WHAT IS SOFTWARE QUALITY?

Software quality is defined as a field of study and practice that describes the desirable attributes of
software products. There are two main approaches to software quality: defect management and
quality attributes.

Software quality product is defined in term of its fitness of purpose. That is, a quality
product does precisely what the users want it to do. For software products, the fitness of
use is generally explained in terms of satisfaction of the requirements laid down in the
SRS document. Although "fitness of purpose" is a satisfactory interpretation of quality
for many devices such as a car, a table fan, a grinding machine, etc.for software
products, "fitness of purpose" is not a wholly satisfactory definition of quality.

Example: Consider a functionally correct software product. That is, it performs all tasks
as specified in the SRS document. But, has an almost unusable user interface. Even
though it may be functionally right, we cannot consider it to be a quality product.

The modern view of a quality associated with a software product several quality
methods such as the following:

Portability: A software device is said to be portable, if it can be freely made to work in

various operating system environments, in multiple machines, with other software
products, etc.

Usability: A software product has better usability if various categories of users can
easily invoke the functions of the product.

Reusability: A software product has excellent reusability if different modules of the

product can quickly be reused to develop new products.

Correctness: A software product is correct if various requirements as specified in the

SRS document have been correctly implemented.

Maintainability: A software product is maintainable if bugs can be easily corrected as

and when they show up, new tasks can be easily added to the product, and the
functionalities of the product can be easily modified, etc.
SOFTWARE QUALITY ATTRIBUTES
This approach to software quality is best exemplified by fixed quality models, such as ISO/IEC
25010:2011. This standard describes a hierarchy of eight quality characteristics, each composed of
sub-characteristics:

1. Functional suitability
2. Reliability
3. Operability
4. Performance efficiency
5. Security
6. Compatibility
7. Maintainability
8. Transferability

Additionally, the standard defines a quality-in-use model composed of five characteristics:

1. Effectiveness
2. Efficiency
3. Satisfaction
4. Safety
5. Usability

A fixed software quality model is often helpful for considering an overall understanding of software
quality. In practice, the relative importance of particular software characteristics typically depends on
software domain, product type, and intended usage. Thus, software characteristics should be
defined for, and used to guide the development of, each product.

Quality function deployment provides a process for developing products based on characteristics

derived from user needs.
Defect
A Software DEFECT / BUG / FAULT is a condition in a software product which does not
meet a software requirement (as stated in the requirement specifications) or end-user
expectation (which may not be specified but is reasonable). In other words, a defect is
an error in coding or logic that causes a program to malfunction or to produce
incorrect/ unexpected results.

o defect: An imperfection or deficiency in a work product where it does not meet

its requirements or specifications.

o A program that contains a large number of bugs is said to be buggy.

o Reports detailing defects / bugs in software are known as  defect reports /
bug  reports. (See Defect Report)
o Applications for tracking defects bugs are known as defect tracking tools / bug
tracking tools.
o The process of finding the cause of bugs is known as debugging.
 o The process of intentionally injecting bugs in a software program, to estimate test
coverage by monitoring the detection of those bugs, is known
as bebugging.

Defects are defined as the deviation of the actual and expected result of

system or software application. Defects can also be defined as any deviation or
irregularity from the specifications mentioned in the product functional
specification document. Defects are caused by the developer in development
phase of software. When a developer or programmer during the development
phase makes some mistake then that turns into bugs that are called defects. It
is basically caused by the developers’ mistakes.
Defect in a software product represents the inability and inefficiency of the
software to meet the specified requirements and criteria and subsequently
prevent the software application to perform the expected and desired working.
Types of Defects:
Following are some of the basic types of defects in the software development:
1. Arithmetic Defects:
It include the defects made by the developer in some arithmetic
expression or mistake in finding solution of such arithmetic expression.
This type of defects are basically made by the programmer due to
access work or less knowledge. Code congestion may also lead to the
arithmetic defects as programmer is unable to properly watch the
written code.
2. Logical Defects:
Logical defects are mistakes done regarding the implementation of the
code. When the programmer doesn’t understand the problem clearly
or thinks in a wrong way then such types of defects happen. Also while
implementing the code if the programmer doesn’t take care of the
corner cases then logical defects happen. It is basically related to the
core of the software.
3. Syntax Defects:
Syntax defects means mistake in the writing style of the code. It also
focuses on the small mistake made by developer while writing the
code. Often the developers do the syntax defects as there might be
some small symbols escaped. For example, while writing a code in C+
+ there is possibility that a semicolon(;) is escaped.
4. Multithreading Defects:
Multithreading means running or executing the multiple tasks at the
same time. Hence in multithreading process there is possibility of the
complex debugging. In multithreading processes sometimes there is
condition of the deadlock and the starvation is created that may lead
to system’s failure.
 5. Interface Defects:
Interface defects means the defects in the interaction of the software
and the users. The system may suffer different kinds of the interface
testing in the forms of the complicated interface, unclear interface or
the platform based interface.
6. Performance Defects:
Performance defects are the defects when the system or the software
application is unable to meet the desired and the expected results.
When the system or the software application doesn’t fulfill the users’s
requirements then that is the performance defects. It also includes the
response of the system with the varying load on the system.

What is a Fault?
Software fault is also known as defect, arises when the expected result don't match with the
actual results. It can also be error, flaw, failure, or fault in a computer program. Most bugs arise
from mistakes and errors made by developers, architects.

Fault Types
Following are the fault types associated with any:
 Business Logic Faults
 Functional and Logical Faults
 Faulty GUI
 Performance Faults
 Security Faults

Preventing Faults
Following are the methods for preventing programmers from introducing Faulty code during
development:
 Programming Techniques adopted
 Software Development methodologies
 Peer Review
 Code Analysis

Defect Prevention Methods and Techniques

Defect Prevention  is basically defined as a measure to ensure that defects

being detected so far, should not appear or occur again. For facilitating
communication simply among members of team, planning and devising defect
prevention guidelines, etc., Coordinator is mainly responsible.
Coordinator is mainly responsible to lead defect prevention efforts, to facilitate
meetings, to facilitate communication between team members and
management, etc. DP board generally has quarterly plan in which sets some
goals at organization level. To achieve these goals, various methods or
activities are generally used and carried out to achieve and complete these
goals.
Methods of Defect Prevention :
For defect prevention, there are different methods that are generally used over
a long period of time. These methods or activities are given below :

1. Software Requirement Analysis :

The main cause of defects in software products is due to error in
software requirements and designs. Software requirements and
design both are important, and should be analyzed in an efficient way
with more focus. Software requirement is basically considered an
integral part of Software Development Life Cycle (SDLC) . These are
the requirements that basically describes features and functionalities
of target product and also conveys expectations or requirement of
users from software product.
Therefore, it is very much needed to understand about software
requirements more carefully, If requirements are not understood well
by tester and developers, then there might be chance of occurring of
issue or defect in further process. Therefore, it is essential to analyze
and evaluate requirements in more appropriate and proper manner.
 2. Review and Inspection :
Review and inspection, both are essential and integral part of software
development. They are considered as powerful tools that can be used
to identify and remove defects if present before there occurrence and
impact on production. Review and inspection come in different levels
or stages of defect prevention to meet different needs. They are used
in all software development and maintenance methods. There are two
types of review i.e. self-review and peer-review.
3. Defect Logging and Documentation :
After successful analysis and review, there should be records
maintained about defects to simply complete description of defect.
This record can be further used to have better understanding of
defects. After getting knowledge and understanding of defect, then
only one can take some effective and required measures and actions
to resolve particular defects so that defect cannot be carried further to
next phase.
4. Root Cause Analysis :
Root cause analysis is basically analysis of main cause of defect. It
simply analysis what triggered defect to occur. After analyzing main
cause of defect, one can find best way to simply avoid occurrence of
such types of defects next time.

Software Review

Software Review is systematic inspection of a software by one or more individuals who work together
to find and resolve errors and defects in the software during the early stages of Software Development
Life Cycle (SDLC). Software review is an essential part of Software Development Life Cycle (SDLC) that
helps software engineers in validating the quality, functionality and other vital features and components
of the software. It is a whole process that includes testing the software product and it makes sure that it
meets the requirements stated by the client. 

Usually performed manually, software review is used to verify various documents like requirements,
system designs, codes, test plans and test cases. 

Objectives of Software Review: 

The objective of software review is: 
 
 1. To improve the productivity of the development team. 
 

2. To make the testing process time and cost effective. 

 

3. To make the final software with fewer defects. 

 

4. To eliminate the inadequacies. 

 

Process of Software Review: 

Types of Software Reviews: 

There are mainly 3 types of software reviews: 

1. Software Peer Review: 

Peer review is the process of assessing the technical content and quality of the product and it is
usually conducted by the author of the work product along with some other developers. 
Peer review is performed in order to examine or resolve the defects in the software, whose
quality is also checked by other members of the team. 

Peer Review has following types: 

 (i) Code Review: 

Computer source code is examined in a systematic way. 
 
  (ii) Pair Programming: 
It is a code review where two developers develop code together at the same platform. 
 

 (iii) Walkthrough: 
Members of the development team is guided by author and other interested parties and
the participants ask questions and make comments about defects. 
 

 (iv) Technical Review: 

A team of highly qualified individuals examines the software product for its client’s use
and identifies technical defects from specifications and standards. 
 

 (v) Inspection: 
In inspection the reviewers follow a well-defined process to find defects. 
 

2. Software Management Review: 

Software Management Review evaluates the work status. In this section decisions regarding
downstream activities are taken. 

3. Software Audit Review: 

Software Audit Review is a type of external review in which one or more critics, who are not a
part of the development team, organize an independent inspection of the software product and
its processes to assess their compliance with stated specifications and standards. This is done by
managerial level people. 
 

Advantages of Software Review: 

 

 Defects can be identified earlier stage of development (especially in formal review). 

 

 Earlier inspection also reduces the maintenance cost of software. 

 

 It can be used to train technical authors. 

 

 It can be used to remove process inadequacies that encourage defects. 

 
Software Inspection

Software inspection is a control technique for ensuring that the

documentation produced during a given phase remains consistent
with the documentation of the previous phases and respects
preestablished rules and standards.
The purpose of software inspection is to look for defects (of
understanding, interpretation, translation, etc.), deviations, especially
regarding quality clauses, absences or abundances etc., and to
provide the elements to make corrections. Software inspection is not
designed to make corrections. In order to be effective, software
inspection must be prepared and carried out by a separate team from
the realization team.
Software inspection is divided into two types of inspection/review:
–
the document inspection/review: we are interested in the
documents produced for a given phase. The inspection will focus
on the quality, the correctness and the relevance of the
document(s);
–
the inspection/review of the code: there is interest in the items of
type “computer file”: model, program source files, test scenarios,
etc.

Software Metrics
A software metric is a measure of software characteristics which are measurable or
countable. Software metrics are valuable for many reasons, including measuring
software performance, planning work items, measuring productivity, and many other
uses.
Within the software development process, many metrics are that are all connected.
Software metrics are similar to the four functions of management: Planning,
Organization, Control, or Improvement.

Classification of Software Metrics

Software metrics can be classified into two types as follows:

1. Product Metrics: These are the measures of various characteristics of the software

product. The two important software characteristics are:

1. Size and complexity of software.

2. Quality and reliability of software.

These metrics can be computed for different stages of SDLC.

2. Process Metrics: These are the measures of various characteristics of the software

development process. For example, the efficiency of fault detection. They are used to
measure the characteristics of methods, techniques, and tools that are used for
developing software.
Types of Metrics
Internal metrics: Internal metrics are the metrics used for measuring properties that are
viewed to be of greater importance to a software developer. For example, Lines of Code
(LOC) measure.

External metrics: External metrics are the metrics used for measuring properties that
are viewed to be of greater importance to the user, e.g., portability, reliability,
functionality, usability, etc.

Hybrid metrics: Hybrid metrics are the metrics that combine product, process, and
resource metrics. For example, cost per FP where FP stands for Function Point Metric.

Project metrics: Project metrics are the metrics used by the project manager to check
the project's progress. Data from the past projects are used to collect various metrics,
like time and cost; these estimates are used as a base of new software. Note that as the
project proceeds, the project manager will check its progress from time-to-time and will
compare the effort, cost, and time with the original effort, cost and time. Also
understand that these metrics are used to decrease the development costs, time efforts
and risks. The project quality can also be improved. As quality improves, the number of
errors and time, as well as cost required, is also reduced.

Advantage of Software Metrics

Comparative study of various design methodology of software systems.

For analysis, comparison, and critical study of different programming language

concerning their characteristics.

In comparing and evaluating the capabilities and productivity of people involved in

software development.

In the preparation of software quality specifications.

In the verification of compliance of software systems requirements and specifications.

In making inference about the effort to be put in the design and development of the
software systems.

In getting an idea about the complexity of the code.

In taking decisions regarding further division of a complex module is to be done or not.

In guiding resource manager for their proper utilization.

In comparison and making design tradeoffs between software development and

maintenance cost.

In providing feedback to software managers about the progress and quality during
various phases of the software development life cycle.

In the allocation of testing resources for testing the code.

AD

Disadvantage of Software Metrics

The application of software metrics is not always easy, and in some cases, it is difficult
and costly.

The verification and justification of software metrics are based on historical/empirical

data whose validity is difficult to verify.

These are useful for managing software products but not for evaluating the
performance of the technical staff.

The definition and derivation of Software metrics are usually based on assuming which
are not standardized and may depend upon tools available and working environment.

Most of the predictive models rely on estimates of certain variables which are often not
known precisely.
Unit – 2

What is Defect Density?

Defect Density is the number of defects confirmed in software/module during a
specific period of operation or development divided by the size of the
software/module. It enables one to decide if a piece of software is ready to be
released.

Defect density is counted per thousand lines of code also known as KLOC.

How to calculate Defect Density

A formula to measure Defect Density:

Defect Density = Defect count/size of the release

Size of release can be measured in terms of a line of code (LoC).

Defect Density Example

Suppose, you have 3 modules integrated into your software product. Each module
has the following number of bugs discovered-

 Module 1 = 10 bugs
 Module 2 = 20 bugs
 Module 3 = 10 bugs

Total bugs = 10+20+10 =40

The total line of code for each module is

 Module 1 = 1000 LOC

 Module 2 = 1500 LOC
 Module 3 = 500 LOC

Total Line of Code = 1000+1500+500 = 3000

Defect Density is calculated as:

Defect Density = 40/3000 = 0.013333 defects/loc = 13.333 defects/Kloc

A standard for defect density
However, there is no fixed standard for bug density, studies suggest that one
Defect per thousand lines of code is generally considered as a sign of good project
quality.

Factors that affect the defect density metrics

 Code complexity
 The type of defects taken into account for the calculation
 Time duration which is considered for Defect density calculation
 Developer or Tester skills

Advantages of defect density

 It helps to measure the testing effectiveness
 It helps to differentiate defects in components/software modules
 It is useful in identifying the areas for correction or improvement
 It is useful in pointing towards high-risk components
 It helps in identifying the training needs to various resources
 It can be helpful in estimating the testing and rework due to bugs
 It can estimate the remaining defects in the software
 Before the release, we can determine whether our testing is sufficient
 We can ensure a database with a standard defect density

 Customer Problems Metric

Unit - 4
Software Quality Assurance

Software Quality Assurance (SQA) is simply a way to assure quality in the

software. It is the set of activities which ensure processes, procedures as well as
standards are suitable for the project and implemented correctly. 
Software Quality Assurance is a process which works parallel to development of
software. It focuses on improving the process of development of software so
that problems can be prevented before they become a major issue. Software
Quality Assurance is a kind of Umbrella activity that is applied throughout the
software process. 
Software Quality Assurance has: 
1. A quality management approach 
2. Formal technical reviews 
3. Multi testing strategy 
4. Effective software engineering technology 
5. Measurement and reporting mechanism 
 
Major Software Quality Assurance Activities: 
 
1. SQA Management Plan: 
Make a plan for how you will carry out the sqa through out the project.
Think about which set of software engineering activities are the best for
project. check level of sqa team skills. 
 
2. Set The Check Points: 
SQA team should set checkpoints. Evaluate the performance of the
project on the basis of collected data on different check points. 
 
 3. Multi testing Strategy: 
Do not depend on a single testing approach. When you have a lot of
testing approaches available use them. 
 
4. Measure Change Impact: 
The changes for making the correction of an error sometimes re
introduces more errors keep the measure of impact of change on project.
Reset the new change to change check the compatibility of this fix with
whole project. 
 
5. Manage Good Relations: 
In the working environment managing good relations with other teams
involved in the project development is mandatory. Bad relation of sqa
team with programmers team will impact directly and badly on project.
Don’t play politics. 
 
Benefits of Software Quality Assurance (SQA): 
 
1. SQA produces high quality software. 
2. High quality application saves time and cost. 
3. SQA is beneficial for better reliability. 
4. SQA is beneficial in the condition of no maintenance for a long time. 
5. High quality commercial software increase market share of company. 
6. Improving the process of creating software. 
7. Improves the quality of the software. 
 
Disadvantage of SQA: 
There are a number of disadvantages of quality assurance. Some of them
include adding more resources, employing more workers to help maintain
quality and so much more.
Quality Planning in Software Engineering
Quality Assurance is one of the key facilitating processes during project
planning. It is an ongoing activity that is performed with other planning
processes. Quality planning is aimed at identifying the relevant quality
standards, incorporating quality standards into product and processes,
determining how these standards will be achieved.
Before a project manager can plan for quality, he must know what the standard
expectations are. In other words, he must be aware of the quality policy defined
by the organization’s top management. It specifies the general intention of the
organization with reference to quality as formally expressed by the highest
management. It should be documented. The project team should adopt the
quality policy of the organization to guide the project implementation. If there
is no quality policy or project that involves multiple performing organizations, in
the case of a joint venture, then the project management team should create a
quality policy. The project stakeholders should be fully aware of the quality
policy.
The project scope statement is another important input to quality planning. It
defines important input to quality planning. It defines what will and what will
not be delivered as part of the project along with project objectives regarding
cost, schedule, and cost. Other inputs to the quality planning include a
description of the product to be designed, standards, and regulations that may
affect the project and outputs from the other processes.
Once the project manager has gathered the required inputs and evaluated the
product description and quality assurance, he is able to measure the quality.
Quality measurements are used for making estimates, tracking projects
progress, analyzing defects and achieving continuous improvement, and
evaluating tools. There are several techniques that the project manager uses to
plan for the quality which is as follows :
 Benefit/Cost Analysis : 
It is the process of estimating costs and benefits of various project quality
management activities. The main benefit of meeting quality is less rework
and therefore resulting in higher productivity, lower costs, and increased
customer satisfaction. The main cost of meeting quality requirements is
 the cost associated with quality management activities. The coat of
quality is generally of two types :
 Cost of Conformance to Requirements :
Cost of completing the project work to satisfy the expected level of
quality and project scope. Example: Prevention costs and appraisal.
 
 Cost of Non-Conformance :
It includes cost due to some kind of failure, Internal failure related
cost includes cost incurred before the customer receives the
product, and external failure related cost after the customer
receives the product. Cost also very high. Example: Startup cost,
project-related cost, continuous cost.
 
 Benchmarking : 
It involves comparing project practices with those of the other projects
within the same organization or with other companies. It is done to
generate ideas for improvement and provide a basis for measurement.
 
 Creating a Flowchart : 
A flowchart is any diagram that shows how various components of a
system are interrelated. There are two types of flowcharts used in quality
management. These are –
1. System or Process Flow Charts :
It shows how various elements of a system interrelate. It shows the flow of the
process through a system.
2. Cause-And-Effect Diagrams:
It is also known as Ishikawa or Fishbone diagram. It shows how variables within
a process relate and how those relations create potential problems.
 
Fishbone diagram
 
 Design of Experiments:
It is an analytical technique that relates to a what-if scenario to determine
what variables in a project have the most influence on the overall
outcome. This approach is often associated with product design; it can
also be applied to project management met issues, such as costs and
schedule tradeoffs. An optimally designed experiment, computing project
costs, and duration considering the various combination of employees
will provide an optimal solution.

What is Quality Control?

Quality control is a set of methods used by organizations to achieve quality parameters or quality
goals and continually improve the organization's ability to ensure that a software product will
meet quality goals.

Quality Control Process:

The three class parameters that control software quality are:
 Products
 Processes
 Resources
The total quality control process consists of:
 Plan - It is the stage where the Quality control processes are planned
 Do - Use a defined parameter to develop the quality
 Check - Stage to verify if the quality of the parameters are met
 Act - Take corrective action if needed and repeat the work

Quality Control characteristics:

 Process adopted to deliver a quality product to the clients at best cost.
 Goal is to learn from other organizations so that quality would be better each time.
 To avoid making errors by proper planning and execution with correct review
process.

SQA Activities
Software quality assurance is composed of a variety of functions associated with
two different constituencies ? the software engineers who do technical work
and an SQA group that has responsibility for quality assurance planning, record
keeping, analysis, and reporting.
Following activities are performed by an independent SQA group:
 1. Prepares an SQA plan for a project: The program is developed during
project planning and is reviewed by all stakeholders. The plan governs
quality assurance activities performed by the software engineering team
and the SQA group. The plan identifies calculation to be performed, audits
and reviews to be performed, standards that apply to the project,
techniques for error reporting and tracking, documents to be produced by
the SQA team, and amount of feedback provided to the software project
team.
2. Participates in the development of the project's software process
description: The software team selects a process for the work to be
performed. The SQA group reviews the process description for
compliance with organizational policy, internal software standards,
externally imposed standards (e.g. ISO-9001), and other parts of the
software project plan.
3. Reviews software engineering activities to verify compliance with the
defined software process: The SQA group identifies, reports, and tracks
deviations from the process and verifies that corrections have been made.
4. Audits designated software work products to verify compliance with
those defined as a part of the software process: The SQA group reviews
selected work products, identifies, documents and tracks deviations,
verify that corrections have been made, and periodically reports the
results of its work to the project manager.
5. Ensures that deviations in software work and work products are
documented and handled according to a documented
procedure: Deviations may be encountered in the project method,
process description, applicable standards, or technical work products.
6. Records any noncompliance and reports to senior management: Non-
compliance items are tracked until they are resolved.
Quality Assurance v/s Quality control

Quality Assurance Quality Control

 Quality Assurance (QA) is the set of actions
including facilitation, training,
measurement, and analysis needed to
provide adequate confidence that
processes are established and continuously
improved to produce products or services
that conform to specifications and are fit
for use.
QA is an activity that establishes and
calculates the processes that produce the
product. If there is no process, there is no
role for QA.
QA helps establish process
QA sets up a measurement program to
evaluate processes
QA identifies weakness in processes and
improves them
Quality Assurance is a managerial tool.
Verification is an example of QA.
SQA Techniques
There are several techniques for SQA. Auditing is the chief technique that is widely adopted.
However, we have a few other significant techniques as well.
Various SQA Techniques include:
Quality Control (QC) is described as
the processes and methods used to
compare product quality to
requirements and applicable
standards, and the actions are taken
when a nonconformance is detected.
QC is an activity that demonstrates
whether or not the product produced
met standards.
QC relates to a particular product or
service
QC verified whether particular
attributes exist, or do not exist, in a
explicit product or service.
QC identifies defects for the primary
goals of correcting errors.
Quality Control is a corrective tool.
Validation is an example of QC.
  Auditing: Auditing involves inspection of the work products and its related
information to determine if the set of standard processes were followed or not.
 Reviewing: A meeting in which the software product is examined by both the
internal and external stakeholders to seek their comments and approval.
 Code Inspection: It is the most formal kind of review that does static testing to find
bugs and avoid defect growth in the later stages. It is done by a trained mediator/peer
and is based on rules, checklist, entry and exit criteria. The reviewer should not be the
author of the code.
 Design Inspection: Design inspection is done using a checklist that inspects the
below areas of software design:
 General requirements and design
 Functional and Interface specifications
 Conventions
 Requirement traceability
 Structures and interfaces
 Logic
 Performance
 Error handling and recovery
 Testability, extensibility
 Coupling and cohesion
 Simulation: A simulation is a tool that models a real-life situation in order to
virtually examine the behavior of the system under study.
 Functional Testing: It is a QA technique that verifies what the system does without
considering how it does it. This type of black box testing mainly focuses on testing
the system specifications or features.
 Standardization: Standardization plays a crucial role in quality assurance. It
decreases the ambiguity and guesswork, thus ensuring quality.
 Static Analysis: It is a software analysis that is done by an automated tool without
actually executing the program. This technique is highly used for quality assurance in
medical, nuclear, and aviation software. Software metrics and reverse engineering are
some popular forms of static analysis.
 Walkthroughs: A software walkthrough or code walkthrough is a kind of peer
review where the developer guides the members of the development team to go
through the product and raise queries, suggest alternatives, and make comments
regarding possible errors, standard violations, or any other issues.
 Path Testing: It is a white box testing technique where the complete branch coverage
is ensured by executing each independent path at least once.
 Stress Testing: This type of testing is done to check how robust a system is by
testing it under heavy load i.e. beyond normal conditions.
 Six Sigma: Six Sigma is a quality assurance approach that aims at nearly perfect
products or services. It is widely applied in many fields including software. The main
objective of six sigma is process improvement so that the produced software is 99.76
% defect-free.

Several national and international standards institutes, professional and industry-oriented

organizations have been involved in the development of SQA standards.
The following institutes and organizations are the main developers of SQA and software
engineering standards −

 IEEE (Institute of Electrical and Electronics Engineers) Computer Society

 ISO (International Organization for Standardization)
 DOD (US Department of Defense)
 ANSI (American National Standards Institute)
 IEC (International Electro Technical Commission)
 EIA (Electronic Industries Association)
These organizations provide updated international standards to the quality of professional and
managerial activities performed in software development and maintenance organizations.
They also provide SQA certification through independent professional quality audits. These
external audits assess achievements in the development of SQA systems and their
implementation. Certification, which is granted after the periodic audits, will be valid only until
the next audit, and therefore must be renewed. At present, the ISO 9000 Certification Service is
the most prominent provider of SQA certification in Europe and other countries.
They also provide the tools for self-assessment of an organization’s SQA system and its
operation. The Capacity Maturity Model (CMM) developed by the Software Engineering
Institute (SEI), Carnegie Mellon University, and ISO/IEC Std 15504 are the examples of this
approach.

SQA Standards
Software quality assurance standards can be classified into two main classes −
 Software quality assurance management standards, including certification and
assessment methodologies (quality management standards)
 Software project development process standards (project process standards)
Quality Management Standards
These focus on the organization’s SQA system, infrastructure and requirements, while leaving
the choice of methods and tools to the organization. With quality management standards,
organizations can steadily assure that their software products achieve an acceptable level of
quality.
Example − ISO 9000-3 and the Capability Maturity Model (CMM)
Project Process Standards
These focus on the methodologies for implementing the software development and maintenance
projects. These standards include the following −

 The steps to be taken

 Design documentation requirements
 Contents of design documents
  Design reviews and review issues
 Software testing to be performed
 Testing topics
Naturally, due to their characteristics, many SQA standards in this class can serve as software
engineering standards and vice versa.
The characteristics of these two classes of standards are summarized in the following table.

Characteristics Quality Management Standards Project Process Standards

Management of software development, A software development and maintenance

The target unit
maintenance and the specific SQA units project team

Organization of SQA systems, infrastructure Methodologies for carrying out software

The main focus
and requirements development and maintenance projects

The standard’s
“What” to achieve “How” to perform
objective

Assuring the supplier’s software quality and

The standard’s Assuring the supplier’s software quality and assessing its software process capability
goal assessing its software process capability Assuring the quality of a specific software
project.

Examples ISO 9000-3 SEI’s CMM ISO/IEC 12207 IEEEStd 1012-1998

AD

ISO 9001 Certification

ISO (the International Organization for Standardization) is a worldwide federation of national
standards bodies. ISO technical committees prepare the International Standards. ISO collaborates
closely with the International Electro-technical Commission (IEC) on all matters of electro-
technical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives,
Part 2. Draft of the International Standards adopted by the technical committees is circulated to
the member bodies for voting. ISO 9001 was prepared by Technical Committee ISO/TC 176,
Quality management and quality assurance, Subcommittee SC 2, Quality systems.
Process Approach
This International Standard promotes the adoption of a process approach when developing,
implementing, and improving the effectiveness of a quality management system, to enhance
customer satisfaction by meeting the customer requirements. For an organization to function
effectively, it has to determine and manage numerous linked activities. An activity or set of
activities using resources, and managed in order to enable the transformation of inputs into
outputs, can be considered as a process.
Often the output from one process directly forms the input to the next. The application of a
system of processes within an organization, together with the identification and interactions of
these processes, and their management to produce the desired outcome, can be referred to as
the “process approach”.
An advantage of the process approach is the ongoing control that it provides over the linkage
between the individual processes within the system of processes, as well as over their
combination and interaction. When used within a quality management system, such an approach
emphasizes the importance of the following −

 Understanding and meeting the requirements

 Need to consider the processes in terms of added value
 Obtain the results of process performance and effectiveness
 Continual improvement of processes based on objective measurement
ISO 9001 - Application to Software: the TickIT Initiative
TickIT was launched in the late 1980s by the UK software industry in cooperation with the UK
Department for Trade and Industry to promote the development of a methodology for adapting
ISO 9001 to the characteristics of the software industry known as the TickIT initiative.
TickIT is, additionally, specializing in information technology (IT). It covers the entire range of
commercial software development and maintenance services. TickIT, now managed and
maintained by the DISC Department of BSI (the British Standards Institute), is accredited for the
certification of IT organizations in the UK and Sweden.
Its activities include −
 Publication of the TickIT Guide, which supports the software industry’s efforts to
spread ISO 9001 certification. The current guide (edition 5.0, TickIT, 2001),
which includes references to ISO/IEC 12207 and ISO/IEC 15504, is distributed to
all TickIT customers.
 Performance of audit-based assessments of software quality systems and
consultation to organizations on the improvement of software development and
maintenance processes in addition to their management.
 Conduct ISO 9000 certification audits.
TickIT auditors who conduct audit-based assessments and certification audits are registered by
the International Register of Certificated Auditors (IRCA). Registered IRCA auditors are
required, among other things, to have experience in management and software development; they
must also successfully complete an auditor's course.
Registered lead auditors are required to have a demonstrated experience in conducting and
directing TickIT audits.
What is Total Quality Management (TQM)?
TQM can be defined as a management technique for improving processes, products, services and
the other approaches associated with the product. It focusses on the entire business and NOT just
on a particular project or process.

Elements of TQM:
 Root Cause Analysis
 Customer-focused
 Active Employee Participation
 Process-oriented
 Internal and External self Assessment
 Continuous improvement
 Making Well Informed Decisions
 Effective Communication

Quality Control Tools:

 Cause - Effect Diagram
 Checklists
 Histogram
 Graphs
 Pareto Charts
 Tree Diagram
 Arrow Diagram
AD

Process Improvement Cycle:

Unit - 5
Verification and validation

Verification and Validation is the process of investigating that a software system

satisfies specifications and standards and it fulfills the required purpose. Barry
Boehm described verification and validation as the following:
Verification:  Are we building the product right?
Validation:  Are we building the right product?
Verification:
Verification is the process of checking that a software achieves its goal without
any bugs. It is the process to ensure whether the product that is developed is
right or not. It verifies whether the developed product fulfills the requirements
that we have.
Verification is Static Testing.
Activities involved in verification:
1. Inspections
2. Reviews
3. Walkthroughs
4. Desk-checking

  The process of evaluating software to determine whether the products of a given

development phase satisfy the conditions imposed at the start of that phase.
Verification is a static practice of verifying documents, design, code and program.
It includes all the activities associated with producing high quality software:
inspection, design analysis and specification analysis. It is a relatively
objective process.
Verification will help to determine whether the software is of high quality, but it
will not ensure that the system is useful. Verification is concerned with whether
the system is well-engineered and error-free.
Methods of Verification :  Static Testing
 Walkthrough
 Inspection
 Review

Validation:

The process of evaluating software during or at the end of the development

process to determine whether it satisfies specified requirements.
Validation is the process of evaluating the final product to check whether the
software meets the customer expectations and requirements. It is a dynamic
mechanism of validating and testing the actual product.
Methods of  Validation :  Dynamic Testing
 Testing
 End Users

Validation is the process of checking whether the software product is up to the

mark or in other words product has high level requirements. It is the process of
checking the validation of product i.e. it checks what we are developing is the
right product. it is validation of actual and expected product.
Validation is the Dynamic Testing.
Activities involved in validation:
1. Black box testing
2. White box testing
3. Unit testing
4. Integration testing

Note: Verification is followed by Validation.

 Verification Validation
1. Verification is a static practice of 1. Validation is a dynamic mechanism
verifying documents, design, code and of validating and testing the actual
program. product.
2. It does not involve executing the code. 2. It always involves executing the code.
3. It is human based checking of 3. It is computer based execution of
documents and files. program.
4. Validation uses methods like black
4. Verification uses methods like
box (functional)  testing, gray box
inspections, reviews, walkthroughs, and
testing, and white box (structural)
Desk-checking etc.
testing etc.
5. Validation is to check whether
5. Verification is to check whether the
software meets the customer
software conforms to specifications.
expectations and requirements.
6. It can catch errors that validation 6. It can catch errors that verification
cannot catch. It is low level exercise. cannot catch. It is High Level Exercise.
7. Target is requirements specification,
7. Target is actual product-a unit, a
application and software architecture,
module, a bent of integrated modules,
high level, complete design, and database
and effective final product.
design etc.
8. Verification is done by QA team to
8. Validation is carried out with the
ensure that the software is as per the
involvement of testing team.
specifications in the SRS document.
9. It generally comes first-done before
9. It generally follows after verification.
validation.

Software Testing Tools

Software testing tools are required for the betterment of the application or software.

That's why we have so many tools available in the market where some are open-source
and paid tools.

The significant difference between open-source and the paid tool is that the open-
source tools have limited features, whereas paid tool or commercial tools have no
limitation for the features. The selection of tools depends on the user's requirements,
whether it is paid or free.

The software testing tools can be categorized, depending on the licensing (paid or

commercial, open-source), technology usage, type of testing, and so on.

With the help of testing tools, we can improve our software performance, deliver a high-
quality product, and reduce the duration of testing, which is spent on manual efforts.

The software testing tools can be divided into the following:

o Test management tool

o Bug tracking tool
o Automated testing tool
o Performance testing tool
o Cross-browser testing tool
o Integration testing tool
o Unit testing tool
o Mobile/android testing tool
o GUI testing tool
o Security testing tool

Test management tool

Test management tools are used to keep track of all the testing activity, fast data
analysis, manage manual and automation test cases, various environments, and plan
and maintain manual testing as well.

For more details about test management tool, refers the below link: Click Here

Bug tracking tool

The defect tracking tool is used to keep track of the bug fixes and ensure the delivery of
a quality product. This tool can help us to find the bugs in the testing stage so that we
can get the defect-free data in the production server. With the help of these tools, the
end-users can allow reporting the bugs and issues directly on their applications.

For more details about bug tracking tool, refers the below link: Click Here
Automation testing tool

This type of tool is used to enhance the productivity of the product and improve the
accuracy. We can reduce the time and cost of the application by writing some test
scripts in any programming language.

For more details about automation testing tool, refers the below link: Click Here

Performance testing tool

Performance or Load testing tools are used to check the load, stability, and scalability of
the application. When n-number of the users using the application at the same time,
and if the application gets crashed because of the immense load, to get through this
type of issue, we need load testing tools.

For more details about load testing tool, refers the below link: Click Here

Cross-browser testing tool

This type of tool is used when we need to compare a web application in the various web
browser platforms. It is an important part when we are developing a project. With the
help of these tools, we will ensure the consistent behavior of the application in multiple
devices, browsers, and platforms.

For more details about the cross-browser testing tool, refers the below link: Click Here

Integration testing tool

This type of tool is used to test the interface between modules and find the critical bugs
that are happened because of the different modules and ensuring that all the modules
are working as per the client requirements.

For more details about the mobile and android testing tool, refers to the below
link: Click Here

Unit testing tool

This testing tool is used to help the programmers to improve their code quality, and
with the help of these tools, they can reduce the time of code and the overall cost of the
software.

For more details about the unit testing tool, refers the below link: Click Here
Mobile/android testing tool

We can use this type of tool when we are testing any mobile application. Some of the
tools are open-source, and some of the tools are licensed. Each tool has its functionality
and features.

For more details about the mobile or android testing tool, refers to the below link: Click
Here

GUI testing tool

GUI testing tool is used to test the User interface of the application because a
proper GUI (graphical user interface) is always useful to grab the user's attention. These
type of tools will help to find the loopholes in the application's design and makes its
better.

For more details about GUI testing tool, refers the below link: Click Here

Security testing tool

The security testing tool is used to ensure the security of the software and check for the
security leakage. If any security loophole is there, it could be fixed at the early stage of
the product. We need this type of the tool when the software has encoded the security
code which is not accessible by the unauthorized users

Static testing tool Dynamic testing tool

These tools are used by developers as part of the These tools require the code to be in a
development and component testing process “running state”

code is not executed or run but tool itself is They analyse rather than testing
executed
 Static testing tool
It is extension of compiler technology
It also perform static analysis of requirement or
analysis of website
Helps to understand the structure of the code and
can also be useful to enforce coding standards.
Features /characteristics of static testing tools are:
 Checks cyclomatic complexity  Enforces coding
standards  Analyse structures and dependencies 
Helpful in understanding coding  Identify defects
in code.
Examples. Flow analyzer, path tests, coverage
analyzers, Interface analyzers
characteristics of modern testing tools
Following are characteristics of modern testing tools
1. It should use one or more testing strategy for performing testing on host as well as on
target platform. 
2. It should support GUI based test preparation. 
Dynamic testing tool
They also help to understand background
processes
These tool used by developed in component
integration testing,, middle ware , testing
robustness and security.
Also performs web site testing to check
whether each link does actually link to
something else, it can find dead links .
Features/characteristics of static testing tools
are:  Detect memory leak  Identify pointer
arithmetic errors , null pointer  Identify time
dependence.
coverage analyzers, Interface analyzers
Examples. Test driver, Test beds, Emulators,
Mutation analyzers
3. It should provide complete code coverage and create test documentation in various
formats (HTML/DOC/RTF...). 
4. These tools should able to adopt the underlying hardware. 
5. It should be easy to use. 6. Finally it should provide a clear report on test case, steps,
test case status (PASS/FAIL). 

What is Functional Testing?

FUNCTIONAL TESTING is a type of software testing that validates the software
system against the functional requirements/specifications. The purpose of
Functional tests is to test each function of the software application, by providing
appropriate input, verifying the output against the Functional requirements.
Functional testing mainly involves black box testing and it is not concerned about
the source code of the application. This testing checks User Interface, APIs,
Database, Security, Client/Server communication and other functionality of the
Application Under Test. The testing can be done either manually or using
automation.

It is a type of software testing which is used to verify the functionality of the software
application, whether the function is working according to the requirement specification.
In functional testing, each function tested by giving the value, determining the output,
and verifying the actual output with the expected value. Functional testing performed as
black-box testing which is presented to confirm that the functionality of an application
or system behaves as we are expecting. It is done to verify the functionality of the
application.

Functional testing also called as black-box testing, because it focuses on application

specification rather than actual code. Tester has to test only the program rather than the
system.
What do you test in Functional Testing?
The prime objective of Functional testing is checking the functionalities of the
software system. It mainly concentrates on –

 Mainline functions:  Testing the main functions of an application

 Basic Usability: It involves basic usability testing of the system. It checks
whether a user can freely navigate through the screens without any
difficulties.
 Accessibility:  Checks the accessibility of the system for the user
 Error Conditions: Usage of testing techniques to check for error conditions. 
It checks whether suitable error messages are displayed.
What to test in functional testing? Explain
The main objective of functional testing is checking the functionality of the software
system. It concentrates on:

o Basic Usability: Functional Testing involves the usability testing of the system. It checks
whether a user can navigate freely without any difficulty through screens.
o Accessibility: Functional testing test the accessibility of the function.
o Mainline function: It focuses on testing the main feature.
o Error Condition: Functional testing is used to check the error condition. It checks
whether the error message displayed.

Structural Software Testing

Structural testing is a type of software testing which uses the internal design of the software for testing
or in other words the software testing which is performed by the team which knows the development
phase of the software, is known as structural testing.

Structural testing is basically related to the internal design and implementation of the software i.e. it
involves the development team members in the testing team. It basically tests different aspects of the
software according to its types. Structural testing is just the opposite of behavioral testing.

Types of Structural Testing:

There are 4 types of Structural Testing:
Control Flow Testing:
Control flow testing is a type of structural testing that uses the programs’s control flow as a model. The
entire code, design and structure of the software have to be known for this type of testing. Often this
type of testing is used by the developers to test their own code and implementation. This method is
used to test the logic of the code so that required result can be obtained.

Data Flow Testing:

It uses the control flow graph to explore the unreasonable things that can happen to data.
The detection of data flow anomalies are based on the associations between values and variables.
Without being initialized usage of variables. Initialized variables are not used once.

Slice Based Testing:

It was originally proposed by Weiser and Gallagher for the software maintenance. It is useful for
software debugging, software maintenance, program understanding and quantification of functional
cohesion. It divides the program into different slices and tests that slice which can majorly affect the
entire software.

Mutation Testing:
Mutation Testing is a type of Software Testing that is performed to design new software tests and also
evaluate the quality of already existing software tests. Mutation testing is related to modification a
program in small ways. It focuses to help the tester develop effective tests or locate weaknesses in the
test data used for the program.

Advantages of Structural Testing:

 It provides thorough testing of the software.

 It helps in finding out defects at an early stage.

 It helps in elimination of dead code.

 It is not time consuming as it is mostly automated.

Disadvantages of Structural Testing:

 It requires knowledge of the code to perform test.

 It requires training in the tool used for testing.

 Sometimes it is expensive.

Structural Testing Tools:

 JBehave

 Cucumber

 Junit

 Cfix

Error Handling Software Testing

 Last Updated : 26 Jul, 2019

Error handling testing is a type of software testing that is performed to check whether the system is
capable of or able to handle the errors that may happen in future. This type of testing is basically
performed with the help of both developers and the testers. Error handling testing not only focuses on
the determination of error but also focuses on the exception handling.

Objective of Error Handling Testing:

The objective of error handling testing is:

 To check the system ability to handle errors.

  To check the system highest soak point.

 To make sure errors can be handles properly by the system in the future.

 To make system capable of exception handling also.

Steps involved in the Error Handling testing:

Following are the steps involved in the error handling testing:

1. Test Environment Set Up:

Test environment is set according to the software testing technique so that the testing process
can run smoothly. This step includes planning for the testing. System which is going to be tested
is made sure have less significant data as there might be crash problem in the system during
testing.

2. Test Case Generation:

In this software testing test case generation is nothing but making different test cases which
 may cause error.Suppose a software operates on fractions then setting the denominator of the
fractions as zero. Test case generation is associated with the developing team as without
knowing the internal code, test cases can’t be designed.

3. Test Case Execution:

After the test case generation, real testing process begins. This is the most prominant part of the
testing process. It includes the running the program over the test case generated.

4. Result and Analysis:

After the execution of the test case, its result is analyzed. It includes the checking of the
inconsistency in the expected output for the generated test case. There might be a chance of
the program going into an infinite loop which may lead up to software failure.

5. Re-test:
If the testing is failed then after the analysis once more all the above steps are performed to test
the system. It also includes the testing of the system under new test cases generated recently.

Advantages of Error handling testing:

 It helps in construction of an error handling powered software.

 It makes the software ready for all circumstances.

 It developes the exception handling technique in the software.

 It helps is maintenance of the software.

Disadvantages of the Error handling testing

 It is costly as both the developing and testing team is involved.

 It takes lot of time to perform the testing operations.