Sri Vidya College of Engineering and Technology

Virudhunagar – 626 005

Department of Computer Science and Engineering
Class: IV CSE, VII Semester
Subject Code: CS2055
Subject: Software Quality assurance
Prepared by K.Palraj

Unit I
The Role of SQA – SQA Plan – SQA considerations – SQA people – Quality Management –
Software Configuration Management

Textbook:
T2. Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc.( UNIT I and II )

R2. Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha Science
International, Ltd, 2004

Lesson Plan 1 Introduction to Software Quality Assurance

Lesson Plan 2 Role of SQA

Lesson Plan 3 SQA Plan

Lesson Plan 4 SQA considerations

Lesson Plan 5 SQA people

Lesson Plan 6 Quality Management – Quality & Standards

Lesson Plan 7 Quality Management – Reviews & Metrics

Lesson Plan 8 Software Configuration Management Need

Lesson Plan 9 Software Configuration Management Plan

Staff in-charge HOD-CSE

CS2055 SQA K.Palraj,AP/CSE Page 1

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for Introduction to Software Quality Assurance
Time: 50 Minutes
Lesson. No 1/9
1. Topics to be Covered: Introduction to Software Quality Assurance
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the the basic concepts of Software quality assurance
4. Outcome (s):
At the end of the lesson the students will be able to :
Define quality control.
Define quality assurance.
Discuss about quality testing.
5. Link Sheet: Software Development cycle

6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
Software development standards

CS2055 SQA K.Palraj,AP/CSE Page 2

 1.1 Introduction to Software Quality Assurance

Overview

This chapter provides an introduction to software quality assurance. Software quality

assurance (SQA) is the concern of every software engineer to reduce costs and
improve product time-to-market. A Software Quality Assurance Plan is not merely
another name for a test plan, though test plans are included in an SQA plan. SQA
activities are performed on every software project. Use of metrics is an important part of
developing a strategy to improve the quality of both software processes and work
products.

Software Quality Assurance

Umbrella activity applied throughout the software process

Planned and systematic pattern of actions required to ensure high quality in software
Responsibility of many stakeholders (software engineers, project managers,
customers, salespeople, SQA group)

SQA Questions

Does the software adequately meet its quality factors?

Has software development been conducted according to pre-established standards?
Have technical disciplines performed their SQA roles properly?

Quality Assurance Elements

Standards – ensure that standards are adopted and follwed

Reviews and audits – audits are reviews performed by SQA personnel to ensure hat
quality guidelines are followed for all software engineering work
Testing – ensure that testing id properly planned and conducted
Error/defect collection and analysis – collects and analyses error and defect data to
better understand how errors are introduced and can be eliminated
Changes management – ensures that adequate change management practices
have been instituted
Education – takes lead in software process improvement and educational program
Vendor management – suggests specific quality practices vendor should follow and
incorporates quality mandates in vendor contracts
Security management – ensures use of appropriate process and technology to
achieve desired security level
Safety – responsible for assessing impact of software failure and initiating steps to
reduce risk
Risk management – ensures risk management activities are properly conducted and
that contingency plans have been established

CS2055 SQA K.Palraj,AP/CSE Page 3

SQA Tasks

Prepare SQA plan for the project.

Participate in the development of the project's software process description.
Review software engineering activities to verify compliance with the defined software
process.
Audit designated software work products to verify compliance with those defined as
part of the software process.
Ensure that any deviations in software or work products are documented and
handled according to a documented procedure.
Record any evidence of noncompliance and reports them to management.

SQA Goals

Requirements quality
o Ambiguity
o Completeness
o Volatility
o Traceability
o Model clarity
Design quality
o Architectural integrity
o Component completeness
o Interface complexity
o Patterns
Code quality
o Complexity
o Maintainability
o Understandability
o Reusability
o Documentation
Quality control effectiveness
o Resource allocation
o Completion rate
o Review effectiveness
o Testing effectiveness

Formal SQA

Assumes that a rigorous syntax and semantics can be defined for every
programming language
Allows the use of a rigorous approach to the specification of software requirements
Applies mathematical proof of correctness techniques to demonstrate that a program
conforms to its specification

CS2055 SQA K.Palraj,AP/CSE Page 4

Statistical Quality Assurance

1. Information about software defects is collected and categorized

2. Each defect is traced back to its cause
3. Using the Pareto principle (80% of the defects can be traced to 20% of the causes)
isolate the "vital few" defect causes
4. Move to correct the problems that caused the defects in the “vital few”

Six Sigma Software Engineering

Define customer requirements, deliverables, and project goals via well-defined

methods of customer communication.
Measure each existing process and its output to determine current quality
performance (e.g. compute defect metrics)
Analyze defect metrics and determine viral few causes.
For an existing process that needs improvement
o Improve process by eliminating the root causes for defects
o Control future work to ensure that future work does not reintroduce causes of
defects
If new processes are being developed
o Design each new process to avoid root causes of defects and to meet
customer requirements
o Verify that the process model will avoid defects and meet customer
requirements

Software Reliability

Defined as the probability of failure free operation of a computer program in a

specified environment for a specified time period
Can be measured directly and estimated using historical and developmental data
(unlike many other software quality factors)
Software reliability problems can usually be traced back to errors in design or
implementation.
Measures of Reliability
Mean time between failure (MTBF) = MTTF + MTTR
MTTF = mean time to failure
MTTR = mean time to repair
Availability = [MTTF / (MTTF + MTTR)] x 100%

Software Safety

Defined as a software quality assurance activity that focuses on identifying potential

hazards that may cause a software system to fail.
Early identification of software hazards allows developers to specify design features
to can eliminate or at least control the impact of potential hazards.

CS2055 SQA K.Palraj,AP/CSE Page 5

 Software reliability involves determining the likelihood that a failure will occur, while
software safety examines the ways in which failures may result in conditions that can
lead to a mishap.

ISO 9000 Quality Standards

Quality assurance systems are defined as the organizational structure,

responsibilities, procedures, processes, and resources for implementing quality
management.
ISO 9000 describes the quality elements that must be present for a quality
assurance system to be compliant with the standard, but it does not describe how an
organization should implement these elements.
ISO 9001:2000 is the quality standard that contains 20 requirements that must be
present in an effective software quality assurance system.

SQA Plan

Management section - describes the place of SQA in the structure of the

organization
Documentation section - describes each work product produced as part of the
software process
Standards, practices, and conventions section - lists all applicable
standards/practices applied during the software process and any metrics to be
collected as part of the software engineering work
Reviews and audits section - provides an overview of the approach used in the
reviews and audits to be conducted during the project
Test section - references the test plan and procedure document and defines test
record keeping requirements
Problem reporting and corrective action section - defines procedures for reporting,
tracking, and resolving errors or defects, identifies organizational responsibilities for
these activities
Other - tools, SQA methods, change control, record keeping, training, and risk
management

CS2055 SQA K.Palraj,AP/CSE Page 6

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for Role of SQA
Time: 50 Minutes
Lesson. No 2/9
1. Topics to be Covered: Role of SQA
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the role of Software quality assurance in software
industry.
4. Outcome (s):
At the end of the lesson the students will be able to :
Discuss the need for SQA.
Describe the goals of SQA.
Discuss about the roles and responsibilities of SQA.
5. Link Sheet: What is quality?
What is quality control?
6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
CMMi

CS2055 SQA K.Palraj,AP/CSE Page 7

 1.2 ROLE OF SQA

QUALITY MANAGEMENT
• A Key Management‟s Axiom says that
– What is not tracked is not done
• In s/w, there are so many things that need to be done that the manager can‟t possibly
track them all.
• Manager & effective management is needed for tracking. This is the role of SQA.
• Before establishing an SQA organization, it is essential to first decide how important
software quality is to the organization.
Benefits of SQA
• MAIN BENEFIT
– Assurance to management that the officially established process is being
implemented
– Compliance with the plan developed initially.
• An Appropriate development methodology is in place.
• The projects use Standards & procedures in their work.
• Independent reviews & audits are conducted
• Documentation during development (not after).
• Documentation to support maintenance & enhancement
• Mechanisms are in place & used to control change
• Testing emphasizes all the high-risk product areas
• Deviations from standards and procedures are exposed as soon as possible
• The project is auditable by external professionals.
• The quality control work is itself performed against established standards.
• SQA plan & S/w development plan are compatible.
Need for SQA
• In Small organizations – manager is enough to monitor the work.
• With increase in number of employees, the manager with his tight schedule he should
– Find some way to handle for monitoring
– Hire someone to do audit work
– Motivate people to monitor each other(buddy systems)
• Need for SQA arises
Goals of SQA
• Monitor – To improve s/w quality by appropriately monitoring both the s/w and
development process that produces it.
• Ensure compliance – To ensure full compliance with the established standards and
procedures for the s/w and the s/w process.
• Report to management about inadequacies – To ensure that any inadequacies in the
product, the process, or the standards are brought to management‟s attention so these
inadequacies can be fixed.

CS2055 SQA K.Palraj,AP/CSE Page 8

THE ROLE OF SQA
• The people responsible for the s/w projects are the only ones who can be responsible for
quality.
• Role of SQA
• To monitor the ways these people perform their responsibilities.
• To alert management to deviations from established stds & practices
• Management then insist to fix the quality problems
SQA Responsibilities
• Review all development & quality plans for completeness.
• Participate as inspection moderators in design & code inspections
• Review all test plans for adherence to standards.
• Review a significant sample of all test results to determine adherence to plans.
• Periodically audit SCM performance to determine adherence to standards
• Participate in all project quarterly & phase reviews
• Register non concurrence if appropriate standards have not been reasonably met
Example items for SQA review
– Requirements traceability matrix
– Implementation traceability matrix
– Samples of development records
– Proper baseline control by SCM
– Review all the plans
– Change control Board procedures
SQA functions
• Quality assurance practices – adequate development tools, techniques, methods and
standards are defined and available for use as standards for Quality assurance review.
• S/w project planning evaluation – If adequate quality practices are not planned at the
outset, they will not be implemented.
• Requirements evaluation – since high quality products are rarely developed from low-
quality requirements, the initial requirements must be reviewed for conformance to
quality standards.
• Evaluation of design processes – Means are required to ensure that the design follows the
planned methodologies.
• Evaluation of coding practices – Appropriate coding practices must be established &
used.

CS2055 SQA K.Palraj,AP/CSE Page 9

 • Evaluating the s/w integration & test process – to find problems and quality is reviewed.
• In-process evaluation of the management & project control process – SQA ensures that
the organization is focused on producing a quality result.
• Tailoring of quality assurance procedures – The SQA plan should be tailored to the
unique needs of each project.
SQA Reporting
• Simple rule for SQA reporting – not be under the s/w development manager
• With low level reporting, working relationships with development are generally better
• Guidelines
o SQA should not report to the project manager
o SQA should report somewhere within the local laboratory or plant organization
o There should typically be no more than one mangement position between SQA and the
senoir location manager
o SQA should always have a dotted-line relationship to a senior corporate quality
executive.
o Whenever possible, SQA should report to someone who has a vested interest in s/w
quality

Example

CS2055 SQA K.Palraj,AP/CSE Page 10

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for SQA Plan
Time: 50 Minutes
Lesson. No 3/9
1. Topics to be Covered: SQA Plan
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the Software quality assurance plan.
4. Outcome (s):

At the end of the lesson the students will be able to :

Discuss about the contents of SQA plan.
Explain the tasks to be performed by SQA team
Define the responsibilities of quality manger & quality personnel
5. Link Sheet: What is the role of SQA?
Mention the benefits of SQA
6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
QIC – Quality improvement Cell

CS2055 SQA K.Palraj,AP/CSE Page 11

 Software Quality Assurance
Session 3 – SQA Plan

SQA Plan- IEEE standard

1. Purpose
2. Reference documents
3. Management
4. Documentation
5. Standards, Procedures & conventions
6. Reviews & Audits
7. Configuration management
8. Problem reporting & Corrective actions
9. Tools, techniques & methodologies
10. Code control
11. Media control
12. Supplier control
13. Records collection, Maintenance & Retention

CS2055 SQA K.Palraj,AP/CSE Page 12

 1. Purpose
• Specific purpose & Scope of SQA plan
• Names the s/w products that it covers
• Describes the use of s/w products

2. Referenced Documents
• Complete list of documents referenced for this
plan

CS2055 SQA K.Palraj,AP/CSE Page 13

 3. Management
• Three aspects
1. Organization
– Roles of team members & hierarchy
2. Tasks
– Preparing preliminary SRS
– Preparation of SC plan, SQA plan and SD plan
– Software requirements review
– Software design review
– Preparing a test plan
3. Responsibilities
– Quality manager responsibilities
– Quality personnel responsibilities

4.Documentation
• SRS – s/w Requirements Specification
• SDD – S/w Deign Description
• SVP – S/w Verification Plan
• SVR – S/w Verification Report
• Reference to S/w standards
• User guides, operators & programmer’s manual
• Configuration Management Plan
• Software quality objectives

CS2055 SQA K.Palraj,AP/CSE Page 14

 5.Standards,Practices & Conventions
• Documentation standards
• Logic structure standards
• Coding standards
• Commentary standards

6.Reviews & Audits

• SRS review
• Preliminary design review
• Critical design review
• S/w verification review
• Functional audit
• Physical audit
• In-process audits
• Management reviews

CS2055 SQA K.Palraj,AP/CSE Page 15

 7.Configuration Management
• Configuration identification
• Configuration control
• Configuration
status accounting
• Configuration
auditing

8.Problem reporting & corrective

actions
• Describe the system
• Ensures that s/w problems documented &
resolved
• Closed-loop system
• For each problem, corrective action and target
completion date should be identified
• Corrective actions will be authorized and
activities undertaken will be documented
• Management should monitor the status of all
unresolved problems

CS2055 SQA K.Palraj,AP/CSE Page 16

 9.Tools, Techniques & Methodologies
• Software tools
• State their purposes & uses

10. Code control

• Implemented in conjunction with the library
function
• Most recently authorized version
• Correct version is submitted for testing
• Large project require full time library function
to take care of distribution of configuration
items

CS2055 SQA K.Palraj,AP/CSE Page 17

 11.Media control & Back up
• Media to be protected from unauthorized access
or damage
• Disaster recovery plan
• Security threats
– Fire damage
– Water damage
– Energy variations
– Structural damage
– Pollution
– Unauthorized intrusion
– Viruses & worms
– Misuse of s/w, data & services

12. Supplier control

• Supplier Agreement management

CS2055 SQA K.Palraj,AP/CSE Page 18

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for SQA Considerations
Time: 50 Minutes
Lesson. No 4/9
1. Topics to be Covered: SQA Considerations
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the considerations for Software quality assurance
4. Outcome (s):

At the end of the lesson the students will be able to :

Discuss the pitfalls faced by SQA team
Explain the considerations that must be given importance by the SQA society
5. Link Sheet: What is essential for software quality?
6. Evocation: (5 Minutes)

CS2055 SQA K.Palraj,AP/CSE Page 19

 7. Lecture Notes: Enclosed here
8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
Software development standards

CS2055 SQA K.Palraj,AP/CSE Page 20

 1.4 SQA CONSIDERATIONS

1. SQA organizations are rarely staffed with sufficiently experienced or knowledgeable

people
o because such people usually prefer development/design work, and management
often wants them in the latter, too;
2. The SQA management team often is not capable of negotiating with development.
o This depends on the caliber of the SQA team;
3. Senior management often backs development over SQA on a very large percentage of
issues.
o Development then ignores he SQA issues, and SQA degenerates into a series of
low-level, useless debates.
4. Many SQA organizations operate without suitably documented and approved
development standards and procedures;
o without such standards, they do not have a sound basis for judging developmental
work, and every issue becomes a matter of opinion.
o Development also wins such generalized debates when schedules are tight.
5. Software development groups rarely produce verifiable quality plans.
o SQA is then trapped into arguments over specific defects rather than overall
quality indicators.
6. SQA may win the battle but lose the war.

Development and Quality Plans

• Development plan and quality plan objectives
• The elements of the development plan
• Elements of the quality plan
• Development and quality plans for small and for internal projects
• Software development risks and software risk management

• Project managers prepare

– development and
– quality plans.
• Onerous task,
– Senior level management on one end and
– Developers on the other
• Two dance to different drummers.
• These plans are vitally important to meet contractual commitments
Thus, we need to look at:
• Objectives of development and quality plans
• Elements of development plans
• Elements of quality plans
• Major software risks
• Process of software risk management
• Importance of development and quality plans for small projects

CS2055 SQA K.Palraj,AP/CSE Page 21

 • Importance of development and quality plans for internal projects.

Development Plan and Quality Plan Objectives

Planning is meant to prepare adequate foundations for successful and timely completion of the
project. The planning process includes:
1. Scheduling development activities and estimating the
required manpower resources and budget
2. Recruiting team members and allocating development resources
3. Resolving development risks
4. Implementing required SQA activities
5. Providing management with data needed for project control

Elements of the Development Plan

Each of the following 10 components of a development plan are appropriate to different parts of
a project.
1. Project Products, specifying “deliverables”
Critically important.
Must decide on deliverables!
dates and items
installation site – local or physical install
training – customer service
dates, participants, and sites
(much is done on line now…)

2. Project Interfaces
• How does the new software interface with existing software?
– (major consideration in large corporation)
• How does the software affect other parts of a larger system or similar systems??
• Often requires „escalation.‟
– Any hardware considerations for interfacing? Special hardware?

3. Project methodology and development tools for various phases during development,
maintenance.
• Heuristic: never use untested tool / methodology on a new project with high visibility!!
• Methodology must be decided upon.
– Usually organizations have „established‟ ways of proceeding…
–
4.Software Development Standards and Procedures
Must be conventions!! Standards and Integration!!

5.Laying out the Development Process

Define the project‟s phases

Planning: inputs/outputs/activities/activity duration/sequence and

dependencies/resources needed for each activity/ design reviews/ testing/ training for
customer support/ more…
CS2055 SQA K.Palraj,AP/CSE Page 22
 GANTTT Charts / CPM , PERT all include sequence dependencies and
duration.
Microsoft Project and Rational Conductor

6. Project Milestones
completion dates, products clearly define.
Must synchronize with Overall Plan.
More detailed than Overall Plan
More detailed than iteration plans

7. Development Facilities

Hardware, software, tools, development environments, training on these, space

Very important.
Many very nice facilities nowadays – break rooms, ping pong; nice coffee / beverage
facilities; day care.
8. Control Methods

How to control the monitoring process / reporting process with respect to plans, test
reports, reviews, how goes it, and more

CS2055 SQA K.Palraj,AP/CSE Page 23

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for SQA People
Time: 50 Minutes
Lesson. No 5/9
1. Topics to be Covered: SQA People
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to know the people and society of for Software quality assurance
4. Outcome (s):

At the end of the lesson the students will be able to :

Discuss about the people involved in SQA.
Define the responsibilities of quality personnel
5. Link Sheet: Responsible persons for SQA
6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
SQA Team and Soceity

CS2055 SQA K.Palraj,AP/CSE Page 24

 1.5 SQA People

QA does not only involve the SQA managers and team members. There are also people who are
not part of the team that also has an important role in SQA:
Top Management – In every step of the way, the upper management is always involved
in any movements of the software development team.
That does not leave out the SQA team as well. They provide support, general and
managerial functions to ensure that the SQA team will focus on their functions.

SCM or Software Configuration Manager – In a well structured software development

environment, the SQA managers do not talk or communicate directly to the developers.

The relay their findings instead to the software configuration manager. As the name
suggests, they work on the possible changes that were done in an application.

SCMs do not only concern themselves with the available updates but right from the start,
SCM are aware of the minor changes or errors that were found in the application.

Developers – Surprisingly, the developers takes on a non-direct role in SQA. However,

that does not mean the developers do not have to work with SQA.

Software control is not only about testing but ensuring that the process of software
development is according the industry standard.

To put it clearly, SQA is not part of the development team since they are the overseeing
group that ensures every step in software development is according to plan and nothing is left out

SQA Group
Who involves quality assurance activities?
Software engineers
Project managers
Customers
Sale people
SQA group

Engineers involved the quality assurance work:

- apply technical methods and measures
- conduct formal technical review
- perform well-planned software testing

The SQA group‟s role

serves as the customer‟s in-house representative

assist the software engineering team in achieving high-quality

CS2055 SQA K.Palraj,AP/CSE Page 25

The SQA group‟s responsibility:

quality assurance planning oversight, record keeping, analysis and reporting

The SQA group‟s tasks:

- Prepare a SQA plan for a project

- Participate in the development of the project‟s software process description
- Review engineering activities to verify compliance with the defined process
- Audits designated software work products to verify compliance the defined process
- Ensure the deviations in software work and products according to a documented
procedure
- Records any noncompliance and reports to senior management

CS2055 SQA K.Palraj,AP/CSE Page 26

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for Quality Management – Quality & Standards
Time: 50 Minutes
Lesson. No 6/9
1. Topics to be Covered: Quality Management – Quality & Standards
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the quality management to improve quality of
software products by following proper standards and procedures
4. Outcome (s):
At the end of the lesson the students will be able to :
Define quality management.
Discuss about software quality.
Describe about software standards
5. Link Sheet: What is quality management?
What are the responsibilities of quality manager?
6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
Quality Management System

CS2055 SQA K.Palraj,AP/CSE Page 27

 1.6 Quality Management – Quality & Standards
Software quality management
 Concerned with ensuring that the required level of quality is achieved in a software
product.
 Three principal concerns:
 At the organizational level, quality management is concerned with establishing a
framework of organizational processes and standards that will lead to high-quality
software.
 At the project level, quality management involves the application of specific
quality processes and checking that these planned processes have been followed.
 At the project level, quality management is also concerned with establishing a
quality plan for a project. The quality plan should set out the quality goals for the
project and define what processes and standards are to be used.
Quality management activities
 Quality management provides an independent check on the software development
process.
 The quality management process checks the project deliverables to ensure that they are
consistent with organizational standards and goals
 The quality team should be independent from the development team so that they can take
an objective view of the software. This allows them to report on software quality without
being influenced by software development issues.
Quality management and software development

Quality planning
 A quality plan sets out the desired product qualities and how these are assessed and
defines the most significant quality attributes.
 The quality plan should define the quality assessment process.
It should set out which organisational standards should be applied and, where necessary, define
new standards to be used

CS2055 SQA K.Palraj,AP/CSE Page 28

Quality plans
 Quality plan structure
 Product introduction;
 Product plans;
 Process descriptions;
 Quality goals;
 Risks and risk management.
 Quality plans should be short, succinct documents
 If they are too long, no-one will read them
Scope of quality management
 Quality management is particularly important for large, complex systems. The quality
documentation is a record of progress and supports continuity of development as the
development team changes.
 For smaller systems, quality management needs less documentation and should focus on
establishing a quality culture
Software quality
 Quality, simplistically, means that a product should meet its specification.
 This is problematical for software systems
 There is a tension between customer quality requirements (efficiency, reliability,
etc.) and developer quality requirements (maintainability, reusability, etc.);
 Some quality requirements are difficult to specify in an unambiguous way;
 Software specifications are usually incomplete and often inconsistent.
 The focus may be „fitness for purpose‟ rather than specification conformance
Software quality attributes

Safety Understandability Portability

Security Testability Usability

Reliability Adaptability Reusability

Resilience Modularity Efficiency

Robustness Complexity Learnability

Software standards
 Standards define the required attributes of a product or process. They play an important
role in quality management.
 Standards may be international, national, organizational or project standards.
 Product standards define characteristics that all software components should exhibit e.g. a
common programming style.
 Process standards define how the software process should be enacted.
Importance of standards
 Encapsulation of best practice- avoids repetition of past mistakes.

CS2055 SQA K.Palraj,AP/CSE Page 29

  They are a framework for defining what quality means in a particular setting i.e. that
organization‟s view of quality.
 They provide continuity - new staff can understand the organisation by understanding the
standards that are used.
Product and process standards

Product standards Process standards

Design review form Design review conduct

Requirements document Submission of new code for

structure system building
Method header format Version release process

Java programming style Project plan approval process

Project plan format Change control process

Change request form Test recording process

Problems with standards

 They may not be seen as relevant and up-to-date by software engineers.
 They often involve too much bureaucratic form filling.
 If they are unsupported by software tools, tedious form filling work is often involved to
maintain the documentation associated with the standards.
Standards development
 Involve practitioners in development. Engineers should understand the rationale
underlying a standard.
 Review standards and their usage regularly. Standards can quickly become outdated and
this reduces their credibility amongst practitioners.
 Detailed standards should have specialized tool support. Excessive clerical work is the
most significant complaint against standards.
 Web-based forms are not good enough.

CS2055 SQA K.Palraj,AP/CSE Page 30

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for Quality Management – Reviews & Metrics
Time: 50 Minutes
Lesson. No 7/9
1. Topics to be Covered: Quality Management – Reviews & Metrics
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the quality management techniques like reviews,
inspections and metrics.
4. Outcome (s):
At the end of the lesson the students will be able to :
Define metrics.
Discuss about software reviews.
5. Link Sheet: What is quality management?
What are the responsibilities of quality manager?
6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
Enterprise quality management.

CS2055 SQA K.Palraj,AP/CSE Page 31

 1.7 Quality Management – Reviews & Metrics
Reviews and inspections
 A group examines part or all of a process or system and its documentation to find
potential problems.
 Software or documents may be 'signed off' at a review which signifies that progress to
the next development stage has been approved by management.
 There are different types of review with different objectives
 Inspections for defect removal (product);
 Reviews for progress assessment (product and process);
 Quality reviews (product and standards).
Quality reviews
 A group of people carefully examine part or all of a software system and its associated
documentation.
 Code, designs, specifications, test plans, standards, etc. can all be reviewed.
 Software or documents may be 'signed off' at a review which signifies that progress to the
next development stage has been approved by management.
The software review process

Program inspections
 These are peer reviews where engineers examine the source of a system with the aim of
discovering anomalies and defects.
 Inspections do not require execution of a system so may be used before implementation.
 They may be applied to any representation of the system (requirements, design,
configuration data, test data, etc.).
 They have been shown to be an effective technique for discovering program errors.
Agile methods and inspections
 Agile processes rarely use formal inspection or peer review processes.
 Rather, they rely on team members cooperating to check each other‟s code, and informal
guidelines, such as „check before check-in‟, which suggest that programmers should
check their own code.

CS2055 SQA K.Palraj,AP/CSE Page 32

  Extreme programming practitioners argue that pair programming is an effective substitute
for inspection as this is, in effect, a continual inspection process.
 Two people look at every line of code and check it before it is accepted.
Software measurement and metrics
 Software measurement is concerned with deriving a numeric value for an attribute of a
software product or process.
 This allows for objective comparisons between techniques and processes.
 Although some companies have introduced measurement programmes, most
organisations still don‟t make systematic use of software measurement.
Software metric
 Any type of measurement which relates to a software system, process or related
documentation
 Lines of code in a program, the Fog index, number of person-days required to
develop a component.
 Allow the software and the software process to
be quantified.
 May be used to predict product attributes or to control the software process.
 Product metrics can be used for general predictions or to identify anomalous components.
Use of measurements
 To assign a value to system quality attributes
 By measuring the characteristics of system components, such as their cyclomatic
complexity, and then aggregating these measurements, you can assess system
quality attributes, such as maintainability.
 To identify the system components whose quality is sub-standard
Measurements can identify individual components with characteristics that deviate from the
norm. For example, you can measure components to discover those with the highest complexity.
These are most likely to contain bugs because the complexity makes them harder to understand
Relationships between internal and external software

CS2055 SQA K.Palraj,AP/CSE Page 33

Metrics assumptions
 A software property can be measured.
 The relationship exists between what we can
measure and what we want to know. We can only measure internal attributes but are
often more interested in external software attributes.
 This relationship has been formalised and
validated.
 It may be difficult to relate what can be measured to desirable external quality attributes.
Problems with measurement in industry
 It is impossible to quantify the return on investment of introducing an organizational
metrics program.
 There are no standards for software metrics or standardized processes for measurement
and analysis.
 In many companies, software processes are not standardized and are poorly defined and
controlled.
 Most work on software measurement has focused on code-based metrics and plan-driven
development processes. However, more and more software is now developed by
configuring ERP systems or COTS.
 Introducing measurement adds additional overhead to processes.
Product metrics
 A quality metric should be a predictor of product quality.
 Classes of product metric
 Dynamic metrics which are collected by measurements made of a program in
execution;
 Static metrics which are collected by measurements made of the system
representations;
 Dynamic metrics help assess efficiency and reliability
 Static metrics help assess complexity, understandability and maintainability.
Dynamic and static metrics
 Dynamic metrics are closely related to software quality attributes
 It is relatively easy to measure the response time of a system (performance
attribute) or the number of failures (reliability attribute).
 Static metrics have an indirect relationship with quality attributes
 You need to try and derive a relationship between these metrics and properties such as
complexity, understandability and maintainability
Software component analysis
 System component can be analyzed separately using a range of metrics.
 The values of these metrics may then compared for different components and, perhaps,
with historical measurement data collected on previous projects.
 Anomalous measurements, which deviate significantly from the norm, may imply that
there are problems with the quality of these components.

CS2055 SQA K.Palraj,AP/CSE Page 34

The process of product measurement

CS2055 SQA K.Palraj,AP/CSE Page 35

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for Software Configuration Management - Need
Time: 50 Minutes
Lesson. No 8/9
1. Topics to be Covered: Software Configuration Management - Need
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the need for software configuration management
4. Outcome (s):
At the end of the lesson the students will be able to :
Define revisions
Discuss the need for SCM
5. Link Sheet: What is baseline?
What is version?
6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
Dynam Soft SCM Anywhere

CS2055 SQA K.Palraj,AP/CSE Page 36

 Software Quality Assurance
Session 8 – Software configuration
Management -Need

Software configuration Management

• Changes to requirements drive the design
• Design changes affect the code

CS2055 SQA K.Palraj,AP/CSE Page 37

 Need for SCM
• Think of these
– If fully tested program doesn’t work
– A difficult bug that was fixed at great expense
suddenly reappears

Without Control
• Simultaneous update
• Shared code
• Common code Problems
• Versions

Waste enormous amount of

time

CS2055 SQA K.Palraj,AP/CSE Page 38

 Control system
• To answer the questions
– What is my current s/w configuration?
– What is its status?
– How do I control changes to my configuration?
– What changes have been made to s/w?
– Do anyone else’s changes affect my software?

S/w Product Nomenclature

Modules
Components
Products
Subsystems

System

Subsystems
Products
Components
Modules

CS2055 SQA K.Palraj,AP/CSE Page 39

 Terms in nomenclature
• System – package of all software
• Subsystem – Large systems into subsystems
• Product – all subsystems contain products
• Components – next level of product
• Module – lowest level – individual functions

Implementation & building

• Implementation – 2 things happen at same
time
– Modules developed, enhanced, tested & repaired
– Modules assembled into components, products,
subsystems and systems
• Building process
– Modules changed to add functions or repair
problems

CS2055 SQA K.Palraj,AP/CSE Page 40

 cont..
• Tests
– Unit test – module
– Integration test – interfaces & interdependencies
– Function test
• Component test
• Subsystem test
• System test
– Regression test

Configuration Management Overview

Initial Requirements
development /Design/Use

Establish/ Approve
Update change
Baseline

Validate Authorize Implement Validate

Baseline change change change

Baselines

Changes

CS2055 SQA K.Palraj,AP/CSE Page 41

 Basic CM functions
• Configuration control
• Change management
• Revisions
• Versions
• Deltas
• Conditional code

1. Configuration Control
• Task revolves around one official copy of the code
• To protect every system revision – to keep a
separate official copy of each revision level.
– Lot of storage
– Code divergence
– Coordination
• Solution – keep only one official copy with one
common library
• Approved changes can be permitted – common
library be the official source for all common code

CS2055 SQA K.Palraj,AP/CSE Page 42

 2. Revisions
• Numbering system to identify separately
– Test
– Module
– Component
– Product
– System
• Development – cycle of revision , integration
& test

3. Derivations
• Ability to determine what has changed

Module Module
101 101

Control Program Control Program X

Level 116 Level 117 Y

Test A Rerun Test A

CS2055 SQA K.Palraj,AP/CSE Page 43

 4. Versions

>512

MEML Large Memory

MEM

MEMS Standard Memory

5. Deltas

>512
>512

MEML Large Memory

MEM

MEMS Standard Memory

CS2055 SQA K.Palraj,AP/CSE Page 44

 Sri Vidya College of Engineering and
Technology
Department of Computer Science &
Engineering
Class IV CSE
Subject Code CS2055
Subject Software Quality Assurance
Prepared By K.Palraj
Lesson Plan for Software Configuration Management Plan
Time: 50 Minutes
Lesson. No 9/9
1. Topics to be Covered: Software Configuration Management Plan
2. Skills Addressed : Listening
3. Objectives of this Lesson Plan:
To enable students to understand the considerations for Software quality assurance
4. Outcome (s):
At the end of the lesson the students will be able to :
Define configuration audit.
Discuss about SCMP.
5. Link Sheet: What is baseline?
What is version?
6. Evocation: (5 Minutes)

7. Lecture Notes: Enclosed here

8. Textbook :
Watts S Humphrey, “ Managing the Software Process”, Pearson Education Inc
Nina S Godbole, “Software Quality Assurance: Principles and Practice”, Alpha
Science International, Ltd
9. Application
AccuRev – SCM tool

CS2055 SQA K.Palraj,AP/CSE Page 45

 Software configuration
Management Plan

Plan
• First step in SCM system
• Includes
– Objectives
– Responsibilities
– Approaches
– Methods to be used
• Contents & checklist

CS2055 SQA K.Palraj,AP/CSE Page 46

 SCMP contents
1. Overview
– SCM objective
– System overview
2. SCM organization
– SCM responsibilities
– Configuration Control Board members
– Configuration Control Board charter
– Product Assurance relationship
3. SCM methods
– Baselines & contents
– Identification system
– Control system
– Auditing
– Status accounting
– CM support tools

Cont..
4. SCM procedures
– Procedures manual
– Forms & records
5. SCM implementation
– Personal plan
– System support plan
– Budget
– Key implementation checkpoints

CS2055 SQA K.Palraj,AP/CSE Page 47

 SCM Questions
• Requirements phase
– Where s the official reqmts stmt?
– What changes have been made?
– What s the impact of changes in design?
• Design phase
– Where is the reqmt covered by design?
– What is the particular requirement that this design element satisfies?
– What is the current approved specification for this interface?
– What is the design impact of this reqmts change?
• Implementation
– How has the particular function been allocated to various
implementation areas?
– What is the design logic?
– What compiler version was used to produce this code?
• Testing
– Where are the tests that verify this functional requirement?
– Where is the test data for use with these tests?

Requirements phase
• Requirements changes
• Requirements baseline & change control
• External specifications

CS2055 SQA K.Palraj,AP/CSE Page 48

 Design control
• Change control board
• Software configuration identification
– Design – creative process
– Design – template
– Permanent design – later repair / enhancement
– Permanent record for design changes
– To maintain control the design is subdivided into
modules

Implementation phase
• Functions
– Source code charge out & charge-in facilities
– Read-only access to specifications & object code
– Ability to compile modules
– Procedure for making approved changes
– Any new source code is consistent with module
specifications

CS2055 SQA K.Palraj,AP/CSE Page 49

 Test phase
• SCM should have the following capabilities
– Means for creating new bug reports
– Means for closing bug reports
– Periodic reporting of bug status

Implementation change control procedure

change request

Change
approved? yes
No
Design
Get change
approval / needed?
stop work No yes

Specification
Fix
change
implement
needed? yes
ation No

Adjust
Fix design
specification
To SCM

CS2055 SQA K.Palraj,AP/CSE Page 50

 Configuration auditing
• To maintain a continuous record of the state of all
baselined items
• The information required includes
– Time at baseline established
– When each configuration item(CI) & change included
in baseline
– Description of CI
– Description of s/w change
– Status of s/w change
– Documentation status for each baseline

Items needed for configuration

accounting
• CI index
– Creation date
– Current released version
– Version of its component items
• Change logs
– History of changes
– Release histories
• All Discrepancy requests
• All Change requests

CS2055 SQA K.Palraj,AP/CSE Page 51

 S/W configuration audit
• Rules
– Periodically needed to ensure integrity
– To perform before major baseline change
– Audit team – qualified technical people
– To verify that changes to baseline are
implemented as intended
– Integral part of SCM system
– Continuous with increased frequency and depth
– Documented project plan is used as basis

SCM audit
• Checks for
– Requirements
– Functional
– High-level design
– Design
– Product
– Operational

CS2055 SQA K.Palraj,AP/CSE Page 52