Software Quality, Standards, and Certification

Questions and Answers

Which of the following is NOT a typical benefit of high-quality software?

• Enhanced business revenue and reputation
• Increased customer satisfaction
• Reduced maintenance costs
• Guaranteed absence of all software defects (correct)

What does software quality primarily refer to?

• The popularity of a software application
• The amount of code written for a software project
• The speed at which software is developed
• The degree to which software meets specified requirements (correct)

Which of the following is an example of 'product quality' in software development?

• A mobile app that runs smoothly and meets functional requirements (correct)
• Employing continuous integration practices
• Assessing process maturity using CMMI
• Using agile development methodologies

Which activity is most closely associated with 'process quality' in software development?

Using coding standards and best practices (D)

Which of the following is NOT an international standard related to software quality?

IEEE 1234 (A)

Which of these focuses on organizational-level certifications in software development?

ISO 9001 Certification (A)

What is the first step an organization should take when seeking a quality certification in software development?

Identify the relevant certification (C)

Which activity is undertaken during the 'Gap Analysis' step in obtaining quality certification?

Comparing current processes against certification requirements (C)

What is the primary focus of 'employee training and awareness' during the process of obtaining quality certifications?

Educating employees on certification requirements and quality standards (B)

What is the purpose of the 'External Audit and Assessment' step in the process of obtaining quality certification?

To evaluate the organization's adherence to quality standards (B)

What is a common issue faced by small businesses when attempting to obtain quality certifications?

The financial burden of compliance (B)

What is a potential consequence for organizations that neglect software quality?

Increased costs due to frequent bug fixes (C)

Which of the following best describes 'Quality Assurance'?

A proactive process that ensures software quality by improving development practices (D)

What is a key difference between Quality Assurance (QA) and Quality Control (QC)?

QA is preventive and focuses on processes, while QC is corrective and focuses on the product (C)

Which of these activities falls under Quality Control (QC)?

Performing integration testing (B)

What is the primary purpose of ISO 9126?

To define a framework for evaluating software quality (B)

Which of the following is NOT a key component of ISO/IEC 9126?

Development Process Metrics (B)

Which ISO/IEC 9126 quality characteristic refers to the ability of software to perform consistently under specified conditions?

Reliability (D)

Which ISO/IEC 9126 characteristic is concerned with the ease with which users can interact with the software?

Usability (B)

What is a key benefit of using ISO 9126?

It provides a standardized framework for software quality assessment (C)

Which standard has replaced ISO 9126?

ISO/IEC 25010 (C)

What do process capability models primarily evaluate in software quality?

The maturity, efficiency, and predictability of software development processes (B)

Which of the following is an example of a process capability model?

CMMI (A)

What was the original purpose for developing SEI CMM?

To assist the US Department of Defense in software acquisition (A)

At which level of SEI CMM are basic project management practices established?

Level 2 (Repeatable) (D)

What is the primary focus at Level 5 (Optimizing) of the SEI CMM?

Continuous process improvement (A)

What does 'KPA' stand for in the context of CMM?

Key Process Area (D)

In CMM, what do Key Process Areas (KPAs) of a level indicate?

Areas an organization at the lower maturity level needs to focus on to reach the next level (C)

Which of the following industries commonly uses CMMI for software quality?

Healthcare & Pharma (B)

What is the main goal of SPICE (ISO/IEC 15504)?

To assess and improve software development processes (C)

In SPICE, which dimension categorizes software development into process areas?

Process Dimension (D)

What is the highest capability level in SPICE?

Level 5: Optimizing (A)

Which of the following is a key benefit of using SPICE?

Process Standardization (D)

Which of the following is an industry that uses SPICE?

Automotive Software (D)

What is the primary focus of the Six Sigma methodology?

Reducing variances and flaws in processes (C)

In Six Sigma, what does DMAIC stand for?

Define, Measure, Analyze, Improve, Control (A)

Which Six Sigma methodology is used in new software projects or system designs?

DMADV (C)

What does DPMO measure in Six Sigma?

Defects per million opportunities (D)

What is TMMi primarily focused on?

Test process improvement (D)

What is the first step in implementing TMMi in an organization?

Assess Current Test Maturity Level (D)

Which area of software development does TMMi primarily support?

Test Process Improvement (A)

What is the purpose of a Testing Quality Plan (TQP)?

To outline the testing strategy, objectives, and processes (B)

Which of the following is a key component of a Testing Quality Plan (TQP)?

Testing Strategy & Approach (C)

What is the role of a Test Manager in the context of a Testing Quality Plan?

To oversee test planning and execution (C)

What is the primary goal of Change Management in software quality?

Ensuring that modifications are implemented smoothly and efficiently with minimal risk (D)

The sub-characteristics under ISO 9126 for Reliability are Maturity, Fault Tolerance and Recoverability. However, the relationship between Fault Tolerance, Recoverability, and their contribution to achieving the overall goal of Reliability is complex. Assume you are dealing with a critical system like an automated insulin pump where a software error can have life-threatening consequences. Design a system focusing on maximizing the impact of Fault Tolerance and Recoverability sub-characteristics to ensure system Reliability.

Implement modularity and redundant failsafes that include rollback capabilities, system diagnosis routines, automated alerts, diverse redundancy across modules, and rigorous logging and analysis. (B)

Flashcards

Importance of Software Quality

Software quality is essential for operational effectiveness, customer satisfaction, and corporate success.

Software Quality Definition

Software quality is the degree to which a software product meets requirements, satisfies needs, and performs reliably.

Correctness

Ensuring a software product is functionally correct.

Portability

Ensuring software can run in different computing environments.

Usability

Ensuring that an application is user freindly and easy to use.

Reusability

Ensuring that codebase components can be reused, saving development time and lowering costs.

Maintainability

Ensuring software is easy to update with error detection and correction.

Product Quality

Focuses on the attributes and benifits of a software product.

Process Quality

Focuses on the processes used to develop, test and maintain the software

International Standards

International standards used to set a benchmark for software product quality.

Capability Maturity Models

Frameworks to enhance software development.

Quality certifications

Certifications from organizations and professionals who reach the mark in software quality.

High Costs

Costs on assessments, training , documentation and certifications.

Resistance to change

When employees are too familiar with new quality processes.

Complexity of Compliance

When standards like ISO 27001 or CMMI are too difficult due to documentation.

Time-Consuming Process

Achieving the certication process will take several months or years.

Lack of Skilled Personnel

Many Organizations lack internal expertise in quality management and assistance.

Meeting Industry-Specific Requirements

When industries like Healthcare and Finance have additional testing requirements.

Maintaining Certification

A maintenance certification required by software companies to maintain compliance through audits.

Benefits for organization:

The enhancements of business performance, customer satisfaction and sustainability across the business.

Benefits for customers

Improved user experince, reliability and security throughout the software lifetime.

Implications for Organizations

Increased costs, bug fixes, recalls, legal actions, customer reviews.

Implications for Customers

Waste of money, loss of data, identity theft, compliance issues

Quality Assurance

Ensuring software quality by improving development processes and preventing defects.

Quality Control

Identifying and fixing defects in software before release.

Key differences

A preventative approach focusing on processes while QC is corrective and focuses on the product.

ISO/IEC 9126

Software that defines the framework for software quality

Software Quality Model

Defines the characterstics and sub characterstics of software quality.

External Metrics

Evaluating quality attributes based on user

Internal Metrics

Measures quality attributes using code analysis

Quality in Use Metrics

Assesses software effectiveness in real-world scenarios

Functionality

The ability of the software to meet user requirments and perform intended tasks

Reliability

The ability of the software to perform consistently under specified conditions.

Usability

The ease with which the users can interact with the software

Efficiency

Software performance relating to resource usage.

Maintainability

The ease with which the software can be modified or improved

Portability

The ability of the software to function in different environments

Process Capability Models

Frameworks that evalutate maturity , efficieny and predicability of software and maintenance.

Six Sigma

A data-driven methodology that seeks to reduce variances and flaws in processes to improve them

TMII IMPLEMENTATION

Test Planning and Management, AI driven testing, Defect prevention

Study Notes

• These study notes cover software project management, focusing on software quality, standards, certifications, and challenges.

Importance of Software Quality

• Software quality is essential for operational effectiveness, customer satisfaction, and corporate success in software development.
• High-quality software reduces malfunctions and costly fixes by ensuring dependability, security, and maintainability.
• Key reasons for software quality: enhances user satisfaction, reduces maintenance costs, improves reliability and performance, ensures security, increases business revenue and reputation, ensures compliance, facilitates scalability and future growth.

Defining Software Quality

• Software quality is the extent to which a product meets requirements, satisfies user needs, and performs reliably.
• Quality encompasses functionality, performance, security, maintainability, and usability.
• Key factors of software quality include correctness (functionally correct), portability (easily moved to different environments), usability (easy to use), reusability (components are reusable), and maintainability (easy error detection and correction).

Product Quality vs Process Quality

• Both product quality and process quality are essential in software development, focusing on different aspects of managing quality.
• Product quality ensures the final product meets expectations, focusing on functionality, performance, security, usability, and reliability, aiming for a defect-free and user-friendly product.
• Product quality is evaluated via testing, feedback, and metrics from performance
• Process quality focuses on the processes used to develop, test, and maintain software, emphasizing methodologies, testing procedures, coding standards, and best practices.
• Process quality ensures a structured, efficient, and repeatable development to minimize errors.
• Assessed via models like CMMI, ISO 9001, and Six Sigma, using practices like Agile development, integration, version control, and automated testing.
• A high-quality process usually leads to a high-quality product.
• Even a good process, when poorly followed, may produce low-quality product.

Quality Standards and Certifications

• International standards include :ISO/IEC 25010 (Software Product Quality Model), ISO 9001 (Quality Management System – QMS), ISO/IEC 27001 (Information Security Management System – ISMS), ISO/IEC 12207 (Software Life Cycle Processes)
• Capability Maturity Models include: CMMI (Capability Maturity Model Integration), Six Sigma, TMMi (Test Maturity Model Integration).
• Individual certifications: Certified Software Quality Analyst (CSQA), Certified Software Tester (CSTE), ISTQB Certifications, Certified Information Systems Security Professional (CISSP), Project Management Professional (PMP)
• Organizational certifications: Include ISO 9001, ISO/IEC 27001, and CMMI.

Obtaining Quality Certifications

• Obtaining a certification includes structured process and addressing arising challenges during implementation.
• Step 1: Identify the Relevant Certification, such as ISO 9001, CMMI, or ISO/IEC 27001.
• Step 2: Conduct a Gap Analysis, which compares current processes against certification requirements.
• Step 3: Develop an Implementation Plan, that defines roles, responsibilities, milestones, and resource allocation.
• Step 4: Implement Process Improvements, applying best practices and required tools.
• Step 5: Employee Training and Awareness, educating employees on certification requirements and standards.
• Step 6: Internal Audits and Reviews, where you perform assessments to check certification standards and identify non-conformities.
• Step 7: Engage with a Certification Body, which includes accrediting and submitting required compliance evidence.
• Step 8: External Audit and Assessment, by auditors evaluating adherence to standards.
• Step 9: Certification Approval after meeting all the requirements.
• Step 10: Continuous Improvement and Recertification, to maintain certification and conduct periodic auditing.

Issues in Obtaining Quality Certifications

• High costs related to assessments, training, documentation, and improvements.
• Resistance to change because of new processes and increased workload.
• Compliance complexity can involve standards like ISO 27001 or CMMI Level 5.
• Time-consuming process may take months or years.
• There may be a lack of skilled personnel who have the internal expertise.
• Meeting Industry-Specific Requirements requires multiple certifications (e.g., healthcare).
• Certification is not a one-time event and requires maintaining through regular audits.

Benefits of Software Quality

• Software quality impacts organizations and customers by enhancing business performance, satisfaction, and sustainability.
• Benefits for Organizations may include an enhanced reputation, reduced cost, high efficiency, and market growth.
• Benefits for Customers include improved user experience, reliability, security, and reduced costs.
• Implications for Organizations when neglecting software quality, include increased costs, negative customer reviews, vulnerability to cyberattacks and data breaches, legal fines and restrictions.
• Implications for Customers include wasted money, loss of confidence, and compliance issues.

Quality Assurance vs Quality Control

• Quality Assurance is a proactive process, ensuring software quality through improved development practices, defect prevention, and standards.
• Quality Control is a reactive process that identifies and repairs defaults prior to release.
• There is a difference in focus, QA is on processes whereas QC is on product.
• QA is broader and applies during software development lifecycle, but QC is specific to testing phases.
• QA leads to output, but QC verifies product meets standards.

ISO 9126 (Software Quality Model)

• An international standard that provides software quality evaluation/framework.
• Developed structured assessment via key characteristics by ISO and IEC.
• Replaced by ISO/IEC 25010, but remains the basis for assessing softwares.
• Key components of ISO/IEC 9126:
• Software Quality Model defines software quality characteristics and sub-characteristics.
• External Metrics evaluates quality perceived by users.
• Internal Metrics measures code analysis.
• Quality in Use Metrics assesses software effectiveness in real-world scenarios.
• Overview of ISO 9126 Quality Characteristics
• Functionality is defined as the software's ability to perform intended tasks.
• Functional sub-characteristics may include suitability, accuracy, interoperability, security and compliance
• Reliability - The software's ability to perform consistently in conditions.
• Reliability sub-characteristics include maturity, fault tolerance and recoverability
• Usability is defined as the ease of interacting with the software
• Usability sub-characteristics include understandability, learnability and operability
• Efficiency measures software's performance regarding resource usage.
• Efficiency subcharacteristics are time behavior and resource utilization.
• Maintainability is the ability to modify or improve the software when needed
• Maintainability subcharacteristics include analyzability, changeability, stability and testability
• Portability concerns the software's ability to function across different environment
• Portability subcharacteristics include adability, installability, coexistance, replaceability
• ISO is a framework for software quality assessment and helps identifies areas to improve in the products.
• ISO Supports decision-making for developers, testers and managers
• ISO Ensures software reliability, efficiency and user satisfaction
• ISO 9126 has been replaced by ISO/IEC 25010 and expands these concepts.

Capability Models

• Process capability models evaluate software development and maintenance processes for maturity, efficiency, and predictability.
• These help organizations approve quality, reduce defects and enhance productivity.
• Capability Maturity Model (CMM), ISO/IEC 15504 (SPICE), Six Sigma, and Test Maturity Model Integration (TMMi) are all widely-used models.
• SEI CMM (Capability Maturity Model) classify software in Maturity Levels.
• In level 1(Initial) has very little or no defined processes
• In level 2 (Repeatable) establishes Basic project management
• In Level 3 (Defined) both management and development are defined
• In Level 4 (Managed) Focus is on software metrics like product and process
• In Level 5 (optimizing) has continuous process management
• KPA (Key Process Areas) provides improvement in quality over several stages.
• CMMI is used for software quality in many real-world applications
• The IT & Software Development has improved SDLC efficiency.
• The Banking & Finance: Ensures secure software and risk management.
• The Healthcare & Pharma: Reduces errors in medical software solutions.
• The Government & Defense: Ensures compliance and reliability in critical systems

ISO/IEC 15504 (SPICE)

• ISO/IEC 15504, known as SPICE(Software Process Improvement and Capability Determination), is an international standard that improves the development processes
• SPICE provides a structured approach to evaluating process maturity and capability in software engineering.
• SPICE defines two key dimensions: Dimension and Process
• SPICE categories software development into process areas, covering primary lifecycle process, organizational process, supporting process and quality insurance.
• Each process is evaluated on a six-level capability scale
• 0 incomplete
• 1 performed
• 2 managed
• 3 Established
• 4 Predictable
• 5 Optimizing

Key Benefits of SPICE

• Process Standardization: Ensures consistency in software development.
• Performance Improvement: Helps identify and fix process weaknesses.
• Risk Reduction: Minimizes software defects and project failures.
• Compliance & Certification: Aligns with regulatory standards.
• Competitive Advantage: Enhances quality and efficiency in software delivery.
• SPICE is compared with other models: SPICE,CMMI and ISO 9001
• SPICE is used to achieve certain application of SPICE
• Some application may be Automotive, Aerospace, banking, and healthcare industries

Six Sigma

• Six Sigma is a data-driven methodology reduces variance in quality.
• Created for manufacturing can be used for other applications such as IT software
• Improve customer happiness, quality, efficiency
• Customer Focus: on how to improve processes based on customer needs.
• Data-Driven Decision Making: to measure performance statistically.
• Process Improvement: how to identify and eliminate defects.
• Eliminate Variability: Reduces inconsistencies in development
• Continuous Improvement: To aim for long-term process enhancement

Six Sigma Levels (Belts) classify different roles

• White Belt: Knows basic Understanding
• Yellow Belt: Supports project collection
• Green Belt: Leads improvement project
• Black Belt: An expert
• Master Black Belt: coach for the belts
• Six Sigma Methodologies used to improve by DMAIC
• DMAIC is a methodology used to Improve existing and New Processes:
• DMADV
• Define
• Measure
• Analyze
• Improve
• Control
• DMADV ( New New Processes:
• Define
• Measure
• Analyze
• Design
• Verify
• Metrics for Six Sigma:
• To measure effectiveness
• Important metrics defects per Million Opportunity, Sigma, test
• Important to have a higher defect detection rate ensures early issues
• Applications of Six Sigma are some software firms:
• Amazon
• IBM
• Microsoft
• Banking firms
• Comparing is other Quality Models: Six Sigma is reducing Defects, other are Large project

TMMi (Test Maturity Model Integration)

• Structured that Provides tests, tests practices and practices.
• Organizations test their capability
• Tests and improvement, more closely is CMMI(Capability Maturity Model Integration).
• Focuses on test processes rather defect detections
• Defines five levels.
• level 1 Initial No structured testing
• level 2 Managed, basic testing
• level 3 Defined: Standardized processing
• level 4. Measured: Tests can be measured
• level 5 Continuous Tests using AI, Automation
• The Areas of Implementations: test planning, the testing process, the defect protection, and the test automation.
• Vs(compare.) To CMMI
• Feature: TMMI (Testing) to CMMI (Development)
• Implementation of organizations?
• Real world applications include, banking , healthcare, Automotive, and telecom.

Testing Quality Plans in Software Development

• A structured document by a (TQP) also known as a testing quality plan
• Meets project and quality standards
• Plan is to ensure product meets certain requirements
• Defined requirements such as tests
• Designs should be structured
• The plans, and responsibilities
• Testing activities that are involved.
• Component of Quality Control
• Introduction, strategies, Execution
• Tools &Technologies (Test planning & execution)
• Roles &Responsibilities (The Managers, The testers the QA).
• There should also be Approval Process criteria
• This is a team work
• Test Quality should be track using metrics such as defect density test
• To measured software effectiveness using the test quality Metrics
• Early reduced issue and reduce production failures.

Change Management

• Change Management ensures that modifications to software, processes, or systems are implemented smoothly.
• Change management is beneficial for the organization to adapt by new technology through new requirements, securities, and businesses.
• Key objectives for this plan is have controlled changes and maintained software.

Types of Changes

• Corrective Change (Fix), Adaptive, Perfective, and Preventive Change
• Following these changes is a well-defined management
• A process ensures testing and implementation
• Has Changes Requests, Approvals,
• Testing Phase: Should be modified and tested
• Then documented
• Common Challenges include incomplete, poor testing, a lack of skills, securities

Common Challenges in Software Quality

• The goal is to reduce incomplete errors and security errors.