirements of ISO 9001 in pursuit of continual improvement.
TQM – Total Quality Management • ISO Definition: "TQM is a management approach for an organization, centered on quality, based on the participation of all its members and aiming at long-term success through customer satisfaction, and benefits to all members of the organization and to society." It includes the following steps • Meeting Customer Requirements • Reducing Development Cycle Times • Just In Time/Demand Flow Manufacturing • Improvement Teams • Reducing Product and Service Costs • Improving Administrative Systems Training
Kaizen Continuous Improvement Process (CIP) (Kaizen- Japanese word) – A concept which recognizes that the world is constantly changing and any process that is satisfactory today may well be unsatisfactory tomorrow. – Focuses on 11 principles: constancy of purpose, commitment to quality, customer focus and involvement, process orientation, continuous improvement, system-centered management, investment in knowledge, teamwork, conservation of human resources, total involvement, and perpetual commitment. – Rather than manage the output of the project, the focus is on managing the total process and sub processes. The process is held constant only after it has been proven capable of the work. Hence, the product naturally meets the requirements. – CIP steps: • Define and standardize processes (and sub processes). • Assess process performance. • Improve processes. • Measure progress.
CMM • Developed by SEI - 'Software Engineering Institute' at Carnegie-Mellon University • CMM - 'Capability Maturity Model Integration'. It's a model of 5 levels of process 'maturity' that determine effectiveness in delivering quality software. • QA processes involved in the model are appropriate to any organization. Organizations can receive CMMI ratings by undergoing assessments by qualified auditors. • Level 1- Initial Characterized by chaos, periodic panics, and heroic efforts required by individuals to successfully complete projects. Few if any processes in place; successes may not be repeatable. • Level 2 – Repeatable Software project tracking, requirements management, realistic planning, and configuration management processes are in place; successful practices can be repeated.
CMM cont’d • Level 3 – Defined Standard software development and maintenance processes are integrated throughout an organization; a Software Engineering Process Group is is in place to oversee software processes, and training programs are used to ensure understanding and compliance. • Level 4 – Managed Metrics are used to track productivity, processes, and products. Project performance is predictable, and quality is consistently high. • Level 5 – Optimized The focus is on continuous process improvement. The impact of new processes and technologies can be predicted and effectively implemented when required.
Definitions • The Process of QA • Phase Specific QA Activities • Techniques of Quality Control • Standards and Concepts related to Quality • Cost of Quality • Conclusion • Discussions
Cost of Quality • Quality costs are the costs associated with preventing, finding, and correcting defective work. These costs can be huge, running at 20% - 40% of the actual development work. • Many of these costs can be significantly reduced or completely avoided. • One of the key functions of a Quality Engineer is the reduction of the total cost of quality associated with a product.
Different Types of Costs • Prevention Costs: Costs of activities that are specifically designed to prevent poor quality. • Appraisal Costs: Costs of activities designed to find quality problems, such as code inspections and any type of testing. • Failure Costs: Costs that result from poor quality, such as the cost of fixing bugs and the cost of dealing with customer complaints. It can be of two types • Internal • External
Cost Benefit Analysis • Model for Optimum Quality Costs, adopted from Mr. Juran’s Model
Definitions • The Process of QA • Phase Specific QA Activities • Techniques of Quality Control • Standards and Concepts related to Quality • Cost of Quality • Conclusion • Discussions
Conclusion Software Quality Assurance and Quality Control processes are very important for any organization to improve its processes. And these improvements will bring down the resources required for performing the a set of tasks over a period of time. But the implementation these processes has to done in a phased manner over a period of time so as to protect the primary goal of the organization.
IEEE Standards for SQA Plan The following are the highlights of the sections specified in IEEE Std 730-1989: 1. Purpose—This section shall list the objectives of the software project. 2. Reference Documents—This section shall list all the documents referenced in the plan. 3. Management 3.1 Organization—This section shall describe the structure of organization and the responsibilities, and usually includes an organizational chart. 3.2 Tasks—This section shall list all of the tasks to be performed, the relationship between tasks and checkpoints, and the sequence of the tasks. 3.3 Responsibilities—This section shall list the responsibilities of each organizational unit.
IEEE Standards for SQA Plancont’d 4. Documentation 4.1 Purpose—This section shall list all required documents and state how documents will be evaluated. 4.2 Minimum documents—This section shall describe the minimum required documentation, usually including the following: SRS—Software Requirements Specification SDD—Software Design Description SVVP—Software Verification and Validation Plan SVVR—Software Verification and Validation Report User documentation—Manual, guide SCMP—Software Configuration Management Plan
IEEE Standards for SQA Plancont’d 5. Standards, Practices, Conventions, and Metrics This section shall identify the S, P, C, and M to be applied and how compliance is to be monitored and assured. The minimal contents should include documentation standards, logic structure standards, coding standards, testing standards, selected SQA product, and process metrics. 6. Reviews and Audits—This section shall define what reviews/audits will be done, how they will be accomplished, and what further actions are required. 7. Tests—This section shall include all tests that are not included in SVVP. 8. Problem Reporting—This section shall define practices and procedures for reporting, tracking, and resolving problems, including organizational responsibilities.