Uploaded bynilampatoliya
PPTX, PDF8 views

Software Quality Assurance and Software Quality Standards.pptx

oftware Quality Assurance and Software Quality Standards.

Embed presentation

Download to read offline
Software Quality Assurance and Management (Software Quality Assurance, SQA activities, Software Quality Standards - ISO 9000, SEI CMM, Six Sigma)
Software Quality Assurance (SQA) • Software quality assurance (often called quality management) is an activity that is applied throughout the software development process. • Software quality assurance (SQA) encompasses: • An SQA process • Quality Assurance and Quality control tasks (eg. Formal technical reviews) • Effective software engineering practice (using well-established methods and tools) • Control over software products and changes made to them to ensure quality • A procedure to ensure compliance with software development standard • Measurement and reporting mechanisms
Elements of SQA 1. Standards 2. Reviews and Audits 3. Testing 4. Error/defect collection and analysis 5. Change management 6. Education 7. Vendor management 8. Security management 9. Safety 10. Risk management
Elements of SQA… continued.. 1. Standards • Various standards exist (IEEE/ ISO / Six-sigma etc.) • Standards may be adopted voluntarily by a software engineering organization or imposed by the customer or other stakeholders • The job of SQA is to ensure that standards that have been adopted are followed and that all work products conform to them 2. Reviews and Audits • Technical reviews are a quality control activity performed by software engineers for software engineers. Their intent is to ensure adherence to requirements and uncover lapses/errors. • Audits are a type of review performed by trained SQA personnel with the intent of ensuring that quality guidelines are being followed for software engineering work 3. Testing • Software testing is a quality control function that has one primary goal—to find errors. The job of SQA is to ensure that testing is properly planned and efficiently conducted so that it has the highest likelihood of achieving its primary goal
Elements of SQA… continued.. 4. Error/defect collection and analysis • The only way to improve is to measure how you’re doing. • SQA collects and analyzes error and defect data to better understand how errors are introduced and what software engineering activities are best suited to eliminating them 5. Change management • Changes occur in project and need to be managed well. If it is not properly managed, change can lead to confusion, and confusion almost always leads to poor quality. • SQA ensures that adequate change management practices have been instituted. (eg. Software configuration management, impact management etc.) 6. Education • Every software organization wants to improve its software engineering practices. A key contributor to improvement is education of software engineers, their managers, and other stakeholders. • SQA team takes the lead in software process improvement and is a key proponent and sponsor of educational programs
Elements of SQA… continued.. 7. Vendor management • Three categories of software are acquired from external software vendors— shrink-wrapped packages (e.g., Microsoft Office), a tailored shell that provides a basic skeletal structure that is custom tailored to the needs of a purchaser, and contracted software that is custom designed and constructed from specifications provided by the customer organization. • The job of the SQA organization is to ensure that high-quality software results by suggesting specific quality practices that the vendor should follow, and incorporating quality standards as part of any contract with an external vendor. 8. Security management • With increase in cyber crime and new government regulations regarding privacy, every software organization should institute policies that protect data at all levels • SQA ensures that appropriate process and technology are used to achieve software security 9. Safety • Hidden defects in software causes problems. Eg. Defect in software for maneuvering aircraft could be catastrophic. • SQA is responsible for assessing the impact of software failure and for initiating steps required to reduce risk
Elements of SQA… continued.. 10. Risk management • Although the analysis and mitigation of risk is the concern of software engineers, the SQA organization ensures that risk management activities are properly conducted and that risk-related contingency plans have been established. • In addition to each of these concerns and activities, SQA works to ensure that software support activities (e.g., maintenance, help-lines, documentation, and manuals) are conducted or produced with quality as a dominant concern.
SQA Tasks –Activity (Role of SQA Group) • Prepares an SQA plan for a project • The plan identifies • evaluations to be performed • audits and reviews to be performed • standards that are applicable to the project • procedures for error reporting and tracking • documents to be produced by the SQA group • amount of feedback provided to the software project team • Participates in the development of the project’s software process description • The SQA group reviews the process description for compliance with organizational policy, internal software standards, externally imposed standards (e.g., ISO-9000), and other parts of the software project plan
SQA Tasks (Role of SQA Group) … continued • Reviews software engineering activities to verify compliance with the defined software process • identifies, documents, and tracks deviations from the process and verifies that corrections have been made • Audits designated software work products to verify compliance with those defined as part of the software process • reviews selected work products; identifies, documents, and tracks deviations; verifies that corrections have been made • periodically reports the results of its work to the project manager • Ensures that deviations in software work and work products are documented and handled according to a documented procedure • Records any noncompliance and reports to senior management • Non-compliance items are tracked until they are resolved
Why are Standards Important ? • Standards provide guidelines for adopting the best or at least most appropriate practices for product development or process • Standards provide a framework around which the quality assurance process may be implemented • Standards assist in continuity of work when it’s carried out by different people throughout the software product lifecycle • Standards should not be avoided. If they are too extensive for the task at hand, then can be tailored for a process.
Quality Standards • ISO 9000, 9001 • SEI CMM • Six Sigma
What are ISO standards? • ISO stands for International Organization for Standardization • ISO 9000 • ISO 9000 is an international set of standards for quality management • There are many individual standards grouped into this series, including ISO 9001 • Its purpose is to define terminology found in the rest of the standards • ISO 9001 • ISO 9001 is a generic model of the quality process, applicable to organizations whose business processes range all the way from design and development, to production, installation and servicing.
Quality concepts addressed by ISO 9000 standards • The quality concepts addressed by these standards are: • An organization should achieve and sustain the quality of the product or service produced so as to meet continually the purchaser's stated or implied needs. • An organization should provide confidence to its own management that the intended quality is being achieved and sustained. • An organization should provide confidence to the purchaser that the intended quality is being, or will be, achieved in the delivered product or service provided. When contractually required, this provision of confidence may involve agreed demonstration requirements.
ISO 9001:2000 Standard • ISO 9001:2000 is the quality assurance standard that applies to software engineering. • The standard contains various requirements that must be present for an effective quality assurance system. • The requirements delineated by ISO 9001:2000 address topics such as: • management responsibility, quality system, contract review, design control, document and data control, product identification and traceability, process control, inspection and testing, corrective and preventive action, control of quality records, internal quality audits, training, servicing, and statistical techniques.
ISO 9001:2000 - Important clauses • Management Responsibility • ISO 9001 requires that the quality policy be defined, documented, understood, implemented, and maintained • Responsibilities and authorities for all personnel specifying, achieving, and monitoring quality be defined • In-house verification resources be defined, trained, and funded • A designated manager ensures that the quality program is implemented and maintained • Quality System • ISO 9001 requires that a documented quality system, including procedures and instructions, be established • This quality system is an integrated process throughout the life cycle • Contract Review •ISO 9001 requires that contracts be reviewed to determine whether the requirements are adequately defined, agree with the bid, and can be implemented
ISO 9001:2000 - Important clauses • Design Control • ISO 9001 requires that procedures to control and verify the design be established. • This includes planning design activities, identifying inputs and outputs, verifying the design, and controlling design changes. • Document Control • ISO 9001 requires that the distribution and modification of documents be controlled. • Product Identification and Traceability • ISO 9001 requires that the product (ie software product) be identified and traceable during all stages of production, delivery, and installation. • Process Control • ISO 9001 requires that production processes be defined and planned. • This includes carrying out production under controlled conditions, according to documented instructions.
ISO 9001:2000 - Important clauses • Inspection and Testing • ISO 9001 requires that incoming materials be inspected or verified before use and that in-process inspection and testing be performed. • Final inspection and testing are performed prior to release of finished product. • Records of inspection and test are kept. • Corrective and Preventive Action • ISO 9001 requires that the causes of nonconforming product be identified. • Potential causes of nonconforming product are eliminated, and procedures are changed resulting from corrective action. This also helps in defect prevention. • Quality Records • ISO 9001 requires that quality records be collected and maintained • Internal Quality Audits • ISO 9001 requires that audits be planned and performed. • The results of audits are communicated to management, and any deficiencies found are corrected.
ISO 9001:2000 - Important clauses • Training • ISO 9001 requires that training needs be identified and that training be provided, since selected tasks may require qualified personnel. • Records of training are maintained. • Servicing • ISO 9001 requires that servicing activities (ie maintenance) be performed as specified. • Statistical Techniques • ISO 9001 states that, where appropriate, adequate statistical techniques are identified and used as per documentation.
Capability Maturity Model (CMM) Levels The CMMI (Capability Maturity Model Integration) defines capability levels as below: • Level 0: Incomplete — The process area (e.g., requirements management) is either not performed or does not achieve all goals and objectives defined by the CMMI for level 1 capability for the process area. • Level 1: Performed — All of the specific goals of the process area (as defined by the CMMI) have been satisfied. Work tasks required to produce defined work products are being conducted. • Level 2: Managed — All capability level 1 criteria have been satisfied. In addition, all work associated with the process area conforms to an organizationally defined policy; all people doing the work have access to adequate resources to get the job done; stakeholders are actively involved in the process area as required; all work tasks and work products are “monitored, controlled, and reviewed; and are evaluated for adherence to the process description”.
Capability Maturity Model (CMM) Levels • Level 3: Defined — All capability level 2 criteria have been achieved. In addition, the process is “tailored from the organization’s set of standard processes according to the organization’s tailoring guidelines, and contributes work products, measures, and other process-improvement information to the organizational process assets”. • Level 4: Quantitatively managed — All capability level 3 criteria have been achieved. In addition, the process area is controlled and improved using measurement and quantitative assessment. “Quantitative objectives for quality and process performance are established and used as criteria in managing the process”. • Level 5: Optimized — All capability level 4 criteria have been achieved. In addition, the process area is adapted and optimized using quantitative (statistical) means to meet changing customer needs and to continually improve the efficacy of the process area under consideration.
Comparison between ISO 9001 and SEI CMM ISO 9001 SEI CMM The main co-ordinating body for this standard is International Organization for Standardization (ISO) The main co-ordinating body for this standard is Software Engineering Institute (SEI) ISO 9001 focuses on quality with a much broader scope: hardware, software, processed materials, and services Focus is on quality specifically for software products It is open to multi-sector. It is open to IT and IT enabled services sector There are no levels. However, procedures are specified to ensure quality over a range of topics from documentation to design to implementation and maintenance. Here there are levels defining the capability of an organization, where successively higher level means better quality adherence. The levels are - Level 0: Incomplete, Level 1: Performed, Level 2: Managed, Level 3: Defined, Level 4: Quantitatively Managed and Level 5: Optimized. Generally the ISO certification is valid for 3 years There is no limit on certification
Six Sigma standard • Six Sigma is a quality-control methodology developed in 1986 by Motorola, Inc. • It was originally developed as a management method to work faster with fewer mistakes. It has now become an industry standard with certifications offered to practitioners. • Six Sigma is the process of producing high quality output. This can be done in two phases – identification and elimination. The cause of defects is identified and appropriate elimination is done which results in improved quality. • Six sigma implies an extremely high quality standard with no more than 3.4 defects per million occurrences/units
Six Sigma Methodology • The Six Sigma methodology (DMAIC) includes the following core steps: • Define customer requirements and deliverables and project goals via well- defined methods of customer communication • Measure the existing process and its output to determine current quality performance (collect defect metrics) • Analyze defect metrics and determine the vital few causes • Improve the process by eliminating the root causes of defects • Control the process to ensure that future work does not reintroduce the causes of defects

More Related Content

PPTX
SE - Lecture 7 - Software Quality Reliability Mgmt - in lecture.pptx
byTangZhiSiang
 
PDF
Software Quality Assurance- Introduction
bypragadarsh
 
PPTX
Software quality assurance
byAman Adhikari
 
PPTX
software engineering
byshreeuva
 
PPT
1412676jhhhhhhhhhhhhhhhhhhhbnvvnvnvvv2.ppt
byMeseAK
 
PPT
Software Quality Assurance SQA lecture.ppt
byRohanMalik45
 
PPTX
EContent_11_2024_04_24_08_32_29_Unit5_PPT1pptx__2024_04_05_09_12_50.pptx
byDevSavaliya1
 
PPT
Chapter 16
byBenjamin Yu
 
SE - Lecture 7 - Software Quality Reliability Mgmt - in lecture.pptx
byTangZhiSiang
 
Software Quality Assurance- Introduction
bypragadarsh
 
Software quality assurance
byAman Adhikari
 
software engineering
byshreeuva
 
1412676jhhhhhhhhhhhhhhhhhhhbnvvnvnvvv2.ppt
byMeseAK
 
Software Quality Assurance SQA lecture.ppt
byRohanMalik45
 
EContent_11_2024_04_24_08_32_29_Unit5_PPT1pptx__2024_04_05_09_12_50.pptx
byDevSavaliya1
 
Chapter 16
byBenjamin Yu
 

Similar to Software Quality Assurance and Software Quality Standards.pptx

PPT
Software Engineering (Software Quality Assurance)
byShudipPal
 
PPT
Software_Engineering-Chapater-Notes-06.ppt
byssuser0f7b101
 
PPT
SQA.ppt
byDr.Saranya K.G
 
PPT
22317-DIPLOMA_SEM4_software_engg-chap-06.ppt
byDeepgaichor1
 
PPTX
Software Quality Assurance (SQA) Eng.pptx
bykidskarma756
 
PPT
SQA.ppt
byBUSHRASHAIKH804312
 
PPT
Software Quality Assurance presentation.
bymairabutt0124
 
PPTX
Software Quality assurance.pptx
byKarthigaiSelviS3
 
PPT
Software Quality Assurance
byuniversity of education,Lahore
 
PPTX
Software Quality Assurance Introduction.pptx
byHibbaTabeer
 
PPT
Introduction To Software Quality Assurance
byruth_reategui
 
PPT
SQA
byVivastream
 
PPT
SQA.ppt
bytheheritageCollege
 
PDF
Softwarequalityassurance with Abu ul hassan Sahadvi
byAbuulHassan2
 
PPT
Lecture10
bysoloeng
 
PPT
Quality Management.ppt in detail with notes
byIqraHanif27
 
PPT
Qa
byTanzeem Syed
 
PPT
Qa
byRapunzall
 
PPT
Qa
byRapunzall
 
PPT
Qa
byarman Sharma
 
Software Engineering (Software Quality Assurance)
byShudipPal
 
Software_Engineering-Chapater-Notes-06.ppt
byssuser0f7b101
 
SQA.ppt
byDr.Saranya K.G
 
22317-DIPLOMA_SEM4_software_engg-chap-06.ppt
byDeepgaichor1
 
Software Quality Assurance (SQA) Eng.pptx
bykidskarma756
 
SQA.ppt
byBUSHRASHAIKH804312
 
Software Quality Assurance presentation.
bymairabutt0124
 
Software Quality assurance.pptx
byKarthigaiSelviS3
 
Software Quality Assurance
byuniversity of education,Lahore
 
Software Quality Assurance Introduction.pptx
byHibbaTabeer
 
Introduction To Software Quality Assurance
byruth_reategui
 
SQA
byVivastream
 
SQA.ppt
bytheheritageCollege
 
Softwarequalityassurance with Abu ul hassan Sahadvi
byAbuulHassan2
 
Lecture10
bysoloeng
 
Quality Management.ppt in detail with notes
byIqraHanif27
 
Qa
byTanzeem Syed
 
Qa
byRapunzall
 
Qa
byRapunzall
 
Qa
byarman Sharma
 

More from nilampatoliya

PPT
ch24_quality Management in software engineering.ppt
bynilampatoliya
 
PPTX
UNIT1-Introduction to Software and Software Engineering.pptx
bynilampatoliya
 
PPTX
SE-Unit 2_ Requirement Analysis and Modeling.pptx
bynilampatoliya
 
PPTX
SE-Unit 4_software testing stretagy.pptx
bynilampatoliya
 
PPT
unit 8 project closure software project management.ppt
bynilampatoliya
 
PPTX
SE-Unit 3_Software Architecture and Design.pptx
bynilampatoliya
 
PPTX
Unit 3 Basic of Machine Learning gtu.pptx
bynilampatoliya
 
PPTX
Ch2 Elementry Programmin as per gtu oop.pptx
bynilampatoliya
 
PPTX
unit-5 Data Wrandling weightage marks.pptx
bynilampatoliya
 
PPTX
context free grammer ppt of theory of computationoc.pptx
bynilampatoliya
 
PDF
Fundamental_Rights__Fundamental_Duties_Revision_no_anno.pdf
bynilampatoliya
 
PPTX
Ch 8 Multidimensional Array in oop as per gtu.pptx
bynilampatoliya
 
PPTX
ch 7 single dimension array in oop .pptx
bynilampatoliya
 
PPTX
ch 4 mathematical function character and string.pptx
bynilampatoliya
 
PPTX
Unit - 3 - Non Linear Data Structures.pptx
bynilampatoliya
 
ch24_quality Management in software engineering.ppt
bynilampatoliya
 
UNIT1-Introduction to Software and Software Engineering.pptx
bynilampatoliya
 
SE-Unit 2_ Requirement Analysis and Modeling.pptx
bynilampatoliya
 
SE-Unit 4_software testing stretagy.pptx
bynilampatoliya
 
unit 8 project closure software project management.ppt
bynilampatoliya
 
SE-Unit 3_Software Architecture and Design.pptx
bynilampatoliya
 
Unit 3 Basic of Machine Learning gtu.pptx
bynilampatoliya
 
Ch2 Elementry Programmin as per gtu oop.pptx
bynilampatoliya
 
unit-5 Data Wrandling weightage marks.pptx
bynilampatoliya
 
context free grammer ppt of theory of computationoc.pptx
bynilampatoliya
 
Fundamental_Rights__Fundamental_Duties_Revision_no_anno.pdf
bynilampatoliya
 
Ch 8 Multidimensional Array in oop as per gtu.pptx
bynilampatoliya
 
ch 7 single dimension array in oop .pptx
bynilampatoliya
 
ch 4 mathematical function character and string.pptx
bynilampatoliya
 
Unit - 3 - Non Linear Data Structures.pptx
bynilampatoliya
 

Recently uploaded

PDF
Production Engineering lecture for BTEC engineering students
bydemionmayor
 
PDF
DIVA_American_Justice_Revolution_Functional_Requirements_Document_v1.pdf
byAnnaDomino2
 
PPTX
Presentation on Windows Operating System.pptx
bykotod72405
 
PPTX
Bio engineering and production of energy through biomass.pptx
byhamzarashadrajput200
 
PPTX
Explainable-Deep-Learning-for-Alzheimers-Disease-Prediction-using-Multimodal-...
bypritimalkhede
 
PPTX
Computer engineering for collage studen. pptx
byestradageric
 
PDF
GEN AI & DL Day-04 & 05.pdf vk kch FF gudiya ki jgh i
bysulabchatterjee475
 
PPTX
Principles of Energy Efficiency_ Doing More with Less
bygreentechnexus2024
 
PDF
ELECTRONIC DEVICES AND MICROPROCESSOR(24EC307)-KONGUNADU COLLEGE OF ENGINEERI...
bySaranyaShanmugam28
 
PPTX
Generative AI Deep Dive: Architectures, Mechanics, and Future Applications
bygenz9514
 
PPTX
CHAPTER 2 - GENERATION. power system ...
byabdmz4m
 
PPTX
Module 3 - Introduction to NumPy (Numerical Python) & Arrays.
byVijayanthVijay
 
PPTX
K-nearest neighbouring machine learing algorithm .pptx
bydeepalishinkar1
 
PDF
Introduction to MySQL Spatial Features and Real-World Use Cases
byVissarion Fisikopoulos
 
PPTX
TRANSPORTATION ENGINEERING Unit-5.1.pptx
byMood Naik
 
PPTX
UNIT I_StatisticsandProbability1234.pptx
bypritimalkhede
 
PDF
PRIZ Academy - Thinking The Skill Everyone Forgot
byPRIZ Guru
 
PPTX
Push pop Unit 1 CEC369 IoT P CEC369 IoT P
byKesavRaj8
 
PPT
Apresentação de slides para sala de aulas
byjeansbs1
 
PPTX
clustering type :hierarchical clustering.pptx
bydeepalishinkar1
 
Production Engineering lecture for BTEC engineering students
bydemionmayor
 
DIVA_American_Justice_Revolution_Functional_Requirements_Document_v1.pdf
byAnnaDomino2
 
Presentation on Windows Operating System.pptx
bykotod72405
 
Bio engineering and production of energy through biomass.pptx
byhamzarashadrajput200
 
Explainable-Deep-Learning-for-Alzheimers-Disease-Prediction-using-Multimodal-...
bypritimalkhede
 
Computer engineering for collage studen. pptx
byestradageric
 
GEN AI & DL Day-04 & 05.pdf vk kch FF gudiya ki jgh i
bysulabchatterjee475
 
Principles of Energy Efficiency_ Doing More with Less
bygreentechnexus2024
 
ELECTRONIC DEVICES AND MICROPROCESSOR(24EC307)-KONGUNADU COLLEGE OF ENGINEERI...
bySaranyaShanmugam28
 
Generative AI Deep Dive: Architectures, Mechanics, and Future Applications
bygenz9514
 
CHAPTER 2 - GENERATION. power system ...
byabdmz4m
 
Module 3 - Introduction to NumPy (Numerical Python) & Arrays.
byVijayanthVijay
 
K-nearest neighbouring machine learing algorithm .pptx
bydeepalishinkar1
 
Introduction to MySQL Spatial Features and Real-World Use Cases
byVissarion Fisikopoulos
 
TRANSPORTATION ENGINEERING Unit-5.1.pptx
byMood Naik
 
UNIT I_StatisticsandProbability1234.pptx
bypritimalkhede
 
PRIZ Academy - Thinking The Skill Everyone Forgot
byPRIZ Guru
 
Push pop Unit 1 CEC369 IoT P CEC369 IoT P
byKesavRaj8
 
Apresentação de slides para sala de aulas
byjeansbs1
 
clustering type :hierarchical clustering.pptx
bydeepalishinkar1
 

Software Quality Assurance and Software Quality Standards.pptx

  • 1.
    Software Quality Assuranceand Management (Software Quality Assurance, SQA activities, Software Quality Standards - ISO 9000, SEI CMM, Six Sigma)
  • 2.
    Software Quality Assurance(SQA) • Software quality assurance (often called quality management) is an activity that is applied throughout the software development process. • Software quality assurance (SQA) encompasses: • An SQA process • Quality Assurance and Quality control tasks (eg. Formal technical reviews) • Effective software engineering practice (using well-established methods and tools) • Control over software products and changes made to them to ensure quality • A procedure to ensure compliance with software development standard • Measurement and reporting mechanisms
  • 3.
    Elements of SQA 1.Standards 2. Reviews and Audits 3. Testing 4. Error/defect collection and analysis 5. Change management 6. Education 7. Vendor management 8. Security management 9. Safety 10. Risk management
  • 4.
    Elements of SQA…continued.. 1. Standards • Various standards exist (IEEE/ ISO / Six-sigma etc.) • Standards may be adopted voluntarily by a software engineering organization or imposed by the customer or other stakeholders • The job of SQA is to ensure that standards that have been adopted are followed and that all work products conform to them 2. Reviews and Audits • Technical reviews are a quality control activity performed by software engineers for software engineers. Their intent is to ensure adherence to requirements and uncover lapses/errors. • Audits are a type of review performed by trained SQA personnel with the intent of ensuring that quality guidelines are being followed for software engineering work 3. Testing • Software testing is a quality control function that has one primary goal—to find errors. The job of SQA is to ensure that testing is properly planned and efficiently conducted so that it has the highest likelihood of achieving its primary goal
  • 5.
    Elements of SQA…continued.. 4. Error/defect collection and analysis • The only way to improve is to measure how you’re doing. • SQA collects and analyzes error and defect data to better understand how errors are introduced and what software engineering activities are best suited to eliminating them 5. Change management • Changes occur in project and need to be managed well. If it is not properly managed, change can lead to confusion, and confusion almost always leads to poor quality. • SQA ensures that adequate change management practices have been instituted. (eg. Software configuration management, impact management etc.) 6. Education • Every software organization wants to improve its software engineering practices. A key contributor to improvement is education of software engineers, their managers, and other stakeholders. • SQA team takes the lead in software process improvement and is a key proponent and sponsor of educational programs
  • 6.
    Elements of SQA…continued.. 7. Vendor management • Three categories of software are acquired from external software vendors— shrink-wrapped packages (e.g., Microsoft Office), a tailored shell that provides a basic skeletal structure that is custom tailored to the needs of a purchaser, and contracted software that is custom designed and constructed from specifications provided by the customer organization. • The job of the SQA organization is to ensure that high-quality software results by suggesting specific quality practices that the vendor should follow, and incorporating quality standards as part of any contract with an external vendor. 8. Security management • With increase in cyber crime and new government regulations regarding privacy, every software organization should institute policies that protect data at all levels • SQA ensures that appropriate process and technology are used to achieve software security 9. Safety • Hidden defects in software causes problems. Eg. Defect in software for maneuvering aircraft could be catastrophic. • SQA is responsible for assessing the impact of software failure and for initiating steps required to reduce risk
  • 7.
    Elements of SQA…continued.. 10. Risk management • Although the analysis and mitigation of risk is the concern of software engineers, the SQA organization ensures that risk management activities are properly conducted and that risk-related contingency plans have been established. • In addition to each of these concerns and activities, SQA works to ensure that software support activities (e.g., maintenance, help-lines, documentation, and manuals) are conducted or produced with quality as a dominant concern.
  • 8.
    SQA Tasks –Activity (Roleof SQA Group) • Prepares an SQA plan for a project • The plan identifies • evaluations to be performed • audits and reviews to be performed • standards that are applicable to the project • procedures for error reporting and tracking • documents to be produced by the SQA group • amount of feedback provided to the software project team • Participates in the development of the project’s software process description • The SQA group reviews the process description for compliance with organizational policy, internal software standards, externally imposed standards (e.g., ISO-9000), and other parts of the software project plan
  • 9.
    SQA Tasks (Roleof SQA Group) … continued • Reviews software engineering activities to verify compliance with the defined software process • identifies, documents, and tracks deviations from the process and verifies that corrections have been made • Audits designated software work products to verify compliance with those defined as part of the software process • reviews selected work products; identifies, documents, and tracks deviations; verifies that corrections have been made • periodically reports the results of its work to the project manager • Ensures that deviations in software work and work products are documented and handled according to a documented procedure • Records any noncompliance and reports to senior management • Non-compliance items are tracked until they are resolved
  • 11.
    Why are StandardsImportant ? • Standards provide guidelines for adopting the best or at least most appropriate practices for product development or process • Standards provide a framework around which the quality assurance process may be implemented • Standards assist in continuity of work when it’s carried out by different people throughout the software product lifecycle • Standards should not be avoided. If they are too extensive for the task at hand, then can be tailored for a process.
  • 12.
    Quality Standards • ISO9000, 9001 • SEI CMM • Six Sigma
  • 13.
    What are ISOstandards? • ISO stands for International Organization for Standardization • ISO 9000 • ISO 9000 is an international set of standards for quality management • There are many individual standards grouped into this series, including ISO 9001 • Its purpose is to define terminology found in the rest of the standards • ISO 9001 • ISO 9001 is a generic model of the quality process, applicable to organizations whose business processes range all the way from design and development, to production, installation and servicing.
  • 14.
    Quality concepts addressedby ISO 9000 standards • The quality concepts addressed by these standards are: • An organization should achieve and sustain the quality of the product or service produced so as to meet continually the purchaser's stated or implied needs. • An organization should provide confidence to its own management that the intended quality is being achieved and sustained. • An organization should provide confidence to the purchaser that the intended quality is being, or will be, achieved in the delivered product or service provided. When contractually required, this provision of confidence may involve agreed demonstration requirements.
  • 15.
    ISO 9001:2000 Standard •ISO 9001:2000 is the quality assurance standard that applies to software engineering. • The standard contains various requirements that must be present for an effective quality assurance system. • The requirements delineated by ISO 9001:2000 address topics such as: • management responsibility, quality system, contract review, design control, document and data control, product identification and traceability, process control, inspection and testing, corrective and preventive action, control of quality records, internal quality audits, training, servicing, and statistical techniques.
  • 16.
    ISO 9001:2000 -Important clauses • Management Responsibility • ISO 9001 requires that the quality policy be defined, documented, understood, implemented, and maintained • Responsibilities and authorities for all personnel specifying, achieving, and monitoring quality be defined • In-house verification resources be defined, trained, and funded • A designated manager ensures that the quality program is implemented and maintained • Quality System • ISO 9001 requires that a documented quality system, including procedures and instructions, be established • This quality system is an integrated process throughout the life cycle • Contract Review •ISO 9001 requires that contracts be reviewed to determine whether the requirements are adequately defined, agree with the bid, and can be implemented
  • 17.
    ISO 9001:2000 -Important clauses • Design Control • ISO 9001 requires that procedures to control and verify the design be established. • This includes planning design activities, identifying inputs and outputs, verifying the design, and controlling design changes. • Document Control • ISO 9001 requires that the distribution and modification of documents be controlled. • Product Identification and Traceability • ISO 9001 requires that the product (ie software product) be identified and traceable during all stages of production, delivery, and installation. • Process Control • ISO 9001 requires that production processes be defined and planned. • This includes carrying out production under controlled conditions, according to documented instructions.
  • 18.
    ISO 9001:2000 -Important clauses • Inspection and Testing • ISO 9001 requires that incoming materials be inspected or verified before use and that in-process inspection and testing be performed. • Final inspection and testing are performed prior to release of finished product. • Records of inspection and test are kept. • Corrective and Preventive Action • ISO 9001 requires that the causes of nonconforming product be identified. • Potential causes of nonconforming product are eliminated, and procedures are changed resulting from corrective action. This also helps in defect prevention. • Quality Records • ISO 9001 requires that quality records be collected and maintained • Internal Quality Audits • ISO 9001 requires that audits be planned and performed. • The results of audits are communicated to management, and any deficiencies found are corrected.
  • 19.
    ISO 9001:2000 -Important clauses • Training • ISO 9001 requires that training needs be identified and that training be provided, since selected tasks may require qualified personnel. • Records of training are maintained. • Servicing • ISO 9001 requires that servicing activities (ie maintenance) be performed as specified. • Statistical Techniques • ISO 9001 states that, where appropriate, adequate statistical techniques are identified and used as per documentation.
  • 20.
    Capability Maturity Model(CMM) Levels The CMMI (Capability Maturity Model Integration) defines capability levels as below: • Level 0: Incomplete — The process area (e.g., requirements management) is either not performed or does not achieve all goals and objectives defined by the CMMI for level 1 capability for the process area. • Level 1: Performed — All of the specific goals of the process area (as defined by the CMMI) have been satisfied. Work tasks required to produce defined work products are being conducted. • Level 2: Managed — All capability level 1 criteria have been satisfied. In addition, all work associated with the process area conforms to an organizationally defined policy; all people doing the work have access to adequate resources to get the job done; stakeholders are actively involved in the process area as required; all work tasks and work products are “monitored, controlled, and reviewed; and are evaluated for adherence to the process description”.
  • 21.
    Capability Maturity Model(CMM) Levels • Level 3: Defined — All capability level 2 criteria have been achieved. In addition, the process is “tailored from the organization’s set of standard processes according to the organization’s tailoring guidelines, and contributes work products, measures, and other process-improvement information to the organizational process assets”. • Level 4: Quantitatively managed — All capability level 3 criteria have been achieved. In addition, the process area is controlled and improved using measurement and quantitative assessment. “Quantitative objectives for quality and process performance are established and used as criteria in managing the process”. • Level 5: Optimized — All capability level 4 criteria have been achieved. In addition, the process area is adapted and optimized using quantitative (statistical) means to meet changing customer needs and to continually improve the efficacy of the process area under consideration.
  • 22.
    Comparison between ISO9001 and SEI CMM ISO 9001 SEI CMM The main co-ordinating body for this standard is International Organization for Standardization (ISO) The main co-ordinating body for this standard is Software Engineering Institute (SEI) ISO 9001 focuses on quality with a much broader scope: hardware, software, processed materials, and services Focus is on quality specifically for software products It is open to multi-sector. It is open to IT and IT enabled services sector There are no levels. However, procedures are specified to ensure quality over a range of topics from documentation to design to implementation and maintenance. Here there are levels defining the capability of an organization, where successively higher level means better quality adherence. The levels are - Level 0: Incomplete, Level 1: Performed, Level 2: Managed, Level 3: Defined, Level 4: Quantitatively Managed and Level 5: Optimized. Generally the ISO certification is valid for 3 years There is no limit on certification
  • 23.
    Six Sigma standard •Six Sigma is a quality-control methodology developed in 1986 by Motorola, Inc. • It was originally developed as a management method to work faster with fewer mistakes. It has now become an industry standard with certifications offered to practitioners. • Six Sigma is the process of producing high quality output. This can be done in two phases – identification and elimination. The cause of defects is identified and appropriate elimination is done which results in improved quality. • Six sigma implies an extremely high quality standard with no more than 3.4 defects per million occurrences/units
  • 24.
    Six Sigma Methodology •The Six Sigma methodology (DMAIC) includes the following core steps: • Define customer requirements and deliverables and project goals via well- defined methods of customer communication • Measure the existing process and its output to determine current quality performance (collect defect metrics) • Analyze defect metrics and determine the vital few causes • Improve the process by eliminating the root causes of defects • Control the process to ensure that future work does not reintroduce the causes of defects