All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by law. Advice on how to obtain permission to reuse material from this title is available at http://www.wiley.com/go/permissions.
The rights of Daniel Galin to be identified as the author of this work have been asserted in accordance with law.
Registered Office
John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, USA
Editorial Office
111 River Street, Hoboken, NJ 07030, USA
For details of our global editorial offices, customer services, and more information about Wiley products visit us at www.wiley.com.
Wiley also publishes its books in a variety of electronic formats and by print-on-demand. Some content that appears in standard print versions of this book may not be available in other formats.
Limit of Liability/Disclaimer of Warranty
While the publisher and authors have used their best efforts in preparing this work, they make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives, written sales materials or promotional statements for this work. The fact that an organization, website, or product is referred to in this work as a citation and/or potential source of further information does not mean that the publisher and authors endorse the information or services the organization, website, or product may provide or recommendations it may make. This work is sold with the understanding that the publisher is not engaged in rendering professional services. The advice and strategies contained herein may not be suitable for your situation. You should consult with a specialist where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.
Library of Congress Cataloging-in-Publication Data
Names: Galin, Daniel, author.
Title: Software quality : concepts and practice / by Daniel Galin.
Description: Hoboken, NJ : John Wiley & Sons, 2017. | Includes bibliographical references and index. |
Identifiers: LCCN 2017039554 (print)| LCCN 2017044698 (ebook) | ISBN 9781119134503 (pdf) | ISBN 9781119134510 (epub) | ISBN 9781119134497 (cloth)
To my beloved family,
Amira, Michal, Yoav, Guy and Maayan.
I love all of them.
Preface
The following software “glitches” seem very real:
Thousands of the US students in numerous cities around the United States had just taken their examination. Tired and excited, they pressed the submit button only to find that their answers could not be uploaded with the software (purchased specifically for this purpose). As expected, the anger, utter frustration, and disappointment of the students turned into a flood of lawsuits against the exam software company.
More than 24 inmates from a US jail were wrongly released, among them were prisoners jailed for violent crimes. The faulty release was caused by the erroneous release of documents that were produced by a new software system recently implemented to manage the institute's records. According to the spokesman of the county jail, the mistake was due to glitches in the software, which caused the misprocessing of a number of input documents. The early detection of the software failure prevented a much higher number of faulty inmate releases.
A software failure in an income tax collection system caused millions of citizens to use the wrong tax code in the income tax site program. This mistake caused many people to pay less than required, and many to pay more than required. Unfortunately, it took a whole year to identify the failure. Naturally, the inevitable happened, and the income tax department now faces innumerable filings for tax returns. Only when these return procedures have concluded, will the income tax department be able to estimate the total damage caused by the software failure.
The above are just a sample of glitches that happen every day. These software failures have the potential to cause substantial damages. Every single one of them could have been eliminated, or practically eliminated, if only the software project teams would have performed appropriate software quality assurance processes, and SQA professionals would have carried out properly the required process coordination, follow-up, and evaluation tasks. These software quality assurance processes, and many more, are the contents of my book Software Quality: Concepts and Practice.
The Book Structure
The book is structured in six parts that follow the IEEE Std. 730:2014 outline:
Part I: Introduction – Presents definitions and topics associated with software quality.
Part II: SQA Process Implementation Activities –Dedicated to software quality assurance activities of the SQA function, and includes establishing the SQA processes in the organization, planning the SQA activities, and the application of software quality costs.
Part III: Product Assurance Activities for Conformance – Deals with evaluation and product quality measurement.
Part IV: Process Assurance Activities for Conformance – Discusses process quality evaluation and measurement, process improvements, and also the assessment of staff skills and knowledge and the required training.
Part V: Additional Tools and Methods Supporting Software Quality – Presents configuration management, CASE tools, and the topic of templates and checklists – all of significant contribution to achieve software quality requirements.
Part VI: Appendices – Presents basic software quality and software engineering topics associated with SQA: software engineering and SQA standards and models and project progress control. This part also includes a review of software development methodologies and processes, and their quality assurance activities.
Unique Features of This Book
The following key features of this book are of special importance:
A broad view of SQA. The book delves extensively into the SQA subject matter and covers issues much beyond the classic boundaries of custom-made software development by large established software houses. It dedicates significant attention to issues related to in-house software development, subcontractors, suppliers of readymade software, and other external participants in the software development process, and also covers small software projects.
An up-to-date wide range coverage of SQA and SQA-related topics. The book provides comprehensive coverage on a wide range of SQA and SQA-related subjects, and includes topics that are rarely discussed in SQA texts. These include procedures and work instructions, tools and supporting techniques such as templates and checklists, documentation control, staff certification, and cost of software quality.
A comprehensive discussion of new technology and methodology topics. The text covers extensively the current SQA topics, and discusses the impact of new software development methodologies, computerized SQA tools, and international SQA standards.
A thorough presentation of the SQA function. and its tasks Establishes the SQA processes, planning, coordinating, follow-up, reviewing and evaluation of SQA processes performed by software process teams and others.
Special emphasis on the SQA plan and project plan topics. The processes of preparing and updating the plans and their implementation are discussed in detail.
Special attention is given to SQA implementation issues.
Throughout the book a focus is placed on implementation issues in specialized chapter sections, examples, implementation tips and topics for discussion. Consistent structure in each chapter:
A mini case study at the beginning followed by subject matter that includes examples, summary, selected bibliography, review questions, and topics for discussion – the book is tailor-made for semester classes in software engineering programs, and should prove to be very useful as a textbook for many different courses.
An Instructor's Guide
The Author's Former Book on SQA
The author's former book Software Quality Assurance: From Theory to Implementation, (Addison-Wesley, 2004) had a wide readership and was also adopted as a textbook for a variety of courses in numerous faculties at higher education institutes and professional training and hi-tech upskill courses around the world.
The current book differs from the previous (2004) book mainly in the following ways:
The book's topics themselves and their coverage have been updated according to technological and methodological developments.
New topics have been added to the already wide variety of subjects covered by the 2004 book.
The subject of SQA function has received substantially more attention, and the book provides a thorough presentation of the SQA function and its tasks.
The structure of the book now follows the IEEE Std. 730: 2014 outline.
The readability of the book has been improved, notably by the many mini cases that open the chapters.
The Book's Audience
The book is intended to address challenges faced by a wide audience interested in software quality assurance. The five main audience types are as follows:
University and college students
Software engineering practitioners, naturally involved in quality issues of software development and maintenance
Practitioners of software quality assurance
Vocational training course – students and lecturers
Managers of software development departments, project managers, and others
Special interest groups of readers
Readers interested in the ISO 9000-3 Standard.
Readers interested in the ASQ Certified software quality engineers (CSQE) body of knowledge.
Readers interested in the QAI (Quality Assurance Institute) CSQA CBOK (Certified Software Quality Analyst common body of knowledge).
Readers of both interest groups will find comprehensive discussions on both topics throughout the book.
The Instructor's Guide
An Instructor's Guide that includes PowerPoint presentations for each of the book's chapters has been prepared by the author.
The guide is available to instructors who have adopted the book for a course. It can be obtained by sending an email to ieeeproposals@wiley.com.
Acknowledgments
I would like to take this opportunity to express my heartfelt gratitude to all those who helped me write this book. This book has benefited from practical experience gained from consulting projects, and greatly from interactions with students throughout numerous sessions and courses. I have not listed all the names here, albeit I am grateful to each and every one of them.
I owe many thanks to my reviewers for their important comments that contributed greatly to this book.
Special thanks to Ms. Mary Hatcher, Editor at Wiley-IEEE Press for her cooperation, guidance, and valuable advice throughout the writing and publishing process. I would also like to express my appreciation and thanks to Victoria Bradshaw, Vishnu Narayanan, and Melissa Yanuzzi at Wiley, as well as Abhishek Sarkari at Thomson Digital typesetter, responsible for production of this book.
I wish to express my appreciation to Lisa Harel, who edited my drafts with devotion and contributed substantially to their readability and accuracy.
Finally, I wish to express my gratitude to my family: my wife, Amira Galin, who is a constant source of inspiration, has always encouraged scientific thinking and is a role model, and my daughter, Michal, and my son, Yoav, for their continuous support, important comments on the book's drafts, and for always believing.
About the Author
Dr. Daniel Galin received his BSc in Industrial and Management Engineering, and his MSc and DSc in Operations Research from the Faculty of Industrial Engineering and Management, the Technion – Israel Institute of Technology, Haifa, Israel.
He acquired his expertise in SQA through many years of consulting, teaching, and writing in the field. His courses include software quality assurance, analysis and design of information systems, and strategic information systems. Dr. Galin has been a member of staff at the faculty of the Lander Institute in Jerusalem and the Ruppin Academic Center, where he headed the Information Systems Studies.
Dr. Galin published a book entitled Software Quality Assurance: From Theory to Implementation (Addison-Wesley, 2004), and an earlier book on the same topic, coauthored with Dr. Z. Bluvband, entitled Software Quality Assurance, (Opus, 1995 – in Hebrew). Many of his papers have been published in English language professional journals. Dr. Galin has also authored additional books in Hebrew, which were published by Israel's leading publishers.
Guides for Special Groups of Readers
Among the readers interested in software quality assurance, one can distinguish two special groups:
Readers interested in the ASQ (American Society for Quality) CSQE BOK E (Certified Software Quality Engineer body of knowledge).
Readers interested in the QAI (Quality Assurance Institute) CSQA CBOK (Certified Software Quality Analyst common body of knowledge).
Guide to the ASQ's CSQE Body of Knowledge
Almost all the elements of the CSQE (Certified Software Quality Engineer) body of knowledge, as outlined in ASQ (American Society for Quality), are available in the book. The following table directs the reader to the relevant chapters and sections.
CSQE BOK 2016 Table
CSQE BOK chapter
CSQE BOK subject
Book reference
I. General knowledge
A
Benefits of software quality engineering
Section 1.1, Chapter 18
B
Ethical and legal compliance
—
C
Standards and models
Appendices A and B
D
Leadership skills
Chapter 4
E
Team skills
Chapter 23
II. Software quality management
A
Quality management system
Sections 6.1, 7.4, 20.3, and 20.5, Chapter 11
B
Methodologies
Chapters 9, 13, and 19
C
Audits
Sections 6.2, 12.4, and 15.5
III. System and software engineering
A
Lifecycle and process models
Appendices .D.1, D.3, and D.5
B
System architecture
—
C
Requirement engineering
Chapter 2
D
Requirement management
Chapter 22
E
Software analysis, design and development
Chapter 2, Appendix D
F
Maintenance management
Chapter 15
IV. Project management
A
Planning, scheduling, and deployment
Sections 7.4–7.6
B
Tracking and controlling
Section 6.2, Appendix C
C
Risk management
Section 7.4
V. Software metrics and analysis
A
Process and product measurement
Chapters 16 and 21
B
Analysis and reporting techniques
—
VI. Software verification and validation
A
Theory
Chapters 12 and 14
B
Test planning and design
Chapter 14, Section 20.5 and 20.6
C
Reviews and inspections
Chapter 13
D
Test execution documents
Sections 14.7 and 14.8
VII. Software configuration management
A
Configuration infrastructure
Section 25.3
B
Configuration identification
Section 25.2
C
Configuration control and status accounting
Section 25.6
D
Configuration audits
Section 25.9
E
Product release and distribution
Sections 25.3, 25.7, and 25.8
Guide to the QAI's CSQA Common Body of Knowledge
Almost all the elements of the CSQA (Certified Software Quality Analyst) common body of knowledge, as outlined in the QAI (Quality Assurance Institute), are available in the book. The following table directs the reader to the relevant chapters and sections.
CSQA CBOK 2012 Table
CSQA CBOK chapter
CSQA CBOK subject
Book reference
SC1. Quality principles and conceptions
1.1
Vocabulary of quality
Section1.1
1.2
The different views of quality
Section 1.1, Chapter 2
1.3
Quality concepts and practices
Section 1.3,
1.4
Quality control and quality assurance
Section 1.6
1.5.
Quality pioneers approach to quality
—
SC2. Quality leadership
2.1
Leadership concepts
Section 6.2
2.2
Quality management infrastructure
Chapter 4
2.3
Quality environment
Section 3.3
SC3. Quality baseline
3.1
Quality baseline concepts
Section 25.2
3.2
Methods used for establishing baselines
Section 25.3
3.3
Models and assessment fundamentals
Appendices B.5 and B.6
3.4
Industry quality models
Appendices A and B
SC4. Quality assurance
4.1
Establishing a function to promote and manage quality
Sections 3.3, 4.5, Chapter 6
4.2
Quality tools
Appendix C
4.3
Process deployment
—
4.4
Internal auditing and quality assurance
Appendix C.5
SC5. Quality planning
5.1
Planning concepts
Sections 7.2 and 7.4
5.2
Integrating business and quality planning
—
5.3
Prerequisites to quality planning
Section 7.3
5.4
The planning to mature IT work processes
Section 7.4, Appendices B.5.3 and B.6.3
SC6. Define, build, implement, and improve work processes
6.1
Process management concepts
Section 18.1
6.2
Process management processes
—
SC7. Quality control practices
7.1
Testing concepts
Section 14.1
7.2
Developing testing methodologies
Section 14.3
7.3
Verification and validation methods
Sections 14.5 and 14.6
7.4
Software change control
Chapter 22
7.5
Defect management
Section 21.3
SC8. Metrics and measurements
8.1
Measurement concepts
Section 16.2.1
8.2
Measurement in software
Chapters 16 and 21
8.3
Variation and process capability
Appendices B.5.2 and B.6.3
8.4
Risk management
Section 7.3, Appendix C.3
8.5
Implementing and measurement program
Section 16.2.4 and 21.7
SC9. Internal control and security
9.1
Principles and concepts of internal control
Section 6.1
9.2
Risk and internal control models
—
9.3
Building internal controls
Chapter 6
9.4
Building adequate security
—
SC10. Outsourcing, COTS, and contracting quality
10.1
Quality and outside software
Sections 20.3 and 20.4
10.2
Selecting COTS software
Sections 20.5 and 20.6
10.3
Selecting software developed by outside organizations
Section 20.5.1
10.4
Contracting for software developed by outside organizations
Sections 20.5.1 and 20.6.1
10.5
Operating for software developed by outside organizations
Section 20.3 and 20.6.2
Part I Introduction
The opening part of the book presents definitions and background subjects related to software quality:
SQA – definitions and concepts (Chapter 1)
Software quality factors (attributes) (Chapter 2)
SQA challenges (Chapter 3)
Organization for assuring software quality (Chapter 4)
An additional chapter, Chapter 5, presents “the world of SQA”, an overview of the book.