Chapter 19-21 Software Quality Assurance

Dependability

For Critical Systems, it is usually the case that the most important system property is the D_?_ of the system; this reflects the user's degree of trust in that system

E (both c and d)

Poka-yoke devices are mechanisms that lead to the A) creation of quality processes with minimal resources B) determining causes of software defects C) prevention of potential quality problems D) rapid detection of quality problems introduced E) both c and d

Reviews, Automated

Quality R_?_ A_?_ Software Assessment and software measurement

A (prevention, appraisal, and failure)

Quality costs may be divided into costs associated with A) prevention, appraisal, and failure B) people, process, and product C) customers, developers, and maintenance D) all of the above

Software Quality Assurance

SQA is an acronym for _?_

Safety

S_?_ is a property of a system that reflects the system's ability to operate, normally or abnormally, without danger of causing human injury or death and without damage to the system's environment

Security

S_?_ is a system attribute which is concerned with the ability of a system to continue to deliver its services to users in the face of deliberate or accidental attack

Dependability

Software D_?_ is the extent to which a critical system is trusted by its users

Metrics

Software M_?_ assume that a software property can be measured; they assume that the relationship exists between what we can measure and what we want to know

Validated

Software Metrics assume that the relationship exists between what we can measure and what we want to know has been formalized and V_?_; it may be difficult to relate what can be measured to desirable quality attributes

Work

Software Quality Reviews a technical assessment of a W_?_ product created during the software engineering process.

Meetings

Software Quality Reviews are M_?_ conducted by technical people for technical people

Reprisal

Software Quality Reviews are not a mechanism for political or personal R_?_.

Information

Software Quality Reviews are not a meeting intended solely to impart I_?_.

Summary

Software Quality Reviews are not a project S_?_ or progress assessment.

Safety

Software S_?_ is a software quality assurance activity that focuses on the identification and assessment of potential hazards that may affect software negatively and cause an entire system to fail.

Survivability

Software S_?_ is a system attribute which is concerned with the ability of a system to continue to deliver its services to users in the face of deliberate or accidental attack.

Quality

Software _?_ Management is concerned with ensuring that the required level of quality is achieved in a software product

Quality Control

Software _?_ _?_ are the steps taken to ensure that the software products are designed and produced to meet or exceed customer requirements and expectations.

Eliminated

Software complexity can be reduced, but not E_?_

Maintenance

Software complexity complicates M_?_.

Entirety

Software complexity intensifies when one person cannot understand a project in its E_?_

Quality

Software complexity makes _?_ more difficult to attain

Path

Software complexity makes it impossible to test each and every P_?_

Complex

Software is inherently C_? because the number of execution paths grow exponentially with size.

Numeric

Software measurement is concerned with deriving a N_?_ value for an attribute of a software product or process. This allows for objective comparisons between techniques and processes.

E (both b and c)

Software reliability problems can almost always be traced to A) errors in accuracy B) errors in design C) errors in implementation D) errors in operation E) both b and c

B (may cause an entire system to fail)

Software safety is a quality assurance activity that focuses on hazards that A) affect the reliability of a software component B) may cause an entire system to fail C) may result from user input errors D) prevent profitable marketing of the final product

Specification

Sommerville says that "Quality, simplistically, means that a product should meet its S_?_.

C (tracing each defect to its underlying cause, isolating the "vital few" causes, and moving to correct them)

Statistical quality assurance involves A) using sampling in place of exhaustive testing of software B) surveying customers to find out their opinions about product quality C) tracing each defect to its underlying cause, isolating the "vital few" causes, and moving to correct them D) tracing each defect to its underlying causes and using the Pareto principle to correct each problem found

Compliance

The SQA Group reviews software engineering activities to verify C_?_ with the defined Software Process. The SQA group identifies, documents, and tracks deviations from the Software Process and verifies that corrections have been made.

Process

The SQA group participates in the development of the project's software P_?_ description; it should be compliant with the organizational policy, internal software standards, and externally imposed standards (e.g., iso-9001).

Product Plan

The SQA group prepares an SQA _?_ for a project; it would include (1) evaluations to be performed, (2) audits and reviews to be performed, (3) standards that are applicable to the project, (4) procedures for error reporting & tracking, (5) documents to be produced by the SQA group, and the (6) amount of feedback provided to the software project team.

Quality Plan

The Software Q_?_ P_?_ sets out the desired product qualities and how these are assessed and defines the most significant quality attributes; it should set out which organizational standards should be applied and, if necessary, define new standards

Reliability

{Reliability, Availability} is the probability of failure-free system operation over a specified time in a given environment for a given purpose.

Availability

{Reliability, Availability} is the probability that a system, at a point in time, will be operational and able to deliver the requested services.

Reliability

{Reliability/Safety} is concerned with conformance to a given specification and delivery of service.

T

{T/F} A program, with known faults, can still be seen as reliable by its users.

T

{T/F} Removing X% of the faults in a system will not necessarily improve the reliability by X%

C (have measurable specifications for process outputs)

A key concept of quality control is that all work products A) are delivered on time and under budget B) have complete documentation C) have measurable specifications for process outputs D) are thoroughly tested before delivery to the customer

C (what was reviewed, who reviewed it, what were the findings)

A review summary report answers which three questions? A) terminate project, replace producer, request a time extension B) what defects were found, what caused defects, who was responsible C) what was reviewed, who reviewed it, what were the findings D) none of the above

Prevention, Internal, External

According to the slides there were three major costs associate with Software Quality. List them: P_?_ costs [include quality planning, formal technical reviews, test equipment, and training] I_?_ failure costs [include rework, repair, and failure mode analysis] E_?_ failure costs [include complaint resolution, product return and replacement, help line support, and warranty work]

Standards

According to the slides, Software Quality Management involves defining appropriate quality S_?_ and procedures and ensuring that these are followed.

Everyone's

According to the slides, Software Quality Management should aim to develop a 'quality culture' where quality is seen as E_?_ responsibility

Introduction, Plans, Process, Quality, Management

According to the slides, quality plans should be short, succinct documents; if they are too long, no one will read them. According to the slides, there should be 5 things in Quality Plan. List them. Product I_?_ Product P_?_ P_?_ Descriptions Q_?_ Goals Risks and Risk M_?_

Design, Conformance,

According to the slides, the two kinds of Software Quality that might be may be encountered are Quality of D_?_ encompasses requirements, specifications, and the plan for putting the system together. Quality of C_?_ is an issue focused primarily on implementation.

Customer, Difficult, Incomplete

According to the slides, there are 3 reasons quality is problematical for software systems. List them. C__Tension between C_?_ quality requirements (efficiency, reliability, etc.) and developer quality requirements (maintainability, reusability, etc.) D__ Some quality requirements are D_?_ to specify in an unambiguous way I__ Software specifications are usually I_?_ and often inconsistent

D (reject the product due to severe errors)

At the end of a formal technical review all attendees can decide to A) accept the work product without modification B) modify the work product and continue the review C) reject the product due to stylistic discrepancies D) reject the product due to severe errors

Severe Errors

At the end of a formal technical review all attendees can decide to reject the product due to _?_ (what?)

Makes it later

Brooke's Law: Adding people to a late project _?_.

Time because software is flexible

Chameleon Myth: Changing requirements can be easily accommodated at any _?_.

Documentation

D_?_ standards are particularly important because they are the "Tangible Manifestation of the Software"

Informal Peer, Walkthrough, Inspection, Round Robin

The slides describe 4 review processes. The following were abbreviations for IPR is the abbreviation for a _?_ review WT is the abbreviation for a _?_ review IN is the abbreviation for a _?_ review RRR is the abbreviation for a _?_ review

Process, Standards, Identification, Structure, Production, Update

The slides describe 6 documentation standards. List them. Documentation P_?_ Standards -> How documents should be developed, validated and maintained Document S_?_ -> Concerned with document contents, structure, and appearance Document I_?_ Standards -> How documents are uniquely identified Document S_?_ Standards -> Standard structure for project documents Document P_?_ Standards -> Define fonts and styles, use of logos, etc. Document U_?_ Standards -> Define how changes from previous versions are reflected in a document

Assurance, Planning, Quality Control

The slides describe the three major software quality management activities. List them. Quality A_? -> establishes organizational procedures and standards for quality Quality P_?_ -> selects applicable procedures and standards for a particular project and modify these as required Quality C_?_ -> ensures that procedures and standards are followed by the software development team

Style, Project, Record, Agenda

The slides include eight recommendations for successful software quality reviews List these 4 of them. Avoid Discussions of S_?_ -> stick to technical correctness Schedule Reviews as P_?_ tasks R_?_ and Report all review results Stick to the Review A_?_

Prepared, Product, Accusations, Resolve

The slides include eight recommendations for successful software quality reviews List these 4 of them. Be P_?_ -> evaluate the product before the review Review the P_?_, not the Producer Keep your tone mild, ask questions instead of making A_? Raise Issues, don't R_?_ them

Development, Validation

The slides list two reasons why Dependability Costs tend to increase exponentially as increasing levels of dependability are required. List them. More Expensive D_?_ techniques and hardware that are required to achieve the higher levels of dependability The Increased Testing & System V_?_ that is required to convince the system client that the required levels of dependability have been achieved

Relevant, Form, Tools

The slides provide three problems with standards. List them. One of the problems with standards is that they are not always seen as R_?_ and up-to-date by software engineers One of the problems with standards is that they involve too much bureaucratic F_?_ filling One of the problems with standards is that they are generally unsupported by software T_?_ so tedious manual work is involved to maintain standards

Mistakes, Framework, Continuity

The slides provide three reasons that standards are important. List them. Standards help to encapsulate the "best practice of your previous projects" and to avoid the repetition of past M_? Standards are the F_?_ for quality assurance - it involves checking standard compliance Standards provide C_?_ - new staff can understand the organization by understand the standards applied

Software Engineer, Regularly, Tool

The slides provide three recommendations for the development of internal standards. List them. Involve the S_?_ E_?_ in development; they should understand the rationale underlying a standard Review standards and their usage R_?_ Standards can quickly become outdated and this reduces their credibility amongst practitioners Detailed standards should have associated T_?_ support. Excessive clerical work is the most significant complaint against standards

Unnecessary, Why, Memory

The slides provide three recommendations to assure data collection accuracy. List them. Don't collect U_?_ data Tell people W_?_ the data is being collected; it should not be part of personnel evaluation Don't Rely on M_?_ ; collect data when it is generated not after a project has finished

Combinations

Why are accidents in complex systems so hard to anticipate and correct? Almost All Accidents are a result of C_?_ of malfunctions.

F

(T/F) According to the slides, software complexity can be reduced and eliminated

F

(T/F) Attempts to apply mathematical proofs to demonstrate that a program conforms to its specifications are doomed to failure

F

(T/F) Defect amplification models can be used to illustrate the costs associated with using software from its initial deployment to its retirement.

T

(T/F) In any type of technical review, the focus of the review is on the product and not the producer.

T

(T/F) In general the earlier a software error is discovered and corrected the less costly to the overall project budget.

T

(T/F) People who perform software quality assurance must look at the software from the customer's perspective.

T

(T/F) Quality management should be separate from project management to ensure independence

F

(T/F) Sample driven reviews only make sense for very small software development projects.

T

(T/F) Software quality might be defined as conformance to explicitly stated requirements and standards, nothing more and nothing less.

F

(T/F) The goal of quality assurance is to provide management with the data needed to determine which software engineers are producing the most defects.

T

(T/F) The purpose of software reviews is to uncover errors in work products so they can be removed before moving on to the next phase of development.

F

(T/F) There is no need to assess customer satisfaction when trying to determine the quality of a piece of software.

T

(T/F) Usefulness & Trustworthiness are not the same thing; A system does not have to be trusted to be useful.

How well you did it

Howard Newton says "People forget how fast you did a job - but they always remember _?_".

Model, Quality

ISO 9001:2000 is a generic M_?_ of the Q_?_ process that must be instantiated for each organization

Quality Management

ISO 9001:2000 is an international set of standards for Q_?_ M_?_ that applies to software engineering.

Design, Develop

ISO 9001:2000 is applicable to organizations which D_?_, D_?_ and maintain products

Certified

ISO 9001:2000 quality standards and procedures should be documented in an organizational quality manual. External body may certify that an organization's quality manual conforms to ISO 9001:2000 standards. Customers are, increasingly, demanding that suppliers are ISO 9001 C_?_.

Maintainability

M_?_ is a system attribute which is concerned with (1) the ease of repairing the system after a failure has been discovered and (2) changing the system to include new features

Maintainability

M_?_ is a system attribute which is concerned with the ease of repairing the system after a failure has been discovered.

Our job is done

Maintenance Myth: Once a program is written and it works _?_.

Continue

Survivability includes the notion of Resilience. Resilience is the ability of a system to C_?_ in operation in spite of component failures

Rework, Repair, Failure

The 3 Major Software Quality Costs Associated Internal Failure are R_?_ R_?_ F_?_ Mode Analysis

Quality, Technical Reviews, Equipment, Training

The 4 Major Software Quality Costs Associated Prevention are Q_?_ Planning Formal T_?_ R_?_ Test E_?_ T_?_

Complaint, Replacement, Work, Help

The 4 Major Software Quality Prevention Costs are C_?_ Resolution Product Return and R_?_ W_?_ H_?_ Line Support

Add people to finish on time

The Man-Month Myth: If a project is running late, you can _?_

Documented

The SQA Group ensures that deviations in software work and work products are _?_ and handled according to a documented procedure

Senior Management

The SQA Group records any noncompliance and reports to S_?_ M_?_. Noncompliance items are tracked until they are resolved.

40, 1000

The further into the development cycle one goes before discovering a defect, the more it costs to fix it. In accordance with the chart exposed in the text and the slides, it will cost _?_ to _?_ times as much to fix an error once it has been installed, as opposed to finding that same error at the Requirements stage.

Product, Quality, Budget, Schedule

User Satisfaction is often defined by the equation: User Satisfaction = Compliant P__ + Good Q__ + Delivery Within B__ + Delivery On S__

D (all of above)

Variation control in the context of software engineering involves controlling variation in the A) process applied B) resources expended C) product quality attributes D) all of the above

We do, and will have, Bad/Weak/ Incomplete/ Erroneous specifications

What is the "software quality compromise" addressed in the slides? [Hint: it has to do with the fact that "software specifications are imperfect"]

Some classes of hazards can't arise

When attempting to achieve Safety, "Hazard Avoidance" is designing the system so that _?_.

Detected and Removed

When attempting to achieve Safety, "Hazard Detection & Removal" is designing the system so that hazards are _?_ before they result in an accident

Accident

When attempting to achieve Safety, what is "Damage Limitation"? Designing the system with features that minimize the damage that may result from an A_?_.

A (budget)

Which of the following is not a section in the standard for SQA plans recommended by IEEE? A) budget B) documentation C) reviews and audits D) tests

D (serve as the sole test team for any software produced)

Which of these activities is not one of the activities recommended to be performed by an independent SQA group? A) prepare SQA plan for the project B) review software engineering activities to verify process compliance C) report any evidence of noncompliance to senior management D) serve as the sole test team for any software produced