CPSC 544: Software Standards

Part III: The Defined Process

  • Organizations transition from CMMI Level 2 to Level 3 for stable project performance and process improvement.

  • Level 3 focuses on proactive, standardized, and integrated processes across the organization.

  • Key focus areas for improvement:

    • Standards

    • Software inspections

    • Testing

    • Advanced configuration management topics

    • Process models and architecture

    • Software Engineering Process Group (SEPG)

Software Standards

  • Definition: A formal, documented agreement providing uniform criteria or methods for assessing objects or activities.

  • Two types relevant in software:

    • Product Nature: Specifies attributes of the software product itself (e.g., code style, documentation content).

    • Work Performance: Dictates processes and methods used to produce software (e.g., design methodologies, testing procedures).

  • Standards inform procedural specifics for reviews and audits.

Benefits of Standards

  • Establish common practices across teams and projects.

  • Facilitate integration and system testing.

  • Promote consistent use of tools and methods.

  • Enhance maintainability of software products.

  • Improve communication and aid in training.

Establishing Software Standards

  • Develop an overall plan considering:

    • Available standards (industry, open-source, internal)

    • Priority needs (critical areas for impact)

    • Project status (adaptability, phase-in)

    • Staff skills (realism, training needs)

    • Enforcement mechanisms

  • Prioritize manageable and beneficial standards, introduced incrementally.

  • Categories for emphasis:

    • Management and planning standards

    • Development process standards

    • Tool and process standards

Standards Development Process

  1. Define standards strategy and priorities with stakeholder input.

  2. Review and maintain strategy periodically for alignment with goals and technology.

  3. Develop high-priority standards collaboratively with multidisciplinary teams.

  4. Distribute and test draft standards with pilot projects, revise based on feedback.

Maintaining Standards

  • Keep standards current to reflect practice and technology changes.

  • Regular review is essential due to new tools, regulatory changes, or project feedback.

  • Assign responsibilities for standard maintenance (e.g., SEPG or domain experts) for systematic updates.

Enforcing Standards

  • Main role of Software Quality Assurance (SQA) involves regular reviews and tests to verify compliance.

  • Methods of enforcement:

    • Exhaustive reviews: For critical documents and artifacts (e.g., designs, safety-critical code) to ensure full adherence.

    • Statistical sampling: For less critical or high-volume artifacts (e.g., source code files) to assess overall compliance efficiently.

  • Enforcement includes documenting non-compliance, corrective actions, and incorporating lessons learned.

Standards Versus Guidelines

  • Standards: Rigid, mandatory requirements providing uniform ways of doing things; strict adherence expected (e.g., security protocols).

  • Guidelines: Recommendations and best practices allowing for judgment and flexibility; not mandatory (e.g., preferred architectural patterns).

  • Standards enforce, while guidelines advise. The choice depends on criticality, need for uniformity, and required flexibility.