Chapter 3

Assuring DigitalHome Quality

Software Quality Assurance

After the project team had decided on their development process (Table 3.1), Jose Ortiz asked the team to remember the importance that HomeOwner management had placed on the need for a high-quality DigitalHome prototype. Massood Zewail, who is a recent graduate of a Master of software engineering program, affirmed the importance of software quality assurance (SQA) and suggested that the team study the V-Model software development process for its features, which would help ensure a high-quality product. Some members of the team were not familiar with the V-Model, and some were not convinced its quality features could be properly integrated into the Table 3.1 process. Also, Yao Wang expressed concern about ensuring the security of DigitalHome system. Jose asked Massood to prepare a tutorial on SQA and include discussion of the V-Model security engineering. Massood agreed to deliver a tutorial on quality assurance; however, he also pointed out that “quality without measurement is just cheerleading”; therefore, he also included some discussion of measurement as part of his presentation.

Table 3.1   DigitalHome Development Process Script

Purpose	Guide the development of the DigitalHome software system
Entry Criteria	Identification of a problem or opportunity, which may need a software solution
Phase	Activity
Project Inception	Establish the business case and feasibility for the project Determine the scope of the project Develop a customer need statement Develop a high-level requirements document
Project Launch	Establish development team, and their roles, responsibilities, and goals. Analyze Need Statement Establish a Development Process Identify External Interfaces and create Context Diagram Create a Conceptual Design Determine a Development Strategy Research and study of possible project technology
Planning (discussed in Chapter 4)	Develop Task, Schedule, and Resource Plans Develop a Risk Plan Develop a Quality Plan Develop a Configuration Management Plan Determine project standards and tools Perform project planning/tracking
Analysis (discussed in Chapter 5)	Review the Need Statement and prepare for requirements elicitation Elicit requirements from potential customers and users Analyze requirements and build object-oriented analysis models Specify and documents requirements in an SRS Inspect and revise the SRS Obtain customer agreement to requirements Develop a System Test Plan Develop Requirements Traceability Matrix (RTM) Develop User Manual Track, monitor and update plans (Task/Schedule/Quality/CM/Risk) & RTM
Architectural Design (discussed in Chapter 6)	Develop OO high-level design models Refine the OO analysis models Develop additional design models Specify and document design in an SDS (Software Design Specification) Develop a Build/Integration Plan Review and revise the SDS Consult with customer, and revise SRS and SDS, as appropriate Track, monitor and update plans (Task/Schedule/Quality/CM/Risk) & RTM
Construction Increment 1, 2,... (discussed in Chapter 7)	Complete Class Specifications (data types and operation logic) Develop Increment (Class/Integration) Test Plan Set up appropriate test environment (e.g., test harness, stubs/drivers) Review the Class Specifications Write source code Review and test the source code Integrate code with previous increments Perform Increment (Class/Integration) Test Consult with customer, and revise SRS, SDS, and code, as appropriate Track, monitor and update plans (Task/Schedule/Quality/CM/Risk) & RTM
System Test	Update test environment Update System Test Plan Perform the System Test Consult with customer, and revise requirements, design and code as appropriate Track, monitor and update plans (Task/Schedule/Quality/CM/Risk) & RTM
Acceptance Test	Prepare Acceptance Test materials (including a user’s manual) Set up customer test environment Customer performs Acceptance Test Revise SRS, SDS, code, and User Manual as appropriate Track, monitor, and update plans (Task/Schedule/Quality/CM/Risk) & RTM
Postmortem	Perform postmortem analysis of project process and product quality
Exit Criteria	Completed SRS, SDS, RTM, User Manual, System Test Plan Source code for a thoroughly reviewed and tested program Completed plan documentation Project postmortem report

MiniTutorial 3.1: Quality Assurance throughout Software Development Life Cycle

Why Quality?

Quality assurance should be an integral part of software development and be embedded in every phase of the development life cycle. By controlling quality during software development, there is a better chance of meeting the project schedule and budget. In addition, software quality has become a competitive issue and is essential for survival of a development organization. By producing high-quality software products, an organization can retain its existing customers, and can potentially gain additional customers from its competitors.

Achieving high quality requires buy in from every member of the organization. Managers must provide appropriate training and tools to enable the employees to achieve the quality goals. Also, managers need to establish project plans that provide sufficient time for the project team to develop a quality product. Unfortunately, some managers view activities associated with quality assurance as non-productive activities; however, industry data has shown that quality assurance activities, throughout the development life cycle, result in significant savings.

SQA is “a set of activities that define and assess the adequacy of software processes to provide evidence that establishes confidence that the software processes are appropriate for and produce software products of suitable quality for their intended purposes” [IEEE 730]. Software quality is typically expressed in one of two ways: defect rate (e.g., defects per lines of source codes, per function point, or per some other unit) and reliability (number of failures per some unit of time, mean time to failure, or probability of failure-free operation in some specified time) [Kan 2002].

Numerous studies have shown that SQA has played a major role in the overall cost and schedule of software projects [Davis 2003, Dehaghani 2013, Parnas 2003, Standish 2020]. In the early years of the software development industry, SQA was synonymous with software testing. As a result, since the waterfall model visually presented the development process as a series of sequential phases (see Figure 3.1), this promoted the idea that software quality activities would be conducted after most of development was complete.

Figure 3.1   Waterfall process model.

However, industry data has revealed that 50%–60% of project defects are introduced during the requirements phase [Marandi 2014]. Of course, there are problems with not detecting and removing defects as early as possible. First, every defect that is not found at the phase in which it is introduced has the potential to introduce up to ten additional defects in the following phases of development. Therefore, a defect introduced during the requirements phase has the potential to introduce numerous defects during the implementation phase. The second problem with leaving defects in the product at the earlier phases of the development is that the cost associated with its removal in later phases is much higher than the cost that would be required to remove it in the hase in which it was introduced (see Figure 3.2) [Jones 2003]. For example, imagine a defect that is introduced during the requirements phase, which might easily be detected (we discuss different detection techniques later in this chapter) and corrected with a word processor. If that defect is detected during the testing phase, it might require a change in design and implementation at a much higher cost.

Figure 3.2   Defect removal cost increase.

Over the years, as the field of software engineering has matured, alternative development life cycles have been introduced, with each providing additional advantages and disadvantages over the waterfall model. Different development life cycles are discussed in Chapter 2; however, we will discuss a development life cycle model called the “V-Model”, in which quality is a prominent.

The “V-Model” Development Life Cycle

The V-Model development life cycle model, which was discussed briefly in Chapter 2, emphasizes software quality activities. As represented in Figure 3.3, the V-Model contains seven square boxes, where each box represents some activity associated with the development and/or quality assurance of the software product. There are two bubbles, where each bubble represents a quality review activity that is performed on the artifacts that are generated from the activities performed at each of the square boxes. There are three paths that are identified as part of this life cycle: the development phase (yellow boxes and solid blue arrows), the quality assurance planning path (the orange dash-dot lines connecting the green boxes), and the quality assurance execution path (the green boxes and the light blue dash-dot lines). The blue dot line shows the bi-directional relationship between the yellow and green boxes. Finally, at each phase, there are quality review activities (inspection, walk-through).

Figure 3.3   V-Model development life cycle.

The key idea behind the V-Model is the fact that quality assurance has been integrated throughout the development life cycle. There is a quality review that is performed on each artifact that is generated as part of the development life cycle. In addition, as the requirements are being defined, the system test plan is also created. The same is true about the high-level design and detail design, which are in parallel with development of the integration and unit test plans, respectively. Of course, as source code is created the unit tests are executed, and as design modules are integrated, the integration test is executed, and finally the system test is executed at the completion of the product or subproduct. This process supports Test-Driven Development, which promotes the concept of designing the test, before writing any code.

Security Engineering

An essential element of quality assurance is to protect the security of a system [Pressman 2015]. With the development of a system such as DigitalHome, developers must be aware of potential attacks on user privacy and DigitalHome information. Security engineering consists of methods and practices that help protect from such attacks and ensure the security of a system.

The following are key techniques used to protect the security of a system:

• ■   Security Risk Management – identify, analyze, and monitor security risks. Chapter 4 contains a section on risk management which covers a spectrum of risks, including security risks.

• ■   Security Requirements Engineering – elicit, analyze, specify, and validate security requirements. Chapter 5 discusses requirements activities for a range of requirements types, including security requirements.

• ■   Security Design – develop an architecture and design modules, which help ensure security requirements are properly implemented. Chapter 6 discusses design concepts, such as Modularity, Abstraction, Information Hiding, High Cohesion, and Low Coupling, which support development of a system which addresses security issues.

• ■   Secure Coding – use of coding practices such as adopting a secure coding standard, validating input, rigorous access denial, and implementing multiple defensive strategies. Chapter 7 covers this area.

• ■   Security Verification – use of verification techniques such as requirements, design and code reviews, and software testing to check for security problems. These techniques are covered later in this chapter.

Exercise 3.1: Security Attacks

After the discussion of the “Security Engineering”, Massood led the team in a discussion about potential attacks on the security of the DigitalHome system.

The exercise, described at the end of this chapter, deals with the DH Team’s discussion.

The Defect Life Cycle

• ■   As shown in Figure 3.4, developers introduce, through a mistake or an error, a defect (or fault) into a product. If the fault is not exposed during program execution, there would be no external evidence of its existence; however, as soon as that defect/fault is executed, it results in a failure. For example, imagine a mistake of using a “<” rather than “>” in the control of thermostat setting could produce a problem with turning on the air conditioning system during a hot summer day. Understanding this “defect life cycle” is critical in the overall perceived quality of the product. A product may have many defects embedded in it, and still be perceived as a quality product, as long as none of those defects are exposed in execution. Therefore, it is very important to establish appropriate quality control strategies to detect and remove defects that have the potential to be executed during operation. This may mean prioritizing the defects and removing the defects that have the highest probability of execution. This is an acceptable strategy and practice, as it is almost impossible to remove all the defects from a large, complex system.

Figure 3.4   Defect life cycle.

Cost of Quality

There are several factors that influence the overall cost of software quality:

• ■   the overall complexity and size of the product;

• ■   the criticality of the product (i.e., as the cost of failure increases, the quality cost increases);

• ■   the inherent risk of the product (i.e., typically there is a higher quality cost associated with high risk projects, such as a real-time embedded systems);

• ■   the competency of the developers and quality assurance personnel;

• ■   product stability/volatility (i.e., the more volatile product typically results in a lower quality product); and

• ■   the availability and the efficiency of the development and testing infrastructure (i.e., automation tools can reduce the overall cost of quality).

The overall maturity of the organization and its personnel will have a direct relationship with the overall quality costs of the product.

There are number of factors that contribute to the cost of quality activities:

• ■   Prevention Cost – this includes all the costs, which are associated with activities by the project team to prevent introduction of defects into the product. Establishing standards, processes, and infrastructure are contributors to this cost.

• ■   Appraisal Cost – this includes all the costs, which are associated with activities by project team to appraise the quality of the product. These are activities that are associated with the detection of the defects in the product. Inspections and testing are examples of such activity.

• ■   Failure Cost – this includes the cost that is associated with the activities, which result from a product failure. There are two different categories of failure costs: internal and external. An example of an internal failure cost is the rework cost associated with the failure that is detected during software testing. Examples of external failure costs include the maintenance cost after the product release, the recall associated with the faulty product, or the litigation cost that is associated with the failed product.

Given the competitive nature of the software industry, and the effect of the software products on day-to-day activities, it is necessary to invest an appropriate level of resources throughout the development life cycle to achieve the desired level of quality. The key phrases in this statement are the “appropriate level of resources” and “desired level of quality”. Unfortunately, in most cases, there are not enough resources available in a project to build an error-free product, and it is rare that a complex product is free of error. One of the biggest challenges in quality assurance is to find the right balance between the desired level of quality, and appropriate level of resources. The next section describes activities that can help reach the right balance.

Exercise 3.2: Cost of Quality Experiences

After the discussion of the “Cost of Quality”, Massood lead the team in a discussion about their experiences with the types of costs of quality they had experienced in their previous software development work.

The exercise, described at the end of this chapter, deals with the DH Team’s discussion.

Software Quality Assurance Processes

Massood Zewail also prepared and delivered tutorial on the processes used in SQA.

MiniTutorial 3.2: Software Quality Processes

There are five major processes associated with SQA; these are planning, oversight, record keeping, analysis, and reporting [IEEE 730].

• ■   During the Planning activities, the organization identifies a set of quality goals and develops a roadmap on how to achieve those quality goals. The roadmap includes the purpose and the scope of the quality activities, and the required resources and processes that need to be implemented to achieve those quality goals. In addition, roles and responsibilities of the people involved in quality assurance activities are defined. In some organizations, especially for large complex projects, SQA personnel are separate from the development team. A SQA plan is an artifact that is generated as the result of planning activities. Such a plan would be the type of plan specified as a “Quality Plan” in Planning section of the DigitalHome Development Process Script in Table 3.1.

• ■   During the Oversight activities, the quality assurance personnel (which may or may not include the development team) will monitor the software development process, and the resulting product to make sure all the processes are followed, and the quality goals are met. One major component of the oversight is measurement and data collection.

• ■   Record Keeping requires identification of the data that is going to be collected, the tools and procedures that will be used to facilitate data collection and storage, and the roles and responsibilities associated with the record keeping.

• ■   Once the data is collected and stored, the Analysis process begins. Through the data analysis the quality assurance personnel and the developers will be able to monitor the success and failure of the quality assurance processes. The analysis will reveal the opportunities for continuous improvement.

• ■   The information collected as part of the quality assurance activities is valuable data that needs to be shared with different constituents. Reporting of the data must include what data is to be collected and who will receive it. Who will receive data needs to be identified early in the quality assurance process and communicated with every member of the team (developers and quality assurance people). Such communication is part of confidence building between the quality assurance people, developers, and managers.

Software Quality Assurance Plan (SQAP)

The purpose of the SQAP is to establish the scope, goals, processes, resources, and responsibilities that are required in to implement an effective quality assurance function. The SQAP is a quality plan that incorporates the elements of SQA activities discussed in the previous section in Table 3.1. The IEEE Standard for Software Quality Assurance Process [IEEE 730] specifies that a SQAP document should contain the following sections:

• ■   Purpose – identifies the specific purpose and scope of the SQA activities, including the portion of the software and the specific phases of the development life cycle that are within the scope of these SQA activities.

• ■   References – lists documents that are needed throughout for the SQA activities.

• ■   Management – describes the project’s organization structure, its tasks, and its roles and responsibilities.

• ■   Documentation – identifies the set of documents (i.e., requirement, design, etc.) that fall within the scope of the SQA activities. This section will lay out a plan on how each document will be assessed and approved. In addition, this section will identify the set of documents that will be generated as part of the SQA activities.

• ■   Standards and Metrics – describes the set of standards and metrics that will be used throughout the quality assurance activities.

• ■   Reviews and Audits – defines the different reviews and audits that will be conducted throughout the quality assurance activities; this includes what reviews and audits will be conducted, how they will be accomplished, and how the results of those audits and reviews will be used.

• ■   Testing – describes the overall activities that are associated with the software testing. This includes, making sure that the tests are conducted on time, follow the defined process, and appropriate data is collected.

• ■   Problem Reporting and Corrective Actions – specifies how problem reports are collected, who will see those data, and what procedures should be followed for implementing the appropriate corrective actions.

• ■   Training – identifies the necessary training, if any, that is needed to make sure that the people involved in the quality assurance process are able to conduct their roles and responsibilities effectively.

Exercise 3.3: Software Quality Assurance Planning

After Massood’s discussion of SQA planning, Disha Chandra lead the team in a discussion SQA planning.

The exercise, described at the end of this chapter, deals with the DH Team’s discussion.

Quality Measurement and Defect Tracking

Jose Ortiz asked Massood Zewail if he would also prepare and deliver a tutorial on the processes used in software quality measurement and tracking.

MiniTutorial 3.3: Quality Measurement and Defect Tracking

Evidence of the presence, absence, or variance from the expected quality of a software assurance activity can be determined through measurement. Establishing a solid measurement strategy is one of the most important components of any quality assurance organization. As the IEEE Standard for a Software Quality Metrics Methodology [IEEE 1061] states “…defining software quality for a system is equivalent to defining a list of software quality attributes required for that system. In order to measure the software quality attributes, an appropriate set of software metrics shall be identified”. When planning for a measurement strategy, the following questions are appropriate:

• ■   Why do we need to measure?

• ■   What do we need to measure?

• ■   How do we conduct these measurements?

• ■   Who will be looking at these data?

• ■   What do we do with the data collected?

The answer to these questions provides guidelines for the establishment of the metrics that are needed, the personnel that are going to conduct these measurements, the infrastructure that are needed to collect and maintain the data, the necessary analysis of the data, and personnel who will have access to the data and the driven analysis.

Of course, care must be taken to make sure there is a good balance between the amount of time and effort that is required to conduct the measurement and that needed for the corresponding analysis of the data measured. An overwhelming measurement strategy is not sustainable in a long haul and will result in an inaccurate and incomplete data set. Therefore, an ideal measurement strategy should have the following characteristics:

• ■   Simplicity – it is intuitive and easy to understand.

• ■   Validity – it measures what it claims to measure.

• ■   Robustness – the measurement value is insensitive to outside factors.

• ■   Independence – the measurement values interpretation is not dependent on other measurement values.

• ■   Prescriptiveness – the measurement helps project management accurately identify and avoid potential problems (you know which direction is good and which is bad).

• ■   Analyzability – the measurement can be analyzed using statistical techniques.

Defining Metrics

As previously discussed, one of the first questions to ask in order to establish a measurement strategy is “Why we need to measure?” Of course, the main reason is to produce a quality product. Therefore, there should be clear quality assurance goals and the appropriate measurements to evaluate whether those goals have been achieved. There are several techniques for accomplishing this task. One such technique called Goal/Question/Metrics (GQM) [Basili 1984], by which an organization can establish a set of quality goals that need to be achieved. The GQM technique establishes a process to monitor the achievement of the goals.

The GQM technique first requires the organization (or project team) to establish a set of quality goals for the project. It is possible that a large number of quality goals have been identified, and as a result, it may be very difficult, given the project resources and schedule, to achieve all the identified goals. In such a case, the team should prioritize these goals and try to achieve as many of the highest priority goals as possible. Once the quality goals are identified, the team can identify questions about how these goals can be achieved and know when the goals have been achieved. The purpose of these questions is to identify the appropriate metrics that needs to be collected to evaluate whether those goals are achieved. Figure 3.5 represents a GQM analysis.

Figure 3.5   GQM analysis.

For example, let us assume that one of our quality goals for the organization is to make sure no more than 5% of the product defects are found after the product release. In this case, we could ask the following questions:

• ■   During life of the product, how many defects (before and after product release) will be found?

• ■   What percent of the defects are found before the product release?

• ■   What percent of the defects are found after the product release?

• ■   Which quality assurance activities are best at discovering product defects during the development?

Given the question about percent of defects found before the product release, the following measurements are relevant:

• ■   Number of defects found before the release.

• ■   Number of defects found after the release.

• ■   Number of new defects that are found after the defect fixes.

• ■   Number of defects that are found in the field after the defect fixes.

The four metrics should help answer the question about percent of defects found before the product release. If a quality goal is not achieved, then the organization needs to modify its quality improvement procedures to achieve the quality goal. This may require identifying additional questions, and the corresponding metrics that help achieve the goal, and integrating additional defect prevention and detection activities during the development.

Quality Metrics

There are several product metrics that can be used to measure quality; however, generally, they can be grouped into two major categories:

• ■   Quality metrics during the development

• ■   Quality metrics post release

Quality Metrics During Development

Software metrics provide insight to the development team about the status of the project, quality of the product, quality of the processes that are used, and provide the basis for decision making. The following are advantages of these metrics:

• ■   Keeping schedules realistic.

• ■   Making project control and risk assessment more quantitative.

• ■   Identifying overly complex programs.

• ■   Identifying areas where tools are needed.

• ■   Providing data for root cause analysis (a method used for identifying the root causes of faults or problems).

• ■   Avoiding premature product release.

Some examples of these metrics include:

• ■   Project metrics: These metrics help the development team to monitor and control the project progress. Some examples of these metrics include:

  • –   Schedule metrics identify any variation from the project schedule.

  • –   Cost metrics identify variation from the expected project cost.

  • –   Requirement change request metrics monitor the number of change requests, their frequency, and when these changes are requested. Unstable requirements are the major cause of project cost and schedule overrun.

  • –   Effort metrics monitor the project actual progress versus the planned progress.

  • –   Repair/rework metrics provide information about the quality of the product while under development, and the potential for project schedule and cost overruns.

• ■   Product metrics: These metrics provide the development team insight into the quality of the product under the development.

  • –   Requirements metrics provide information about the quality of requirements, such as their ambiguity, incompleteness, and complexity. A lower quality requirement points to potential problems throughout the development life cycle.

  • –   Design metrics provide information about the quality of the design, such as its cyclomatic complexity, cohesion, coupling, function points, depth of inheritance, and stability. The more complex the product design, the higher cost for product maintainability.

  • –   Implementation metrics provide information about the quality of the code, such as defect density (e.g., defects/KLOC), size of source code (in LOC), size of binary code, code path lengths, and percent of source code compliance with coding standards.

  • –   Test metrics provide information about product units and the overall product, such as the number of tests cases per software unit, the degree to which test cases cover the requirements, and the number of defects discovered with testing.

• ■   Process metrics: These metrics provides insight about the effectiveness of the processes used to develop a product.

  • –   Efficiency metrics provide insight about the quality of the process implemented by the development team. For example, the defect removal efficiency provides insight about the quality of the defect removal process, and how many defects were removed before the product release versus the defects found by the end user.

  • –   Cycle time metrics provide insight into the agility of the development team from the time an idea is developed to the time it is in place. For example, cycle time for code development measures from the time design is committed to and then implemented.

  • –   Turnaround time metrics measure the time a defect is identified to the time that defect is fixed.

Quality Metrics Post Release

These metrics provide insight into the quality of the product from the customer point of view. Some examples of these metrics include:

• ■   Customer satisfaction

  • –   Number of system enhancement requests

  • –   Number of maintenance requests

  • –   Number of product recalls

• ■   Responsiveness to user requests

• ■   Reliability

  • –   Availability

  • –   Mean time between failure

  • –   Mean time to repair

• ■   Cost of defects to customer

  • –   Annual maintenance cost

  • –   Business lost cost

• ■   Ease of use (complexity of the product in operation)

Exercise 3.4: DH Quality Measurement Strategy

After Massood’s discussion of quality measurement, Disha Chandra decided the team needed to create a quality measurement strategy.

The exercise, described at the end of this chapter, deals with the DH Team’s discussion.

Exercise 3.5: DH Goal/Question/Metric

Disha asked the team to use the GQM technique to evaluate the effectiveness of the coding standard being considered for the DH project: Java Code Conventions [Sun 1997].

The exercise, described at the end of this chapter, deals with the DH Team’s use of the GQM technique.

After Massood’s tutorial on SQA, Disha Chandra asked Michel Jackson to prepare and deliver additional material on common quality assurance activities.

MiniTutorial 3.4: Quality Assurance Activities

Validation and Verification (V&V)

Validation and Verification are two common terminologies that are associated with quality assurance:

Verification – The process of evaluating a system or component to determine whether the products of a given development phase satisfy the conditions imposed at the start of that phase [IEEE 1012]. In another words, it answers the question of whether the product is being built the right way.

Validation – The process of evaluating a system or component during or at the end of the development process to determine whether it satisfies specified requirements [IEEE 1012]. In another words, it answers the question of whether the right product is being built.

Verification typically involves evaluation of the documents, plans, requirements and design specifications, code units, and test cases. These are sometimes referred to as static evaluation, since no code is executed. On the other hand, validation is the evaluation of the product itself. This is referred to as dynamic evaluation (testing) of the product.

Validation typically follows the verification process. Therefore, the inputs to verification are static products, and its output is the same product with hopefully much higher quality, whereas the input to the validation process is a set of test cases that evaluate the product, and its output is hopefully a perfect product.

There are quality assurance techniques that are associated with V&V, some of these techniques are covered in the following sections.

Independent Validation and Verification (IV&V)

V&V can either be conducted by the development team or by an independent group which may or may not work in the same organization as the development team; but the independent group is not part of the development team. There are advantages and disadvantages associated with conducting the quality reviews by an independent group. Table 3.2 lists some of the advantages and disadvantages of the IV&V.

Table 3.2   IV&V Advantages and Disadvantages

IV&V Advantages	IV&V Disadvantages
New set of eyes Not invested in the development Not reporting to the same manager Independent appraisal (potentially higher confidence)	Additional learning curve Higher cost

Quality Reviews

By performing quality reviews throughout the development life cycle we are able to identify and remove the defects as early as possible. As illustrated in Figure 3.2 the earlier a defect if detected, the cheaper it is to fix. Table 3.3 shows the approximate cost/effort associated with the removal of a requirement defect in different phases of the development life cycle.

Table 3.3   Cost of Removing a Requirement Defect

Phase	Activities/Resources	Cost
Requirements	Interaction with Stakeholders Requirement documentation update	100–200
Design	Interaction with Stakeholders Requirement documentation update Redesign Design document update	300–1000
Construction and Testing	Interaction with Stakeholders Requirement documentation update Redesign Design document update Coding Testing	1000–10,000
Operation	Interaction with Stakeholders Requirement documentation update Redesign Design document update Coding Testing Repackaging and deployment	1000–10,000 + cost of Recall Redistribution Unsatisfied customers Legal (lawyer, litigation, fines, etc.)

Note: Table 3.3 does not consider the activities that are associated with the defect detections and the corresponding cost associated with those activities.

There are number of different quality review techniques; three such techniques are walk-through, Technical Review, and Inspection [IEEE 1028]. These quality reviews are conducted on different software artifacts, such as requirements specifications, design descriptions, source code, or test plans.

Walk-through

A walk-through is the least formal quality review. During a walk-through, the software artifact owner will lead members of the walk-through team through a review of the artifact. The participants in the walk-through have the opportunity to ask questions and/or make comments about potential problems in the artifact, or potential violation of standards.

There are typically two major objectives for conducting a walk-through:

• ■   To collect input from the walk-through participants about the quality of the product, and whether the product under development is meeting the identified standards.

• ■   To give the participants an opportunity to learn about the product under review; the walk-through is used as a vehicle for knowledge transfer.

The participants in a walk-through are:

• ■   Walk-through Leader – conducts the walk-through, handles the administrative tasks pertaining to the walk-through, and ensures that the walk-through is conducted in an orderly manner.

• ■   Author of the Product – presents the software artifact in the walk-through.

• ■   Recorder – records all decisions and identified actions arising during the walk-through meeting.

• ■   Team Member – prepares for and actively participates in the walk-through, and identifies and describes anomalies in the software product.

Technical Review

Technical Review is more formal than a typical walk-through. The purpose of a technical review is to evaluate a software artifact using a team of qualified personnel to determine its suitability for its intended use and identify discrepancies from specifications and standards. It provides management with evidence to confirm the technical status of the project. Technical reviews may also provide recommendation and examination of various alternatives, which may require more than one meeting. In a technical review, almost all the participants are technically competent in the same area as the software artifact under review. For example, if the artifact under the review is software design specification, then almost all participants have technical background in software design.

The following are the list of potential participants in a technical review meeting:

• ■   Decision Maker – the person who requested the technical review and is the final authority on whether the meeting has achieved its stated objective.

• ■   Review Leader – performs administrative tasks pertaining to the review, ensures that the review is conducted in an orderly manner, and ensures that the review meets its objectives.

• ■   Recorder – documents anomalies, action items, decisions, and recommendations made by the review team.

• ■   Technical Reviewers – actively participate in the review and evaluation of the software artifact.

• ■   Management Representatives – participate in the technical review to identify issues that require management resolution. (e.g., additional resources needed due to a suggested alternative solution).

• ■   Customer or User Representative – may also participate in the meeting, either for better understanding of the solution approach and/or clarification of its need.

Inspection

The purpose of an inspection is to detect and identify software product defects. An inspection is a systematic peer examination that does one or more of the following [IEEE 1028]:

• ■   Verifies that the software product satisfies its specifications.

• ■   Verifies that the software product exhibits specified quality attributes.

• ■   Verifies that the software product conforms to applicable regulations, standards, guidelines, plans, specifications, and procedures.

• ■   Collects software engineering data (for example, anomaly and effort data) – data that may be used to improve the inspection (e.g., improved checklists).

• ■   Requests or grants waivers for violation of standards where the adjudication of the type and extent of violations are assigned to the inspection jurisdiction.

• ■   Uses the data as input to project management decisions as appropriate (e.g., to make trade-offs between additional inspections versus additional testing).

Inspection is the most formal quality review technique. The main difference between the inspection and technical review is that in a technical review, the participants may suggest alternative solutions; however, an inspection focuses on detecting and identifying defects. A technical review meeting can be long and laborious, as participants might have long technical discussions about what is the best solution to a specific problem. Inspections meetings are orderly and systematized. This discussion of inspection is based on [IEEE 1028], and the work of Michael Fagan and his “Fagan Inspection” [Fagan 1986].

The following are the list of participants in an inspection meeting:

• ■   Moderator (Inspection Leader) – responsible for planning and organizing the inspection, ensuring the inspection is conducted in an orderly manner and meets its objectives, and ensuring that the inspection data is collected.

• ■   Author – the owner of the document being inspected; contributes to the inspection based on special understanding of the software product, and performs any rework required to make the software product meet its inspection exit criteria.

• ■   Reader – leads the inspection team through the software product in a comprehensive and logical fashion, interpreting sections of the work, and highlights important aspects. This role may be carried out by the author.

• ■   Recorder – documents defects, action items, decisions, waivers, and recommendations made by the inspection team, and records inspection data required for process analysis.

• ■   Inspectors – identify and describe defects in the software product. Only those viewpoints pertinent to the inspection of the product should be presented. In an inspection, everyone also serves as the inspector except the author.

The inspection process is a formal process with number of distinct activities. Figure 3.6 displays the Fagan Inspection process.

Figure 3.6   Fagan inspection process.

The work product can be any software artifact (e.g., requirements specification, design description, test plan, source code, etc.). Once the work product is ready for review, then the inspection leader is informed.

For the preparation, the moderator identifies the appropriate participants in the inspection process; coordinates with the participants to set up the meeting; collects the work products and all appropriate supporting documents (i.e., references, checklists, inspection logs, etc.); and distributes them to the inspection participants.

The overview phase is an optional activity. In cases where the inspectors are not familiar with the work product, the author will provide an overview of the product to make sure everyone has a good understanding of what is being inspected.

During the individual inspection phase, each inspector inspects the work product (or the portion assigned). The inspectors record the defects discovered and the time spent inspecting in their individual inspection logs, which are turned into the moderator prior to the inspection meeting.

The formal meeting is the meeting in which the inspection participants meet to go over the product and identify product defects. Prior to the meeting, the moderator reviews the individual inspection logs to ensure all inspectors have completed their inspection tasks in a proper manner. As the meeting proceeds, the reader goes over the document one item at the time, and the inspectors identify the defects that they have discovered. The recorder records all the defects in the inspection meeting log, and at the end of the meeting, the meeting log is turned into the moderator.

The moderator gives the author a list of all the defects identified during the inspection process. The author will attempt to fix all the defects during the rework phase and return the modified work product to the moderator. In some cases, the author may think that an issue identified is a not a defect. In this case, the author will inform the moderator.

Depending on the quality of the product, and the number of defects identified, or other factors, the moderator or some other stakeholder may decide to call for follow-up activities. A follow-up activity may be another inspection for the work product, or additional rework by the author.

In some cases, there may be a final phase in the inspection process. This phase is called inspection analysis or sometimes referred to as the causal analysis phase. In this phase, the author, selected members of the inspection team, and other stakeholders meet to analyze the type of the defects that were discovered during the inspection phase and look for the root cause for the defects being introduced into the work product, and what can be done to prevent this from occurring again.

Exercise 3.6: Requirements Inspection

After the discussion of Quality Reviews, Disha Chandra asked the team to practice a requirements inspection on the DH High-Level Requirements Definition (HLRD).

The exercise, described at the end of this chapter, deals with the DH Team’s inspection.

Exercise 3.7: Code Review

After the discussion of Quality Reviews, Disha Chandra asked the team to practice a code review on pseudocode for a program unit.

The exercise, described at the end of this chapter, deals with the DH Team’s code review.

After Michel completed his tutorial on Quality Assurance Activities, Disha Chandra asked Michel “Why didn’t you include any material on testing?” Michel said he thought since testing was such a big topic, it would be best to cover it in a separate tutorial. Georgia Magee reminded Disha that she had worked for the last three years as a test engineer at HomeOwner and said she would be glad to cover software testing for the team. Disha said “fine – I never turn down a volunteer”.

MiniTutorial 3.5: Software Testing

The SWEBOK [Bourque 2014] states “Software testing consists of the dynamic verification that a program provides expected behaviors on a finite set of test cases, suitably selected from the usually infinite execution domain”. Software Testing is a critical element of SQA. It represents the ultimate review of the requirements specification, the design, and the code. It is the most widely used method to insure software quality. Many organizations spend 50% or more of development time in testing.

Key points about software testing:

• ■   Testing is concerned with establishing the presence of program defects, while debugging is concerned with finding where defects occur (in code, design, or requirements) and removing them (fault identification and removal). Even if the best review methods are used (throughout the entire development of software), testing is necessary.

• ■   Testing is the one step in software engineering process that could be viewed as destructive rather than constructive: “A successful test is one that breaks the software” [McConnell 2004].

• ■   A successful test is one that uncovers undiscovered defect.

• ■   Testing cannot show the absence of defects, it can only show that software defects are present.

• ■   For most software, exhaustive testing (test all possible cases) is not possible.

• ■   Software tests typically use a Test Harness: a system of test drivers, stubs, and other tools to support test execution.

  • –   A Test Driver is a utility program that applies test cases to a component being tested.

  • –   A Test Stub is a temporary, minimal implementation of a component to increase controllability and observability in testing. When testing a unit that references another unit, the unit must either be complete (and tested) or stubs must be created that can be used when executing a test case referencing the other unit.

Testing Types

Figure 3.7 shows the various types of tests associated with the software development life cycle [Pfleeger 2009].

Figure 3.7   Software development tests.

Unit Testing

• ■   Unit Testing – checks that an individual program unit (function/procedure/method, object class, package, module) behaves correctly. There are two broad categories of unit testing:

  • –   Static Testing – testing a unit without executing the unit code using a formal review (e.g., performing a symbolic execution of the unit).

  • –   Dynamic Testing – testing a unit by executing a program unit using test data.

There is some debate about what constitutes a “unit”. Here are some common definitions of a unit [McConnell 2004]:

• ■   the smallest chunk that can be compiled by itself

• ■   a stand-alone procedure or function

• ■   something so small that it would be developed by a single person

Figure 3.8 illustrates the various techniques used for unit testing [Pressman 2015]. A little detail about some of these techniques:

Figure 3.8   Unit testing techniques.

• ■   Static Techniques

  Symbolic Execution – works well for small programs.

  Program Proving – difficult and costly to apply, and may not guarantee correctness.

Anomaly Analysis –

• Inexecutable code (island code)

• Uninitialized variables

• Unused variables

• Unstructured loop entry and exit

• Dynamic Techniques

Black Box Techniques –

• Design of software tests relies on module purpose/description to devise test data.

• Uses inputs, functionality, outputs in test design.

• Treats a module like a “black box” (given specific input what would be the expected output?).

White Box Techniques –

• Design of software tests relies on module source code or detailed design to determine test data.

• Treats module like a “white box” or “glass box”.

The following issues should be considered when preparing a unit test plan:

• ■   Unit test planning is typically performed by the unit developer.

• ■   Planning of a unit test should take place as soon as possible.

• ■   Black box test planning can take place as soon as the functional requirements for a unit are specified.

• ■   White box test planning can take place as soon as the detailed design for a unit is complete.

• ■   If one is testing a single, simple unit that does not interact with other units, then one can write a program that runs the test cases in the test plan. However, if the unit must interact with other units, then it can be difficult to test it in isolation.

  • –   For example, a unit that loads a system initialization file may require numerous interactions with other units.

  • –   Such unit testing may require a test harness using drivers and stubs.

Integration Testing

The DigitalHome development process, defined in Table 3.1, prescribes an incremental construction procedure. As increments/units are developed, they are integrated with the other units previously tested and integrated. As each increment is developed, integration tests are conducted to uncover interfacing and interaction errors between the units.

There are various integration testing strategies:

• ■   Bottom-Up – test drivers assist in first testing lower level components.

• ■   Top-Down – component stubs assist in first testing higher level components.

• ■   Sandwich – a mixture of top-down and bottom-up approach.

• ■   Big-Bang – integrate all components together at same time and test them.

Figure 3.9 depicts a set of units developed incrementally, with a test harness of a driver and some stubs. For example, if a top-down approach was used, unit A would be developed first; then followed by integration and testing of units B, C, and D; and then followed by integration and testing of unit E. Such testing can result in significant improvements in finding and correcting interface defects; however, there are added overhead costs.

Figure 3.9   Integration testing units.

Typically, a “test scaffold” is built as part of test planning to support such hierarchical testing. Each time a new module is added (or changed), the previous tests of units must be executed again to check for problems not discovered earlier. This is called regression testing.

System Testing

System testing is testing conducted on a complete integrated system to evaluate the system’s compliance with its specified requirements.

There are various categories of system testing. Here are some of the categories:

• ■   Volume Testing – testing whether the system can cope with large data volumes.

• ■   Stress Testing – testing beyond the limits of normal operation (e.g., availability with high loads of use).

• ■   Endurance Testing – testing whether the system can operate for long periods?

• ■   Usability Testing – testing ease of use.

• ■   Security Testing – testing whether the system can withstand security attacks.

• ■   Performance Testing – testing the system response time.

• ■   Reliability Testing – testing whether the system operates effectively over time.

If use cases (use cases are discussed in Chapter 5) are used to specify the functional requirements for a system, the use cases can be transformed into operational test scenarios (OTS). Each OTS represents the execution of the program for some part of the requirements. Figure 3.10 shows a use case that represents part of the requirements for a system used to manage an airport. The Main Scenario states the requirements associated with use case.

Figure 3.10   Closed airport use case.

Figure 3.11 shows a test scenario derived from the Close Airport use case. The test scenario describes how the use case test should be carried out, and lists the order of interaction between a user and the system, with the inputs from the user and how the system should react.

Figure 3.11   Closed airport test scenario.

For most systems, a special type system test, an Acceptance Test, is conducted to see if the system satisfies the customer’s requirements. There are two types: of acceptance testing

• ■   Alpha Testing – conducted at the developer’s site by the customer.

• ■   Beta Testing – conducted at one or more customer sites by the end users.

Finally, a few key points about software testing:

• ■   Test Plans should be completed as soon as possible:

• ■   System test planning can start during the requirements phase.

• ■   Integration test planning can start during the high-level design phase.

• ■   Unit test planning can start during the detailed design phase.

Exercise 3.8: Unit Test Planning

After the discussion of Unit Testing, Georgia Magee asked the team to study a search algorithm and determine a set of test cases for the unit.

The exercise, described at the end of this chapter, deals with the DH Team’s unit test design.

Exercise 3.9: Integration Test Planning

After the discussion of Integration Testing, Georgia Magee asked the team to study a design diagram and determine a strategy for incremental development and integration testing.

The exercise, described at the end of this chapter, deals with the DH Team’s unit test design.

Exercise 3.9: Use Case Test Planning

After the discussion of System Testing, Georgia Magee asked the team to study a use case and then develop a test scenario for the use case.

The exercise, described at the end of this chapter, deals with the DH Team’s unit test design.

Case Study Exercises

Exercise 3.1: Security Attacks

After the discussion of the “Security Engineering”, Massood lead the team in a discussion about potential attacks on the security of the DigitalHome system.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Describe potential attacks on the security of a software system.

• Understand the importance of building secure software systems.

• Classify the different types of security problems.

• Assess the costs associated with building a secure system.

DH Case Study Artifacts

• DH Development Process Script (Table 2.1)

Exercise Description

1. As preparation for the exercise, read Chapter 1 and the Case Study Artifact listed above.

2. You will be assigned to a small development team (like the DH Team).

3. Each team meets, organizes, and carries out the following activities:

   • Each member of team discusses the following items:

     • Security problems they have experienced as a developer or user, or have knowledge in existing systems.

     • Potential security problems they see with the DigitalHome system.

     • Whether they have the appropriate level of background and experience to address the security problems.

   • The team identifies the most significant security issues in the team’s discussion of their software activities, and summarizes them in a report.

4. Choose one member of the team to present the team’s quality report.

Exercise 3.2: Cost of Quality Experiences

After the discussion of the “Cost of Quality”, Massood lead the team in a discussion of their experiences with the types of costs of quality they had experienced in their previous software development work.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Describe the quality of their software development activities.

• Reflect on the defect life cycle in software they have developed.

• Identify the cost of quality in software they have developed.

• Classify the different types of quality costs.

• Assess whether they have used the appropriate level of resources in their software development activities to achieve the desired level of quality.

DH Case Study Artifacts

• DH Development Process Script (Table 2.1)

Exercise Description

1. As preparation for the exercise, read Chapter 1 and the Case Study Artifact listed above.

2. You will be assigned to a small development team (like the DH Team).

3. Each team meets, organizes, and carries out the following activities:

   • Each member of team discusses the following items:

     • The quality of their software development activities.

     • The defect life cycle in software they have developed.

     • The cost of quality in software they have developed.

     • Whether they have used the appropriate level of resources in their software development activities to achieve the desired level of quality.

   • The team identifies the most significant quality issues in the team’s discussion of their software activities and summarizes them in a report.

4. Choose one member of the team to present the team’s quality report.

Exercise 3.3: Software Quality Assurance Planning

After Massood’s discussion of the SQA planning, Disha Chandra lead the team in a discussion SQA planning.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Describe the elements of SQA planning.

• Determine the scope and extent of SQA planning needed for a moderate sized project.

• Determine which elements of SQAP, specified in [IEEE 730], are appropriate for DigitalHome project.

DH Case Study Artifacts

• DH Development Process Script

• DH HLRD

• IEEE Standard for Software Quality Assurance Processes [IEEE 730]

Exercise Description

1. As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above.

   You will be assigned to a small development team (like the DH Team).

2. Each team meets, organizes, and carries out the following activities:

   1. Determine which elements of SQAP, specified in [IEEE 730], are appropriate for DigitalHome project.

   2. Determine the purpose and scope of the SQA activities.

   3. Describe the DH project’s SQA organization structure. What are its roles and responsibilities?

   4. Decide how problem reports are collected, who will see those data, and what procedures should be followed for implementing the appropriate corrective actions.

   5. Choose one member of the team to report to the class on the team’s quality planning activity.

Exercise 3.4: DH Quality Measurement Strategy

After Massood’s discussion of quality measurement, Disha Chandra decided the team needed to create a quality measurement strategy.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Understand the value of software measurement.

• Measure software and software development data.

• Analyze and use measured data.

DH Case Study Artifacts

• DH HLRD

• DH Development Process Script

Exercise Description

1. As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above. You will be assigned to a small development team (like the DH Team). Each team meets, organizes, and carries out the below described activity.

2. The team discusses how to develop a quality measurement strategy and what elements it should contain. As part of this discussion, the team answers the below questions:

   • Why we need to measure?

   • What we need to measure?

   • How to conduct these measurements?

   • What to do with the data collected?

3. Each team answers the questions in writing and chooses one member of their team to report to the class on the group’s conclusions.

Exercise 3.5: DH Goal/Question/Metric

Disha asked the team to use the GQM technique to evaluate the effectiveness of the coding standard being considered for the DH project: Java Code Conventions [Sun 1997].

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Describe the GQM technique.

• Use the GQM techniques determine the goals, questions, and metrics to solve a problem.

• Explain the values of software metrics and how they may be used.

DH Case Study Artifacts

• DH HLRD

• DH Development Process Script

Exercise Description

• As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above. You will be assigned to a small development team (like the DH Team). Each team meets, organizes, and carries out the below described activity.

  1. Acting as the DH Team, the team examines the (GQM) method to select metrics that could be used to assess the appropriateness of using Java Code Conventions [Sun 1997] as the coding standards for DH code. Determine the following:

     1. A statement of a quality goal (or goals).

     2. Questions about the goal.

     3. Metrics appropriate for answering the questions.

     4. Issues, problems, or costs in collecting the metrics.

  2. Each team describes, in writing, the results of its GQM exercise and reports the results to the class.

Exercise 3.6: Requirements Inspection

After the discussion Quality Reviews, Disha Chandra asked the team to practice a requirements inspection on the DH HLRD.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Organize and perform a requirements specification inspection.

• Appreciate the value of an inspection.

• Develop correct requirements statements.

DH Case Study Artifacts

• DH HLRD

• DH Development Process Script

Exercise Description

• As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above. You will be assigned to a small development team (like the DH Team). Each team meets, organizes, and carries out the below described activity.

  1. Acting as the DH Team, the team organizes as an inspection team: roles are assigned (e.g., moderator, recorder, etc.); material is prepared for recording defect and inspection time. Then, the team carries out the following activities:

     1. Inspectors inspect the HLRD in Chapter 1, and record defects found, and time spent.

     2. The inspection team meets and discusses the defects found.

     3. The team agrees on defects in the product and discusses needed product rework.

     4. The team prepares a report on the inspection.

  2. One of the team member reports to the class on the team’s inspection.

Exercise 3.7: Code Review

After the discussion of Quality Reviews, Disha Chandra asked the team to practice a code review on pseudocode for a program unit.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Perform a code review of a software code unit.

• Understand the value of a careful code review.

• Use code review data to improve reviewing effectiveness.

DH Case Study Artifacts

• DH Development Process Script

Exercise Description

• As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above. You will be assigned to a small development team (like the DH Team). Each team meets, organizes, and carries out the below described activity.

  1. Acting as the DH Team, each member of the team acts as code reviewer. Then, each reviewer carries out the following activities:

     1. Reviews the below gcd (greatest common divisor) procedure, and records defects found and time spent.

     2. The team meets and compares what reviewers found.

     3. The team agrees on defects in the procedure and discusses needed product rework.

     4. The team prepares a report on the code review.

  2. One of the team members reports to the class on the team’s code review.

Exercise 3.8: Unit Test Planning

After the discussion of Unit Testing, Georgia Magee asked the team to study a search algorithm and determine a set of test cases for the unit.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Determine a set of test cases for a software unit.

• Plan for effective testing of a software unit.

• Understand the differences between white-box testing and black-box testing.

DH Case Study Artifacts

• DH Development Process Script

Exercise Description

• As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above. You will be assigned to a small development team (like the DH Team). Each team meets, organizes, and carries out the below described activity.

  1. Acting as the DH Team, carries out the following activities:

     1. Each member reviews the below binarySearch procedure and develops a set of test cases for the procedure.

     2. The team meets and compares what the team members developed. There is a discussion of which test cases are related to black-box testing and which to white-box testing.

     3. The team agrees on a set of test cases to be used for testing the unit.

     4. The team prepares a report on unit test planning.

  2. One of the team members reports to the class on the team’s unit test planning.

Exercise 3.9: Integration Test Planning

After the discussion of Integration Testing, Georgia Magee asked the team to study a design diagram and determine a strategy for incremental development and integration testing.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Understand incremental development.

• Determine a strategy for integration testing.

• Understand the differences between top-down and bottom-up integration testing.

DH Case Study Artifacts

• DH Development Process Script

Exercise Description

• As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above. You will be assigned to a small development team (like the DH Team). Each team meets, organizes, and carries out the below described activity.

  1. Acting as the DH Team, carries out the following activities:

     1. Each member reviews the below DigitalHome Conceptual Design Diagram (Figure 2.11 in Chapter 2).

     2. The team meets and discusses in what order the modules/units will be developed and integrated. The team will decide on whether to implement a top-down or a bottom-up integration testing strategy.

     3. The team agrees on it strategy.

     4. The team prepares a report on integration testing.

  2. One of the team members reports to the class on the team’s discussion and decisions.

Exercise 3.10: Use Case Test Planning

After the discussion of System Testing, Georgia Magee asked the team to study a use case and then develop a test scenario for the use case.

Learning Objectives

Upon completion of this exercise, students will have increased ability to:

• Understand system test planning.

• Understand the structure of a use case.

• Develop a test scenario from a use case.

DH Case Study Artifacts

• DH Development Process Script

Exercise Description

• As preparation for the exercise, read Chapter 1 and the Case Study Artifacts listed above. You will be assigned to a small development team (like the DH Team). Each team meets, organizes, and carries out the below described activity.

  1. Acting as the DH Team, carries out the following activities:

     1. Each member reviews the below use case “Set Traffic Signal Properties”.

     2. Each member develops a test scenario (like the one in Figure 3.11) for the Set Traffic Signal Properties use case.

     3. The team meets and agrees on a team test scenario for the Set Traffic Signal Properties use case.

     4. The team prepares a report on the scenario.

  2. One of the team members reports to the class on the team’s discussion and decisions.

Use Case ID: UC3

Use Case Name: Set Traffic Signal Properties

Goal: Set/Change traffic signal properties

Primary Actors: Traffic Manager

Secondary Actors: TMS Database

Pre

Traffic Manager is logged into his/her account.

TMS Traffic Signal Configuration Page is displayed on User Display Device.

Post

All newly entered traffic signal properties have been stored in the TMS Database.

TMS Traffic Signal Configuration Page is displayed on User Display Device.

Main Success Scenario

Step	Actor Action	Step	System Reaction
1	Select “Set Traffic Signal Properties”.	2	Display “Select the traffic signal(s) for which you wish to set properties”.
3	Select one or more traffic signals.	4	Display “Enter Green Light duration (in seconds)”.
5	Enter seconds of Green Light duration.	6	Store Green Light duration for selected traffic signals in the TMS database.
		7	Display “Enter Red Light duration (in seconds)”.
8	Enter seconds of Red Light duration.	9	Store Red Light duration for selected traffic signals in the TMS database.
		10	Display “Enter Amber Light duration (in seconds)”.
11	Enter seconds of Amber Light duration.	10	Store Amber Light duration for selected traffic lights in the TMS database.
		12	Display “Do you wish to set the properties for other traffic signals? YES/NO?”
13A	Enter “YES”.	14A	Go to Step 1.
13B	Enter “NO”.	14B	Display TMS Traffic Signal Configuration Page.

UC GUIs: DH Configuration Page, DH Default Parameter Configuration Page

Exceptions (Alternative Scenarios of Failure):

At any time, User fails to make an entry.

1. Time out after five minutes and log out from the system.

   System detects a failure (loss of Internet connection, power loss, hardware failure, etc.).

2. Display an error message on the User Display Device.

3. System restores system data from TMS Database.

4. Log off user.

Use Cases Utilized: None

Notes and Issues: The duration of individual traffic signal states must be in the following duration ranges: Red [30–120 seconds], Green [30–120 seconds], and Amber [5–10 seconds]