CSCS351 Software

Quality Assurance
Lecture 7

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

 • After this lecture, you will be able to: –
• Discuss Software Reviews
Lecture • understand the value of different types of
Overview reviews;
Introduction

• Humphrey(2005, 2002)
• software engineers unintentionally inject 100 defects per thousand lines of code.
• commercial software typically includes from one to ten errors per thousand lines
of code.
• Quality costs = Prevention costs
+Appraisal or evaluation costs
+Internal and external failure costs
+Warranty claims and loss of reputation costs

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

 Evaluation costs

• The evaluation/detection cost is the cost of verification or evaluation of

a product or service during the various stages of the development
process.
• Detection Techniques
• Reviews.
• Tests.
• Reviews will detect and correct errors in the early phase of
development while tests will only be used when the code is available.
• It is much cheaper to detect errors with reviews than with testing.
• This does not mean we should neglect testing
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
Informal Reviews

• There is no documented process;

• Participants’ roles are not defined;
• Reviews have no objective, such as fault detection rate;
• Measures, such as the number of defects, are not collected;
• The effectiveness of reviews is not monitored by management;
• There is no standard that describes them;
• No checklist is used to identify defects.

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

Formal Review

• A process or meeting during which a software product, set of

software products, or a software process is presented to project
personnel, managers, users, customers, user representatives,
auditors, or other interested parties for examination, comment, or
approval. IEEE 1028

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
 Review Process
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
 Both are inexpensive and very
easy to perform.

Personal
Reviews vs. Personal reviews do not require
the participation of additional
Desk-check reviewers,

Reviews
Desk-check reviews require at
least one other person to review
the work of the developer of a
software product.

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

Principles of a Personal Review

• find and correct all defects in the software product;

• Use a checklist produced from your personal data, if possible,
using the type of defects that you are already aware of
• Follow a structured review process;
• use measures in your review;
• use data to improve your review;
• Use data to determine where and why defects were introduced
and then change your process to prevent similar defects in the
future.
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
ENTRY CRITERIA • None
INPUT • Software product to review
ACTIVITIES
1. Print:
• Checklist for the software product to be reviewed
• Standard (if applicable)
• Software product to review
2. Review the software product, using the first item on the checklist and
cross this item off when the review of the software product is completed
3. Continue review of the software product using the next item on the
checklist and repeat until all the items in the list have been checked Personal
Review
4. Correct any defects identified
5. Check that each correction did not create other defects.
EXIT CRITERIA • Corrected software product
OUTPUT • Corrected software product
Process
MEASURE • Effort used to review and correct the software product
measured in person-hours with an accuracy of +/–15 minutes
Desk-check Review (or Passaround)

• Kind of a peer review (management does not participate)

• This review is used for low-risk software products, or if the project
plan does not allow for more formal reviews.
• Considered less intimidating than a group review such as a walk-
through or inspection.

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

Desk-check Process

Dr. Aasia Khanum, Department of Computer Science, FC College,

Lahore
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
Review Types Defined in IEEE standard 1028

• Management review:
a systematic evaluation of a software product or process performed by or on behalf
of the management that monitors progress, confirms requirements and their system
allocation, or evaluates the effectiveness of the management approaches;
• Technical review:
a systematic evaluation of a software product by a team of qualified personnel that
examines the suitability of the software product for its intended use and identifies
discrepancies from specifications and standards;
• Inspection:
a visual examination of a software product to detect and identify software anomalies
including errors and deviations from standards and specifications;
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
Review Types Defined in IEEE standard 1028

• Walk-through:
a static analysis technique in which a designer/programmer leads members of the
development team and other interested parties through a software product, and the
participants ask questions and make comments about any anomalies, violation of
development standards, and other problems;
• Audit:
an independent assessment, by a third party, of a software product, a process or a set
of software processes to determine compliance with the specifications, standards,
contractual agreements, or other criteria.

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
Roles & Responsibilities
• Walk-through leader
• conduct the walk-through;
• handle the administrative tasks pertaining to the walk-through
(such as distributing documents and arranging the meeting);
• prepare the statement of objectives to guide the team through
the walkthrough;
• ensure that the team arrives at a decision or identified action for
each discussion item;
• issue the walk-through output.

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

Roles & Responsibilities

• Recorder
• ◦ note all decisions and identified actions arising during the walk-through
meeting;
• ◦ note all comments made during the walk-through that pertain to anomalies
found, questions of style, omissions, contradictions, suggestions for
improvement, or alternative approaches.
• Author
• ◦ present the software product in the walk-through.
• Team member
• ◦ adequately prepare for and actively participate in the walk-through;
• ◦ identify and describe anomalies in the software product
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
Inspection

• Michael Fagan, IBM, 1970s

• to increase the quality and productivity of software development.
• The purpose of the inspection, according to the IEEE 1028 standard, is to
detect and identify anomalies of a software product including errors and
deviations from standards and specifications.
• Throughout the development or maintenance process, developers
prepare written materials that have errors.
• more economical and efficient to detect and correct errors as soon as
possible.
Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore
 find and fix all defects in the
product;

Objectives of
Inspection find and fix all defects in the
development process that produces
the defects in a product (e.g.,
remove the causes of defects in the
product).

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore

Dr. Aasia Khanum, Department of Computer Science, FC College, Lahore