COS 333 1

COS 333 2
COS 333 3
COS 333 4
COS 333 5
COS 333 6
COS 333 7
COS 333 8
COS 333 9
COS 333 10
COS 333 11
COS 333 12
 Software Quality Assurance
In this topic, you’ll learn about the principles, concepts, and techniques that are applied to manage and
control software quality. Also, these questions will be addressed:

1. What are the generic characteristics of high-quality software?

2. How do we review quality and how are effective reviews conducted?
3. What is software quality assurance?
4. What strategies are applicable for software testing?
5. What methods are used to design effective test cases?
6. Are there realistic methods that will ensure that software is correct?
7. How can we manage and control changes that always occur as software is built?
8. What measures and metrics can be used to assess the quality of requirements and design
models, source code, and test cases?

Once these questions are answered, you’ll be better prepared to ensure that high-quality software has
been produced.

What is quality?

Define quality in your own terms in relation to other things asides software engineering?

What is software quality?

Software quality can be defined as an effective software process applied in a manner that creates a
useful product that provides measurable value for those who produce it and those who use it.

From this definition, a software is seen as high quality if it is useful and creates measurable value for
those who produced it and those who use it. These can be considered as general characteristics of high
quality software.

Who is responsible for software quality?

Everyone—software engineers, managers, all stakeholders—involved in the software process is

responsible for quality.

If a software team stresses quality in all software engineering activities, it reduces the amount of rework
that would be done if needed, this results in lower costs, and more importantly, improved time to
market.

To achieve high-quality software, four activities must occur: proven software engineering process and
practice (This is the use of the various software engineering process already explained in earlier classes.
Practices in the various software processes need to be followed to get a high quality software), solid
project management, comprehensive quality control, and the presence of a quality assurance
infrastructure.

Quality Control
Quality control encompasses a set of software engineering actions that help to ensure that each work
product meets its quality goals. Models are reviewed to ensure that they are complete and consistent.
Code may be inspected in order to uncover and correct errors before testing commences. A series of
testing steps is applied to uncover errors in processing logic, data manipulation, and interface
communication. A combination of measurement and feedback allows a software team to tune the
process when any of these work products fail to meet quality goals.

Quality Control and testing are related but not the same. The software engineering body of knowledge
defines software quality control as the process of examining specific project artifacts (documents and
executables) and the output itself to determine whether they comply with the stated requirements,
constraints, designs, contracts and plan. The scope of quality control is not only the software but all
artifacts generated as part of the software. Quality control includes activities such as testing, reviews
and inspections.

Software Testing
The stage at which software testing happens depends solely on the process model used. In case of
waterfall model, testing happens immediately after implementation whereas in other process model,
testing happens during requirement gathering/ elicitation, design and implementation. But regardless of
the process model used, testing principles are the same.

Software Testing related Terms

1. Defect: This is a deficiency in a work product. Where the work product does not meet its
requirement/ specification.
2. Fault: This is a defect in source code. It can be an incorrect step, process, or data definition in a
program. If work product == software, then fault == defect.
3. Bug: This is a common term within a software engineering team. Fault is the formal definition of
a bug. Fault and bug can be used interchangeably.
4. Failure: This is an event where system or system component does not perform a required
function within specified limit. Failures are caused by fault.

From these definitions, the only thing that testing reveals is failure i.e. an undesired effect in system’s
service but it is the faults that must be repaired.

Testing requires planning which is regarded as a test plan. A test plan is a document that guides the
entire testing effort on scope, deliverables, roles and responsibilities, tools, testing method, activities,
schedules, success criteria, risk assessment etc.

Test scenario is a summarized description of what to test in a particular use case rather than how to test
it.

Test Cases is as a result of single test scenario. Test cases are detailed step by step description of
sequence for achieving a test scenario outcome. It includes sequence of testing steps, preconditions,
input data, expected output, actual output and post conditions. The Table 1 below gives an insight of
what a test case looks like for a flight reservation system.
 Table 1: This is a test case for a flight reservation use case

Test scripts: There are different opinions of what a test script is.

Opinion 1: A test script is a run of test case generated by a specific data. In the flight reservation use
case, this could be a run of test cases generated by using the same username and password.

Opinion 2: Test scripts are seen as automation scripts. That is that test scripts are used to automate the
run of test cases and then interpreted by automation tools. VBScript is an example of scripting language
used to automate test cases.

V-Shaped Model
This is a software process model just like waterfall, agile and other software process models. It is more
of a variation of waterfall model with emphasis on testing to not be considered after but during and
through requirements to coding. The V stands for verification and validation. Since this is a variation of
the waterfall model where each phase has to end before the next phase begins. In the v-shaped model
the only addition is that each phase goes through certain tests to verify and validate before going to the
next phase then after the coding phase these tests are performed in reverse order. Figure 1 below gives
an illustration of how the V-shaped model works.
 Figure 1: The V shaped model

Verification vs Validation

Verification is an attempt to ensure that the product is built correctly. Verification also ensures that the
output of an activity meets the specification imposed by previous activities. Therefore, verification
checks that the product conforms with the requirements and design specification.

Validation on the other hand ensures that the right product is built i.e. that the product fulfils its
intended purpose.

Test Techniques
Different test techniques can be used to detect failures
1. Specification based testing/ Functional Testing/ Conformance /Black box/ Closed- box
Testing:
This is a type of testing that examines software against specifications without examining code details.
Some techniques used here are:

a. Equivalence Partitioning: This technique divides input data into set of equivalence classes, this
could be based on the criteria of data that must be accepted/ rejected and then a set of test
cases for each class is designed. Since each set of test cases is designed for the same class of
data that means any defect found in one test case will likely be found in other cases of the same
set. This would therefore maximize the testing coverage with minimum number of test cases.
b. Boundary Value Analysis: This can be seen as another form of equivalence partitioning but only
test the system on and near the input domain boundaries.
 c. Robustness Testing: This is an extension of boundary value analysis where test cases are chosen
outside the input domain to test the program against unexpected inputs.
2. Code based Testing/ Structural Testing/ White-box/ Open-box Testing: This type of
testing examines the internal code and some techniques used here are:
a. Control Flow: This technique checks all the statement and/or statement block by
representing the control flow of a program by a notation/ flow graph which illustrates
sequence, conditions and loop statements. This would then test all paths or selected paths
and statements
b. Data flow:
Quality Review

How is software quality different from software security?

Quality Assurance

Quality assurance establishes the infrastructure that supports solid software engineering methods,
rational project management, and quality control actions—all pivotal if you intend to build high-quality
software. In addition, quality assurance consists of a set of auditing and reporting functions that assess
the effectiveness and completeness of quality control actions. The goal of quality assurance is to provide
management and technical staff with the data necessary to be informed about product quality, thereby
gaining insight and confidence that actions to achieve product quality are working. Of course, if the data
provided through quality assurance identifies problems, it is management’s responsibility to address the
problems and apply the necessary resources to resolve quality issues.

Track quality by examining the results of all quality control activities, and measure quality by examining
errors before delivery and defects released to the field.

Quality Management presents the concepts, procedures, techniques, and methods that enable a
software team to assess software quality, review software engineering work products, conduct Software
Quality Assurance procedures, and apply an effective testing strategy and tactics.

Quality Attributes

Hewlett-Packard [Gra87] developed a set of software quality attributes that has been given the acronym
FURPS—functionality, usability, reliability, performance, and supportability. The FURPS quality attributes
represent a target for all software design:

 Functionality is assessed by evaluating the feature set and capabilities of the program, the
generality of the functions that are delivered, and the security of the overall system.
 Usability is assessed by considering human factors, overall aesthetics, consistency, and
documentation.
 Reliability is evaluated by measuring the frequency and severity of failure, the accuracy of
output results, the mean-time-to-failure (MTTF), the ability to recover from failure, and the
predictability of the program.
  Performance is measured using processing speed, response time, resource consumption,
throughput, and efficiency.
 Supportability combines extensibility, adaptability, and serviceability. These three attributes
represent a more common term, maintainability— and in addition, testability, compatibility,
configurability (the ability to organize and control elements of the software configuration), the
ease with which a system can be installed, and the ease with which problems can be localized.
Not every software quality attribute is weighted equally as the software design is developed.
One application may stress functionality with a special emphasis on security. Another may
demand performance with particular emphasis on processing speed. A third might focus on
reliability. Regardless of the weighting, it is important to note that these quality attributes must
be considered as design commences, not after the design is complete and construction has
begun.

Quality Assurance

This concept can be mistaken for software testing but they are different. Quality assurance is all about
processes, practices and standards. The software engineering body of knowledge from IEEE says that
quality assurance is a set of activities that define and assess that the software processes are appropriate
and produce software products of suitable quality for their intended purposes. Therefore, this simply
shows that software assurance is about software process definition, software process measurement and
continuous improvement.