Home » Books » Computers & Technology » Handbook of Software Quality Assurance, Fourth Edition 4th Edition

Handbook of Software Quality Assurance, Fourth Edition 4th Edition

Author: G. Gordon Schulmeyer

Publisher: Artech House

Genres: Computers & Technology

Publish Date: September 30, 2007

ISBN-10: 1596931868

Pages: 456

File Type: PDF

Language: English

Book Preface

The software industry is witnessing a dramatic rise in the impact and effectiveness of software quality assurance (SQA). From its day of infancy, when a handful of software pioneers explored the first applications of quality assurance to the development of software, SQA has become integrated into all phases of software development. Most significant is the acceptance by software developers and managers of SQA personnel. There is a recognition that besides their primary function of auditing the software process and work products, the SQA personnel are real contributors to the success of the project. This is due to the closer integration and participation of SQA personnel in software-related project activities, including participation in team meetings, configuration control board meetings, peer reviews, and the like.

Another important transition taking place is that software quality assurance is being expanded to other aspects of development, such as systems and hardware development. Now, many organizations have expanded their software QA to include systems and hardware QA, implemented as development quality assurance (DQA). A significant force in bringing about this shift to DQA is the Capability Maturity Model Integration® for Development, version 1.2 (CMMI®-DEV, v1.2) provided by the Software Engineering Institute. This model flowed from the CMMI® for Systems Engineering and Software Engineering, version 1.1 that one can see from the title expanded beyond software to include systems engineering/ development. Also with CMMI®-DEV, v1.2, hardware amplification was added to relevant practices to expand the practice coverage to include hardware engineering principles.

The practice of SQA/DQA is often thought of either as an auditing function or a “validation” (testing) function. (Validation is not to be confused here with verification and validation (V&V), which encompasses comprehensive technical activities to assure a product’s conformance to requirements.) The SQA/DQA auditing function focuses on assuring that the processes are being followed and the work products are complete and consistent. The primary thrust of this book is on SQA/DQA as an auditing function, although I prefer the term “evaluation.”

The SQA/DQA validation function focuses on testing—ensuring that you built the right thing. QA as a validation (testing) function has been the traditional function of the quality organization in software, but with the advent of the quality standards such as ISO and Capability Maturity Model® (CMM®)/CMMI®, the role of SQA (note the addition of the “S”) assumed an auditing function.
Handbook of Software Quality Assurance, Fourth Edition, capitalizes on the talents and skills of the experts who deal with the implementation of software and development quality assurance on a daily basis. To have their accumulated knowl-edge at hand makes this book a valuable resource. Each author, because of his or her special skills, talents, foresight, and interests, has contributed to the maturing process occurring in the field of software and development quality today.

What this book brings to the reader, then, is a collection of experiences and expectations of some of the best people in the field of software and development quality assurance. Because of their early involvement in software and development quality and because of their continued pursuit to discover improved methods for achieving better on-the-job quality assurance, each author provides an insightful presentation of his personal involvement in quality assurance.

The structure of this book is relatively straightforward. There are 17 chapters covering many key areas of software and development quality assurance.

A brief summary of each chapter highlighting its main thrust is provided here for the reader to decide which topic is of immediate interest. If information is required from another chapter for additional insight, adequate cross-referencing has been provided within each chapter.

Chapter 1 presents a picture of how to organize for quality management. This chapter includes a discussion of the quality management framework and related quality program concepts. Then, organizational aspects of the quality program are discussed in terms of the organizational relationships for the quality program and the mapping of the quality program functions to project organizational entities, resulting in some example organizational implementations of a quality program. The role of assessing and measuring product quality during development and the controversy over the independence of QA versus being part of the development organization are discussed in this chapter.

Chapter 2 is an overview of the contributions made and the roles played by the dominant figures in the quality field. The individual contributions of the dominant quality experts—Kaoru Ishikawa, Joseph M. Juran, Yoji Akao, W. Edwards Deming, Genichi Taguchi, Shigeo Shingo, Philip Crosby, and Watts Humphrey—are related. The latest addition to this list of experts is Watts Humphrey, who provided so much to software development and quality assurance that he received the 2003 National Medal of Technology from the President of the United States.

Chapter 3 discusses the commercial standards and the impact that they have on quality assurance, with a special emphasis on software quality. This is a comprehensive chapter on SQA-related standards from ISO, IEEE, CobiT®, ITIL®, and others, and what they mean to you as a practitioner. This chapter concludes with some reminders about conformance and certification, as well as improtant future trends.

Chapter 4 discusses the personnel requirements for a good software quality engineer and how a software quality organization should deal with personnel issues such as training, roles for software quality engineers, paraprofessional possibilities, and career paths. The impact of the American Society for Quality (ASQ) software quality engineer certification program is covered.

Chapter 5 discusses the methods and techniques that will help one to determine how to train software and development quality engineers. The authors have extensive experience in performing this training and they provide much practical information on how to do it well.

Chapter 6 applies the well-known Pareto principle (80/20 rule) to the concerns and issues of software and development quality assurance. The impact and advantage of performing a Pareto analysis is supported by two classic examples: one deals with the World Wide Military Command and Control System (WWMCCS), and the other with the Federal Reserve Bank. How Pareto analysis is applied to defect prevention, its use in analysis of inspection data, and a unique aspect of how to compare Pareto charts are covered in this chapter.

Chapter 7 deals with the widely acclaimed use and application of inspections as a highly beneficial peer review method. The impact and benefits of conducting inspections during the software development cycle are covered in some detail. The inspection process is described and numerous results of inspections are provided to give the reader a firsthand picture of what to look for when evaluating inspection data. Emphasis is given to documentation inspections, inspection metrics, and even the national software quality experiment, which captures inspection results across the country.

Chapter 8 discusses the audit methods useful to software and development quality personnel. What makes up a comprehensive audit is covered, and there are many examples provided of each of those audit parts. Types of audits such as software piracy audits, security audit, information systems audit, ISO 9001:2000 software audit, CMMI®-DEV appraisal, internal project audits, and audit automation. The results of audits are discussed with concomitant ramifications to the audited organization being covered.

Chapter 9 deals with that aspect of quality assurance concerned with software safety. The various requirements related to software safety and hazard avoidance and mitigation techniques are covered. What it takes to develop a software safety assurance program is a key aspect of this important chapter.

Chapter 10 lays out the requirements for the software quality engineer certification program established by the ASQ. More specifically, the chapter deals with how one should prepare for the exam and what is in the body of software quality knowledge needed to pass the exam, and it includes a recommended bibliography that aides in preparation.

Chapter 11 provides an in-depth analysis of the relationship of process and product quality assurance (PPQA) to SQA. It focuses on the requirements for these process areas as they flow from the CMM® for software to the CMMI® for development (CMMI®-DEV). It provides an analysis of the PPQA process area in the CMMI®-DEV and provides various approaches to meeting the intent of PPQA.

Chapter 12 provides guidance on how to handle quality assurance on small projects. It starts with staff and training considerations, followed by tactical and strategic guidance for your projects. There are many recommendations provided on how to reduce cost and pressure for thorough quality assurance coverage on a small project.

Chapter 13 on development quality assurance shows the transition that quality assurance organizations/personnel need to make to be compliant with the latest standards, especially with the CMMI®-DEV. That transition addresses first the systems development process and then the hardware development process. Potential stumbling blocks and related suggestions on how to overcome them are provided.

Chapter 14 examines quality management in information technology (IT). The principles and concepts that apply to IT examined in this chapter include:
•Identifying key IT processes, their sequence, and interaction;
•Planning for defect prevention versus detection by applying IT best practices;
•Using and implementing standards to achieve internationally recognized registration or demonstrate appropriate levels of IT governance;
•Resolving the IT equivalent to software bugs, defects, and errors;
•Determining and documenting customer requirements;
•Monitoring and measuring service performance to assure customer requirements are met and continual improvement occurs;
•Assuring procurement quality when outsourcing key IT processes;
•Parallels in the bodies of knowledge between software and IT quality professionals.

Chapter 15 deals with the assessment of the total cost of software quality and examines what input is required, the value added, and the expected output. The chapter describes what a Cost of Software Quality (CoSQ) system is. How to implement that CoSQ system is covered as well, and the related difficulties in implementation are addressed. Also discussed are the price of nonconformance and the effect of budgetary constraints on the implementation of SQA. The chapter concludes with a recommended extended model for the cost of software quality.

Chapter 16 provides a survey of metrics proposed and currently used to determine the quality of the software development effort. Software quality metrics methodology, software quality indicators, and some practical software and systems measurements, CMMI® Measurement and Analysis, CMMI® Higher Maturity Measurements, and practical implementations are covered in this chapter.

Chapter 17 is an overview of software reliability. There is an outline of the software reliability engineering process to give you a feel for the practice, using a single consistent example throughout. The example provides information on preparation, execution, and guidance of testing from a software reliability engineering perspective. The chapter concludes with a list of some key resources.
Appendix A is a list of the acronyms used throughout the book.

I thank each and all of the contributors for their time, energy, and foresight for their contributions to this book.
I also appreciate the patience and help of Wayne Yuhasz, executive acquistions editor, Barbara Lovenvirth, developmental editor, and Rebecca Allendorf, senior production editor, at Artech House, without whose assistance and support this book would not have been accomplished.
G. Gordon Schulmeyer Editor
Lothian, Maryland September 2007