Marathwada Mitra Mandals Polytechnic

DEPARTMENT OF COMPUTER ENGINEERING

Software Engineering
Editor :- Mr. Shinde M.B
MM Polytechnic, Pune Department of Computer Engineering

Contents
1 Project Scheduling:- 2
1.1 Project Scheduling Principles:- . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Work Breakdown Structure:- . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 Activity Network:- . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.4 Project Scheduling Techniques:- . . . . . . . . . . . . . . . . . . . . . 6
1.5 Difference Between PERT and CPM . . . . . . . . . . . . . . . . . . 13

2 Project Tracking:- 13
2.1 Timeline Charts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.1.1 How to make a timeline chart . . . . . . . . . . . . . . . . . . 14
2.1.2 Gantt chart:- . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
2.2 Earned Value Analysis:- . . . . . . . . . . . . . . . . . . . . . . . . . 16

3 Software Quality Management vs Software Quality Assurance. 18

3.1 Software Quality Management:- . . . . . . . . . . . . . . . . . . . . . 18
3.2 Software Quality Assurance (SQA):- . . . . . . . . . . . . . . . . . . 19

4 Software Quality Assurance vs Software Quality Control- 21

5 Quality Evaluation Standards. 21

5.1 Six Sigma:- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.1.1 ISO for software. . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.2 Capability Maturity Model(CMMI). . . . . . . . . . . . . . . . . . . . 25

6 software security. 26
6.1 DevOps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

1
MM Polytechnic, Pune Department of Computer Engineering

1 Project Scheduling:-
1. Scheduling in project management is the listing of activities, deliverable, and
milestones within a project.
2. A schedule also usually includes the planned start and finish date, duration,
and resources assigned to each activity.
3. Effective project scheduling is a critical component of successful time manage-
ment.
4. Software project scheduling can be defined as an activity that distributes the
estimated effort across the planned project duration by allocating the effort to
specific software engineering tasks.
5. Simply one can say that project schedule is a tool which communicates What
works has to be performed, Who will perform the work and Time duration
within which that work needs to be completed.
6. The project schedule is the mechanism that communicates what work needs to
be performed, which resources of the organization will perform the work and
the time frames in which that work needs to be performed.
7. The project schedule should reflect all of the work associated with delivering
the project on time.
8. Without a full and complete schedule, the project manager will be unable to
communicate the complete effort, in terms of cost and resources, necessary to
deliver the project.
9. Project Scheduling in a project refers to roadmap of all activities to be done
with specified order and within time slot allotted to each activity.
10. Project managers tend to define various tasks, and project milestones and
arrange them keeping various factors in mind.
11. They look for tasks lie in critical path in the schedule, which are necessary
to complete in specific manner (because of task interdependency) and strictly
within the time allocated.
12. Arrangement of tasks which lies out of critical path are less likely to impact
over all schedule of the project.

1.1 Project Scheduling Principles:-

There are seven principles of software project scheduling :

2
MM Polytechnic, Pune Department of Computer Engineering

1. Modulation :
A given software project is divided into a number of manageable activities.
The project is divided into a number of small tasks.
2. Interdependancy :
Interdependent tasks are accomplished first. Certain tasks occur in sequence
whereas other tasks occur in parallel. Therefore tasks which occur in sequence
has to be performed in a sequential order since the output of one task will be
the input of the next task. Other tasks can occur independently.
3. Time Allocation :
Each and every task has to be assigned a specific time period i.e a start date
and a completion date based on whether the work will be performed in a full
time or part time basis.
4. Effort Validation :
Every project is assigned to a software team. The project manager has to
make sure that the effort allocated should not be more than the number of
people available to do the work.
5. Defined Responsibilities :
Each of the scheduled task is assigned to a specific member of the software
team.
6. Defined Outcomes :
Each task has a defined outcome. Work product is the outcome of a software
project.
7. Defined Milestones :
Every task is associated with a milestone. A milestone is an action or event
marking a significant change in development process.
These are the seven basic principles that guide software project scheduling.

1.2 Work Breakdown Structure:-

1. The WBS provides the foundation for all project management work, including,
planning, cost and effort estimation, resource allocation, and scheduling.
2. Dividing complex projects to simpler and manageable tasks is the process call
as Work Breakdown Structure (WBS).
3. Usually, the project managers use this method for simplifying the project
execution. In WBS, much larger tasks are broken down to manageable chunks
of work. These chunks can be easily supervised and estimated.

3
MM Polytechnic, Pune Department of Computer Engineering

4. WBS is not restricted to a specific field when it comes to application. This

methodology can be used for any type of project management.
5. In this WBS construction Identifying the main deliverable of a project is the
starting point for deriving a work breakdown structure.
6. In the process of breaking down the tasks, one can break them down into
different levels of detail. One can detail a high-level task into ten sub-tasks
while another can detail the same high-level task into 20 sub-tasks.
7. Therefore, there is no hard and fast rule on how you should breakdown a task
in WBS. Rather, the level of breakdown is a matter of the project type and
the management style followed for the project.
8. In general, there are a few ”rules” used for determining the smallest task chunk.
In ”two weeks” rule, nothing is broken down smaller than two weeks worth of
work.
9. Following is a sample WBS diagram:

Figure 1: Work breakdown structure

10. Following are a few reasons for creating a WBS in a project:

• Accurate and readable project organization.
• Accurate assignment of responsibilities to the project team.

4
MM Polytechnic, Pune Department of Computer Engineering

• Indicates the project milestones and control points.

• Helps to estimate the cost, time and risk.
• Illustrate the project scope, so the stakeholders can have a better under-
standing of the same.
11. In addition to the general use of WBS, there is specific objective for deriving
a WBS as well. WBS is the input for Gantt charts, a tool that is used for
project management purpose.

1.3 Activity Network:-

1. An Activity Network Diagram (AND) is also called an Arrow Diagram (be-
cause the pictorial display has arrows in it) or a PERT (Program Evaluation
Review Technique) Diagram, and it is used for identifying time sequences of
events which are pivotal to objectives.
2. In Critical Path Analysis this helps the teams to comprehend specific event
sequences driving time requirements for objective achievement.
3. Activity Network Diagrams are also very useful when a project has multiple
activities which need simultaneous management.
4. An Activity Network Diagram helps to find out the most efficient sequence
of events needed to complete any project. It enables you to create a realistic
project schedule by graphically showing
• the total amount of time needed to complete the project.
• The sequence in which tasks must be carried out.
• Which tasks can be carried out at the same time.
• Which are the critical tasks that you need to keep an eye on.
5. A project is composed of a set of actions or tasks which usually have some
kind of interdependency.
6. For example, before an axle can be turned, it must first be designed, the metal
must be purchased, etc.
7. This type of complex system is much easier to understand through the use of
diagrams than through textual description, as actual interconnections between
tasks can be shown.

5
MM Polytechnic, Pune Department of Computer Engineering

8. The Activity Network diagram displays interdependencies between tasks through

the use of boxes and arrows.
9. Arrows pointing into a task box come from its predecessor tasks, which must
be completed before the task can start.
10. Arrows pointing out of a task box go to its successor tasks, which cannot start
until at least this task is complete.
11. You can draw the activity network diagram easily with draw

Figure 2: Activity Network diagram

1.4 Project Scheduling Techniques:-

1. CPM:-
(a) A critical path in project management is certain tasks that need to be
performed in a clear order and for a certain period.
(b) If part of one task can be slowed down or postponed for a term without
leaving work on others, then such a task is not critical.
(c) While tasks with a critical value cannot be delayed during the implemen-
tation of the project and are limited in time.
(d) Critical Path Method (CPM) is an algorithm for planning, managing and
analyzing the timing of a project.
(e) The step-by-step CPM system helps to identify critical and non-critical
tasks from projects’ start to completion and prevents temporary risks.

6
MM Polytechnic, Pune Department of Computer Engineering

(f) Critical tasks have a zero run-time reserve. If the duration of these tasks
changes, the terms of the entire project will be ”shifted.” That is why
critical tasks in project management require special control and timely
detection of risks.
(g) The method was developed by one of the American companies in 1957.
Its employees planned to close, repair and restart chemical plants.
(h) The tasks in this project were numerous and complex; that’s why they
required such a method.
(i) After that, Critical Path Method was quickly spread to agricultural and
construction projects where people wanted to learn how to avoid routine
tasks.
(j) Today, this method of identifying critical tasks is widely used in many
industries, including software development.

Figure 3: Critical Path Method.

(k) Advantages of CPM:

• Critical path analysis is required in order to predict the timing of
project’s completion.
• The method visualizes projects in a clear graphical form.
• It defines the most important tasks.
• Saves time and helps in the management of deadlines.
• Helps to compare the planned with the real status.

7
MM Polytechnic, Pune Department of Computer Engineering

• Identifies all critical activities that need attention.

• Makes dependencies clear and transparent.
(l) Disadvantages of CPM:
• It is believed that the methodology was developed for routine and
complex projects with the possibility of a minimum change in the
completion time of tasks. CPM loses its usefulness in more chaotic
projects.
• There are alternatives, for example, PERT-diagrams, which allow
changing the duration of each activity.
• A critical path imitates events and activities in a project, present-
ing them in an interconnected network. Activities are rendered as
”nodes,” and the beginning and end of the activities look like arches
and lines between nodes.
2. PERT:-
(a) PERT stands for Program Evaluation Review Technique, a methodology
developed by the U.S. Navy in the 1950s to manage the Polaris submarine
missile program.
(b) A PERT chart is a project management tool that provides a graphical
representation of a project’s timeline.
(c) A PERT chart, sometimes called a PERT diagram, is a project man-
agement tool used to schedule, organize and coordinate tasks within a
project.
(d) It provides a graphical representation of a project’s timeline that allows
project managers to break down each individual task in the project for
analysis.
(e) The PERT chart template uses nodes, drawn as rectangles or circles,to
represent events and milestones throughout the project.
(f) The nodes are connected by vectors, drawn as lines which represent the
various tasks that need to be completed.
(g) PERT charts provide project managers with an estimation of the mini-
mum amount of time needed to complete a project.
(h) Managers can also analyze the work breakdown and task connections as
well as assess the risk associated with the project.

8
MM Polytechnic, Pune Department of Computer Engineering

(i) The breakdown structure makes it easy to organize a complex project

with a variety of moving parts by visualizing the dependencies between
each step of the process.
(j) A PERT chart presents a graphic illustration of a project as a network
diagram consisting of numbered nodes linked by labeled vectors. The
direction of the arrows on the lines indicates the sequence of tasks.
(k) When creating a PERT chart, project managers should follow the below
steps:
• Define all activities involved in the project.
• Consider any dependencies between tasks.
• Draw nodes and arrows based on the information gathered in the first
two steps.
• Identify the completion time for each task.
(l) Once the PERT chart is drawn, project managers can use it to develop a
realistic timeframe for the project.
(m) This can be done by finding the longest path, based on the estimations
entered.
(n) This path should include the tasks that take the longest to complete. By
adding together the time it takes to complete each task, an estimation
will be provided for how long the entire project will take.
(o) Once this is done, the PERT chart can then be used to adjust the times if
circumstances change or to ensure the project is finished by its designated
deadline.
(p) In the diagram, for example, the tasks between nodes 1, 2, 4, 8 and 10
must be completed in sequence. These are called dependent or serial
tasks.
(q) The tasks between nodes 1 and 2, and nodes 1 and 3 are not depen-
dent on the completion of one to start the other and can be undertaken
simultaneously.
(r) These tasks are called parallel or concurrent tasks. Tasks that must be
completed in sequence but that don’t require resources or completion time
are considered to have event dependency.
(s) These are represented by dotted lines with arrows and are called dummy

9
MM Polytechnic, Pune Department of Computer Engineering

activities. For example, the dashed arrow linking nodes 6 and 9 indicates
that the system files must be converted before the user test can take
place, but that the resources and time required to prepare for the user
test (writing the user manual and user training) are on another path.
(t) Numbers on the opposite sides of the vectors indicate the time allotted
for the task.

Figure 4: PERT Example.

(u) When to use a PERT chart

• Determine the project’s critical path in order to guarantee all dead-
lines are met.
• Display the various interdependencies of tasks.

10
MM Polytechnic, Pune Department of Computer Engineering

• Estimate the amount of time needed to complete the project.

• Prepare for more complex and larger projects.
(v) Advantages of PERT charts
• The scheduling of project activities is done easily with the help of
PERT system by the project manager. This technique is more active
in large sophisticated project works. As PERT is event oriented
programming technique, three elements are necessary to define an
event.
• The PERT method will show the critical path in a well-defined man-
ner. The critical path is the path with activities that cannot be
delayed under any circumstances. A proper knowledge about the
stack values with limited conditions of dependencies will help the
project manager to bring fast and quality decisions that will favor
the project performance.
• The activity and the events are analyzed from the PERT networks.
These are analyzed independently as well as in combination. This
will give a picture about the likely completion of the project and the
budget.
• The various departments of the construction organization will deliver
data for the PERT activities. A good integration is developed be-
tween all the departments which will help in improving the planning
and the decision-making capabilities of the project team. The com-
bination of qualitative and quantitative values from a large amount
of data will help in improving the coordination of the project ac-
tivities. This will also improve the communication between various
departments of the organization.
• The possibilities and the various level of uncertainties can be studied
from the project activities by properly analyzing the critical path.
This type of analysis is called as what-if-analysis. For this various
sets of permutation and combination is conducted. Among them,
the most suitable combination is taken into consideration. This set
chosen will be the one with minimum cost, economy and best result.
This analysis helps to identify the risk associated with any activities.
(w) Disadvantages of PERT
• The method of PERT is a time oriented method, where the time
required to complete the respective activity is of higher importance.

11
MM Polytechnic, Pune Department of Computer Engineering

Hence the time determination of each activity and its allocation is

very much necessary. This is done based on an assumption and within
this time the work will be completed. If this is not the case issues
will arise.
• The activities for a project is identified based on the data available.
This is difficult in case of PERT as these are mostly applied for a
project that is newly conducted or those without repetitive nature.
The project dealt by PERT will be a fresh project data that make the
collection of information to be subjective in nature. This will bring
less accuracy on the time and the estimated time.There are chances
to have inaccuracy and bias in the sources of data. This makes it
unreliable. As this is not repetitive in nature, there is no sense in
bringing the records from the past historical data.
• As there is not past records or assistance to bring an outline for the
project, predictions take their role. The overall project may move to
total loss if the predictions and the decisions are inaccurate. No trial
and error method can be employed.
• As this method is carried out based on predictions in overall, they
find too expensive in terms of methods employed, the time consumed
and the resources used.
• This method is highly labor intensive in nature. As there are chances
of increase in project activities large and complicated networks are
developed as many task dependencies come into existence. If two
activities share common resources, this technique won;t find very apt
for the project.

12
MM Polytechnic, Pune Department of Computer Engineering

1.5 Difference Between PERT and CPM

2 Project Tracking:-
2.1 Timeline Charts
1. A timeline chart is an effective way to visualize a process using chronological
order. Since details are displayed graphically, important points in time can be
easy seen and understood.
2. Often used for managing a project’s schedule, timeline charts function as a
sort of calendar of events within a specific period of time.
3. Timeline charts illustrate events, in chronological order — for example the
progress of a project, advertising campaign, acquisition process — in whatever
unit of time the data was recorded — for example week, month, year, quarter.
4. To generate a Timeline chart, the data must be formatted as Date — these
are the only charts for which the data selected is not formatted as Number.
5. The chart is based on the selection of two date-formatted line items repre-
senting a start and an end date. for Staying on track can be a struggle. By

13
MM Polytechnic, Pune Department of Computer Engineering

incorporating a timeline chart into your project, it becomes much easier to see
what needs to be done, how long it will take, and what the next steps are.
6. Since each steps is documented along an easy to follow timescale, there’s no
misunderstanding of when goals should be met and how many hours a project
should take.

2.1.1 How to make a timeline chart

(a) Begin by listing each milestone throughout your project.
(b) Place these milestones along a horizontal line, from start to finish.
(c) Associate each step with a specific date to represent a deadline.
(d) Include titles to clarify key points along the process (phases, testing,
planning, etc.).

Figure 5: Timeline Chart

14
MM Polytechnic, Pune Department of Computer Engineering

2.1.2 Gantt chart:-

1. Many people have never heard of a Gantt. Simply put, a Gantt chart is a
visual view of tasks scheduled over time.
2. Gantt charts are used for planning projects of all sizes and they are a useful
way of showing what work is scheduled to be done on a specific day. They also
help you view the start and end dates of a project in one simple view.
3. Gantt charts shows the dependency relationships between activities and cur-
rent schedule status.
4. A Gantt chart, or harmonogram, is a type of bar chart[3][4] that illustrates a
project schedule.
5. This chart lists the tasks to be performed on the vertical axis, and time inter-
vals on the horizontal axis.
6. The width of the horizontal bars in the graph shows the duration of each
activity.
7. Gantt charts illustrate the start and finish dates of the terminal elements and
summary elements of a project.
8. Terminal elements and summary elements constitute the work breakdown
structure of the project.
9. Gantt charts are sometimes equated with bar charts.
10. Gantt charts are usually created initially using an early start time approach,
where each task is scheduled to start immediately when its prerequisites are
complete.
11. This method maximizes the float time available for all tasks.
12. On a Gantt chart you can easily see:
• The start date of the project.
• What the project tasks are.
• Who is working on each task.
• When tasks start and finish.
• How long each task will take.
• How tasks group together, overlap and link with each other.
• The finish date of the project.

15
MM Polytechnic, Pune Department of Computer Engineering

13. A Gantt chart, commonly used in project management, is one of the most pop-
ular and useful ways of showing activities (tasks or events) displayed against
time.
14. On the left of the chart is a list of the activities and along the top is a suitable
time scale.
15. Each activity is represented by a bar; the position and length of the bar reflects
the start date, duration and end date of the activity.

Figure 6: Timeline Chart

2.2 Earned Value Analysis:-

(a) Earned Value Analysis (EVA) provides a useful way to then monitor how
well you are doing against your overall plan and budget over time.
(b) This analysis can help you make critical decisions that will affect the
value you ultimately receive from your efforts.
(c) Earned Value Analysis (EVA) is a method that allows the project man-
ager to measure the amount of work actually performed on a project
beyond the basic review of cost and schedule reports.

16
MM Polytechnic, Pune Department of Computer Engineering

(d) EVA provides a method that permits the project to be measured by

progress achieved.
(e) The project manager is then able, using the progress measured, to forecast
a project’s total cost and date of completion, based on trend analysis or
application of the project’s “burn rate”.
(f) This method relies on a key measure known as the project’s earned value.
(g) This budgeted cost of work performed measure enables the project man-
ager to compute performance indices or burn rates for cost and schedule
performance, which provides information on how well the project is doing
or performing relative to its original plans.
(h) These indices, when applied to future work, allow for to project manager
to forecast how the project will do in the future, assuming the burn rates
will not fluctuate, which oftentimes is a large assumption.
(i) Earned Value Analysis (EVA) is one of the key tools and techniques used
in Project Management, to have an understanding of how the project is
progressing.
(j) EVA implies gauging the progress based on earnings or money. Both,
schedule and cost are calculated on the basis of EVA.
(k) Advantages of EVA:-
• Earned Value Analysis is an objective method to measure project
performance in terms of scope, time and cost.
• EVA metrics are used to measure project health and project perfor-
mance.
• Earned Value Analysis is a quantitative technique for assessing progress
as the software project team moves through the work tasks, allocated
to the Project Schedule.
• EVA provides a common value scale for every project task.
• Total hours to complete the project are estimated and every task is
given an Earned Value, based on its estimated (
• Earned Value is a measure of ‘Progress’ to assess ‘Percentage of Com-
pleteness’.

17
MM Polytechnic, Pune Department of Computer Engineering

(l) Disadvantages of EVA:-

• EVA provides different measures of progress for different types of
tasks. It is the single way for measuring everything in a project.
• Provides an ‘Early Warning’ signal for prompt corrective action. The
types of signals can be the following:
i. Bad news does not age well – Holding on to the bad news does not
help. The project manager needs to take an immediate action.
ii. Still time to recover – In case, the project is not going as per
schedule and may get delayed, the situation is needed to be taken
care of by finding out the reasons that are causing delay and
taking the required corrective action.

3 Software Quality Management vs Software Qual-

ity Assurance.
3.1 Software Quality Management:-
1. Software Quality Management is a process that ensures the required level of
software quality is achieved when it reaches the users, so that they are satisfied
by its performance.
2. The process involves quality assurance, quality planning, and quality control.
3. Software Quality Management ensures that the required level of quality is
achieved by submitting improvements to the product development process.
4. SQA aims to develop a culture within the team and it is seen as everyone’s
responsibility.
5. Software Quality management should be independent of project management
to ensure independence of cost and schedule adherences.
6. It directly affects the process quality and indirectly affects the product quality.
7. Activities of Software Quality Management:-
(a) Quality Assurance - QA aims at developing Organizational procedures
and standards for quality at Organizational level.
(b) Quality Planning - Select applicable procedures and standards for a
particular project and modify as required to develop a quality plan.

18
MM Polytechnic, Pune Department of Computer Engineering

(c) Quality Control - Ensure that best practices and standards are followed
by the software development team to produce quality products.

3.2 Software Quality Assurance (SQA):-

1. A Quality is extremely hard to define, and it is simply stated: ”Fit for use or
purpose.” It is all about meeting the needs and expectations of customers with
respect to functionality, design, reliability, durability, price of the product.
2. Assurance is nothing but a positive declaration on a product or service, which
gives confidence. It is certainty of a product or a service, which it will work
well. It provides a guarantee that the product will work without any problems
as per the expectations or requirements.
3. Quality Assurance (QA) is defined as an activity to ensure that an organization
is providing the best possible product or service to customers. QA focuses on
improving the processes to deliver Quality Products to the customer. An
organization has to ensure, that processes are efficient and effective as per the
quality standards defined for software products.
4. Software Quality Assurance (SQA) is simply a way to assure quality in the
software.
5. It is the set of activities which ensure processes, procedures as well as standards
suitable for the project and implemented correctly.
6. Software Quality Assurance is a process which works parallel to development
of a software.
7. It focuses on improving the process of development of software so that problems
can be prevented before they become a major issue.
8. Software Quality Assurance is a kind of an Umbrella activity that is applied
throughout the software process.
9. Phases of SQA is
• SQA Planning.
(a) The goal of SQA plan is to craft planning processes and procedures
to ensure products manufactured, or the service delivered by the
organization are of exceptional quality.
(b) During project planning, Test Manager makes an SQA plan where
SQA audit is scheduled periodically.

19
MM Polytechnic, Pune Department of Computer Engineering

• Activities.
(a) Quality assurance activities take place at each phase of development.
(b) nalysts use application technology to achieve high-quality specifica-
tions and designs.
(c) Technicians find problems with related software quality through meet-
ings.
(d) Tests are created by developers and/or dedicated testers for each
significant use case.
(e) Standards violations are identified and addressed throughout devel-
opment.
(f) Product/program managers ensure that feature/architecture/component
changes are made only after appropriate review.
(g) The team monitors statistics about defect discovery, severity and fix
rates.
• Review and Audit.
(a) Management Review: Management Review is also known as Software
Quality Assurance or (SQA).
(b) It focuses more on the software process rather than the software work
products.
(c) Quality Assurance is a set of activities designed to ensure that the
project manager follows the standard process which is already pre-
defined.
(d) In other words, Quality Assurance makes sure the Test Manager is
doing the right things in the right way.
(e) An audit is the examination of the work products and related in-
formation to assesses whether the standard process was followed or
not.

20
MM Polytechnic, Pune Department of Computer Engineering

4 Software Quality Assurance vs Software Qual-

ity Control-

5 Quality Evaluation Standards.

5.1 Six Sigma:-
1. Six Sigma is the process of producing high and improved quality output.
2. This can be done in two phases – identification and elimination. The cause of
defects is identified and appropriate elimination is done which reduces variation
in whole processes.
3. A six sigma method is one in which 99.99966 percentage of all the products to
be produced have the same features and are of free from defects.
4. The Characteristics of Six Sigma are as follows:
(a) Statistical Quality Control: Six Sigma is derived from the Greek Let-
ter ? which denote Standard Deviation in statistics. Standard Deviation

21
MM Polytechnic, Pune Department of Computer Engineering

is used for measuring the quality of output.

(b) Methodical Approach:-The Six Sigma is not a merely quality improve-
ment strategy in theory, as it features a well defined systematic approach
of application in DMAIC and DMADV which can be used to improve
the quality of production. DMAIC is an acronym for Design-Measure-
Analyze-Improve-Control. The alternative method DMADV stands for
Design-Measure- Analyze-Design-Verify.
(c) Fact and Data-Based Approach:-The statistical and methodical as-
pect of Six Sigma shows the scientific basis of the technique. This accen-
tuates essential elements of the Six Sigma that is a fact and data-based.
(d) Project and Objective-Based Focus:- The Six Sigma process is im-
plemented for an organization’s project tailored to its specification and
requirements. The process is flexed to suits the requirements and condi-
tions in which the projects are operating to get the best results.
(e) Customer Focus:- The customer focus is fundamental to the Six Sigma
approach. The quality improvement and control standards are based on
specific customer requirements.
(f) Teamwork Approach to Quality Management:- The Six Sigma pro-
cess requires organizations to get organized when it comes to controlling
and improving quality. Six Sigma involving a lot of training depending
on the role of an individual in the Quality Management team.
5. Six Sigma projects follow two project methodologies:
(a) DMAIC.
It specifies a data-driven quality strategy for improving processes. This
methodology is used to enhance an existing business process.The DMAIC
project methodology has five phases:
i. Define:- It covers the process mapping and flow-charting, project
charter development, problem-solving tools, and so-called 7-M tools.
ii. Measure:- It includes the principles of measurement, continuous and
discrete data, and scales of measurement, an overview of the principle
of variations and repeatability and reproducibility (RR) studies for
continuous and discrete data.
iii. Analyze:- It covers establishing a process baseline, how to determine
process improvement goals, knowledge discovery, including descrip-
tive and exploratory data analysis and data mining tools, the ba-

22
MM Polytechnic, Pune Department of Computer Engineering

sic principle of Statistical Process Control (SPC), specialized control

charts, process capability analysis, correlation and regression analy-
sis, analysis of categorical data, and non-parametric statistical meth-
ods.
iv. Improve:- It covers project management, risk assessment, process
simulation, and design of experiments (DOE), robust design concepts,
and process optimization.
v. Control:- It covers process control planning, using SPC for opera-
tional control and PRE-Control.
(b) DMADV
It specifies a data-driven quality strategy for designing products and pro-
cesses. This method is used to create new product designs or process
designs in such a way that it results in a more predictable, mature, and de-
tect free performance. The DMADV project methodology has five phases:
i. Define:- It defines the problem or project goal that needs to be
addressed.
ii. Measure:- It measures and determines the customer’s needs and
specifications.
iii. Analyze:- It analyzes the process to meet customer needs.
iv. Design:- It can design a process that will meet customer needs.
v. Verify:- It can verify the design performance and ability to meet
customer needs.
6. Advantages of Six Sigma.
• Generates sustained success.
• Sets a performance goal for everyone.
• Enhances value to customers
• Accelerates the rate of improvement.
• Promotes learning and cross-pollination.
• Executes strategic change.

23
MM Polytechnic, Pune Department of Computer Engineering

5.1.1 ISO for software.

1. ISO (International Standards Organization) is a group or consortium of 63
countries established to plan and fosters standardization.
2. ISO declared its 9000 series of standards in 1987. It serves as a reference for
the contract between independent parties.
3. The ISO 9000 standard determines the guidelines for maintaining a quality
system.
4. The ISO standard mainly addresses operational methods and organizational
methods such as responsibilities, reporting, etc.
5. ISO 9000 defines a set of guidelines for the production process and is not
directly concerned about the product itself.
6. Types of ISO 9000 Quality Standards.
• The ISO 9000 series of standards is based on the assumption that if a
proper stage is followed for production, then good quality products are
bound to follow automatically.
• The types of industries to which the various ISO standards apply are as
follows.
(a) ISO 9001:- This standard applies to the organizations engaged in
design, development, production, and servicing of goods. This is the
standard that applies to most software development organizations.
(b) ISO 9002:- This standard applies to those organizations which do
not design products but are only involved in the production. Exam-
ples of these category industries contain steel and car manufactur-
ing industries that buy the product and plants designs from exter-
nal sources and are engaged in only manufacturing those products.
Therefore, ISO 9002 does not apply to software development organi-
zations.
(c) ISO 9003:- This standard applies to organizations that are involved
only in the installation and testing of the products. For example,
Gas companies.
• How to get ISO 9000 Certification?
An organization determines to obtain ISO 9000 certification applies to
ISO registrar office for registration. The process consists of the following
stages:

24
MM Polytechnic, Pune Department of Computer Engineering

(a) Application:- Once an organization decided to go for ISO certifica-

tion, it applies to the registrar for registration.
(b) Pre-Assessment:- During this stage, the registrar makes a rough
assessment of the organization.
(c) Document review and Adequacy of Audit:- During this stage,
the registrar reviews the document submitted by the organization
and suggest an improvement.
(d) Compliance Audit:- During this stage, the registrar checks whether
the organization has compiled the suggestion made by it during the
review or not.
(e) Registration:- The Registrar awards the ISO certification after the
successful completion of all the phases.
(f) Continued Inspection:- The registrar continued to monitor the
organization time by time.

5.2 Capability Maturity Model(CMMI).

• The Capability Maturity Model Integration (CMMI) is a process and behav-
ioral model that helps organizations streamline process improvement and en-
courage productive, efficient behaviors that decrease risks in software, product
and service development.
• A maturity level is a well-defined evolutionary plateau toward achieving a
mature software process. Each maturity level provides a layer in the foundation
for continuous process improvement.
• It Focuses on elements of essential practices and processes from various bodies
of knowledge.
• It Describes common sense, efficient, proven ways of doing business (which you
should already be doing) - not a radical new approach.
• CMM is a method to evaluate and measure the maturity of the software de-
velopment process of an organizations.
• CMM measures the maturity of the software development process on a scale
of 1 to 5.
• CMM Integration project was formed to sort out the problem of using multiple
CMMs. CMMI Product Team’s mission was to combine three Source Models

25
MM Polytechnic, Pune Department of Computer Engineering

into a single improvement framework to be used by the organizations pursuing

enterprise-wide process improvement.
• The CMMI model breaks down organizational maturity into five levels.
• For businesses that embrace CMMI, the goal is to raise the organization up to
Level 5, the “optimizing” maturity level.
• Once businesses reach this level, they aren’t done with the CMMI. Instead,
they focus on maintenance and regular improvements.
• CMMI’s five Maturity Levels are:-
1. Initial:- Processes are viewed as unpredictable and reactive. At this
stage, “work gets completed but it’s often delayed and over budget.”
This is the worst stage a business can find itself in — an unpredictable
environment that increases risk and inefficiency.
2. Managed:- There’s a level of project management achieved. Projects are
“planned, performed, measured and controlled” at this level, but there
are still a lot of issues to address.
3. Defined:- At this stage, organizations are more proactive than reac-
tive. There’s a set of “organization-wide standards” to “provide guid-
ance across projects, programs and portfolios.” Businesses understand
their shortcomings, how to address them and what the goal is for im-
provement.
4. Quantitatively managed:- This stage is more measured and controlled.
The organization is working off quantitative data to determine predictable
processes that align with stakeholder needs. The business is ahead of
risks, with more data-driven insight into process deficiencies.
5. Optimizing:-Here, an organization’s processes are stable and flexible.
At this final stage, an organization will be in constant state of improving
and responding to changes or other opportunities. The organization is
stable, which allows for more “agility and innovation,” in a predictable
environment.

6 software security.
1. Software security is an idea implemented to protect software against mali-
cious attack and other hacker risks so that the software continues to function
correctly under such potential risks.

26
MM Polytechnic, Pune Department of Computer Engineering

2. Security is necessary to provide integrity, authentication and availability.

3. Any compromise to integrity, authentication and availability makes a software
unsecure.
4. Software systems can be attacked to steal information, monitor content, intro-
duce vulnerabilities and damage the behavior of software.
5. Malware can cause DoS (denial of service) or crash the system itself.
6. Software security concerns the methods used in controlling software that is
used to run the operating system or utility software that supports the running
of the operating systems and applications.
7. Software security refers to the protection of the programs that are either
bought from an outside vendor or are created in-house by the user.

6.1 DevOps.
1. DevOps is a term for a group of concepts that, while not all new, have cat-
alyzed into a movement and are rapidly spreading throughout the technical
community.
2. Like any new and popular term, people may have confused and sometimes
contradictory impressions of what it is.
3. DevOps is the practice of operations and development engineers participating
together in the entire service lifecycle, from design through the development
process to production support.
4. DevOps is also characterized by operations staff making use many of the same
techniques as developers for their systems work.
5. DevOps is a new term emerging from the collision of two major related trends.
6. The first was also called “agile infrastructure” or “agile operations”; it sprang
from applying Agile and Lean approaches to operations work.
7. The second is a much expanded understanding of the value of collaboration
between development and operations staff throughout all stages of the devel-
opment lifecycle when creating and operating a service, and how important
operations has become in our increasingly service-oriented world (cf. Opera-
tions: The New Secret Sauce).

27