Handbook of Software Quality Assurance, The [Hardcover]

In this up-to-date handbook, the worlds leading Software Quality Assurance (SQA) experts share their practical experience with a wide range of techniques and certification programs, including SEI CMM, ASQ SQE, and ISO 9001.KEY TOPICS-This completely updated guide covers a wide range of current practices, standards and challenges in software quality. Coverage includes- software safety issues; the new ASQ SQE certification program; the relationship of the SEI Capability Maturity Model to software quality; the implications of software quality standardization at the Department of Defense; how to hire software quality professionals; Y2K software quality issues; Pareto charts; metrics; statistical quality control techniques; and much more.MARKET-For all software developers and software quality practitioners.

Preface

The software industry has witnessed a dramatic rise in the impact and effectiveness of software quality assurance recently. From its day of infancy, when a handful of software pioneers explored the first applications of quality assurance, to the development of software, software quality assurance has become integrated into all phases of software development.
This Handbook of Software Quality Assurance capitalizes on the talents and skills of the experts who deal with the implementation of software quality assurance on a daily basis. To have their accumulated knowledge at hand makes this Handbook a valuable resource. Each author, because of his special skills, talents, foresight, and interests, has contributed to the maturing process occurring in the field of software quality today.
What this Handbook brings to the reader then, is a collection of experiences and expectations of some of the best people in the field of software quality assurance. Because of their early involvement in software quality and because of their continued pursuit to discover improved methods for achieving better on the job software quality assurance, each author provides an insightful presentation of his personal involvement in software quality assurance.
The structure of this Handbook is relatively straightforward: twenty-one chapters covering many key areas of software quality assurance.
The first part of the Handbook sets the stage with a presentation of fundamental concepts and some historical discussion. Relevant terms are initially defined. Then the interaction of software quality assurance with several software specialty areas is covered. Next, the knowledge gained by the experts in the quality field is directed at software quality. A brief history and future direction of the standardization of software quality assurance follows. Organizational considerations for a software quality program are presented. The backbone of success in any enterprise-the people performing software quality assurance-is discussed in terms of how to identify, get, and keep those most suited for quality assurance. Chapter 7 discusses the recent American Society for Quality's exam process for Software Quality Engineer certification. "Quality is free"; how this dictum applies to software quality is the subject of "The Cost of Software Quality," discussed in Chapter 8.
The next set of chapters within this Handbook discuss quality techniques and opens with a discussion of inspections, the Pareto Principle, and software configuration management. This section continues with the Software Engineering Institute's Capability Maturity Model (CMM) for Software, which has had an enormous impact on software development, management, and quality since 1988. Chapter 12 covers the fundamentals of the CMM process and the relationship of the CMM to software quality assurance. Next follows a discussion of a very successful organization's implementation of the CMM Level 5 process and what this has meant to software quality. The use of both software quality Computer Aided Software Engineering (CASE) tools and the use of software quality metrics are necessary techniques in today's environment, and are covered in this section.
The final set of chapters within this Handbook emphasize applications relevant to software quality assurance. Practical SQA applications for mission-critical software and for commercial software are discussed. The application of statistical testing methods, software reliability, and software safety, areas of recent empahsis within software quality assurance, are also covered.
A brief summary of each chapter, highlighting its main thrust, is provided below for the reader to decide which topics are of immediate interest. If information is required from another chapter for additional insight, adequate cross-reference has been provided within each chapter and in the index.
Chapter 1 defines important terms relevant to this Handbook. More recent terms, such as those related to software quality assurance certification and TQM (Total Quality Management), are covered.
Chapter 2 discusses the relationship of software quality assurance with the various types of software, such as operating systems software, mission-critical software, real-time systems software, interactive software, and business software. The chapter also addresses the relationship of software quality assurance with other key areas, such as software configuration management. The Year 2000 (Y2K) Problem and the role of SQA is also discussed.
Chapter 3 is an overview of the contributions made and the roles played by the dominant figures in the Quality field. The individual contribution of the dominant quality experts-Ishikawa, Juran, Akao, Deming, Crosby, Shingo, and Taguchi-are assessed.
Chapter 4 traces the history of the process of standardization of software quality assurance. The Department of Defense, Federal Aviation Administration, North Atlantic Treaty Organization, and Institute of Electrical and Electronic Engineers (IEEE) standardization activities are all covered. The future directions of standardization are given special emphasis because the thrust is to apply commercial standards, such as, EIA/IEEE 12207 to all government projects. This is a major philosophical shift and moves away from the former document-driven software development paradigm of the previous standards.
Chapter 5 presents a software quality organization. This chapter includes a discussion of what commercial organizations require to conduct software quality assurance and the impact of the CMM on software quality organizations. The role of assessing and measuring product quality during development and the controversy over the independence of SQA versus being part of the development organization are also presented in this chapter.
Chapter 6 discusses the personnel requirements for a good software quality engineer and how a software quality organization should deal with personnel issues such as training, roles for software quality engineers, paraprofessional possibilities, and career paths. The impact of the ASQ software quality engineer certification program is covered.
Chapter 7 lays out the requirements for the new software quality engineer certification program established by the ASQ (American Society for Quality). More specifically, the chapter deals with how you should prepare for the exam and what in the body of software quality knowledge is needed to pass the exam. The chapter also includes a recommended bibliography.
Chapter 8 deals with the assessment of the total cost of software quality and examines what input is required, the value added, and the expected output. Concerns such as major task elements, productivity, and potential misuse are evaluated. Also discussed are the "Price of Nonconformance" and the effect of budgetary constraints on the implementation of SQA.
Chapter 9 deals with the widely acclaimed use and application of inspections and the impact of conducting inspections during the software development cycle. The inspection process is described and numerous results of inspections are provided to give the reader a first hand picture of what to look for when evaluating inspection data. Emphasis is given to documentation inspections, inspection metrics, and the national software quality experiment, which captures inspection results across the country.
Chapter 10 looks at the role of software configuration management (SCM) and what that role implies for software quality and software development. Key issues discussed are staffing for SCM, the Configuration Control Board, auditing the SCM process, and allocating resources to perform SCM.
Chapter 11 applies the well-known Pareto Principle (80/20 rule) to the concerns and issues of software quality assurance. The impact and advantage of performing a Pareto analysis is supported by two classic examples; one dealing with WWMCCS (World Wide Military Command and Control System), the other with the Federal Reserve Bank. How Pareto analysis is applied to defect prevention, its use in analysis of inspection data, and a unique aspect of how to compare Pareto charts are covered in this chapter.
Chapter 12 introduces the concepts behind the very influential Software Engineering Institute's Capability Maturity Model (CMM) for Software. The underlying concepts behind the CMM are discussed as well as the CMM's Key Process Area relationships to software quality assurance.
Chapter 13 examines the methods used by the Boeing Space Transportation Systems software organization in their pursuit of the coveted CMM Level 5-the Optimizing level. An organization operating at Level 5 understands its technology and processes and is constantly improving them. This chapter covers what it takes to be there.
Chapter 14 addresses Computer Aided Software Engineering (CASE) tools available for use by the SQA organization. This chapter provides insight into the environment for CASE tools, discusses where and how to find tools, and provides a look ahead in this very dynamic area.
Chapter 15 provides a survey of metrics proposed and currently used to determine the quality of the software development effort. Software quality metrics methodology, omnibus software quality metrics, software quality indicators, and some practical implementations are covered.
Chapter 16 discusses how to successfully perform the job of software quality assurance in a real development environment for mission-critical software programs. Discussions are based on lessons learned and success stories from practical applications in mission-critical software.
Chapter 17 discusses how to successfully perform the job of software quality assurance in a real development environment for commercial programs. Discussions are based on lessons learned and success stories from practical applications in commercial environments. These are contrasted with mission-critical environments.
Chapter 18 discusses the quality assurance of software in the Information environment. This chapter gives the results of the 1998 Quality Assurance Institute Information Processing Quality Assurance Survey. The chapter then explains software quality metrics and their implementation.
Chapter 19 is a treatise on the use of statistics as a means of achieving software quality control. This chapter provides a quantitative method of assessing the effectiveness of testing. The cornerstone of this method is the development of the Symbolic Input Attribute Decomposition (SIAD) tree. A number of practical implementations of the methodology are discussed.
Chapter 20 is updated, based on the events surrounding IEEE Project 982, which was established to enhance measurement of software reliability. It discusses many measures of software and their interrelationship with software quality and software reliability.
Chapter 21 deals with that aspect of software quality concerned with software safety. Covered are the various requirements related to software safety, what it takes to develop a software safety assurance program, and hazard avoidance and mitigation techniques.
Appendix A is a glossary of the acronyms used throughout this Handbook. Also included is an index. The index is a combined author and subject index.

Acknowledgments
The editors thank each and all of the contributors for their time, energy, and foresight in bringing to this Handbook an excellent collection of original papers. This collection provides, in a single source, a wide spectrum of experiences and issues of concern not only to software quality assurance, but also to the future of software development.
The editors also appreciate the patience and help of Bernard Goodwin, editor-in-chief, Stephen Solomon, acquisitions editor, and Nicholas Radhuber, editorial/production supervisor, Prentice Hall, without whose assistance and support this Handbook would not have been accomplished.

G. Gordon Schulmeyer
James I. McManus