Software Engineering & Quality
• Appreciate the various elements which would affect quality in software engineering (SE is synonymous as systems development in this context) • Use real life examples to demonstrate some of the practical issues
The University of Hong Kong Raymond Tang
1 12 September 2006
CS 0404 module# 2
Objectives
Definition
Contents • Definition of software engineering • Software engineering and quality • The key elements and checkpoints in the Systems development life cycle (SDLC) • Systems development approaches, processes, tools and techniques
3 12 September 2006
CS 0404 module# 2
The Process – Making a Cake
• Software engineering (SE)* is the application of a systematic, disciplined, quantifiable approach to the development, operation, maintenance of software. • SE deploys statistical means so that the product deliverables can be predictable, repeatable and consistent.** • SE works from a set of desired functions….. the product is developed by phases, where quality is built in throughout these phases CS 0404 module# 2
CS 0404 module# 2
IT Audit
Processing
4 *Source: IEEE
**Source: Agile Software Development, by Alistair Cockburn 12 September 2006
The Process – Building a System
Input Input
2 12 September 2006
CS 0404 module# 2
Processing
Output
Output 5 12 September 2006
CS 0404 module# 2
6 12 September 2006
1
Method, Methodology and Process
Systems Development Life Cycle
Method – It is the step by step procedure on doing things. It is formulated in terms of the concept of architecture. For example, the method of building a stone house is different from building a log house Methodology – It is the science of methods. It deals with conceptual thinking. With the understanding of the methodology, we will discover new method of doing things Process – It is established through careful examination of the available methods, tools and the nature of the work. For example, producing a chemical substance in the lab differs greatly from producing the same chemical commercially. In the lab, the goal is to find a method to produce the chemical. To make this method appropriate for large scale industrial use, a process must be defined. This usually means changing the working method. 7 12 September 2006
CS 0404 module# 2
Systems Development Life Cycle (cont’)
Planning
Definition
Feasibility & Analysis
Test Level Assessment
User Requirements Definition
Development
System Design
System Construction
System Testing
Test Design
Test Plan Environ. Set-up
Implementation
System Implementation
User Acceptance Execution Plan Data Prep
Post-impl
System Operation and Support
Sign-off
Stability
Test Report
Defect Managem't
Unit/String Test Quality Assurance Program
SDLC Speed
8 12 September 2006
CS 0404 module# 2
Systems Development Approach Typical Approaches* are: • Waterfall • Prototyping • Spiral • Iterative
Typical SDLC Phases: • • • • • • •
Project Management
Feasibility Analysis Design (include architecture) System Construction (Coding) Testing (Quality Control) User Acceptance Implementation
As projects are different in many cases, the choice of the right system approach would help improve project success and quality 9 12 September 2006
CS 0404 module# 2
CS 0404 module# 2
SDLC – Waterfall Approach*
*Source: Metrics and Models in Software Quality Engineering, by Stephen H. Kan
10 12 September 2006
SDLC – Spiral Approach*
System leasibility Validation
Cumulative cost Prograss through steps
Software plans and requirements Validation
Evaluate alternatives, identify, resolve risks
Determine objectives, alternatives, constraints
Product design
Risk analysis
Verification
Risk analysis
Risk analysis Risk Prototype 2 analysisPrototype 1
Detailed design
Review
Verification
Commitment
Requirements plan Concept of life-cycle plan operation
Code
Prototype 3
Software requirements Software product design
Development Requirements validation plan
Unit test
Integration and test plan
Integration Product verification
Plan next phases
Operational prototype
Simulations, models, benchmarks
Design validation and verification
Detailed design
Unit Integration and test test
Code
Acceptance Implementation test
Implementation
Develop, verify next-level product
System test
CS 0404 module# 2
IT Audit
Operations and maintenance
*Source: Barry Boehm
Revalidation
11 12 September 2006
CS 0404 module# 2
*Source: Barry Boehm
12 12 September 2006
2
SDLC & Quality* User Requirements Management
Turning An Idea to Product
Software Project Management Software Outsourcing Software Quality Assurance
Post Implementation Support
CS 0404 module# 2
Change Control
Software Testing
13 12 September 2006
*Source: Software Quality Assurance Model, HKPC
Customer vs Software Engineer Customer View
Idea Formulation
Authorisation of In-depth product definition Specification
Source of Rework in the SDLC Systems Dev Time
Product Management Customer Service
Sensing the Market
14 12 September 2006
CS 0404 module# 2
Design Testing Integration Stabilisation/Implementation
Testing Time
We need to focus on the areas in the SDLC which often cause us quality problems
Rework Time
60 50
SDLC Phases
Requirement Design Coding Testing Others
40 30 20 10
Development Team View
0 15 12 September 2006
CS 0404 module# 2
Others
Rework - A Notional View
CS 0404 module# 2
16 12 September 2006
SD Techniques
Systems Engineering Effort
• Prototypes Project Overrun*
Project Completed* 9%
47%
91%
CS 0404 module# 2
IT Audit
*Source: Standish Group, May 1994
– Time-box approach with all stakeholders
• Joint requirement definition • Joint application design • Peer reviews such as inspections, reviews and walkthroughs*
53%
53% of projects overrun their budgets, by as much as 180%
– Paper vs demonstrative
• Rapid application development
Only 9% of projects are successfully completed
17 12 September 2006
CS 0404 module# 2
*Source: ‘Peer Reviews in Software’ by Karl E. Wiegers
18 12 September 2006
3
Testing
Quality Design – some examples • • • • • •
• • • • • • • • •
Modular vs tightly coupled system design Unique transaction identifier Master and slave relationship One directional transaction flow System checkpoint files Pull and push of data ….. These are also controls which IT auditors are looking for too
CS 0404 module# 2
19 12 September 2006
Unit test, string test, sub-system test – ‘white box’ Quality control (QC) function test – ‘grey box’ Acceptance and operability tests – ‘black box’ Regression test Volume test Stress test Performance test Penetration test Hacking test …….. 20 12 September 2006
CS 0404 module# 2
Project Management Quality Assurance
Fundamental to the success of a project ……. ‘Project Management Body of Knowledge’*:
• To identify root cause of each problem • To determine if there is any problem patterns or trends • Assist developers and users to focus on enhancing specific processes, tools and techniques
CS 0404 module# 2
• • • • • • • • • 21 12 September 2006
Project integration management Project scope management Project time management Project cost management Project quality management Project human resource management Project communications management Project risk management Project procurement management
CS 0404 module# 2
*Source: Project Management Institute
22 12 September 2006
Reading Material Summary
• Information Technology Project Management, by
• SE has many pieces of the action which make the final product work • To make it work well (with quality), we need to understand and deploy the right approach, process, tool and technique…. under the leadership of a good project management
• Bank of Montreal’s Development Methodology • DMR ‘P+’ Standard Documentation Templates • Software Engineering-Principles and Practice, by
Kathy Schwalbe
Hans Van Vliet, chapter 2
• Quality Software Project Management, by Robert Futrel, Donald Shafer and Linda Shafer, chapter 4
• Hong Kong Software Quality Assurance Model, www.hkpc.org/itd/sqamodel
CS 0404 module# 2
IT Audit
23 12 September 2006
CS 0404 module# 2
24 12 September 2006
4
Reading Material (cont’) • Enterprise Knowledge Management – The Data Quality Approach, by David Loshin • Agile Software Development, by Alistair Cockburn • Software Engineering, 7th Edition, by Ian Sommerville
CS 0404 module# 2
IT Audit
25 12 September 2006
5
