Title: Chapter 7 Software Development A Textbook aimed at protecting consumers Software Quality Links Ian Foster and Grid Computing The Risks Digest
1Chapter 7Software Development A Textbook
aimed at protecting consumersSoftware Quality
LinksIan Foster and Grid ComputingThe Risks
Digest
2Chapter 7 - Objectives
- Discuss the need for quality software in business
systems, industrial process control systems, and
consumer products. - Discuss the ethical issues in software
manufacturing. - Identify the four most common types of software
product liability claims. - Identify the essential components of a software
development methodology. - Discuss the use of the Capability Maturity Model.
- Define what a safety-critical system is.
3Strategies to Engineer Quality Systems
- A software defect is any error that, if not
removed, would cause a system to fail to meet the
needs of its users. - Software quality is the degree to which the
attributes of a software product enable it to
meet the needs of its users.
4Strategies to Engineer Quality Systems
- Quality management address how to define,
measure, and refine the quality of the
information systems development process and
product. - Deliverables are the items developed during the
development process (flowcharts, documentation,
software, etc.)
5Software Quality
- Software is used to control many business and
industrial processes. - The impact of a software defect can be
devastating and result in upset customers and the
eventual loss or reduction in revenue.
6Legal Overview
- Product liability is the liability of
manufacturers, sellers, leasers, and others for
the injuries caused by defective products. - Strict liability means that the defendant is
responsible for injuring another person
regardless of negligence or intent.
7Legal Overview
- Under negligence, a software supplier cannot be
held responsible for every product defect that
causes customer or third party loss. - Responsibility is limited to harmful defects that
could have been detected and corrected through
reasonable software development practices. - Legal Fix for Software Flaws?
8Legal Overview
- Warranty assures the buyer that a product meets
certain standards of quality. - If a product fails to meets its warranty, the
customer can sue the seller for breach of
warranty. - Intentional misrepresentation occurs when a
seller misrepresents the quality of a product. - Open Sourcewhos responsible? An interesting
article
9From Osler
- In assessing whether a design defect is present,
the factors that the court will consider,
frequently with the assistance of expert
evidence, will include - The utility of the product and the likelihood of
injury resulting from its use - Whether the design was influenced by a desire to
prevent more likely types of injuries - The extent of the testing done during the design
process - Whether there were internally or externally
established standards which were breached - The availability of alternative designs that
could have reduced or eliminated the risks at a
reasonable cost and with limited impact on
functionality - The reasonable expectations of safety and utility
of consumers or users of the product.
10Software Development Process
- Developing information system software is a
complex activity. - A system development methodology enables systems
analysts, programmers, project managers, and
others to make controlled and orderly progress in
developing high-quality software.
11System Development Process
- Software quality assurance refers to those
methods within the software development
methodology that are used to guarantee that
software being developed will operate reliably.
12System Testing
- Dynamic testing is testing code by entering test
data and comparing actual results to expected
results. - Black-box testing involves viewing the software
unit as a device that has expected input and
output behaviors but whose internal workings are
unknown. - White-box testing involves viewing the software
unit as a device that has expected input and
output behaviors but whose internal workings are
known.
13System Testing
- Static testing is running an analyzer software
that looks for suspicious patterns in programs
that might indicate a software defect. - Integration testing ensures that all linkages
among various subsystems work successfully.
14System Testing
- System testing is conducted to test the entire
system as a complete entity. - User acceptance testing is an independent test
performed by trained end users to ensure that the
system operates as expected from their
viewpoints.
15Capability Maturity Model
- Carnegie Mellon Institute developed the
Capability Maturity Model for Software. - It defines five levels of software development
process maturity and identifies the issues most
critical to software quality and process
improvement.
16Capability Maturity Model
17Development of Safety-Critical Systems
- A safety-critical system is one whose failure may
cause injury or death to human beings. - Risk is the product of probability of an
undesirable event occurring times the magnitude
of the consequence of the event happening. - Therac-25 example
18Development of Safety Critical Systems
- Redundancy is the provision of multiple
interchangeable components to perform a single
function in order to cope with failures and
errors. - Reliability is the probability of a component or
system performing its mission over a certain
length of time.
19Development of Safety-Critical Systems
- One of the most important and difficult areas of
safety-critical systems design is the
human-system interface. - Poor human-system interfaces can greatly increase
risk, sometimes with tragic consequences. (Risks
Digest)
20Quality Management Standards
- The International Organization for
Standardization issued the ISO series of business
management standards in 1988. - ISO 9000 is a series of formal standards to
follow when developing quality information
systems.
21ISO 9000
- To be ISO 9000 certified, a company must do three
things - Have written procedures for everything they do.
- Follow those procedures.
- Prove to an auditor that they have written
procedures and that they follow them.
22ISO 9000
- ISO 9001 Design, development, production,
installation, service - ISO 9002 Production, installation, service
- ISO 9003 Final inspection and test
- ISO 9004 Quality management and quality systems
elements
23Failure Mode and Effects Analysis
- FMEA is an important technique used to develop
any ISO 9000 compliant systems. - FMEA is used as a reliability evaluation
technique to determine the effect of system and
equipment failure. - Failures are classified on their impact on
mission success, personnel safety, equipment
safety, customer satisfaction, and customer
safety.
24Summary
- High-quality software systems are needed because
they are easy to learn and easy to use, perform
the functions that meet users needs, and have a
high degree of availability. - There are many ethical issues facing software
developers. The impact of software defects can
have devastating effects. - Software product liability claims are frequently
based on strict liability, negligence, breach of
warranty, or misrepresentation.
25Summary
- A software development methodology defines the
activities in the system development process. - An effective system development methodology
protects software manufacturers from legal
liability for defective software. - The Capability Maturity Model defines five levels
of software development process.
26Case 1 - Airbags
- Airbags deploy at 140 mph unleashing too much
energy for smaller people and children. Auto
makers are working to make airbags more safe.
Some argue that airbag technology is too
complicated. They say educating the public would
be better.
27Case 2 - Patriot Missile
- On February 25, 1991, a Patriot missile defense
system in Saudi Arabia failed to track and
intercept an incoming scud missile because of a
software problem. The incoming missile hit an
Army barracks and killed twenty-eight Americans.