Chapter 7 - Software Development1 Chapter 7 Software Development A Textbook aimed at protecting consumers Software Quality Links Ian Foster and Grid Computing The Risks Digest A Textbook aimed at protecting consumers Software Quality Links Ian Foster and Grid Computing The Risks Digest

Chapter 7 - Software Development2 Chapter 7 - Objectives 1.Discuss the need for quality software in business systems, industrial process control systems, and consumer products. 2.Discuss the ethical issues in software manufacturing. 3.Identify the four most common types of software product liability claims. 4.Identify the essential components of a software development methodology. 5.Discuss the use of the Capability Maturity Model. 6.Define what a “safety-critical” system is.

Chapter 7 - Software Development3 Strategies to Engineer Quality Systems A software defect is any error that, if not removed, would cause a system to fail to meet the needs of its users. Software quality is the degree to which the attributes of a software product enable it to meet the needs of its users.

Chapter 7 - Software Development4 Strategies to Engineer Quality Systems Quality management address how to define, measure, and refine the quality of the information systems development process and product. Deliverables are the items developed during the development process (flowcharts, documentation, software, etc.)

Chapter 7 - Software Development5 Software Quality Software is used to control many business and industrial processes. The impact of a software defect can be devastating and result in upset customers and the eventual loss or reduction in revenue.

Chapter 7 - Software Development6 Legal Overview Product liability is the liability of manufacturers, sellers, leasers, and others for the injuries caused by defective products. Strict liability means that the defendant is responsible for injuring another person regardless of negligence or intent.

Chapter 7 - Software Development7 Legal Overview Under negligence, a software supplier cannot be held responsible for every product defect that causes customer or third party loss. Responsibility is limited to harmful defects that could have been detected and corrected through “reasonable” software development practices. Legal Fix for Software Flaws?

Chapter 7 - Software Development8 Legal Overview Warranty assures the buyer that a product meets certain standards of quality. If a product fails to meets its warranty, the customer can sue the seller for breach of warranty. Intentional misrepresentation occurs when a seller misrepresents the quality of a product. Open Source—who’s responsible? An interesting articleAn interesting article

Chapter 7 - Software Development9 From: OslerOsler In assessing whether a design defect is present, the factors that the court will consider, frequently with the assistance of expert evidence, will include: The utility of the product and the likelihood of injury resulting from its use; Whether the design was influenced by a desire to prevent more likely types of injuries; The extent of the testing done during the design process; Whether there were internally or externally established standards which were breached; The availability of alternative designs that could have reduced or eliminated the risks at a reasonable cost and with limited impact on functionality; The reasonable expectations of safety and utility of consumers or users of the product.

Chapter 7 - Software Development10 Software Development Process Developing information system software is a complex activity. A system development methodology enables systems analysts, programmers, project managers, and others to make controlled and orderly progress in developing high-quality software.

Chapter 7 - Software Development11 System Development Process Software quality assurance refers to those methods within the software development methodology that are used to guarantee that software being developed will operate reliably.

Chapter 7 - Software Development12 System Testing Dynamic testing is testing code by entering test data and comparing actual results to expected results. –Black-box testing involves viewing the software unit as a device that has expected input and output behaviors but whose internal workings are unknown. –White-box testing involves viewing the software unit as a device that has expected input and output behaviors but whose internal workings are known.

Chapter 7 - Software Development13 System Testing Static testing is running an analyzer software that looks for suspicious patterns in programs that might indicate a software defect. Integration testing ensures that all linkages among various subsystems work successfully.

Chapter 7 - Software Development14 System Testing System testing is conducted to test the entire system as a complete entity. User acceptance testing is an independent test performed by trained end users to ensure that the system operates as expected from their viewpoints.

Chapter 7 - Software Development15 Capability Maturity Model ® Carnegie Mellon Institute developed the Capability Maturity Model for Software. It defines five levels of software development process maturity and identifies the issues most critical to software quality and process improvement.

Chapter 7 - Software Development16 Capability Maturity Model Maturity LevelDescriptionPercentage of Companies Assessed To Be At This Level As of December —PerformedThe software development process is not standard and frequently fails to meet quality, cost, and schedule objectives. 25% 2— ManagedThe software development process is planned, performed, monitored, and controlled; it frequently achieves the desired cost, schedule, and quality objectives. 40% 3—DefinedThe software development process is managed and any deviations (beyond those allowed by customization guidelines) are documented, justified, reviewed, and approved. 24% 4—Quantitatively Managed The software development process is controlled using statistical and other quantitative techniques throughout the duration of the project. 6% 5—OptimizingThe software development process is continuously improved through both incremental and innovative improvements. 7%

Chapter 7 - Software Development17 Development of Safety-Critical Systems A safety-critical system is one whose failure may cause injury or death to human beings. Risk is the product of probability of an undesirable event occurring times the magnitude of the consequence of the event happening. Therac-25 example

Chapter 7 - Software Development18 Development of Safety Critical Systems Redundancy is the provision of multiple interchangeable components to perform a single function in order to cope with failures and errors. Reliability is the probability of a component or system performing its mission over a certain length of time.

Chapter 7 - Software Development19 Development of Safety- Critical Systems One of the most important and difficult areas of safety-critical systems design is the human-system interface. Poor human-system interfaces can greatly increase risk, sometimes with tragic consequences. (Risks Digest)Risks Digest

Chapter 7 - Software Development20 Quality Management Standards The International Organization for Standardization issued the ISO series of business management standards in ISO 9000 is a series of formal standards to follow when developing quality information systems.

Chapter 7 - Software Development21 ISO 9000 To be ISO 9000 certified, a company must do three things: –Have written procedures for everything they do. –Follow those procedures. –Prove to an auditor that they have written procedures and that they follow them.

Chapter 7 - Software Development22 ISO 9000 ISO 9001 – Design, development, production, installation, service ISO 9002 – Production, installation, service ISO 9003 – Final inspection and test ISO 9004 – Quality management and quality systems elements

Chapter 7 - Software Development23 Failure Mode and Effects Analysis FMEA is an important technique used to develop any ISO 9000 compliant systems. FMEA is used as a reliability evaluation technique to determine the effect of system and equipment failure. Failures are classified on their impact on mission success, personnel safety, equipment safety, customer satisfaction, and customer safety.

Chapter 7 - Software Development24 Summary High-quality software systems are needed because they are easy to learn and easy to use, perform the functions that meet users’ needs, and have a high degree of availability. There are many ethical issues facing software developers. The impact of software defects can have devastating effects. Software product liability claims are frequently based on strict liability, negligence, breach of warranty, or misrepresentation.

Chapter 7 - Software Development25 Summary A software development methodology defines the activities in the system development process. An effective system development methodology protects software manufacturers from legal liability for defective software. The Capability Maturity Model defines five levels of software development process.

Chapter 7 - Software Development26 Case 1 - Airbags Airbags deploy at 140 mph unleashing too much energy for smaller people and children. Auto makers are working to make airbags more safe. Some argue that airbag technology is too complicated. They say educating the public would be better.

Chapter 7 - Software Development27 Case 2 - Patriot Missile On February 25, 1991, a Patriot missile defense system in Saudi Arabia failed to track and intercept an incoming scud missile because of a software problem. The incoming missile hit an Army barracks and killed twenty-eight Americans.