11-QA-1 - Copy
Software Quality Assurance Overview
Course: Software Quality Assurance Verification and Validation (Part I)
Instructor: Lili Wei
Semester: Fall 2024
What is Software Quality?
Definition (IEEE):
The degree to which a system, component, or process meets specified requirements, customer needs, or user expectations.
Improvement:
Achieved through Software Quality Assurance (SQA).
Key Activities in Software Quality Assurance
Software Verification
Question Addressed: "Are we building the product right?"
Focus:
Ensuring the product meets specifications.
Software Validation
Question Addressed: "Are we building the right product?"
Focus:
Verifying that specifications meet user requirements.
Verification and Validation (V&V) Techniques
There are two varieties of V&V techniques:
Static V&V
Description: Analysis of code without execution.
Dynamic V&V
Description: Analysis conducted through code execution.
Static V&V
Objective:
Conduct V&V without running the software.
Methods:
Software inspections & reviews.
Static analysis.
Software Inspections & Reviews
Purpose: Discover problems using knowledge of the system and technologies.
Advantages over Dynamic V&V:
Can inspect incomplete versions.
Improves knowledge sharing and problem-solving.
Goes beyond simply finding bugs; it also identifies inefficiencies and style issues.
Static Analysis
Description:
Scans code without execution to provide quick analysis results.
Purpose:
Enables static bug detection.
Examples of Static Analysis Tools
Tools Used:
COVERITY by SYNOPSYS
clang
Lint
CodeRush
Fortify
Silent Code Cleanup
Infer
Intellij
Function: Identify and report issues by matching common patterns in code.
Static Analysis Pattern Example
Code Snippet: Illustrative of common static analysis issues.
List<Integer> list = null; int length = random.nextInt(); if (length > 3) { list = new ArrayList<>(); for (int i = 0; i < length; i++) { list.add(i); } } list.add(-1);
Implementation of Static Analyzers
Course: ECSE 561 - Automated Program Analysis and Testing
Objective:
Foundation in software analysis and testing techniques, fault models, and test coverage models.
What is Software Testing?
Definition:
A formal process where software is examined by executing the programs to identify defects.
Software Faults, Errors, and Failures
Definitions
Software Fault:
A static defect, often due to human error.
Software Error:
An incorrect internal state resulting from a fault.
Software Failure:
Observable incorrect behavior relative to expected requirements.
Related Questions
Software Bug:
Can refer to faults or failures depending on context.
Software Testing Purpose:
Involves finding inputs that cause failures.
Debugging:
Process of finding a fault based on a failure.
Challenges in Testing
Quote by E. Dijkstra:
"Program testing can be a very effective way to show the presence of bugs, but it is hopelessly inadequate for showing their absence."
Real-world Testing Challenges
Difficulties in Triggering Failures:
Dependent on environment and edge cases.
Exhaustiveness:
It's nearly impossible to exhaustively test software due to large input and state spaces.
Example: Testing integer inputs in a given range.
Exercising Software Logic Paths
Illustration:
Number of paths increases exponentially with conditions in loops.
Path Complexity requires extensive testing exercises in complex algorithms.
User Behavior Prediction Challenges
Example Scenario:
Predicting user interactions can lead to unanticipated software behavior.
Testing Analogies:
Software testing can be likened to structural testing of other systems, such as a bridge, revealing the complex nature of testing software.
Quality Assurance and Risk Management
Objective:
Strike a balance between testing costs and the risk of undetected bugs.
Reality of Bugs in Software Development
Actual Practice:
Not all bugs are resolved due to constraints like time and risk of introducing new issues.
Perceptions of Bugs:
Circumstances and pressure may influence how bugs are categorized.
Upcoming Topics
Next Focus: Different test types in software quality assurance.