software engineering collection 2
Which of the following common risks are associated with the risk associated with the availability and quality of the tools to be used to build the product. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience
E) Development environment
Product
A software system that is provided to a client.
Defect testing
A successful test exposes a defect
Validation testing
A successful test shows the system operates as intended
Methodology
A system of practices, techniques, procedures, and rules used by those who work in a discipline.
Task Network
A task network (activity network) is a graphical representation of task flow for a project. Used to help set up task sequence and dependencies.
Desk checking
A testing technique in which the program code is sequentially executed manually by the reviewer, done by the programmer
Object-orientated design (5)
Defining the context and uses of the system, designing system architecture, identifying principle objects, developing design models and specifying object interfaces
Software project management
Deliver software on time, subject to budget, of adequate quality and in accordance to requirements
This consensus method uses a panel of experts familiar with the kind of project in question and uses anonymous estimate questionnaires to reach a decision
Delphi Method
Deployment plan
Describes how the software and associated hardware will be deployed in the customer's environment. This should include a plan for migrating data from existing systems.
Validation plan
Describes the approach, resources and schedule used for system validation
Configuration management plan
Describes the configuration management procedures and structures to be used.
Quality plan
Describes the quality procedures and standards that will be used in a project
Business model
Description of how the client does business
Inception design
Design the architecture
Object-orientated design
Designing software with an object-orientated framework
Quality planning
Desired product qualities and how they may be assessed
Testing types
Desk-checking Unit testing Integration testing Product testing Acceptance testing
Requirements workflow
Determine client needs, constraints
Program Evaluation and Review Technique (PERT) and Critical Path Method (CPM)
Determine the critical path (chain of tasks that determine project duration) Establish time estimates for tasks by statistic modeling Calculate boundary times that establish a time window for a particular task
Inception phase
Determines whether it is worthwhile to develop the software product
Financial Health
Developers in financial difficulty may lower their price to gain a contract. it is better to make smaller than normal profit or break even than to go out of business. Cash flow is more important than profit in difficult economic times.
Host-target development
Developing software for computers other than what it was developed on
Classical maintenance
Development before installation, post-delivery maintenance after installation.
Stages of testing (3)
Development testing, release testing and user testing
Software Engineering
Discipline aiming to produce fault-free software. Ideally on time, on budget, easy to modify and maintain, and meeting the client's needs.
A risk item checklist would contain known and predictable risks from which of these categories? A) Product size B) Development environment C) Staff size D) Process definition E) All of the above
E) All of the above
Which factors affect the probable consequences likely if a risk does occur? A) Risk cost B) Risk timing C) Risk scope D) Risk resources E) Both b and c
E) Both b and c
Risk management is a cyclical process that involves: 1) Ide___ 2) Ana___ 3) Pl___ 4) Tra___ 5) Con___
Identify, Analyze, Plan, Track, Control
The slides tell us that a risk is a potential problem that "might happen" and "might not". Regardless of the outcome, it is a really good idea to: 1) Ide_?_ it. 2) Assess the Pr_?_ of its occurrence 3) Estimate its Im_?_ 4) Establish a Co_?_ Pl_?_ should it occur
Identify, Probability, Impact, Contingency Plan
Algorithmic cost modeling
In this approach, a formulaic approach is used to compute the project effort based on estimates of product attributes, such as size, and process characteristics, such as experience of staff involved.
Phases of the unified process
Inception Elaboration Construction Transition
Extreme programming practices (5)
Incremental, small releases, simple design, test-first development and refactoring
Techniques of requirements gathering (4)
Individual interviews, focus groups, scenarios and ethnographic studies
Waterfall weaknesses (1)
Inflexible
Software capability maturity levels
Initial Repeatable Defined Managed Optimizing
Inception phase deliverables
Initial domain Initial business model Initial requirements Preliminary analysis Initial risks list Initial use cases Plan for elaboration phase Initial business case
Construction deliverables
Initial user manual Completed architecture updated risks SPMP
Misuse cases (4)
Interception, interruption, modification and fabrication threats
Refactoring
Making improvements to a program to slow down its degradation, preventative maintenance
Configuration management
Managing a changing software, version tracking etc
Configuration management
Managing changing software systems
Requirements management
Managing the changing requirements during development
What are the cons of plan driven development?
Many early decisions have to be revised because of changes to the environment in which the software is to be developed and used.
The slides describe two major reasons why Risk Analysis and Management are so important. They are because: 1) Sof_?_ is a difficult undertaking 2) Lots of things can go wr_?_ and many often do
Software, Wrong
Incremental development model
Specification, development and validation are interleaved. May be plan driven or agile.
Commercial of-the-shelf software (COTS)
Software that is purchased and is immediately ready for implementation; developed to suit a wide range of users and needs.
Baseline
Specifies what components are in the version of a particular system
Managed maturity
The organization sets goals, takes measurements, and tries to improve.
Client
The person or group that requests the project
front end" activities 40-50%
customer communication analysis design review and modification
control risk
deal with each risk by implementing its defined control plan and tracking the plan to completion
as the difficulty of the work decreases the expected improvement _______________________
decreases and the improvement ratio that is used becomes greater
Escalation
defines the circumstances and triggers for bringing as risk to the attention of others in the chain of command
Scope
defines the focus, range, an extent of risk management efforts and helps to drive risk management roles and responsibilities
emergency response plan
describes the actions to be taken in the event of a natural disaster, emergency evacuation, terrorist attack, or any other incident that disrupts the normal work pattern (tell employees what to do)
plan for risk control
determine an approach for addressing each risk; produce a plan for implementing the approach
User acceptance testing
determine if the system satisfies the user and business requirements, with actual data, done by SQA and client
Defining Task Sets
determine type of project assess the degree of rigor required identify adaptation criteria select appropriate software engineering tasks
Schedule Tracking2
determine whether formal project milestones (the diamonds shown in Figure 27.3) have been accomplished by the scheduled date. compare actual start-date to planned start-date for each project task listed in the resource table (Figure 27.4).
COCOMO 2 takes into account....................
different approaches to software development, reuse, etc.
these costs are clearly chargeable to a specific work package
direct costs
these costs represent real cash outflows and must be paid as the project progresses
direct costs
what are the types of costs associated with a project
direct labor costs direct project overhead costs general and administrative overhead costs
examples of this cost include salary of the PM and temporary rental space for the project team
direct project overhead costs
these costs can be tied to project deliverables or work packages, examples include the salary of the PM and temporary rental space
direct project overhead costs
Measures
done to ensure risk management practices are meeting it objectives
what does a learning curve tell management
each time the ouput quantity doubles, the unit labor hours are reduced at a constant rate
Plan-driven development is based on........
engineering project management techniques
resource shortages, whether in the form of people, equipment, or materials, can extend original estimates is an example of which reason to refine estimates
normal conditions do not apply
Mitigation Planning occurs when...
occurs after analysis of probability, risk, and speed of onset.
insurance
protection against possible financial loss
risk statement
provides a unique, succinct, and meaningful descriptor of a risk
Communication
provides guidance for conveying risk information to collaborators, partners, subcontractors, suppliers, customers, and other stakeholders
Risk evaluation
provides measures for analyzing probability impact, and risk exposure
design flaws are revealed after the fact, extreme weather conditions occur, accidents happen is an example of which reason to refine estimates
things go wrong on projects
Design flaws being revealed after the fact, extreme weather conditions, and accidents occurring are examples of:
things going wrong on a project
medical payments coverage
this pays the costs of minor accidental injuries to visitors on your property
what is the collection and archival of data on past project estimates and actuals
time and cost databases
estimates made by top managers who have very little knowledge of component activities used to complete the project
top-down estimates
usually derived from someone who uses experience and or information to determine the project duration and total cost
top-down estimates
assess risk
transform the concerns people have into distinct, tangible risks that are explicitly documented and analyzed
known unknowns
uncertainties that we know exist but we don't know much about their probability or impact
testing and installation 30-40
unit, integration white-box, black box regression
Worksheet
updates can include new fields, additional names of participating groups and individuals, changes in criteria
Which guideline allows for a better chance of being reasonable and realistic when several people with relevant experience and or knowledge of the task are used.
use several people to estimate
Democratic team
Group of egoless programmers working together
Software development
Where software is designed and programmed
Software evolution
Where software is modified as needs/requirements change
Domain
Where the product will be used
The slides list seven questions that help to identify the risks due to the customer. List them. 1) Have you Wo_?_ with the customer in the past? 2) Has the customer agreed to spend Ti_?_ with you? 3) Does the customer have a solid idea of Req_?_ 4) Is the customer willing to participate in Rev_?_ 5) Is the customer willing to let your Peo_?_ do their job? 6) Is the customer Tec_?_ sophisticated? 7) Does the customer understand the So_?_ En_?_ process?
Worked, Time, Requirements, Review, People, Technically, Software Engineering
Implementation workflow
Write the code to fulfill design workflow plans
Is testing expensive?
Yes, testing can make up to 40% of total costs
pure risk
a category of risk in which loss is the only possible outcome
condition
a circumstance with the potential to produce loss; a condition has no effect on performance absent the occurrence of the event
premium
a fee for insurance
potential event
a future occurrence that may or may not happen
assigned risk pool
a group of people who cannot get motor vehicle insurance who are assigned to each insurance company operating in the state
Risk exposure
a measure fo the magnitude of a risk based on current values of probability and impact, usually expressed qualitatively using a range of values, matrix used to derive this from the individual values of probability and impact
Work package estimates should be based on what kind of conditions
normal
Feature creep
A series of small, insignificant requests for additions to the requirements
Model
A set of UML diagrams that describe one or more aspects of a software product
Planning activities
At the start End of analysis Throughout the project
Team development
Hardware is getting better and cheaper, so software is getting more and more complex.
Chief programmer
Highly skilled, completely in charge and responsible for everything
What are project plan supplements?
- Configuration management plan - Deployment plan - Maintenance plan - Quality plan - Validation plan
Programming secretary
Highly skilled, maintains product library (versions, test data, etc)
Risk Identification
-Either by team or manager's experience -checklist is used: Technology People Organizational Tools Requirements Estimation
Test case
Id, title, conditions, steps and expected results
Use case
Identifies the actor in an interaction and the interaction itself
What are the planning stages?
1- proposal planning. 2- Project startup planning. 3- Development planning (Periodically throughout the project).
What are the 4 success criteria for project mngmt?
1. On time 2. On budget 3. Meet customer expectations 4. Satisfied team
Operational risk assessment
Life cycle risk, but also with environmental considerations
5 Management Activities
1. Project Planning 2. Reporting 3. Risk Management 4. People Management 5. Proposal Writing
3 Types of Risk
1. Project risk - affects the schedule/resources 2. Product risk - affects the quality/performance 3. Business risk - affects the org developing/procuring
Configuration management (2)
Losing track of changes and losing track of versions
Following FSOFT RADIO, who is responsible for reviewing estimation? A. Project QA Leader B. Project member C. Senior Manager D. Operation Manager
A
RUP benefits (2)
Lots of tools and focus on product quality
List 4 attributes of good software
Maintainability, dependability/security, efficiency and acceptability
Largest Cost in IT
Maintenance costs
When is the project plan created? what is its use?
At the start of a project, is used to communicate how the work will be done to the project team and customers, and to help assess progress on the project.
The Create WBS process identifies the deliverables at the____________________ level in the Work Breakdown Structure (WBS). A. Medium B. Average C. Lowest D. Highest
C
Adaptive maintenance
Changes to the system to make it work with environmental changes or new ways of doing things
Software change
Changing software to meet changing needs
When does a company need to underprice a system?
- A company may underprice a system to gain access to a new market area. - In order to gain a contract that allows them to retain staff for future opportunities.
Integration and configuration benefits (3)
Cheaper, less risky and faster to create
Abraham Maslow's need hierarchy
*bottom to top* 1. Physiological - food, sleep, sex, water, breathing, homoeostasis, excretion 2. Safety - security of: body, employment, family, morality, family, health, resources 3. Love/belonging - friendship, family, sexual intimacy 4. Esteem - self-esteem, achievement, confidence, respect of others, respect by others 5. Self-actualization - morality, creativity, spontaneity, problem-solving, lack of prejudice, acceptance of facts
What are the agiles planning stages?
- Release planning - Iteration planning
Proposal stage
- When you are bidding for a contract to develop or provide a software system. - planning may be necessary with only outline software requirements.
Development planning
- When you modify your plan in the light of experience gained and information from monitoring the progress of the work. - The project should be regularly amended as the project progresses and you know more about the software and its development.
In project activities, each activity has.....
- a duration in calendar days or months, - an effort estimate, which shows the number of person-days or person-months to complete the work, - a deadline by which the activity should be complete, - a defined end-point, which might be a document, the holding of a review meeting, the successful execution of all tests, etc.
What are the pricing strategies?
- under pricing - increased pricing
Project startup planning
- when you have to plan: 1- Who will work on the project 2- How the project will be broken down into increments. 3- How resources will be allocated across your company. - At this stage, you know more about the system requirements but do not have design or implementation information. - Create a plan with enough detail to make decisions about the project budget and staffing.
Managing People
-Job of the manager -people=most important asset of a company -poor people management=>Project failure
Risk Monitoring
-Regularly assessing the risks to decide if it is become less or more probable -Assess if effect of risk has changed
Group composition for an effective group?
-balance of all types of people -difficult to obtain as software developers are usually task-oriented -very imp to have interaction-oriented people in the group to detect and defuse tension
Characteristics of an informal group
-decisions are made by the group as a whole -group leader->external interface of the group -tasks are taken up by members depending on experience and ability -successful when all members are experienced and competent
Quality culture (3)
Check code, never add code that causes failures and fix problems as you see them
How to select the group members?
-group should be cohesive and organized properly -right mix of people with technical knowledge and personalities
What are the types of estimation techniques?
1 - Experience-based techniques 2- Algorithmic cost modeling
What does project planning involve?
1- Breaking down the work into parts. 2- Assign these to project team members. 3- Anticipate problems that might arise and prepare tentative solutions to those problems.
What are the scheduling problems?
1- Estimating the difficulty of problems and hence the cost of developing a solution is hard. 2- Productivity is not proportional to the number of people working on a task. 3- Adding people to a late project makes it later because of communication overheads. 4-The unexpected always happens. Always allow contingency in planning.
What are the factors affecting software pricing?
1- contractual terms 2- cost estimate uncertainty 3- financial health 4- market opportunity 5- requirements volatility
What are the project scheduling activities?
1- split project into tasks and estimate time and resources to complete each task 2- Organize tasks concurrently to make optimal use of workforce. 3- Minimize task dependencies to avoid delays caused by one task waiting for another to complete. 4- Dependent on project managers intuition and experience.
3 Types of motivation
1. Basic needs (food, sleep etc) 2. Personal needs (respect, self-esteem etc) 3. Social needs (feel accepted by the team)
Characteristics of a good group?
1. Cohesive 2. has team spirit
4 critical factors in people's management
1. Consistency in fairly treating individuals 2. Respect 3. Inclusion 4. Honesty
Extreme programming
1. Develop stories the client would like to support 2. Estimate cost of each 3. Client determines which to develop using cost-benefit analysis 4. Build is broken into tasks 5. Select tests for each task 6. Programmers work in pairs, alternating typing / watching every 15 to 20 minutes 7. Partners are rotated daily
4 advantages of cohesive group
1. Group quality stds are developed 2. Team members learn from each other 3. Knowledge is shared 4. Refactoring and continual improvement (fixing the code irrespective of who created it first)
5 Factors affecting Effectiveness and Efficiency of group communication
1. Group size: small>large 2. Group structure: informal>hierarchical 3. Group composition: different personalities, mixed>single sex 4. Physical work environment 5. Availability of communication channels
Strengths of iteration and incremntation
1. Multiple opportunities for checking correctness 2. Opportunity to determine robustness of architecture early 3. Mitigate risks early 4. Working version of the software at each increment 5. Empirical evidence that the life cycle is effective
Synchronize and stabilize
1. Pull requirements 2. Write spec 3. Divide work into three or four builds 4. Carry out each build with small teams 5. Synchronize at the end of the day 6. Stabilize at the end of each build
Classical Life-cycle aka Waterfall model
1. Requirements 2. Analysis 3. Design 4. Implementation 5. Post-delivery maintenance 6. Retirement
4 Activities of risk management process
1. Risk identification 2. Risk analysis 3. Risk planning 4. Risk monitoring
3 factors affecting group work
1. Selection: select diverse mix of people 2. Organization: organize the group optimally 3. Communication: good communication
How to provide satisfaction to employees?
1. Social -provide communal facilities -allow informal communication (social n/w) 2. Esteem -recognize achievements -appropriate rewards 3. Self Realization -training -responsibility
3 Unique distinctions about software management
1. Software is intangible- Manager cannot see the progress just by looking at the artefact being developed 2. Software products are one-off - experienced managers can also not anticipate problems 3. Software development process is variable and is company specific- cannot reliably predict when a s/w may cause development problems
Motivation should take into account personality types also. What are these?
1. Task-oriented - motivation for work is work itself 2. Self-oriented - motivation for work is achieving individual goals 3. Interaction-oriented - motivation for work is presence and actions of co-workers
Group organization affects:
1. decisions made by the group 2. way information is exchanged b/w the group 3. interaction b/w the dev group and external stakeholders
Problems with group composed of people sharing same motivation
1. task-oriented: everyone wants to do their own thing 2. self-oriented: everyone wants to be the boss 3. interaction-oriented: too much chatting, no work
what is the preparation costs of top-down estimates
1/10 to 3/10 of a percent of total project cost
Risk Analysis Table
3 columns: 1. Risk 2. Probability- Very low, low, moderate, high, very high 3. Effect- Insignificant, Tolerable, Serious, Catastrophic
what is the preparation costs of bottom-up estimates
3/10 of a percent to 1% of total project costs
"Mr. Bao - Project Manger has 2 years experience in working with the customer and his project rank is C. The project QA says that Bao can approve the project estimation/schedule instead of the Delivery Head/SM. If you were Bao, what would you do?" A. Follow QA guideline and get approval for this tailoring B. Request Senior Manager to approve the estimation as normal C. Follow QA guideline and no need to do anything more D. None of the answer
A
"The key benefit of creating WBS is that ________________________ ." A. It provides a structured vision of what has to be delivered. B. It provides a set of conditions that is required to be met C. It provides type of requirements need to be collected D. It provides a change or deviation from the scope baseline
A
"The requirement traceability matrix helps to detect ________________________ ." A. The impact of any change or deviation from the scope baseline on the project objectives. B. Which type of requirements need to be collected for the project. C. The work that must be performed to complete one or two functions D. A set of conditions that is required to be met before deliverables are accepted
A
If resources are assigned to the tasks, what may the Project Manager cause when shortening the duration of tasks on the critical path? A. Resource over allocated on fixed-work tasks B. Nothing happens C. The finish date of the schedule occurs sooner D. None of the answer
A
If you use the bottom-up method, what risk may you face? A. Omit some important activities in the list of tasks B. No risk C. The accuracy of estimation is low D. None of the answer
A
In Guideline_Use Case Points Estimation, what does UUCP stand for? A. Unadjusted use case points B. Unplanned use case points C. Undefined use case points D. None of them
A
Prototyping is a method of obtaining early feedback on requirements by________________________. A. Providing a working model of the expected product before actually building it B. Providing a working model of the expected product after actually building it C. Providing a picture of the expected product before testing it D. Providing a picture of the expected product after testing it
A
Requirements can be grouped into some classifications, one of them is project requirements. What does project requirements describe? A. The actions, processes, or other conditions the project needs to meet B. The behaviors of product, data, interactions with product C. The temporary capabilities, data conversion & training requirements D. The higher-level need of organization as a whole
A
What is Acceptance criteria? A. A set of conditions that is required to be met before deliverables are accepted B. A set of risks that is required to be included in project deliverables C. A set of issues that is required to be detected in project execution D. A set of bugs that is required to be found in products
A
What is the definition of critical dependencies? A. Work products/work interfaces provided by project interfaces and have significant effect on the project B. Those elements that affect the scheduling of an item C. Both A&B are correct D. Both A& B are not correct
A
What is the key advantage of the bottom-up approach? A. It does not require explicit size estimates for the software B. It requires a list of project tasks C. Both A &B are correct D. Both A & B are not correct
A
Which is a TRUE statement? A. Software estimation should be utilized throughout the life cycle of a project B. Software estimation shouldn't be changed throughout the life cycle of a project C. Software estimation should only be implemented at the beginning of the project D. None of the answer
A
Which of the following are NOT Function Types used in the FP Analysis Technique ? A. Internal Inquiries B. External Inquiries C. Logical Internal Files D. External Interface Files
A
Which schedule compression technique often results in increased costs, and may increase risk, trades time for money? A. Crashing B. Fast-tracking C. Resource Modeling D. Schedule Compression
A
You are collecting requirements for your project. What will you obtain from Project Charter? A. The high-level description of the product, service, or result of the project so that detailed requirements can be developed. B. The detailed description of the product, service, or result of the project C. The impact of any change or deviation from the scope baseline on objectives. D. The work that must be performed to complete one or two functions
A
________________________ identified with the project scope statement list & describe the specific internal or external restrictions or limitations associated with the project scope, the effect, the execution of the project. A. Constraints B. Assumptions C. Dependencies D. Requirements
A
____________________________technique involves taking critical path activities that were originally planned in a series & doing them instead in parallel for some or all of their duration. A. Fast-tracking B. Crashing C. Resource Modeling D. Schedule Compression
A
Activity model
A behavioral model to show what happens to the system as a response to stimulus
Contractual terms
A customer may be willing to allow the developer to retain the ownership of the source code and reuse it in other projects. The price charged may then be less than if the software source code is handed over to the customer.
Market opportunity
A development organization may quote a low price because it wishes to move into a new segment of the software market. Accepting a low profit on one project may give the organization the opportunity to make a greater profit later. The experience gained may also help it develop new products.
Regression fault
A fault inadvertently introduced into one part of a product as a consequence of making an apparently unrelated change to another part of the product.
Quality reviews
A group of people who examine part or all of the software and it's documentation, review everything
Miller's law
A human can only concentrate on seven chunks of information at once.
Codeline
A sequence of source code versions, each deriving itself from an earlier version
Software risk impact assessment should focus on the consequences affecting: A) Planning, resources, cost, schedule B) Marketability, cost, personnel C) Business, technology, process D) Performance, support, cost, schedule
A) Planning, resources, cost, schedule
Which of the following common risk are associated with the overall size of the software to be built or modified. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience
A) Product size
Reasons why estimating time and cost are important include all of the following except:
A) To schedule work B) To determine how long the project should take and cost C) To develop cash flow needs D) To determine how well the project is progressing E) All of the above are valid reasons E) all of the above
Which of the following is not one of the recommended guidelines for developing useful work package estimates?
A)Estimates should be made by those responsible for the work B) Use several people to estimate the same work C) Estimates should be based on normal conditions D) Estimates should include a normal level of contingency E) Estimates should be independent of other projects D) estimates should include a normal level of contingency
Initial maturity
Ad hoc, responsive to crisis
Traceability
All artifacts must trace back to a requirement artifact
Technical milestone: OO analysis completed
All classes and the class hierarchy have been defined and reviewed. Class attributes and operations associated with a class have been defined and reviewed. Class relationships (Chapter 8) have been established and reviewed. A behavioral model (Chapter 8) has been created and reviewed. Reusable classes have been noted.
User testing (3)
Alpha, beta and acceptance testing
Verification
Check software meets it's stated requirements
Scrum
An agile method focusing on managing iterative development, where teams are cross-functional
Object-oriented paradigm
An approach to programming that focuses on the manipulation of objects rather than on the generation of procedure-based code.
What is plan-driven or plan-based development?
An approach to software engineering where the development process is planned in detail. Plan-driven development is the traditional way of managing large software development projects.
Validation
Checks software matches the customers expectations
User
An individual who will be interacting with a completed software product
Developer
An individual who writes code and creates the software product
Business case
Analysis of whether the product will be cost-effective, on-time, and what risks might be involved . Can include cost-benefit analysis or revenue projections
Analysis workflow
Analyze and refine requirements, create UML diagrams, SPMP
Analysis phase
Analyze requirements Draw up formal spec Draw up the SPMP
System stakeholder
Anyone who is affected by the system
Product standards
Applies to all aspects of software, including documentation
Process standards
Applies to processes
Design Phase
Architectural design Break down into components Detailed design
Creating secure software (3)
Architectural design, good practice and design for deployment
Change management
Assessing proposed changes and deciding if they are worth implementing or not
Security risk assessment (4)
Asset identification, asset value assessment, exposure assessment and threat identification
Risk planning (3)
Avoidance, minimization and contingency methods
"If the team is decomposing work packages into the activities required to produce them, they are in ____________________ ." A. Create WBS process B. Define Activities process C. Develop Schedule process D. Control Schedule process
B
"The requirement management plan provides ________________________ throughout the Collect Requirements process to define & document the stakeholder needs." A. The functions that will be analyzed B. The processes that will be used C. The features that will be managed D. The quality that will be met
B
"Which estimation method is the base of the Use Case Points Approach?" A. WBS method B. Functional Points method C. None of the answer D. Both A & B are correct
B
After calculating the size, cost, schedule and resources, what should the Project Manager conduct? A. Do nothing B. Do risk assessment C. Send estimation to reviewers D. None of the answer
B
At step "Weighting Environmental Factors" in the UCP estimation, what information should you consider? A. The technical complexity of the project B. The experience level of the people on the project C. Both A & B are correct D. Both A & B are not correct
B
Deliverables that meet the________________________ are formally signed off & approved by the customer or sponsor. A. Timeliness B. Acceptance criteria C. Budget Plan D. Traceability Matrix
B
How does the accuracy of the estimate change throughout the life cycle of a project? A. No change B. Increase C. Decrease D. None of the answer
B
Requirements include the quantified & documented needs & expectation of the____________________________ . A. Sponsor & project manager B. Sponsor, customer, and other stakeholders C. Vendors & sub-contractors D. PM, Developers & Testers
B
The WBS is a________________________ of the work to be executed by the project team and defines the total scope of the project. A. Vertical decomposition B. Hierarchical decomposition C. Horizontal decomposition D. Critical decomposition
B
The________________________ is sometimes viewed as including____________________________ . A. Product scope, project scope B. Project scope, product scope C. Project tools, project scope D. Project techniques, product scope
B
Which approach is used for the WBS estimation methods ? A. Top-down approach B. Bottom-up approach C. Expert judgement D. Alternative analysis
B
Which metric provides information on how well the size estimation is performed? A. Productivity B. Size deviation C. Effort Efficiency D. Effort Effectiveness
B
Which of the following tool/ technique will be used to define scope? A. Speaking & Talking B. Facilitated workshops C. Listening & Hearing D. Bookmarks
B
Which schedule compression technique often results in rework, usually increases risk, and requires more attention to communication? A. Crashing B. Fast-tracking C. Resource Modeling D. Schedule Compression
B
Which technique involves adding or adjusting resources in order to compress schedule while maintaining the original project scope? A. Fast-tracking B. Crashing C. Resource Modeling D. Schedule Compression
B
Who is responsible for making estimation? A. All Project members B. Project Manager C. Senior Manager D. Project Managers & Team Leaders
B
You are creating WBS for your project. Which of the following organizational process asset could influence on your WBS? A. Lessons learned from holidays B. Lessons learned from previous projects C. Lessons learned from drinking beer D. Lessons learned from writing a book
B
You are managing project in coding phase & customer ask to add some changes in GUI of website homepage. When implementing & managing the actual changes, you also manage their integration with the other control processes. What are you doing? A. Validate scope B. Control scope C. Define scope D. Check scope
B
Which of the following common risk are associated with the constraints imposed by management or the marketplace. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience
B) Business impact
Risk tables are sorted by: A) Probability and cost B) Probability and impact C) Probability and size D) Probability and exposure
B) Probability and impact
Three major categories of risks are: A) Business risks, personnel risks, budget risks B) Project risks, technical risks, business risks C) Planning risks, technical risks, personnel risks D) Management risks, technical risks, design risks
B) Project risks, technical risks, business risks
........... are the most commonly used representation for project schedules.
Bar charts
Repeatable maturity
Basic management, measurements are taken, problems addressed as they arise
Why is project management needed?
Because a project is subject to budget and schedule constraint set by org developing the software
Iteration and incrementation model
Beginning with the most important features of a system, then gradually adding in less important features with each iteration.
Software standards benefits (3)
Best practice, framework for defining quality and continuity
The slides list 8 questions that help to identify risks due to staff/people risk. List them. 1) Are the Be_?_ people available? 2) Does staff have the R_?_ skills? 3) Are enough Pe_?_ available? 4) Are staff Com_?_ for entire duration? 5) Will some people work Pa_?_ time? 6) Do staff have the right Exp_?_ 7) Have staff received necessary Tra_?_ 8) Will Tu_?_ among staff be low?
Best, Right, People, Committed, Part, Expectations, Training, Turnover
What influence the price charged?
Broader organisational, economic, political and business considerations influence the price charged.
"Choose the right order for the following activities in the software estimation process: 1. Estimate schedule 2. Estimate size 3. Estimate resources 4. Estimate cost and effort" A. 1-2-3-4 B. 2-1-4-3 C. 2-4-1-3 D. 2-4-3-1
C
"In project context, the term Scope can refer to ________________________ ." A. Product scope only B. Project scope only C. Product scope & Project scope D. Project tools & techniques
C
"Organization's culture________________________ the Plan Scope Management process." A. Can overlap B. Can not overlap C. Can influence D. Can not influence
C
"The scope management plan can be ________________________ ." A. Formal only B. Informal only C. Formal or informal D. Excel only
C
"What should be the appropriate level to do the Use Case Point estimation ?" A. Summary goal level B. Sub-function level C. User goal level D. Activity level
C
"You are determining, documenting & managing stakeholder needs & requirements to meet project objectives. What are you doing?" A. Analyze requirements B. Creating SRS C. Collect requirements D. Creating traceability matrix
C
A________________ can be used to group the activities where work is scheduled & estimated, monitored, and controlled. A. Behavior package B. Issue package C. Work package D. Resource package
C
Control Quality is generally performed____________________ Validate Scope. A. After B. Just one day after C. Before D. Just one day before
C
Early in the project, How large a variance between two estimates is acceptable? A. 10% B. 15% C. 20% D. 25%
C
Following FSOFT RADIO, who is responsible for estimation approval? A. Project QA Leader B. Project Manager C. Senior Manager D. Operation Manager
C
How long will this project take? (Image_Time1.jpg)" A. 15 B. 16 C. 17 D. 19
C
How many person-hours per UCP does the UCP method suggest to use for a project estimate? A. 10 person-hours per UCP B. 15 person-hours per UCP C. 20 person-hours per UCP D. 25 person-hours per UCP
C
If the data source to refer is not available at estimation time, what should the Project Manager do? A. The Project manager can base the estimation on industry standards or suggestions from an experienced person B. Get approval from FSU Delivery Head before applying data that does not exist in PCB C. Both A & B are correct D. Both A & A are not correct
C
Requirement should be________________________ . A. Short & easy to guess B. Long & complex C. Measurable & testable D. Functional only
C
The Project Manager cannot use the standard method to estimate the Project size. What should the PM do? A. Record the instruction for size estimation and get approval by FSU Delivery Head B. Get approval for this tailoring C. Both A & B are correct D. No need to do anything
C
Verified deliverables are project deliverables that are completed & checked for____________________ through the Control Quality process A. Weakness B. Performance C. Correctness D. Timeliness
C
What are the types of project context factors? A. Project life cycle coverage factors B. Project specific assumption factors C. Both A & B are correct D. Both A & B are not correct
C
What is product scope? A. The quality objectives that characterize a product, service, or result B. The activities to implement project as a whole C. The features & functions that characterize a product, service, or result D. The work that must be performed to complete one function
C
What is the recommended size for a Work package at the bottom level of the WBS ? A. 10-15% of total effort B. 5-10% of total effort C. 0.5 - 2% of total effort D. Less than 0.5% of total effort
C
When the scope validation is performed by the project team & other stakeholders, which of the following technique could be used to reach a conclusion? A. Inspection B. SWOT Analysis C. Group Decision-Making D. Brainstorming
C
Which is additional activity involved in controlling the schedule? A. Inspect deliverables B. Review project Chapter C. Follow the change control process D. Q-up
C
Which of the following approach(s) could be used to create WBS structure? A. Top-down approach only B. Bottom-up approach only C. Top-down & Bottom-up approach D. Top-up & Bottom-down approach
C
Which of the following common risk are associated with the sophistication of the customer and the developer's ability to communicate with the customer in a timely manner A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience
C) Customer characteristics
Hazard analysis focuses on the identification and assessment of potential hazards that can cause: A) Project termination B) Schedule slippage C) External problems D) Entire system to fail
C) External problems
Risk projection attempts to rate each risk in two ways: A) Likelihood and size B) Likelihood and probability C) Likelihood and impact D) Likelihood and mitigation
C) Likelihood and impact
Software risk always involves two characteristics: A) Fire fighting and crisis management B) Known and unknown risks C) Uncertainty and loss D) Staffing and budget
C) Uncertainty and loss
The slide lists 2 questions that help to identify risks due to development environment. List them. 1) Are Ca_?_ To_?_ used for analysis, design, and testing? 2) Are the tools Int_?_ with one another
CASE Tools, Integrated
COSO vs ISO 31000
COSO is more compliance oriented and maximizes owners'/shareholders' equity, ISO 31000 is more proactive and applicable to a broader range of orgs and maximizes across a range of org stakeholders
COCOMO stands for............
COnstructive COst MOdeling
Configuration management (4)
Change management, version management, system building and release management
Software evolution process (5)
Change requests, impact analysis, planning, implementation and release
Adaptive maintenance
Change the product to adapt to changes in the environment. May change spec
Perfective maintenance
Changes made to a system to add new features or to improve performance.
Perfective Maintenance
Changes that will improve the product — enhancements & upgrades. Changes spec
Waterfall model weaknesses
Client cant understand spec docs, so finished product might not meet needs
Egoless programming
Code belongs to the team, and members are encouraged to find faults
Benefits of TDD (4)
Code coverage, regression testing, simplified debugging and system documentation
Implementation Phase
Coding Unit testing Integration Acceptance testing Deploy to production environment
Requirements specification
Collating requirements into a requirements document
Define software project management
Collection of activities that ensure the project is delivered on time, on schedule and meet the requirements of the organizations developing and procuring the software
Team issues
Communication challenges Interpersonal problems Implementation inconsistencies
Factors of release planning (4)
Competition, marketing requirements, platform changes and technical quality of the system
Elaboration phase deliverables
Completed domain model Completed business model Completed requirements Competed analysis Updated architecture Updated risks SPMP Completed business case
System building
Completing an executable system
Release components (5)
Configuration files, data files, installation program, documentation and packaging
Refactoring
Constant code improvement
Non-functional requirements
Constraints on a system being developed. Such as the system having a short response time
Domain requirements
Constraints on the system from the domain of operation
Leham's laws (4)
Continuing change, increasing complexity, large program evolution and organizational stability
Optimizing maturity
Continuous process development. Statistics used, and process is better every time
Post-Delivery Maintenance
Corrective maintenance Perfective maintenance Adaptive Maintenance
C___. Which of the four major risk components would be the degree of uncertainty that the project budget will be maintained.
Cost
___. The Risk Exposure = P x c. C is the _?_ to the project should a risk occur
Cost
Model-driven engineering
Creating models, rather than software, programs are then generated from the models
Security engineering
Creating more secure systems
Rapid prototyping
Creating working models that are equivalent to some small part of the product.
Agile principles (5)
Customer involvement, incremental delivery, people not process, embracing changes and maintaining simplicity
Challenges in requirements gathering (4)
Customers don't know what they want, requirements change and customers don't clearly portray their requirements
"Effort to control schedule when the project is using a change-driven approach such as Agile includes ____________________ ." A. Quality Up activities B. Critical Chain C. Create WBS D. Identifying & managing changes as they arise
D
"Expert Judgment technique in Plan scope management process refer to input received from ________________________ ." A. Younger members of project B. Older members in project C. Unprofessional parties D. Knowledgeable & experienced parties
D
"How long will this project take? (Image_Time2.jpg)" A. 17 B. 16 C. 15 D. 14
D
"Which one is NOT included in a Software Estimation Record?" A. Estimation method used B. Size C. Risk of the estimation D. Resource assignments
D
Control scope is the process of monitoring the status of the project & product scope and managing changes to____________________________ . A. Risk baseline B. Schedule baseline C. Booking baseline D. Scope baseline
D
Project A has scope: DDD, Coding, Unit test. The Project Manager did the estimation version 1.0 in the Planning phase. When should the Project Manager re-estimate? A. Once design is completed B. Once code is completed C. Once change requests are received D. All of the answers
D
Project team may attend________________________ to develop the scope management plan. A. Review SRS B. Review Design C. Review Test case D. Project meetings
D
The completed deliverables that have not been formally accepted may require________________________ for defect repair. A. A formal risk B. A formal letter C. A bug list D. A change request
D
The scope management plan helps reduce the risk of________________________ . A. Project time creep B. Project cost creep C. Project quality creep D. Project scope creep
D
Well-documented requirements make it easier to detect any____________________ agreed for the project or product. A. Deviation in the process B. Deviation in the time C. Deviation in the cost D. Deviation in the scope
D
What CANNOT be shown in a Network diagram? A. The Critical path B. The dependencies between activities C. The sequence of activities D. Who will perform the activities
D
What are infrastructure resources? A. Computer memory capacity B. Computer processor use C. Communications channel capacity D. All of the answers
D
What are the examples of time and date constraints? A. Activity cannot take longer than a certain amount of time B. Activity must start/end by a certain date C. Activity must/cannot take place on certain days or dates or during certain times D. All of the answers
D
What information does a software estimation record have? A. Estimation method used B. Size C. Resource D. All of the answers
D
What is the purpose of estimation validation? A. To ensure that assumptions made for the estimate are accurate B. To ensure that methods used to develop the estimate were appropriate C. To ensure all risks have been identified D. All of the answers
D
What methods can you use when you estimate the infrastructure resource? A. Historical experience B. Simulations C. Prototyping D. All of the answers
D
An effective risk management plan will need to address which of the following issues? A) Risk avoidance B) Risk monitoring C) Contingency planning D) All of the above
D) All of the above
Which of the following common risk are associated with the software process has been defined and is followed by the development organization. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience
D) Process definition
Software specification?
Define the software to be produced and the constraints
Questions that should be asked to assess the overall project risk include: A) Have top managers formally committed to support the project? B) Are end-users committed to the project and proposed system being built? C) Are requirements fully understood by development team and customers? D) Does the proposed budget have time allocated for marketing? E) a, b and c
E) a, b and c
Increments
Each increment is a small version of the waterfall life cycle
Technical milestone: OO programming completed
Each new class has been implemented in code from the design model. Extracted classes (from a reuse library) have been implemented. Prototype or increment has been built.
What are the pros of plan-driven development?
Early planning allows organizational issues to be closely taken into account, and that potential problems and dependencies are discovered before the project starts.
Benefits of information hiding
Easier to maintain (changes only needed in one place) Development is more intuitive More independent components are more reusable
Code-and-fix strengths
Easy Generates code quickly
Test workflow
Ensure correctness of all artifacts
Transition phase
Ensure needs are met
Inception testing
Ensure the requirements are correct
The slides list 5 questions that help to identify risks due to process definition and maturity. List them. 1) Have you Est_?_ a common process framework? 2) Is it followed by Pr_?_ teams? 3) Do you have a management Su_?_ for Software Engineering? 4) Do you conduct formal Te_?_ Reviews? 5) Have document For_?_ been established?
Established, Project, Support, Technical, Formats
Requirements engineering
Establishing customer requirements and the constraints of the system
What does project pricing involve?
Estimating how much the software will cost to develop, taking factor such as staff cost, hardware costs, software costs into account.
Types of software change (3)
Evolution, servicing and phase-out
Software inspections
Examining the system to discover defects
Inception analysis
Extract information needed to design architecture
(T/F) Generic risks require far more attention than product-specific risks
F
(T/F) Proactive risk management is sometimes described as fire fighting.
F
(T/F) Risk monitoring involves watching the risk indicators defined for the project and not determining the effectiveness of the risk mitigation steps themselves.
F
Which of the following common risk are associated with the complexity of the system to be built and the "newness" of the technology that is packaged by the system. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience
F) Technology to be built
Fault
Failure
Types of maintenance (3)
Fault repairs, environmental adaption and functionality addition
Design workflow
Figure out how the product will fulfill refined requirements. Keep detailed records of all decisions
Transition deliverables
Final versions of all artifacts Final versions of all manuals
Requirements Phase
Find the client requirements Understand what the user needs
Corrective maintenance
Fix faults
3 types of group organization
For: 1. small projects - informal 2. large projects - hierarchical 3. agile projects - informal
Software quality management (3)
Framework, processes and planning
Defined maturity
Fully documented, continually improving, reviews are used and CASE environments used
Which of the following common risks are associated with the overall technical and project experience of the software engineers who will do the work. A) Product size B) Business impact C) Customer characteristics D) Process Definition E) Development environment F) Technology to be built G) Staff size and experience
G) Staff size and experience
Focus groups
Getting people to think about and discuss an issue
UML
Go look it up bruh
Problems with the classical paradigm
Good for small systems Hard to maintain Deals with data or operation, but not both
Spiral model benefits (2)
Good risk management and good monitoring of project
Key determinant of group performance?
Group interaction
Cost estimate uncertainty
If an organization is unsure of its costs, it may increase its price by a contingency over and above its normal profit.
Requirements volatility
If the requirements are likely to change, an organization may lower its price to win a contract. After the contract is awarded, high prices can be charged for changes to the requirements.
Code-and-fix model
Implement the idea without requirements, specification or design
Change management (4)
Implementation analysis, cost analysis, modify software and test software
What is meant by group cohesiveness?
In a cohesive group, members consider the group to be more important than any individual in it.
Test-driven development (TDD)
Interleaving testing and code development. Testing code as it is written
Kaplan and Mike's categories of risk
Internal and Preventable. Strategy. External.
Individual interviews
Interviews with stakeholders
Standards development (2)
Involve practitioners and review regularly
What is project scheduling?
Is the process of deciding how the work in a project will be organized as separate tasks, and when and how these tasks will be executed.
Backup programmer
Just as good as chief, plans tests and other things independent of design
Version management
Keeping track of different versions of software components, also ensuring non-conflicting modifications
The slides list seven attributes that affect the risk due to product size. List them. 1) Estimated size of the product in L_?_ or FP 2) Estimated size of product in number of Pro_?_ files, transactions 3) Percentage Dev_?_ in size of product from average for previous producs 4) Size of Dat_?_ created or used by the product 5) Number of Us?_ of the product 6) Number of projected Ch_?_ to the requirements for the product 7) Amount of Reu_?_ software
LOC, Programs, Deviation, Database, Users, Changes, Reused
Validation
Meeting customer expectations
Verification
Meeting requirements
Spiral model
Minimize risks by the repeated use of prototypes and other means
Interaction models
Modeling user interactions of a system
Software maintenance
Modifying a program after it has been put into use
Software Depression
Most software is late, wrong, faulty, or over-budget.
What is motivation balance? How does it change?
Motivation is made up of many elements. It is balanced based on these elements. Factors that change the balance: 1. Personal circumstance 2. External events 3. being a part of group or culture
What does motivation mean?
Motivation means to organise work and work environment in a way that it encourages people to work more efficiently
Strengths of iterative and incremental model
Multiple opportunities to check Checks the architecture early Mitigates risks early Working version at every increment Empirical evidence its effective
Distributed VM
Multiple versions of the same repository
Caveats to the object-oriented paradigm
Must be implemented well in order to be effective Best approach we have now, but it is likely to be replaced by a better paradigm in the future.
CM planning (4)
Naming scheme, responsibilities, policies and tools
Reasons for software change (3)
New requirements, errors and a changing business environment
The slides list 9 questions that help to identify risks due to technology risks. List them. 1) Is the technology Ne_?_ to your organization? 2) Are new Alg_?_ I/O technology required? 3) Is new or unproven Har_?_ involved? 4) Is a specified user Int_?_ required? 5) Is the application Rad_?_ different? 6) Are you using new So_?_ En_?_ methods? 7) Are you using Unc_?_ software development methods? 8) Are there significant Per_?_ constraints? 9) Is there doubt the functionality requested is Do_?_
New, Algorithms, Hardware, Interface, Radically, Software Engineering, Unconventional, Performance, Do-able
Inception implementation
No programming, but sometimes there is a proof-of-concept prototype
Is it possible to assemble an ideal team? Why?
No! Constraints on team selection: 1. budget does not allow highly paid staff 2. people with appropriate experience not available 3. org may want to develop employee skills on a s/w project
Can a group be created flexibly?
No! The flexibility in group composition is LIMITED! Manager works with the best he can with available people.
Idealized software development
Nothing - Requirements - Analysis - Design - Implementation
Ethnography
Observing others to gather requirements
Software inspection vs. software testing
One is static, the other is dynamic
Centralized VM
One master repository
Software requirements document
Outlines what the system should do, not how to do it
Open source software
Software that is developed by usually-unpaid individuals on a volunteer basis, where the source code is visible and it is provided free of cost.
Per___. Which of the four major risk components would be the degree of uncertainty that the product will meet its requirements and be fit for its intended use.
Performance
Waterfall model
Plan-driven, distinct phases
Agile processes
Planning is incremental
Project management activities (3)
Planning, risk management and people management
Protection (3)
Platform-level, application-level and record-level protections
Maintenance plan
Predicts the maintenance requirements, costs and effort.
Security risk management (3)
Preliminary, life cycle and operational risk assessments
In _?_ (Proactive/Reactive) Risk Management, a formal risk analysis is performed.
Proactive
In _?_ (Proactive/Reactive) Risk Management, the organization corrects the root causes of risk.
Proactive
___. The Risk Exposure = P x C. P is the _?_ of occurrence for a risk.
Probability
Incremental problems (2)
Process is not visible and system degrades as software becomes more complex
Plan-driven processes
Processes where everything is planned for in advance
Construction phase
Produce the operational-quality version of the software product
Non-functional classifications (3)
Product, organizational and external
Risk Analysis and Management should be done b everyone in the software process. The participant list for Risk Analysis and Management should include: 1) Pr____ Ma___ 2) So___ En___ 3) Sta___
Project Managers, Software Engineers, Stakeholders
Risk types (3)
Project risks, product risks and business risks
Which planning stage is the basis for project resource allocation?
Project startup planning.
Which planning stage should define project monitoring mechanisms?
Project startup planning.
Architectural design
Protecting assets and minimizing the effectiveness of attacks
Regression test
Provides evidence that we have not unintentionally changed something that we did not intend to change.
Incremental benefits (3)
Rapid, feedback and the cost of changing requirements is less
In _?_ (Proactive, Reactive) Risk Management is a fix on failure approach; resources are found and applied when the risk strikes.
Reactive
In _?_ (Proactive/Reactive) Risk Management, the project team reacts to risk when they occur
Reactive
In _?_ (Proactive/Reactive) Risk Management, the project team uses a mitigation plan; mitigation means to reduce or alleviate the intensity by adding additional resources in anticipation of fire fighting
Reactive
The slides describe two major strategies for Risk Management. They are: 1) Re_?_ Risk Management 2) Pr_?_ Risk Management
Reactive, Proactive
What does a project plan record?
Records: - The work to be done - Who will do it - The development schedule _ The work products
The first goal of software engineering
Reduce maintenance cost.
Elaboration phase
Refine initial requirements, architecture, business case, risks, SPMP
Corrective Maintenance
Removing residual faults. Does not change functionality or spec.
Project management activities (2)
Reporting and proposal writing
Use case modelling
Represents a task that involves an external interaction with a system, actors can be people or other systems
Some risks (4)
Requirement change, people leaving, time underestimations and budget underestimations
Workflows of the unified process
Requirements Analysis Design Implementation Testing
Phases in waterfall (5)
Requirements analysis and definition, system design, implementation and unit testing, integration and system testing and operation and maintenance
Requirements engineering process (4)
Requirements elicitation, requirements analysis, requirements validation and requirements management
Requirements validation (2)
Requirements reviews and prototyping
Requirements verification
Requirements should be verifiable
Functional requirements
Requirements that describe the functionality of a system
Implementation issues (3)
Reuse, configuration management and host-target development
Reuse
Reusing of existing software
The slides list nine attributes that affect the risk due to business impact. List them. 1) Affect of this product on company Rev_?_ 2) Visibility of this product by Sen_?_ management 3) Feasonableness of Del_?_ deadline 4) Number of Cu_?_ who will use this product 5) Soph_?_ of end users 6) Amount and quality of product Doc_?_ that must be produced and delivered to the customer 7) Costs associated with La_?_ delivery 8) Gov_?_ constraints 9) Consts associated with a Def_?_ product
Revenue, Senior, Delivery, Customers, Sophistication, Documentation, Late, Government, Defective
Software reengineering
Rewriting a legacy system without changing it's functionality
A R_?_ is a potential problem that "might happen" and "might not". Regardless of the outcome, it is a really good idea to identify it.
Risk
Life Cycle risk assessment
Risk assessment taken place during as software is developed
Spiral model
Risk driven. Risks are outlined, analyzed and managed.
Risk management (4)
Risk identification, risk analysis, risk planning and risk monitoring
What is risk? What is risk management?
Risk is the probability that some adverse circumstance will occur. Risk management is a set of activities to lower the risk
-continuously assessing what could go wrong - determining which risks to address -implementing actions to addressing high-priority risks and bing those risks within tolerance
Risk management provides a disciplined environment for what three things?
Quality attributes (5)
Safety, security, reliability, reusability and efficiency
Sch___. Which of the four major risk components would be the degree of uncertainty that the project schedule will be maintained and that the product will be delivered on time.
Schedule
What should be revised at development planning stage?
Schedule, cost-estimate and risks have to be regularly revised.
The project scheduling process
See the figure in slide 21
Timeboxing
Setting a fixed amount of time to work on a task; do as much as possible in that window.
Stand-up meeting
Short, daily meeting where you discuss: 1. What have I done since yesterday 2. What am I doing today 3. What problems are in my way 4. What have we forgotten 5. What did I learn that I should share
Class diagrams
Shows classes and their associations
Sequence diagrams
Shows the sequence of interactions that take place
State model
Shows the system as nodes and events are arcs between nodes. As events occur, the system moves from one state to another.
Fault correction cost
Simple & easy in early phases, difficult as the product is developed
Open-source model
Single individual creates product, others join, it gets bigger
Weaknesses of iteration & incrementation
Slow Costly High likelihood of regression faults
Code-and-fix weaknesses
Slow Costly Likely to include regression faults
RUP weaknesses (2)
Slow and difficult to implement
SPMP
Software Project Management Plan
Software Crisis
Software is very often faulty, compared to other disciplines. Even when delivered, it is often late, over budget or not meeting requirements.
What are the fundamental software engineering activities? (4)
Software specification, software development, software validation and software evolution
User requirements
Statements of the services systems provide and its operational constraints, written for customers
Rational Unified Process (RUP)
Static and dynamic perspectives in a single diagram. Goal is on high quality products that the customer really wants.
Version control
Store and control different versions
Risk Planning
Strategies to manage risk. ARM 1. Avoidance 2. Reduction - minimization plans 3. Mitigation - contigency plans
Agile processes
Stresses communication, quickly satisfying client's needs.
System requirements
Structured document outlining the system
Program / system
Suite of software functionality / components that work together to fulfill one or more needs.
Sup___. Which of the four major risk components would be the degree of uncertainty that the resultant software will be easy to correct, adapt, and enhance
Support
Integration and configuration
System is assembled from existing components. May be plan-driven or agile
Integration and configuration weaknesses (2)
System may not meet all the needs and there is a loss of control from reused system elements
(T/F) A Risk Referent Level is a risk component value (performance, cost, support, schedule) or combination of values that cause a project to be terminated
T
(T/F) Individual team members can make their own estimate for a risk probability and then develop a consensus value
T
(T/F) The reason for refining risks is to break them into smaller units having different consequences
T
Spiral weaknesses (3)
Takes a long time. Basically lots of work and high costs.
The slides list seven fundamental risk management principles. List them. 1) Encourage Tea_?_ 2) Maintain a Gl_?_ perspective 3) Take a For_?_-Looking view 4) Encourage open Com_?_ 5) Int_?_ risk management 6) Emphasize a Con_?_ process 7) Develop a shared product Vis_?_
Teamwork, Global, Forward, Communication, Integrate, Continuous, Vision
Risks types (5)
Tech, people, organizational, requirements and estimation risks
Major risk categories
Technical risks Not getting requirements right Not getting architecture right
Release testing
Testing a particular release, mostly black-box and validation testing
Verification
Testing at the end of each phase
Validation
Testing before handing off to client
Scope of testing
Testing can show the presence of errors, but cannot prove the absence of errors
Development testing
Testing during development, primarily defect testing. Involves unit testing, system testing and component testing
User testing
Testing in the user's environment
What is the aim of proposal planning?
The aim is to provide information that will be used in setting a price for the system to customers.
Waterfall model
The classical model, but with added feedback during and after the project.
Technical milestone: OO testing
The correctness and completeness of OO analysis and design models has been reviewed. A class-responsibility-collaboration network (Chapter 6) has been developed and reviewed. Test cases are designed and class-level tests (Chapter 19) have been conducted for each class. Test cases are designed and cluster testing (Chapter 19) is completed and the classes are integrated. System level tests have been completed.
Experience-based techniques
The estimate of future effort requirements is based on the manager's experience of past projects and the application domain. Essentially, the manager makes an informed judgment of what the effort requirements are likely to be.
Information hiding
The implementation of attributes is not known from outside
Stepwise refinement
The process of breaking a problem down into progressively smaller pieces, then starting with the ones that are most important. Response to miller's law.
System modeling
The process of developing models of a system
Process and product quality
The quality of products is influence by the processes taken place
- describes how risk management activities are funded, managed, performed and evaluated - includes methods and tool specification included or referenced - objectives -scope -resoures - roles and responsibilities -sources of risk relevant criteria for assessing or measuring risks -decision-making criteria - a communication framework -schedule -effectiveness measures
The risk management plan does what?
Technical milestone: OO design completed
The set of subsystems (Chapter 9) has been defined and reviewed. Classes are allocated to subsystems and reviewed. Task allocation has been established and reviewed. Responsibilities and collaborations (Chapter 9) have been identified. Attributes and operations have been designed and reviewed. The communication model has been created and reviewed.
What if the pricing is less than the development costs?
The software functionality may be reduced accordingly with a view to extra functionality being added in a later release. Additional costs may be added as the requirements change and these may be priced at a higher level to make up the shortfall in the original price.
What are the sub models in COCOMO 2
The sub-models in COCOMO 2 are: Application composition model. Used when software is composed from existing parts. Early design model. Used when requirements are available but design has not yet started. Reuse model. Used to compute the effort of integrating reusable components. Post-architecture model. Used once the system architecture has been designed and more information about the system is available.
Requirements validation
Validating and verifying the requirements match what the customer wants and that they are consistent, complete at realistic
Why test
To ensure software meets its requirements and to discover faults or defects in the software
Release management
Tracking what versions are distributed to customers
Object-oriented paradigm
Treats data and operations together and equally. Uses information hiding
Inception phase, requirements workflow
Understand the domain, determine scope, build business model, business case
Risk Analysis and Management are a series of steps that help a software team to Und_?_ and Man_?_ uncertainty.
Understand, Manage
Development testing (3)
Unit testing, component testing and system testing
UML
Universal modelling language
Security management (3)
User permissions, software deployment and attack monitoring/recovery
When to use plan-driven (4)
User requirements are clear, the system is critical, stakeholders are not actively engaging and/or teams are globally distributed
User stories
User requirements expressed as stories or scenarios and broken down into implementation tasks
Scenario based requirements gathering
Using scenarios to gather requirements
Guidelines for safety (4)
Validate inputs, log actions, fail securely and avoid a single point of failure
Software validation
Where software is checked and tested
Product testing
Verified that systems work as intended, done by SQA
Classical paradigm
Waterfall method
COCOMO
Well-documented, 'independent' model which is not tied to a specific software vendor.
Procedures, worksheets, automated tools, databases
What are 4 methods assess or tools of Tailoring considerations?
- a condition that directly produces a loss or consequence - issues can lead to other risks
What are issues or problems with risk management?
accept, transfer, avoid, mitigate
What are the four steps for common control approaches for CRM?
Risk evaluation, Escalation, Risk Tolerance, Communication
What are the four types of Criteria in risk management?
probability, impact, risk exposure, timeframe
What are the four types of Risk measures
- prepare for risk management - perform risk management activities - sustain and improve risk management
What are the steps in the risk management framework?
- assess risk - plan for risk control - control risk
What are the steps involved in performing risk management activities?
- manage risk management assets and work products - evaluate effectiveness of risk management practice - implement improvements to risk management practice
What are the steps involved in sustaining and improving risk management?
the probability of realizing a gain
What is the opportunity presented when performing risk management?
Assess risk, plan for risk control, control risk
What is the process of risk management?
a condition that is driving an entity toward a desired outcome
What is the strengths of risk management?
- developing stakeholder sponsorship - developing risk management plan - tailor methods and tools - train personnel
What steps are involved in preparing for risk management?
When does a company need to increase the price of a system?
When a buyer wishes a fixed-price contract and so the seller increases the price to allow for unexpected risks.
Retirement
When a product is no longer used. (Usually replaced).
Modern maintenance
When software is modified, it is corrective maintenance (never mind deployment)
Scope creep
When the client requests additional changes, which slowly increase the size of the project without changing the spec.
Moving target problem
When the client requirements change as the product is being developed
Risk management
a systematic approach for minimizing exposure to potential losses
The cost to prepare bottom-up estimates will typically run how much more than the costs to prepare the top-down estimates?
about 3 times as much
How long should a task take?
about a week or two, tasks shouldn't be too small
The software is priced according to......
according to what the software developer believes the buyer is willing to pay.
mitigate
actions are implemented in attempt to reduce or contain a risk
endorsement
addition of coverage
personal property floater
additional property insurance that covers the damage or loss of a specific item of high value
Tolerance
amount of risk the organization can survive if an event occurs
Residual Risk
amount of uncertainty that remains after all possible management strategies have been exhausted.
risk control
an action taken to manage a risk
Systems analysis
an analysis to determine inputs, outputs, and changes in a system under various conditions
no-fault system
an arrangement whereby drivers who are involved in accidents collect money from their own insurance companies
key characteristic of an effective risk management program is identified in ISO 31000?
an effective risk management program fits the organization's own risk and control environment. It cannot be a standard or "boilerplate" program but must manage the organization's unique risks with realistic and appropriate controls.
objectives
an example set of risk management objectives helps that keeps to keep risk within in an acceptable tolerance over time, ensures timely management of each risk that is identified, execute risk management activities within defined cost objectives
A Control
any measure that modifies risk by decreasing the likelihood that a risk event will occur or the impact that the event would have on the organization.
hazard
anything that increases the likelihood of loss through peril
peril
anything that may possibly cause a loss
Which of the following top-down methods is used when projects closely follow past projects in features and costs and result in costs being assigned by percentages to major segments of the project?
apportion
which top down methd is used when projects closely follow past projects in features and costs. Estimates can be made quickly with little effort and reasonable accuracy
apportion methods
which top-down method uses authorization to pay contractors by completion of specific segments of a house. For example, foundation might represent 3%, framing 25%, electric 15% and so on
apportion methods
If-then statements
are good for events or circumstances that might occur at some point in the future and will have negative consequences if they do occur. Security risks are good examples as well as things like future budget cuts, possible schedule changes, and so on.
Condition-consequence statements
are good for risks which arise out of a current weak condition that could already be causing problems but will also possibly cause additional problems, which are documented as the potential consequences.
COSO defines risk
as having an adverse effect
ISO defines risk
as the effect of uncertainty on objectives
can serve as a check on cost elements in the WBS by rolling up the work packages and associated cost accounts to major deliverables
bottom up approach
provides the customer with an opportunity to compare the low-cost, efficient method approach with any imposed restrictions
bottom up approach
what is the intended use of bottom-up estimates
budgeting scheduling resource requirements fund timing
Bar charts are........
calendar-based
Procedures
can be adjusted based on roles and responsibilities, specific tools being used, ect.
Automated tools
can be customized base on the program's risk parameters
Risk sources
cases of risk that should be considered when risk is assessed, complied in lists and taxonomies
speculative risk
category of risk that results in an uncertain degree of gain or loss. All of these risks are made as conscious choices and are not just a result of uncontrollable circumstances
Database
changes can include new reports tailored data entry, screens and new interfaces to other system tools
changes often have to be made midstream to respond to new demands by the customer is an example of which reason to refine estimates
changes in project scope and plans
When to use agile (2)
clear commitment from customers and there are few constraints
construction activities 15-20%
coding and code generation
what is the best way to improve estimates
collect and archive data on past project estimates and actuals
what factors influence the level of detail in the WBS
complexity of the project need for control project size cost duration other factors
Top-down estimates are most likely to occur during the ______ phase.
concept
Schedule Tracking
conduct periodic project status meetings in which each team member reports progress and problems. evaluate the results of all reviews conducted throughout the software engineering process.
This method uses the pooled experience of senior and or middle managers to estimate the total project duration and costs
consensus method
what are the top down approaches for estimating project times and costs
consensus method ratio method apportion method function point method learning curves
work package estimates should not include allowances for_____________________
contingencies
ISO defines "risk management" as
coordinated activities to direct and control an org WRT risk
homeowner's insurance
coverage that provides protection for your residence and its associated financial risks
accept
if the risk occurs it will be handled as an issue or problem, no proactive action will be taken and the risk is closed with a rationale.
Risk tolerance
establishes the acceptable threshold for risk exposure
The process of forecasting or approximating the time and cost of completing project deliverables is called
estimating
appraised
evaluated for worth
known known
events that are to be expected and involve little uncertainty
what is the intended use of top-down estimates
feasibility/conceptual phase rough time/cost estimate fund requirements resource capacity planning
Sean is forecasting the time and cost of developing a customized software program by looking at the number of inputs, outputs, inquires, files, and interfaces. Which of the following methods is he using?
function point
the software industry frequently estimates using weighted macro varibles called________________________
function point methods
which top-down method uses major parameters such as number of inputs, number of outputs, number of inquiries, number of data files, and number of interfaces
funtion point methods
these costs are usually allocated as a percent of the total direct cost, or a percent of the total of a specific direct cost such as labor, materials, or equipment
general and administrative overhead costs
these costs represent organization costs that are not directly linked to a specific project
general and administrative overhead costs
People working on prototype development needing time to interact with the design engineers after the design is completed is an example of:
hidden interaction costs
Graphical notations are normally used to..........
illustrate the project schedule.
collision insurance
insurance that covers damage to your vehicle when it is involved in an accident
bodily injury liability
insurance that covers physical injuries caused by a vehicle accident for which you are responsible
uninsured motorist's protection
insurance that covers you and your family members if you are involved in an accident with an uninsured or hit-and-run driver
time and costs devoted to managing interactions rises exponentially as the number of people and different diciplines involved increases on a project reflects which reason to refine estimates
interaction costs are hidden in estimates
natural risk
involves storms and other acts of nature that are beyond one's ability to control
Earned Value Analysis (EVA)
is a measure of progress enables us to assess the "percent of completeness" of a project using quantitative analysis rather than rely on a gut feeling "provides accurate and reliable readings of performance from as early as 15 percent into the project." [Fle98]
Upside Risk
is an opportunity that arises out of uncertainty about outcomes
KRI
key risk indicator
Learning curves are more likely to apply in situations where most of the costs are
labor
what type of costs are considered direct labor costs
labor materials equipment
the pattern of improvement
learning curve
liability
legal responsibility for the financial cost of another person's loss or injuries
Is development or maintenance more expensive?
maintenance
what is the preferred approach in defining the project estimates
make rough top-down estimates, develop the WBS, make bottom-up estimates, develop schedules and budgets, and reconcile differences between top down and bottom up estimates
Assessing risk measures
measures of probability, impact, and risk exposure
Managers use the plan as a way of.........
measuring progress
Schedule Tracking3
meet informally with practitioners to obtain their subjective assessment of progress to date and problems on the horizon. use earned value analysis (Section 27.6) to assess progress quantitatively.
what is the usefulness of KRI?
metric that signals when risk exposure may be increasing
what is the accuracy of bottom-up estimates
minus 10% to plus 30%
The accuracy of top-down estimates will typically be in the range of
minus 20% to plus 60%
what is the accuracy of top-down estimates
minus 20% to plus 60%
property damage liability
motor vehicle insurance that applies when you damage the property of others
the tendency of people to overestimate how quickly they can get things done and underestimate how long it will take them to complete tasks is an example of which reason to refine estimates
overly optimistic
Janet is forecasting how much money her department needs to support a new project. She estimates that two people and $25,000 in expenses will cover her needs. Because management typically insists on reducing forecasts by 20 percent, she increases her estimates to allow for that reduction. Which of the following factors is illustrated in this situation?
padding estimates
which bottom-up approach uses cost per task to determine total cost of project
parametric procedures
The approach that begins with a top-down estimate for the project and then refines estimates as the project is implemented is known as ______ method
phase estimating
which bottom-up approach is used when an unusual amount of uncertainty surrounds a project and it is impractical to estimate times and costs for the entire project
phase estimating
which bottom-up approach uses a detailed estimate to develop estimates for the immediate phase and a macro estimate for the remaining phases of the project
phase estimating
which estimating approach is preferred by those working on projects where the final product is not known and the uncertainty is very large, for example, the integration of wireless phones and computers
phase estimating
estimates of current events are close to 100 percent accurate but are reduced for more distant events
planning horizon
what factors influence the quality of estimates
planning horizon project duration people project structure and organization padding estimates organization culture nonproject factors
Milestones are........................
points in the schedule against which you can assess progress, for example, the handover of the system for testing.
avoid
program activities are restructured to eliminate the possibility of a risk occurring
In agile planning, the decision on what to include in an increment depends on...............
progress and on the customer's priorities
COCOMO is an empirical model based on................
project experience
which bottom-up approach is popular in software and new product projects where up-front requirements are fuzzy and not well known
range estimating
which bottom-up approach uses three time estimates--low, average, and high to determine total project cost
range estimating
which bottom-up approach works best when work packages have significant uncertainty associated with the time or cost to complete
range estimating
Which top down method uses, for instance, the number of square feet to estimate the cost and time to build a house; that is a house of 2700 square feet might cost $160 per square foot.
ratio method
Vulnerability
refers to the degree of probability that a loss will occur.
mandatory
required
Which guideline allows persons most familiar with the task to use their experience and best judgemnt to develop useful work package estimates?
responsibility
what are the seven guidelines to develop useful work package estimates
responsibility use several people to estimate normal conditions time units independence contingencies adding risk assessment
ISO 31000
risk is the effect of uncertainty on objectives (positive + negative)
uncontrollable risk
risk that are beyond the ability of any person or company to change
unknown unknowns
risks that we don't know exist. (blindsiding events)
unknown knowns
risks we mistakenly think we understand
COCOMO estimation models
see the figure in slide 38
enterprise risk management (ERM) system, such as COSO ERM
sees risk as an integrated issue that must be managed across divisions and functions in an enterprise.
Typically, are software or hardware costs more expensive?
software
What are the advantages of software engineering? (2)
software development is cheaper and more reliable
What is software engineering?
software engineering is concerned with all aspects of software production
control approach
the strategy for addressing a risk, the risk method you use will specify which of these are applicable, should be shared with all relevant stakeholders as apporapriate
when project promoters underestimate the costs of projects and overestimate project benefits in order to win approval, like in public works projects, is an example of which reason to refine estimates
strategic misrepresentation
Project costs are typically viewed from all of the following except:
sunk
Managers use the plan to.............
support project decision making.
Activity networks show..........
task dependencies
which bottom-up approach uses the costs from past projects as a starting point for the new project
template
The bottom-up approach for estimating times and costs that uses costs from past projects that were similar to the current project is known as:
template method
what are the bottom-up approaches for estimating project times and costs
template method parametric procedures applied to specific tasks range estimating a hybrid phase estimating
Unit testing
test individual units or pieces of code for a system, done by SQA
In project scheduling, you need to estimate .......
the calendar time needed to complete each task, the effort required and who will work on the tasks that have been identified. you also need to estimate the resources needed to complete each task.
Risk sources
the cases of risk that should be considered when risk is assessed
risk
the chance of loss or injury
economic risk
the chance that macroeconomic conditions like exchange rates, government regulation, or political stability will affect an investment, usually in a foreign country
controllable risk
the chances of being able to reduce loss or risk all together
policy
the contract a person buys to join the risk-sharing group
Error
the difference between the accepted value and the experimental value
negligence
the failure to take ordinary or reasonable care to prevent accidents from happening
In agile planning, unlike plan-driven approaches..........
the functionality of the increments is not planned in advance but is decided during the development.
human risk
the group may incur losses due to drain or loss of personnel, deterioration of morale, inadequate development of human resources, inappropriate working schedule, inappropriate working and safety environment, inequality or inequity in human resource management or discriminatory conduct
Risk Equation
the level of risk equals the probability of occurrence multiplied by the magnitude of the impact of the risk event.
probability
the likelihood that an event will occur, usually expressed qualitatively using a range for values (three or five levels)
impact
the loss that occurs when a risk is realized
consequence
the loss that will occur when an event is realized
risk exposure
the magnitude of a risk based on current values of probability and impact
actual cash value
the payment you receive is based on the replacement cost of an item minus depreciation
replacement value
the payment you receive is the full cost of repairing or replacing an item
Impact
the possible effect on the organization
Risk
the probability of suffering harm or loss, a measure of the likelihood that an event will lead to a loss coupled with the magnitude fo the loss, requires the following conditions a potential loss, likelihood, choice
risk management
the process of identification, analysis, and acceptance or mitigation of uncertainty in investment decisions
transfer
the risk is shifted to another party
Bar charts show..............
the schedule as activities or resources against time.
deductible
the set amount that the policyholder must pay per loss on an insurance policy
Integration testing
verifies that separate systems can work together, done by SQA
when are top down methods useful
when experience and judgement have been accurate in the past
Iteration planning
which has a shorter term outlook, and focuses on planning the next increment of a system. This is typically 2-4 weeks of work for the team.
Release planning
which looks ahead for several months and decides on the features that should be included in a release of a system.
Deliverables are.........................
work products that are delivered to the customer, e.g. a requirements document for the system.
What should be taken into account when estimating software price?
you take into account: hardware, software, travel, training and effort costs.
effort validation
—be sure resources are available
compartmentalization
—define distinct tasks
defined outcomes
—each task must have an output
interdependency
—indicate task interrelationship
defined responsibilities
—people must be assigned
defined milestones
—review for quality