软件质量保证 Software Quality Assurance 胡颖 一定规模以上的软件公司都有专门的SQA部门,但SQA并非仅仅SQA部门的事情。 同学们为什么来上这门课?学分?将来做SQE或者经理,老板? 为什么要在软件学院开这门课?软件学院与计算机系的区别。提高软件质量的两个方面:技术与管理。 概论的作用,what, why, how 背景:软件业的影响与发展历程,软件危机,艺术与科学
SWEBOK 知识域 软件需求Software Requirements 软件设计Software Design 软件构造Software Construction 软件测试Software Testing 软件维护Software Maintenance 软件配置管理Software Configuration Management 软件工程管理Software Engineering Management 软件工程过程Software Engineering Process 软件工程工具和方法Software Engineering Tools and Methods 软件质量Software Quality SQA是SE的一个重要组成部分 前5项是软件开发流程中的各个步骤,后5项是软件质量管理的内容
相关学科 计算机工程Computer Engineering 计算机科学Computer Science 管理Management 数学Mathematics 项目管理Project Management 质量管理Quality Management 软件人类工程学Software Ergonomics 系统工程Systems Engineering 工程与科学的区别:认识世界与改造世界,掌握客观规律与利用客观规律 比较重要的是数学,计算机,管理 SQA是将管理学的基本方法应用到软件领域
教学大纲 软件质量概论(6课时) 软件质量保证活动的策划与实施(22课时) 什么是质量?质量问题的源于何处? 软件质量的特性以及与硬件质量的差异 质量改进的常见模式 软件质量保证的标准化 软件质量保证活动的策划与实施(22课时) 质量保证与质量控制 常见的软件质量控制手段及应用 软件质量策划(包括组织级与项目级) 软件质量改进活动的实施与控制 软件质量保证人员的职责与要求 软件质量水平的衡量
教学大纲 6 SIGMA在软件质量保证中的应用(9课时) 软件质量成本(3课时) 6 SIGMA简介 质量成本的概念 软件质量成本的特性 软件质量成本的应用
软件质量概论 什么是质量?what 什么是质量保证?what 什么是软件质量?what 软件质量有何特点?what 为什么会有质量问题?Why 怎样提高软件质量?How 为什么要介绍这些基本概念?任何一门学科总是从最基础的问题开始,尽管看上去有点弱智。能够提出这样的基本问题并给出答案是非常不容易的。 基本概念是进一步推导和演绎的基础。 隐藏在基本概念之后的基本思想或原理:过程控制,定量管理
什么是质量? 产品或工作的优劣程度 Degree or grade of excellence 最核心的基本概念:质量,Quality应该翻译成品质。 物理学的定义:物体所含物质的量。是一个完全不同的概念。 字典的解释,通用,直观。 定义一个概念通常需要给出测量的方法以及测量单位,例如电流,是指单位时间内通过单位面积的电荷数量,单位是安培,可以用电流表来测量。再如只险段的长度,是指两个端点之间的距离,单位是米,可以用尺子来测量。
什么是质量? 在哲学上,对质量的任何一种解释只有对与错两种可能,因为这是哲学解释。哲学解释过程是一个分析过程,这个过程把事物分解成主题和论断。但是我想说的是,质量是不能分解成主题和论断的。这并不是因为质量神秘,而是因为质量太简单、直接、明了。 ---Robert M. Pirsig 很多基本概念是不可定义的,例如集合,是数学的基本概念。 可以描述其属性。
什么是质量? 质量是一个复杂的多层面概念: 从先验论的角度看,质量是可以识别出来的,但不能明确定义的。 从用户的角度看,质量是对目的的满足程度 从制造的角度看,质量是对规范的符合程度 从产品的角度看,质量是产品的内在特征 从基于价值的角度看,质量依赖于客户愿意付多少钱购买 ---David Garvin 语言环境。与质量相关的概念:价格,成本,交货期,生产率。
什么是质量? 满足使用要求的基础是质量特征。 产品的任何特征(性质、属性等),材料或满足使用要求的过程都是质量特征 “质量”这个词有许多含义,是一个“不合格”的词,因此使用不当是有风险的。 ---J.M.Juran Juran与Taylor,科学管理与管理科学
什么是质量? 产品或服务满足明示或暗示需求能力的特性和特征的集合。在合同环境下,需求是明示的,而在其他环境下,暗示的需求需要标识和定义。 ---ISO 8492 (1986年)
什么是质量? 质量是系统、部件或过程满足 (1)明确需求, (2)客户或用户需要或期望的程度 ---IEEE
什么是质量? 一组固有特性满足要求的程度 ---ISO 9000(2000) 可使用形容词如差、好或优秀来修饰 “固有的”(其反义是“赋予的”)就是指在某事或某物中本来就有的,尤其是那种永久的特性。 要求:明示的、通常隐含的或必须履行的需求或期望 ---ISO 9000(2000) 质量体系标准,广泛应用于生产、服务领域。 质量是制造出来的,而不是检验出来的。
什么是质量? Quality is: Doing the Right Thing Right First Time Every Time Everybody
什么是保证? assurance A statement or indication that inspires confidence; a guarantee or pledge. 保证,发誓激励自信的声明或表示;保证或发誓。 Freedom from doubt; certainty. 免于怀疑;肯定。 The act of assuring. 保证,保证的行为。
什么是保证? assure To inform positively, as to remove doubt. 向…保证告知确实如此,以解除怀疑。 To cause to feel sure. 使确信。 To give confidence to; reassure. 给予信心;使放心。 To make certain; ensure. 确实;保证。 向谁保证?管理层,用户,第三方。
什么是质量保证? 质量保证是一个活动,它向所有有关的人提供证据以确立质量功能正在按需求运行的信心。 ---J.M.Juran 小布什为什么能发动伊拉克战争?
什么是质量保证? 质量保证是有计划和系统性的活动,它对部件或产品满足确定的技术需求提供足够的信心。 ---IEEE 信心来源于什么?证据。什么是证据?公司的制度与标准,计划书,测量和活动记录,会议纪要,审核报告等。
什么是质量保证? 质量保证是质量管理的一部分,致力于提供质量要求会得到满足的信任。 ---ISO 9000 总结:质量保证通过建立质量保证体系,使用质量工具和手段完成一组活动,达到改善质量的目的。 质量与质量保证的关系如同期末考试成绩与平时学习。
QA Vs QC 8.1.2质量控制 差异控制可以等同于质量控制。但我们如何实现质量控制呢?“质量控制”是为了保证每一件工作产品都满足对它的需求而应用于整个开发周期中的一系列审查、复审和测试。质量控制在创建工作产品的过程中包括一个反馈循环。度量和反馈相结合,使得我们能够在得到的工作产品不能满足其规约时调整开发过程。这种方法将质量控制视为整个制造过程的一部分。 质量控制活动可以是全自动的、全人工的,也可以是自动工具与人员交互的结合。质量控制中的关键概念之一是所有工作产品都具有定义好的和可度量的规约,我们可以将每个过程的产品与这一规约进行比较。反馈循环的引入对于最小化产生的缺陷至关重要。 8.1.3质量保证 “质量保证”由管理层的审计和报告功能构成。质量保证的目标是为管理层提供为获知产品质量信息所需的数据,从而获得产品质量是否符合预定目标的认识和信心。当然如果质量保证所提供的数据发现了问题,则管理层负责解决这一问题,并为解决质量问题分配所需的资源。 Quality Assurance: the identification, planning, adoption, and implementation of the disciplines and actions (the process) necessary to assure that the product satisfies its users. • Focus on improving the process • Quality campaign on flaw identification and elimination • Show cause and effect of process modification and improvement • Error and trend analysis to locate weaknesses in: - Development process - Test process - Maintenance process Support process (Quality, Configuration management) Quality Control: the set of activities intended to detect, document, analyze, and correct product defects and to manage product changes Down to earth definition: QC is defect control, error control, frustration control, and the control of all negative problems related to quality. QC concerned with products QC detects, records, and corrects product flaws QC is a data collector for QA’s process analysis
什么是软件? The programs, routines, and symbolic languages that control the functioning of the hardware and direct its operation. 软件控制计算机硬件功能及其运行的指令、例行程序和符号语言。 与一系统(尤指计算机系统)有关的程序、步骤和有关文件编制的完整集合,特指特定类型计算机所使用的程序的总称,连同与计算机或程序有关的资料,例如手册、图表和操作指令。
什么是软件? 计算机程序---计算机设备可以接受的一系列指令和说明,它用来让计算机执行一个运算或操作。 计算机数据---事实、概念或指令的一种结构化表示,它能够被计算机设备所接受、理解或处理。这种数据可以是外部的(以计算机可读形式存在)或内置在计算机设备中的。 计算机程序文档---技术数据,包括计算机程序列表和人可读的打印输出物,包括需求、设计、实现和其他有关的计算机程序细节。还有使用和维护计算机程序的说明。 ---《Definitions in Software Quality Management>
什么是软件? 计算机程序、规程,以及与运行计算机系统可能需要的相关文档和数据。 ---IEEE 软件与软件开发的定义
软件开发流程 V Model
软件开发流程 Waterfall Model System Requirements Software Analysis Program Design Implementation Testing Operations Waterfall Model
软件开发流程 Spiral Model
Software developing Software Engineering Project Management Configuration Management Risk Analysis and Risk Management Verification and Validation Software Quality Assurance Plan for Maintenance Analysis Design Implement Test Maintain Software Engineering is often thought of as a series of separate, discrete activities (such as design, coding, testing) that lead to a finished product. However, quality software is not composed of discrete processes; instead, it is composed of continual processes that guide the development activity. Most of these activities are continuous; that is, the activities are performed throughout the entire software development effort. Some of these activities, such as analysis, design, implementation, and testing are discrete. The discrete activities are done according to a lifecycle. Selection of the correct lifecycle is therefore extremely important to the success of the overall software project. The following diagram shows the relationship between discrete and continuous activities. The top row consists of discrete activities; each have distinct entrance and exit criteria (even though they may be iterative). The lower rows are representative of continuous activities; activities that should continue for the life of the software project.
什么是软件质量? 计算机系统卓越程度的所有属性的集合 “所有属性的集合”包括可靠性、可维护性、可用性,等等。 “卓越”属于软件质量的定义范畴。 ---《Definitions in Software Quality Management>
什么是软件质量? 软件产品满足明示需求程度的一组属性的集合。 软件产品满足明示或暗示需求能力的特性和特征的集合。 有些公司生产客户设计的产品。客户拿着详细的规约,里面准确地描述出客户要什么和公司生产什么。在这种情况下,“质量”意味着满足客户的规约。 绝大多数软件开发人员不会有这样知识渊博而且一丝不苟的客户。对于这些开发人员来说,产品和服务的质量就是客户的满意度,而不是满足规约。
软件质量因素 Factors Criteria
软件质量因素 1. Per ISO/IEC 9126 specification the Software Quality is expressed in terms of six factors: Functionality, Reliability, Usability, Efficiency , Maintainability, Portability 2. Each factor is qualified via a set of criteria (software oriented concerns) and each criterion is measured in terms of a set of metrics. Factors Criteria
软件质量因素 3. Different parts of the product can have different combinations of desired quality characteristics. Efficiency may be critical for certain components, while usability is paramount for others. 4. Identify quality characteristics that apply to the entire product from those that are specific to certain components, certain user classes, or particular usage situations. Factors Criteria 你必须认识到软件质量是分层次的。首先,软件产品必须提供用户所需的功能。如果做不到这一点,什么产品都没有意义。其次,这个产品必须能够正常工作。如果产品中有很多缺陷,不能正常工作,那么无论这种产品其他性能如何,用户也不会使用它。 ---Watts Humphrey
软件质量因素 5. Document quality characteristics in the requirements specification. 6. If we cannot quantify some of the quality attributes, at least define the priorities and preferences. Factors Criteria
软件质量有何特点? 软件开发与硬件制造体系的比较? 风险不断增长 Project Production 1 2 3 4 5 6 由于标准化程度低,软件项目大多数不属于大规模重复生产。 1 2 3 4 5 6 非客户化的重复生产 从未做过的项目 新开发的流程 有成熟的流程模板 以客户化为主的重复生产 少量客户化的重复生产 效率不断提高
软件质量有何特点? 软硬件行业的分工不同,软件产品难以横向比较 标准化程度低 软件的故障曲线与硬件不同 软件的维护方式与硬件不同 软件是设计开发出来的,而不是制造出来的 软件的技术与管理的客体合一 度量困难 软约束为主 QC手段落后于软件的发展 软件的特点,软件开发的特点,软件质量的特点
软件质量有何特点?
什么是软件质量保证? 与硬件系统不同,软件不会磨损;因此在软件交付之后,其可用性不会随时间的推移而改变。软件质量保证就是一个系统性的工作以提高软件交付时的水平。 ---James Dobbins 为什么需要软件质量保证?
什么是软件质量保证? 软件质量保证是一种应用于整个软件开发过程的保护性活动,SQA包括: 有效的软件工程技术(方法和工具), 在整个软件过程中采用的正式技术复审, 一种多层次的测试策略, 对软件文档及其修改的控制, 保证软件遵从软件开发标准的规程, 度量和报告机制。
什么是软件质量保证? 为软件开发过程,及其产品和所使用的资源提供一个独立的视角。 依据标准检查产品及其文档的符合性,软件开发所使用的流程的符合性。 通过对需求、设计和编码进行评审,减少在测试和集成阶段修改缺陷的成本。 产业界的大量研究(TRW、Nippon Electric和Mitre Corp.以及其他公司)表明设计活动引入的错误占软件过程中出现的所有错误(和最终的缺陷)数量的50%到65%。 为了说明尽早发现错误对成本的影响,我们将根据从大型软件项目中收集到的实际数据研究一系列的相对成本[IBM81]。假定在设计阶段发现的错误的改正成本为1个货币单位,在测试开始之前发现一个错误的改正成本为6.5个货币单位,在测试时发现一个错误的改正成本为15个货币单位,而在发布之后发现一个错误的改正成本为60到100个货币单位。
什么是软件质量保证? 是过程保证还是产品保证? 是否贯穿于软件开发的全过程? 是与开发活动同时实施还是事后的检验? 是否仅仅是一些填写检查单的活动?
什么是软件质量保证? 软件质量保证是一系列系统性的活动,它提供开发出满足使用要求产品的软件过程的能力证据。
为什么会有质量问题? ?
为什么会有质量问题? Variance
Results are always variable Work activities Requirements Ideas Time Products & Service process Technology Energy Material People External Influence Factors The external influence factors may influence both input and work activities. Since there are many factors influence the results of process, the results are always variable. Stable process means that the results is predictable, e.g. results vary in a predictable range.
为什么会有质量问题? Man Machine Material Method Environment Measurement
为什么会有质量问题? PEOPLE PROCESS TECHNOLOGY
怎样提高软件质量? ISO9000 CMM 6 sigma PDCA SPC Quality tools
怎样提高软件质量? 过程控制 (process control) 定量管理 (quantitative management) 持续改善 (continuous improvement) 缺陷预防 (defects prevention) 手段与目的
Major determinants of product cost, Why focus on process? Process holds the elements together People Practices Technology Process Major determinants of product cost, schedule, and quality
Why focus on process? Why not focus on people? Focusing on process puts the emphasis on having good process to follow, not on hiring only brilliant people. Rather than having people work harder, have them work smarter. Why not focus on technology? Look at the dot.com bust Technology is our friend, but it’s not the only answer to our problems Process is part of the answer When supported by training, enough money, enough skilled people, proper tools, and management commitment, can help your organization
定量管理 Definition A Software metric is defined as a unit that enables one to quantitatively determine the extent to which a Software process, product, or project possesses a certain attribute. Metrics Characteristics Simple to understand and precisely defined Inexpensive to use Robust Consistent and used over time
定量管理 Why We use Metrics? When you can measure what you are talking about, and express it in numbers, you know something about it; but when you cannot measure it, and when you cannot express it in numbers, your knowledge is of a meagre and unsatisfactory kind; -- Lord Kelvin You cannot control what you cannot measure. -- DeMarco
定量管理 Why we use metrics?(Continue) More accurate Comparable Measurement (Measurement is not the goal, the goal is improve the quality of software development through measurement, analysis and feedback)
定量管理 Usage of Software Metrics(EMP) E-----Evaluating the past M-----Monitoring the present P-----Predicting the future Measurement Areas Process Product Project
定量管理 Both the software process and products are quantitatively understood and controlled. Quantitative Management is not equal to metrics. Metrics is indicators which represent the status of project or organization. On the other hand, Quantitative Management involves making decision based the metrics as well as historical data. The focus of Quantitative Management is to make process stable and predictable.
质量工具
质量工具 From this chart, we can find that most of faults fall into A4 and A2 categories. So it would be effective to devote our effort to analyze the causes of faults in these 2 categories. Pareto Chart is a kind of bar chart, in which bars were in descending order. And, the cumulative percentage line may be plotted as well. Pareto Chart can be used to determine what is majority of the defects or problems. So it can be help you to focus your effort on the majority of the defects or problems. The causes of defects or problems can not be derived from Pareto Chart directly.
质量工具 Scatter Diagram is a graphic technique to analyze the relationship between two variables. - What happens to one variable when other is changed - Test to see if there is really a relationship predicted by some theory This diagram doesn’t prove cause & effect. This chart want to find the relation between Inspection Code Size & Fault Detection Density. The diagram suggested that the smaller inspection code size, the more defects identified from inspection.
质量工具 This Run Chart suggested that productivity is increasing by yearly basis. Run Chart (trend chart) is a kind of lines, in which data are plotted in time sequence. Run Chart can be used to identify the trend of data.
质量工具 Project Management Process Technique / Engineering Tools Tight Schedule Process change Quality gate for coding phase was changed from inspection to review. Not all engineers receive sufficient domain training The software architecture was not well designed. No tools available facilitate unit test Total 407 defects were reported during system test Cause & Effect Diagram is a fishbone resembled chart, to identify all the possible causes that may be contributing to a specific problem or effect. It is also known as Fishbone Diagram. This diagram is typically result of a brainstorming session.
软件质量保证活动 Software Quality Assurance involves reviewing and auditing the software products and activities to verify that they comply with the applicable procedures and standards. providing the managers and software project team members with the results of these reviews and audits.
软件质量保证活动 Verification and Validation Test Review Audit Inspection Verification - Verifying software means that you are producing software in accordance with some process that has checks and feedback to ensure quality in the creation process. Verification answers the question “Are we producing the software right?” Validation – Validation issues deal with the question “Are we producing the right software?” This process determines if you are producing software that meets the needs of the user. Software that is well written and is of high quality is useless if it does not meet user requirements. The software audit is an independent evaluation of the software products and the processes of a project or a functional area to ascertain the compliance with standards, requirements, specifications and procedures.
缺陷与成本
质量成本
质量成本 According to QAI, • Prevention costs have a 10:1 payback. • Detection costs have a 3:1 payback.
Quality is free