CPSC 544: Software Quality Assurance

Software Quality Assurance (SQA)

  • SQA monitors methods/standards used by software experts and verifies proper application of expertise.

  • SQA expertise includes statistical methods, quality control principles, software process knowledge, and interpersonal skills in contentious situations.

  • SQA ensures the established process is actually being implemented.

Quality Management

  • Quality: Characteristic or attribute of something; measurable characteristics compared to known standards.

    • Quality of Design: Characteristics specified by designers.

    • Quality of Conformance: Degree to which design specifications are followed during manufacturing.

  • Software Quality: Encompasses requirements, specifications, and system design (design); primarily implementation (conformance); and user satisfaction (compliant product + good quality + delivery within budget/schedule).

  • Quality Control (QC): Inspections, reviews, and tests to ensure work products meet requirements.

  • Quality Assurance (QA): Auditing and reporting functions assessing effectiveness of QC activities.

  • Quality Management (SQA): Umbrella activity throughout the software process, providing management data on product quality.

  • Encompasses: SQA process, specific QA/QC tasks, effective SE practice, control of work products, compliance with standards, measurement and reporting.

The Role of SQA

  • Goal: Improve software quality by monitoring software and development process; ensure compliance with standards; bring inadequacies to management's attention.

  • SQA audits the quality actions of the line organization and alerts management to deviations.

  • Requires cooperation and support with development.

  • Responsibilities: Review plans, moderate inspections, review test plans/results, audit SCM, participate in reviews, ensure documentation, control changes, emphasize high-risk testing, verify task completion, expose deviations, ensure auditability, verify QC standards, ensure plan compatibility.

  • SQA reporting should be independent of the software development manager, reporting to a high enough management level.

Launching the SQA Program

  • First Step: Secure top management agreement on SQA goals.

  • Eight Steps: Initiate, identify issues, write plan, establish standards, establish function, conduct training/promote, implement, evaluate.

  • A statistically sound sampling approach is essential for reviewing development actions and products.

The SQA Plan

  • Each project needs a Software Quality Assurance Plan (SQAP) specifying goals, SQA tasks, standards, procedures, and organizational structure.

  • Sections include: Purpose, reference documents, management, documentation, standards (documentation, logic, coding, commentary), reviews and audits (technical, managerial), software configuration management, problem reporting, tools/techniques, code/media/supplier control, records collection.

SQA Considerations

  • Common reasons for SQA failure: Insufficiently experienced/knowledgeable staff, incapable SQA management, lack of senior management backing, lack of documented/approved development standards, unverifiable quality plans.

SQA People

  • Getting good SQA people is difficult; one solution is requiring new development managers to serve in SQA first.

  • Effectiveness requires good people and full management backing.

Independent Verification and Validation (IV&V)

  • Role: Independent monitor of development for the customer, ensuring customer needs are reflected in the work.

  • Distinction from SQA: SQA monitors internal organization; IV&V monitors for the customer.

  • IV&V can leverage SQA's work; if SQA is effective, IV&V need not duplicate; if not, IV&V highlights shortcomings for correction.

  • Ensures right skills/attitudes are in place and addresses key risks/feasibility issues, looking beyond standards.