Chapter 2: Software Quality

Assurance
 Software Quality Assurance
• Systematic and planned actions necessary to provide
adequate confidence that software conforms to established
technical requirements/standards
Objectives of SQA
• Assuring an acceptable level of confidence that software
will conform to functional requirements
• Assuring an acceptable level of confidence that software
will conform to managerial scheduling and budgeting
requirements
• Initiating and managing activities for improvement and
greater efficiency of software development and SQA
activities
 Quality Assurance
Purpose:
• To ensure that defects doesn’t prevail in the system when it is
delivered to customers /released in market
• These defects cause minimal damage/disruption
Stages of Defect Handling:
• Defect Prevention: Through error blocking or error source removal
• These QA activities prevent certain types of faults from being
injected into software
• Can be done in two ways:
• Eliminating certain error source: such as eliminating ambiguities or
correcting human misconception being root causes for the errors
• Fault prevention/Blocking: breaks relationship between error sources and
faults through using certain tools and technologies etc.
 Quality Assurance
Stages of Defect Handling:
• Defect Reduction: through fault detection and removal
• techniques include inspection, testing, static analysis and dynamic analysis
• Defect Containment: through failure prevention and
containment
• Taking measures to contain failures either on local areas to
avoid resulting in global failures/ eliminating damages caused
by system failure
• Two types of containment
• fault tolerance techniques break the relation between fault and failure so
that local damages may not result in global damages (tolerating local
faults)
• avoiding catastrophic consequences such as death, injury, property or
environment damages
 Quality Assurance
Dealing with Pre/Post-Release Defects
• Defect prevention and defect reduction ensure defect removal
during software development process (pre-release defect handling)
• left behind faults in the finished products are known as “Dormant”
defects
• After product release-failures observed/problems reported by
customers need to be fixed
• cost of fixing defects post product release is higher than pre-
release
• Beta testing is type of post-release defect handling
• Defect containment ensures to minimize the impact of dormant
defects during operational use post-release
 Defect Prevention
• Most of defect prevention are based on assumptions that sources of
errors are known/missing/incorrect human actions
• if human misconception is cause of error, so education and training can help
• if imprecise designs and implementation deviating from product specifications are
the root causes, so formal methods can help
• if non-conformance to selected process/standards is the source of error, so process
conformance/standard enforcement can help
• if certain tools and technologies can reduce fault injection, so they should be
adopted
 Defect Prevention
Education and Training
• people based solutions for error source elimination
• people can be educated and trained helping them to control,
manage and improve the way they work
• elimination of human misconception can prevent injecting
certain types of faults into software
• Education and Training should be on following areas:
• Product and Domain specific Knowledge
• Software development Knowledge and Expertise
• Knowledge about Development Methodology, Technology
and Tools
• Development Process Knowledge
 Defect Prevention
Formal Method
• provides a way to eliminate certain error sources and to verify the absence of
related faults
• Formal specification and formal verification
• Formal specification deals with producing an unambiguous set of product
specifications
• Formal verification checks the conformance of software design/code against
these formal specifications

Other Defect Prevention Techniques

• correct use of tools and technologies resulting from Fat to Lean
software
• properly defined and managed processes
• some tools can help reducing the chances of fault injections
 Defect Reduction
Inspection
• critical examination of software components by human
inspectors
• include critical reading and analysis of software code/
software docs
• conducted by multiple human inspectors through coordinated
process
• faults are directly detected
• identified faults need to be removed and verified
• types: informal reviews and walkthroughs to formal
inspections
• inspection can be done throughout development process
• effective and economical QA activity
 Defect Reduction
Testing
• most important and commonly performed QA
• involves execution of software code and observation of program
behavior
• if failures are observed, execution record is analyzed to locate
and fix faults/errors causing failure
• Black box- verifies the conformance of external behavior with
user specification
• White box- verifies the correct implementation of internal
structure
 Defect Containment
Software Fault Tolerance
•Different techniques such as recovery blocks, NVP
• faults are not identified, so not removed but only tolerated

Safety Assurance and Failure Containment

• special features for safety critical system such as hazard
analysis, logical pre-condition for accidents
• Hazard elimination through substitution, simplification, decoupling,
elimination of specific human errors and reduction of hazardous materials/
conditions
• Hazard reduction through design for controllability
• Hazard control through reducing exposure, isolation and containment
• Damages control through escape routes
Chapter Ends