Software Quality Assurance by Qaim Mehdi

1st Edition

SOFTWARE QUALITY ASSURANCE

An Introductory Note | Dr. Qaim Mehdi Department of Computer Science, Qassim University, Kingdom of Saudi Arabia CopyrightÂŠ Dr. Qaim Mehdi Rizvi, 2014

SOFTWARE QUALITY ASSURANCE

SOFTWARE QUALITY ASSURANCE (SQA)

oftware testing is one element of a broader topic that is often referred to as verification and validation (V&V). Verification refers to the set of activities that ensure that software correctly implements a specific function. Validation refers to a different set of activities that ensure that the software that has been built is traceable to customer requirements. Boehm states this in another way:

testing, it won't be there when you're finished testing." Quality is incorporated into software throughout the process of software engineering.

Verification: "Are we building the product right?" Validation: "Are we building the right product?" The definition of V&V encompasses many of the activities that referred to as Software Quality Assurance (SQA). Verification and validation encompasses a wide array of SQA activities that include formal technical reviews, quality and configuration audits, performance monitoring, simulation, feasibility study, documentation review, database review, algorithm analysis, development testing, qualification testing, and installation testing. Although testing plays an extremely important role in V&V, many other activities are also necessary. Testing does provide the last bastion from which quality can be assessed and, more pragmatically, errors can be uncovered. But testing should not be viewed as a safety net. As they say, "You can't test in quality. If it's not there before you begin

QUALITY ATTRIBUTES Quality can be defined in different manner. Quality definition may differ from person to person. But finally there should be some standards. So Quality can be defined as:    

Degree of excellence – Oxford dictionary Fitness for purpose – Edward Deming Best for the customer’s use and selling price – Feigenbaum The totality of characteristics of an entity that bear on its ability to satisfy stated or implied needs – ISO

How a Product Developer will define Quality – The product which meets the customer requirements. How Customer will define Quality – Required functionality is provided with user friendly manner. Each attribute can be used to measure the product performance. These attributes can be used for Quality

SOFTWARE QUALITY ASSURANCE

Assurance as well as Quality Control. Quality Assurance activities are oriented towards prevention of introduction of defects and Quality control activities are aimed at detecting defects in products and services.



conventions with our other frequently used systems. Easy for new or infrequent users to learn to use the system.

4. Portability 1. Reliability

Measure if product is reliable enough to sustain in any condition. It should give consistently correct results. Product reliability is measured in terms of working of project under different working environment and different conditions.

This can be measured in terms of Costing issues related to porting, Technical issues related to porting, behavioural issues related to porting. 5. Correctness

Application should be correct in terms of its functionality, calculations used internally and the navigation should be correct. This 2. Maintainability A Software Quality Assurance Different versions means application is a level of confidence to of the product should adhere to assure that the software is free should be easy to functional from vulnerabilities, either maintain. For requirements. development it intentionally designed into the should be easy to 6. Efficiency software or inserted at any add code to It measured in terms time during its lifecycle, and existing system, of time required to that the software functions in should be easy to complete any task the intended manner. upgrade for new given to the system. features and new For example system technologies time to time. should utilize processor capacity, disk Maintenance should be cost effective space and memory efficiently. If and easy. System be easy to maintain system is using all the available and correcting defects or making a resources then user will get degraded change in the software. performance failing the system for efficiency. If system is not efficient then it cannot be used in real time 3. Usability This can be measured in terms of ease applications. of use. Application should be user friendly. It should be easy to learn. 7. Integrity or Security Navigation should be simple. The Integrity comes with security. System system must be: integrity or security should be sufficient to prevent unauthorized  Easy to use for input access to system functions, preventing preparation, operation, and information loss, ensure that the interpretation of output. software is protected from virus  Provide consistent user infection, and protecting the privacy interface standards or of data entered into the system.

SOFTWARE QUALITY ASSURANCE

8. Testability

The system should be easy to test and find defects. If required, it should be easy to divide in different modules for testing. 9. Flexibility

It should be flexible enough to modify. Adaptable to other products with which it needs interaction. It should be easy to interface with other standard 3rd party components. 10.Reusability

Software reuse is a good cost efficient and time saving development way. Different code libraries classes should be generic enough to use easily in different application modules. It should be easy to divide application into different modules so that modules can be reused across the application. 11.Interoperability

Interoperability of one system to another should be easy for product to exchange data or services with other systems. Different system modules should work on different operating system platforms, different databases and protocols conditions.

SOFTWARE QUALITY STANDARDS There is various quality standards are available for controlling and maintaining the overall production process and production environment.

Some major quality standards are listed below: SEICMM (Software Engineering Institute Capability Maturity Model) The SEI at Carnegie-Mellon University; initiated by the U.S. Defence Department to help improve software development processes. The ‘Capability Maturity Model’, developed by the SEI. It’s a model of 5 levels of organizational ‘maturity’ that determine effectiveness in delivering quality software. It is geared to large organizations such as large U.S. Defence Department contractors. However, many of the QA processes involved are appropriate to any organization, and if reasonably applied can be helpful. Organizations can receive CMM ratings by undergoing assessments by qualified auditors. Level 1 - characterized by chaos, periodic panics, and heroic efforts required by individuals to successfully complete projects. Few if any processes in place; successes may not be repeatable. Level 2 – software project tracking, requirements management, realistic planning, and configuration management processes are in place; successful practices can be repeated. Level 3 – standard software development and maintenance processes are integrated throughout an organization; a Software Engineering Process Group is in place to oversee software processes, and training programs are used to ensure understanding and compliance. Level 4 – metrics are used to track productivity, processes, and products. Project performance is predictable, and quality is consistently high.

SOFTWARE QUALITY ASSURANCE

Level 5 – the focus is on continuous process improvement. The impact of new processes and technologies can be predicted and effectively implemented when required. ISO (International Organization for Standards) ISO 9000 describes the elements of a quality assurance system in general terms. These elements include the organizational structure, procedures, processes, and resources needed to implement quality planning, quality control, quality assurance, and quality improvement. However, ISO 9000 does not describe how an organization should implement these quality system elements. Consequently, the challenge lies in designing and implementing a quality assurance system that meets the standard and fits the company’s products, services, and culture. ISO 9001 is the quality assurance standard that applies to software engineering. The standard contains 20 requirements that must be present for an effective quality assurance system. Because the ISO 9001 standard is applicable to all engineering disciplines, a special set of ISO guidelines (ISO 9000-3) have been developed to help interpret the standard for use in the software process. The requirements delineated by ISO 9001 address topics such as management responsibility, quality system, contract review, design control, document and data control, product identification and traceability, process control, inspection and testing, corrective and preventive action, control of quality records, internal quality audits, training, servicing, and statistical techniques. The ISO 9001, 9002, and 9003 standards concern quality systems that are assessed by outside auditors, and they apply to many kinds of production and manufacturing organizations, not just software. The most comprehensive is

9001, and this is the one most often used by software development organizations. It covers documentation, design, development, production, testing, installation, servicing, and other processes. ISO 9000-3 (not the same as 9003) is a guideline for applying ISO 9001 to software development organizations. The U.S. version of the ISO 9000 series standards is exactly the same as the international version, and is called the ANSI/ASQ Q9000 series. The U.S. version can be purchased directly from the ASQ (American Society for Quality) or the ANSI organizations. To be ISO 9001 certified, a third-party auditor assesses an organization, and certification is typically good for about 3 years, after which a complete reassessment is required. Note that ISO 9000 certification does not necessarily indicate quality products – it indicates only that documented processes are followed. IEEE (Institute of Electrical and Electronics Engineers) The IEEE creates standards such as ‘IEEE Standard for Software Test Documentation’ (IEEE/ANSI Standard 829), ‘IEEE Standard of Software Unit Testing (IEEE/ANSI Standard 1008), ‘IEEE Standard for Software Quality Assurance Plans’ (IEEE/ANSI Standard 730), and others. ANSI (American National Standards Institute) ANSI is the primary industrial standards body in the U.S.; publishes some software-related standards in conjunction with the IEEE and ASQ (American Society for Quality)

