CPSC 310 Software Engineering. Quality

Similar documents
Bugs are costly... Kinds of Quality Assurance

An Investigation of the Therac-25 Accidents by Nancy G. Leveson and Clark S. Turner. Catherine Schell CSC 508 October 13, 2004

MCGILL UNIVERSITY Montreal, Quebec September 20 21, A DMAIC Framework for Improving Software Quality in Organizations: Case Study at RK Company

cis20.2 design and implementation of software applications 2 spring 2010 lecture # I.2

the software world... software engineering? software engineering: one definition

Chapter 6. Software Quality Management & Estimation

What is SQA? Software Quality Assurance. Quality Concepts. Quality Concept (cont.)

Software Quality Management

SOFTWARE DEVELOPMENT. Process, Models, Methods, Diagrams Software Development Life Cyles. Part - V

PMP Practice Questions

Chapter 26. Quality Management

Exam questions- examples

Background and Incidents Denials and Coverups Investigation and Action Technical Causes Organizational Causes Stakeholder R.

Introduction to Agile Life Cycles. CSCI 5828: Foundations of Software Engineering Lecture 07 09/13/2016

Project Quality Management. Prof. Dr. Daning Hu Department of Informatics University of Zurich

7. What is planning? It is an act of formulating a program for a definite course of action. Planning is to decide what is to be done.

Agile Quality Management

Chapter 1. What is Software Engineering. Shari L. Pfleeger Joanne M. Atlee. 4 th Edition

This document describes the overall software development process of microcontroller software during all phases of the Company Name product life cycle.

THERAC-25. Computerized Radiation Therapy. Report by: TROY GALLAGHER

Object-Oriented Software Engineering Practical Software Development using UML and Java. Chapter 11: Managing the Software Process

Lecture 8 Agile Software Development

Information Technology Project Management, Sixth Edition

Software verification and validation. Introduction

Cambridge University Press Agile Testing: How to Succeed in an Extreme Testing Environment John Watkins Excerpt More information

Chapter 1. Contents. What is Software Engineering 9/9/13. Shari L. Pfleeger Joanne M. Atlee. 4 th Edition

Analysis of Software Artifacts

Agile Test Plan How to Construct an Agile Test Plan

Computer Science Introductory Course MSC - Software engineering

Quality Concepts. Slide Set to accompany. Software Engineering: A Practitioner s Approach, 7/e by Roger S. Pressman

Introduction To Software Testing. Brian Nielsen. Center of Embedded Software Systems Aalborg University, Denmark CSS

Lecture 2: Software Quality Factors, Models and Standards. Software Quality Assurance (INSE 6260/4-UU) Winter 2016

Capability Maturity Model the most extensively used model in the software establishments

Chapter 4 Document Driven Approach for Agile Methodology

SOFTWARE QUALITY IN 2002: A SURVEY OF THE STATE OF THE ART

6 SAFETY CULTURE ESSENTIALS

CSC 408F/CSC2105F Lecture Notes. Quality Matters

Software Inspections and Their Role in Software Quality Assurance

A Practical Approach to Project Management in a Very Small Company

ROEVER ENGINEERING COLLEGE Elambalur,Perambalur DEPARTMENT OF CSE SOFTWARE QUALITY MANAGEMENT

Software Engineering Lecture 5 Agile Software Development

Customer Service Interview Questions

Slides copyright 1996, 2001, 2005, 2009 by Roger S. Pressman. For non-profit educational use only

Product Modeling and Model Testing SAP s Product Modeling Environment (PMEVC) + espline s Avenue Enhancements

White Paper. Label Mix-up Prevention Using Vision to Improve the Labeling Process CI-VISION. Vision Inspection

Computer Science and Software Engineering University of Wisconsin - Platteville 1. Introduction To Software Engineering

Management of Software Engineering. Ch. 8 1

Test Management Forum

By: Ronny Trefftzs CSCI 5828: Foundations of Software Engineering Spring 2012 Professor: Kenneth Anderson


Testing Masters Technologies

QS 9000 Awareness Information. Cayman Systems USA Elsmar.com Introduction to QS9000

The Quality Paradigm. Quality Paradigm Elements

Lecture 1. Topics covered. Rapid p development and delivery is now often the most important requirement for software systems.

Lecture 1: Software Measurement. Marlon Dumas

Contract Interpretation The grievance alleges that a provision of the contract, other than the just cause provision, was violated.

SOFTWARE QUALITY ASSURANCE (SQA) Chapter 1

Registration Details. How to Interpret the Report?

SCRUM - LESSONS FROM THE TRENCHES

SWEN 256 Software Process & Project Management

R.POONKODI, ASSISTANT PROFESSOR, COMPUTER SCIENCE AND ENGINEERING, SRI ESHWAR COLLEGE OF ENGINEERING, COIMBATORE.

Requirements Gathering using Object- Oriented Models

Software Development Life Cycle

Chapter 1: Introduction

Public relations can often get a bad

Software Development Software Development Activities

Legacy System Modernization Using Open Source Tools and Agile. Adam D Angelo

FAQ: Implementation Complete Phase

Marketing Automation: One Step at a Time

THE FUTURE CONTENTS. Software Testing

Software Quality. A Definition of Quality. Definition of Software Quality. Definition of Implicit Requirements

Quality 24 Process Improvement 26 Real processes. Product Quality. Quality Management. Quality Management. Quality Plan

Agile Development Processes. CSCE Lecture 3-08/31/2017

Requirements: Into the Mind of the Author

A Review Paper on Software Testing

Applying the Personal Software Process (PSP) sm with Ada

Course Information. Course Topics

Small business guide to hiring and managing apprentices and trainees

ORION RESOURCES Solving the puzzle of smart hiring. Retained Search Quality A La Carte

How to Run Agile Development for SAP

Introduction to Software Life Cycles and Agile. CSCI 5828: Foundations of Software Engineering Lecture 03 09/02/2014

18-642: Software Development Processes

SOFTWARE QUALITY IN 2002: A SURVEY OF THE STATE OF THE ART

SOFTWARE QUALITY IN 2002: A SURVEY OF THE STATE OF THE ART

General Data Protection Regulation

Software Engineering

Sample Exam ISTQB Agile Foundation Questions. Exam Prepared By

Performance Appraisals. Time to educate and communicate as well as evaluate. -Brayton Bowen

ICS 52: Introduction to Software Engineering

Rapid software development. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 17 Slide 1

The DOs and DON Ts of Software Projects

Introduction to Systems Analysis and Design

Dependable Technologies For Critical Systems. Software Verification. 22 nd May Technologies Ltd 2011 Critical Software


T52-Software Engineering

Foundations of Software Engineering. Lecture 16: Process: Linear to Iterative Michael Hilton

Foundations of Software Engineering. Process: Agile Practices Michael Hilton

Scaling Software Agility:

Appendix C: MS Project Software Development Plan and Excel Budget.

Objectives. Rapid software development. Topics covered. Rapid software development. Requirements. Characteristics of RAD processes

Transcription:

CPSC 310 Software Engineering Quality

Learning Goals By the end of this unit, you will be able to: Describe aspects that affect software quality other than code quality Explain the benefits of high quality code Explain why we can t sufficiently measure code quality with testing alone Describe mechanisms for improving code quality (code reviews, pair programming, refactoring, software metrics) 3

Therac-25 Computerized radiation therapy machine Shallow tissue: direct electron beam Deeper tissue: electron beam converted into X-ray photons accidents occurred when high-energy electron-beam was activated without target having been rotated into place; machine's software did not detect this First case in 1984: lawsuit but manufacturer refused to believe in a malfunction of Therac-25 Second case in 1985: display indicated no dose so operator repeated 5 times; patient died 3 months later Overall six accidents with ~100 times the intended does between 1985 and 1987; 3 patients died See more at http://courses.cs.vt.edu/cs3604/lib/therac_25/therac_1.html 4

Therac-25: some problems The design did not have any hardware interlocks to prevent the electronbeam from operating in its high-energy mode without the target in place. The engineer had reused software from older models. These models had hardware interlocks and were therefore not as vulnerable to the software defects. The hardware provided no way for the software to verify that sensors were working correctly. The equipment control task did not properly synchronize with the operator interface task, so that race conditions occurred if the operator changed the setup too quickly. This was evidently missed during testing, since it took some practice before operators were able to work quickly enough for the problem to occur. The software set a flag variable by incrementing it. Occasionally an arithmetic overflow occurred, causing the software to bypass safety checks. from: Stephen Dannelly 5

Many factors: Therac-25 Programming errors / race conditions No independent review of software Inadequate risk assessment together with overconfidence in software Therac-25 software and hardware combination never tested until assembled at the hospital poor human computer interaction design a lax culture of safety in the manufacturing organization management inadequacies and lack of procedures for following through on all reported incidents 6

What is Software Quality? According to IEEE The degree to which a system, component or process meets the specified requirements. The degree to which a system, component or process meets the customer or user needs and expectations. 9

What is Software Quality? According to Roger Pressman Conformance to explicitly stated functional and performance requirements, explicitly documented development standards, and implicit characteristics that are expected of all professionally developed software. 10

Software Quality Attributes ISO9126: Functionality: the ability of the system to do the work for which it was intended, incl Security. Reliability: can it maintain performance? Maintainability: can it be modified? Efficiency: performance and resource consumption. Usability: effort needed to use the system. Portability: can the system move to other environments? Quality can be process, internal, external, or in-use 17

Overall Quality Quality is a chain: good process good internal quality good external quality happy customer! Assessing quality: Quality Assurance (QA): test the process quality (CMM, ISO9000, TQM, etc) (Independent) V&V Verification: did we build it right? internal Validation: did we meet requirements? external

Code Quality In this lecture, we focus on code quality Requirements Design Code Test 11

Not the only element of Software Quality Software Quality Code Quality 12

Other elements of Software Quality Faulty definition of requirements Client-developer communication failures Logical design errors Shortcomings of the testing process Procedure errors Time management problems 13

Joel Test: 12 steps to better code 1. Do you use source control? 2. Can you make a build in one step? 3. Do you make daily builds? 4. Do you have a bug database? 5. Do you fix bugs before writing new code? 6. Do you have an up-to-date schedule? 7. Do you have a spec? 8. Do programmers have quiet working conditions? 9. Do you use the best tools money can buy? 10. Do you have testers? 11. Do new candidates write code during their interview? 12. Do you do hallway usability testing? see http://www.joelonsoftware.com/articles/fog0000000043.html

An Example char b[2][10000],*s,*t=b,*d,*e=b+1,**p;main(int c,char**v) {int n=atoi(v[1]);strcpy(b,v[2]);while(n--) {for(s=t,d=e;*s; s++){for(p=v+3;*p;p++)if(**p==*s) {strcpy(d,*p+2);d+=strlen( d); goto x;}*d++=*s;x:} s=t;t=e;e=s;*d++=0;}puts(t);} Is there anything wrong with this code? 16

Ingredients in low-quality code What could you do to make sure your code was bad?

Recipe for a Disaster Ignore what the customers say they want the developers surely must know better. Put in all the features that could potentially ever be useful. Do not worry about quality aspects (and ignore the related practices) until the deadline approaches. Do not waste time on design or documentation after all, code is the most important thing and time is already too short to do all that needs to be done. 20

Some of the Major Mechanisms for Quality Code Cultural mechanisms Teamwork / Team-Building Organizational Values Human mechanisms Code Reviews Refactoring Automatic mechanisms Style checkers Quality Metrics

Cultural Mechanisms Teamwork / Team-Building Organizational Values

Teamwork / Team Building No matter what the problem is, it s always a people problem. - Jerry Weinberg Techniques Ice-breaker Personality test Casual meetings Inclusive teams Open communication Transparent decision making Foosball? 23

Organizational Values The structure of a computer program reflects the structure of the organization that built it. - Conway s Law Rigid hierarchical structure Decisions are handed down, no ability to dispute Less input into each decision, less motivation? Less discussions could lead to faster decisions (although ) Flexible, collaborative, team-based structure Better decisions through collaboration Different people focus on different issues, cover all bases http://research.microsoft.com/apps/pubs/default.aspx?id=70535 24

Human Mechanisms Code Reviews Refactoring 26

Code Reviews Formal code review meetings Well defined, specific participant roles and responsibilities, documented review procedure, reporting of process Lighter weight methods of code reviews Tool-assisted code review Ad-hoc review (over-the-shoulder) Peer deskcheck / Email pass-around Pair programming See more at http://www.atlassian.com/software/crucible/learn/codereviewwhitepaper.pdf 27

Formal Review Meetings 28

Formal Reviews Reviewee (Author) Be quiet while you listen to the entire criticism/ question Deliver defense in term of the problem you were trying to solve Your code is on trial, not you! 29

Formal Reviews Reviewer Criticize the code, not the developer Before declaring a piece of code wrong, ask why it was done the way it was Remember: this is your colleague and s/he will be reviewing you in the future 30

Formal Reviews Moderator Keep review flowing Keep people on topic Break infinite loops 31

Formal Reviews Recorder Take notes describing the defects that were detected 32

Formal Reviews Praise! Make sure to notice something unique or elegant Acknowledge when a developer is trail blazing 33

Formal Reviews Problems Real problems are interpersonal Watch for: Personal instead of code criticism Axe grinding Stylistic criticism 34

Lighter weight methods of code reviews Tool-assisted code review: Authors and reviewers use specialized tools designed for peer code review. Ad-hoc review (over-the-shoulder): One developer looks over the author's shoulder as the latter walks through the code. Peer deskcheck: (Only) one person besides the developer reviews the code. Email pass-around: Multiple developers may be involved in a concurrent, online deskcheck or source code management system emails code to reviewers automatically after a check-in Pair Programming: Two authors develop code together at the same workstation such as is common in Extreme Programming.

Tool-assisted code review There are many examples of tools you can use for code reviews! e.g. -ReviewBoard (http://www.reviewboard.org) -Code Collaborator (http://smartbear.com/ products/software-development/code-review)

Pair Programming (1) Increased discipline. Pairing partners are more likely to "do the right thing" and are less likely to take long breaks. Better code. Pairing partners are less likely to produce a bad design due to their immersion, and tend to come up with higher quality designs. Multiple developers contributing to design. If pairs are rotated frequently, several people will be involved in developing a particular feature. This can help create better solutions, particularly when a pair gets stuck on a tricky problem. Improved morale. Pair programming can be more enjoyable for some engineers than programming alone.

Pair Programming (2) Collective code ownership. When everyone on a project is pair programming, and pairs rotate frequently, everybody gains a working knowledge of the entire codebase. Mentoring. Everyone, even junior programmers, possess knowledge that others don't. Pair programming is a painless way of spreading that knowledge. Team cohesion. People get to know each other more quickly when pair programming. Pair programming may encourage team gelling.

Refactoring Quality of code decays over time Need to spend time cleaning up Common problems: Duplicated code Hard-to-read code Long methods! No refactoring = lazy programming 41

Software metrics Variety of measures proposed for assessing software quality and complexity: Function points, cyclomatic complexity, fan-in/fan-out All of them are highly correlated with LOC. Metrics are highly context-sensitive. Most substantial effort: COCOMO and COQUALMO models from USC/Barry Boehm! More objective metrics come from dynamic analysis (profiling) http://en.wikipedia.org/wiki/project_management_triangle

Process metrics Velocity and burndown charts: How many stories are left? How many story points are we finishing per day (throughput) Lead time: What is time between task creation and task close? Work in progress: How many items are we still working on? Capture these last two measures using a Cumulative Flow Diagram to measure throughput. One characteristic of a Kanban approach to organizational change.

Summary Software Quality is a large problem Code quality is an important part of it Code quality is difficult to assess directly Usually associated to process quality Good mechanisms for these processes Cultural, Human, Automatic Pair programming, software metrics Good design Good code In a future lecture: Refactoring and code smells 55

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback