从软件质量控制到软件质量保证

本文阐述了在嵌入式系统和在其他执行关键任务的软件中由传统的软件质量控制技术到前涉的质量保证方案的转化：软件在每一个产品和每一个组织中所发挥的作用日益重要。近年来,执行关键任务的应用系统的数量以指数速度增长。这些系统要么失败后损失巨大（空中交换管制系统和其他生命支持产品）。要么纠正费用高（便携式电话和其他用户产品）。为嵌入式系统设计的软件在更多的时候属于“执行关键任务”的范畴,而对嵌入式系统的需求也在继续升温,因此对前涉的质量保证的需求要高于以往任何时候。本文把质量控制到质量保证的转化分为两个阶段：1质量评估（第一阶段）：在开发周期的早期,即在软件到达用户之前,甚至在测试之前识别和排除软件故障,同时提供客观定量的质量评估。2质量保证（第二阶段）：在作更改的时候,通过精确的影响分析,采用强制执行编码标准和防止新错误出现的方法来防止错误进入代码基数。     

Ada软件质量保证系统的构成框架和集成机制

本文主要探讨了建造Ａｄａ软件质量保证系统应考虑的技术成分和环境的构成要素，并给出系统的原型框架。     

COCOMO as a schedule prognosis and validation tool: a case study

This paper describes a case study in the use of the COCOMO cost estimation model as a tool to provide an independent prognosis and validation of the schedule of a software project at IBM UK Laboratories Ltd, Hursley. Clearly case studies have the danger of being anecdotal however software engineers often work in situations where sufficient historical data is not available to calibrate models to the local environment. It is often necessary for the software engineer to attempt to use such tools on individual projects to justify their further use. This case study describes how we began to use COCOMO and concentrates on some of the problems and benefits which were encountered when trying to use COCOMO in a live development environment.The paper begins by discussing some problems in mapping the COCOMO phases on to the IBM development process. The practical aspects of gathering the development parameters of the model are described and the results of the work are presented in comparison to a schedule assessment using other prognosis techniques and the planned schedule at other milestones in the project's history. Some difficulties experienced in interpreting the data output from the model are discussed. This is followed by a brief comparison with other schedule analysis techniques used in quality assurance. We hope this case study shows that despite the problems in trying to use models such as COCOMO there are significant benefits in helping the user understand what is required to use such tools more effectively to improve software development cost estimates in the future.     

一种基于XML的软件过程定义语言SPDL的设计

定义软件过程是软件企业使用CMM提高其能力成熟度的一个关键问题。论文参考工作流过程定义语言WPDL,充分考虑软件过程的特点,提出了一种软件过程定义语言SPDL。SPDL遵循CMM标准,它由XML扩展得到,用XML Schema描述,用SPDL进行过程建模,实现了一个基于CMM的软件质量保障平台。     

A tool environment for quality assurance based on the Eclipse Modeling Framework

The paradigm of model-based software development has become more and more popular since it promises an increase in the efficiency and quality of software development. Following this paradigm, models become primary artifacts in the software development process. Therefore, software quality and quality assurance frequently leads back to the quality and quality assurance of the involved models. In our approach, we propose a model quality assurance process that can be adapted to project-specific and domain-specific needs. This process is based on static model analysis using model metrics and model smells. Based on the outcome of the model analysis, appropriate model refactoring steps can be performed. In this paper, we present a tool environment conveniently supporting the proposed model quality assurance process. In particular, the presented tools support metrics reporting, smell detection, and refactoring for models being based on the Eclipse Modeling Framework, a widely used open source technology in model-based software development.     

Software quality assurance in practice

This paper presents the key findings of a survey of a representative sample of the Australian software industry as to the actual use and application of quality assurance techniques in the development of software. The survey aims to confirm previous survey findings through a management questionnaire and to investigate the software development practices at the screen face through a developer questionnaire. The separate responses are analysed to rate the extent to which quality management practices have penetrated the information systems department. The project commenced in July 1994 and the results of this initial survey support the hypothesis that software quality assurance programmes have not yet penetrated to the systems developers at lower levels of organizations.     

Trends in Security Product Evaluations

ABSTRACT

Government-endorsed security evaluations, like those performed under the Common Criteria (CC), use established techniques of software quality assurance to try to evaluate product security. Despite high costs and disputed benefits, the number of evaluated products has grown dramatically since 2001, doubling between 2003 and 2005 and leaping again in 2006. Using details from more than 860 security evaluations, this paper looks at the types of products evaluated, the “assurance levels” achieved, where the evaluations occur, and ongoing participation by product vendors. These observations are combined with other lessons learned to make recommendations on product evaluation strategies.     

软件测试和软件质量管理的分析与研究

软件质量是软件的生命,开发人员和用户都十分重视软件的质量问题。因此,软件开发过程必需伴有质量保证活动,而软件测试是最至关重要的质量保证活动。本文首先介绍了软件测试和软件质量保证的概念,以及软件测试的v模型和软件质量度量模型,并从提高软件质量的角度出发,阐述了软件测试的基本方法和如何将软件质量保证环节做得更好,从而真正提高软件质量。     

Experiences using Tedeso: an extensible and interoperable model-based testing platform

The integration of novel software quality assurance tools into existing development environments must be performed in ways that leverage the benefits of the tools while minimizing their impact on existing software processes. This supports the adoption of new methodologies with minimal interference into core business practices. This paper discusses the design of Tedeso, an extensible and interoperable model-based testing platform developed to facilitate the automatic generation of tests, while supporting the needs of different stakeholders in a diverse and broad organization. We discuss Tedeso key design characteristics, in particular its extensibility and interoperability, provided through the use of a workflow-driven service-oriented architecture, and show how it has enabled and facilitated the adoption of model-based testing techniques in different business units in different sectors within SIEMENS. We also discuss some issues that come from the adoption of service-oriented architectures, showing how they have been managed in our platform.     

软件研制的过程质量管理

软件的质量保证措施主要有2个方面：软件研制过程的质量保证和软件产品的质量评估。本文认为软件研制过程的质量管理是软件质量保证的关键,归纳了现阶段国内软件研制中影响软件质量的主要因素,详细分析了这些因素对于软件质量、软件研制及维护成本的影响,论述了软件研制的过程管理与软件质量的关系,结合长期软件研制工作经验,总结了面向软件质量保证的软件研制过程管理措施的主要内容。     

Fully employing software inspections data

Software inspections provide a proven approach to quality assurance for software products of all kinds, including requirements, design, code, test plans, among others. Common to all inspections is the aim of finding and fixing defects as early as possible, and thereby providing cost savings by minimizing the amount of rework necessary later in the life cycle. Measurement data, such as the number and type of found defects and the effort spent by the inspection team, provide not only direct feedback about the software product to the project team, but are also valuable for process improvement activities. In this paper, we discuss NASA??s use of software inspections and the rich set of data that has resulted. In particular, we present results from analysis of inspection data that illustrate the benefits of fully utilizing that data for process improvement at several levels. Examining such data across multiple inspections or projects allows team members to monitor and trigger cross project improvements. Such improvements may focus on the software development processes of the whole organization as well as improvements to the applied inspection process itself.     

An essay on software testing for quality assurance – Editor’s introduction

This volume resulted from a call for papers to “... explore the state of the art of software quality assurance, with particular emphasis on testing to measure quality.” It is my belief that software testing as a discipline is ripe for theoretical breakthroughs. Researchers are considering the right questions, and there are promising new approaches and exciting new results. It seems that new understanding of the testing process can lead to practical tools and techniques that revolutionize software development. I don’t believe that testing will become easier or cheaper; rather, it will be more rational in the sense that expending effort will more dependably lead to better software. In this introductory essay I provide a personal view of testing, testing research, and their roles in software quality assurance.     

Frameworks for quality software process: SEI Capability Maturity Model versus ISO 9000

With the historical characterization of software development as being costly due to massive schedule delays, incorporation of the ever-changing technology, budget reductions, and missing customer requirements, the trend of the 1990s in establishing a quality improvement or a quality assurance programme has been over-whelming. The two popular models or frameworks for assessment of a quality assurance programme are the US government-sponsored Capability Maturity Model (CMM) and the internationally recognized ISO-9000 quality standards. Both of these two frameworks share a common concern regarding software quality and process management. Since it is not clear which of these two frameworks is most effective in achieving their shared objectives, it is valuable and timely to provide an objective overview of both models and to compare and contrast their features for quality software development. Because there are many legitimate areas for comparison, we have selected the two most important as a basis for comparison: (1) the role of management, and (2) the application of measurements. We also provide a summary of the reported impact of these two models on the organizations adhering to their standards, and include our observations and analysis.     

Quality Approaches in a Large Software House

Many methods, techniques, standards and tools exist for controlling software development, but large, complex projects may face extra problems due to continuous, rapid changes during the project life cycle. Such changes must be tracked, analysed, and reconciled to ensure high quality in the end-product; otherwise problems may be lost or ignored in the overall complexity. A large software company needs to develop effective procedures to control their whole organisation's projects; for example to control more than 100 different types of projects at the same time is a big challenge for most large software companies. This paper is a case study on how a large company benefits from using quality assurance processes and quality standards. It provides details of the process engineering system running in Kent Ridge Digital Labs (KRDL). Most of project managers and top directors in KRDL believe that Good quality software will save millions of dollars! This paper also highlights the benefits of KRDL being able to handle more than 100 projects at the same time and still provide high quality software.     

What software engineering can learn from soccer

We've talked about software quality for a long time, developing numerous software quality assurance approaches in the hope of making our software increasingly better. Charles Mann, contributing editor of MIT's Technology Review, points out that other technologies-televisions, cars, airplanes, bridges-have improved over time as their engineering matured; he asks why software has not. In the February 2001 issue of Communications of the ACM, Edsger Dijkstra said that software's biggest challenge is "how not to make a mess of it." So, where have we gone wrong? To answer this question, we can look at how other disciplines learn and grow. Software development is as much an art as a science, and we learn lessons from both perspectives. Many of us think of ourselves as engineers: we train in engineering departments and rely on engineering tools, techniques, and quantitative methods to guide us. But our work's artistic side-which those who promote agile methods often emphasize-plays an important role, too. As good software developers, we are grounded in artistic engineering activities such as modeling and design. Our good people skills enable us to work with customers and on teams. And we need good instincts to select the best approaches and products to use.     

集成能力成熟度模型（CMMI）的研究

首先介绍了CMMI的概念,从模型结构和能力级别阐明了CMMI的连续表示,并对其分阶段表示作了简单地说明。从计算机应用环球网工程说明了CMMI产生的应用背景,从项目管理、文档化以及质量分析和保证等方面说明CMMI满足环球网工程的要求。从管理复杂性对CMMI进行了讨论,认为CMMI初步给出了软件开发密集的知识型企业的演化规律、组织设计和文化建设方法论。     

Software quality improvement: a model based on managing factors impacting software quality

Software quality is recognized as being very significant for achieving competitiveness in the software industry, so improvements in this area are gaining increasing importance. Software quality improvements can only be achieved by managing all of the factors that influence it. However, in a real business system, there are a great number of factors impacting software quality, while the processes are stochastic and resources are limited, so economic data should also be taken into consideration. This paper uses a Markov chain and proposes a systematic framework for modelling the stochastic processes of a quality management system and selection of the optimum set of factors impacting software quality. A methodology is presented for managing the factors that affect software quality with an illustrative hypothetical example for convenience of application of the proposed methodology.     

Agile Methodologies: Organizational Adoption Motives,Tailoring, and Performance

Today, organizations tailor the practices from several agile methodologies to serve their particular environment. But are there situations that drive how an organization should tailor methodologies in a particular manner? This article places 12 commonly used agile development practices into a typology based upon whether they are primarily project management focused or software development approach focused and examines how organizations’ motivations for adopting agile impact the practices they adopt. Finally, it explores how a fit between an organization’s motives for agile method adoption and the tailored agile practices it adopts may lead (or not lead) to differences in project performance.