UNITVI:

SOFTWARE QUALITY
Planning Quality
Planning is the key to success. Planning helps you decide what’s most important to your project
and is one of the most critical aspects of quality management.

Quality planning is the method of deciding what’s most important to the project during
the planning stage, so we can make sure that everything goes according to plan. That includes
allocating resources needed to deliver the project, determining what you must take steps, and
specifying requirements that need to be met. You should integrate quality goals and plans at the
highest level with the organization's overall strategic plans. As organizational objectives and
strategies are deployed throughout the organization, each function fashions its best way of
contributing to top-level goals and objectives.

Quality plans assume their role at lower levels as actionable plans. It may take many different
forms depending on the outcome they produce. Quality plans may also be represented by more
than one type of document to produce a given result.

Why Is Quality Planning Important?

Quality planning is integral to project management because it helps you deliver a successful
project and keep your stakeholders happy.

A project manager sets standards for what makes a project successful and defines the steps to
reach those standards. Quality planning is only about the outcome, but it's part of the overall
planning phase. It affects costs, scheduling, and more. A project manager sets standards for a
project's success and defines steps to reach those standards.

Quality assurance is also essential during this phase. It includes audits, testing, and peer review,
among other things. All these activities are done with stakeholder interviews to understand their
expectations.

Defining Quality -ISO9016

ISO 9016 is not a standard related to defining quality. However, the ISO 9001 standard is well-
known for quality management systems. Below, I provide an overview of ISO 9001 and its
principles.
ISO 9001: Quality Management Systems

Overview

ISO 9001 is an international standard that specifies the requirements for a quality management
system (QMS). Organizations use the standard to demonstrate their ability to consistently
provide products and services that meet customer and regulatory requirements and to enhance
customer satisfaction through the effective application of the system.

Principles of ISO 9001

1. Customer Focus
o Understanding and meeting customer needs and expectations.
o Striving to exceed customer expectations.
2. Leadership
o Establishing unity of purpose and direction.
o Creating conditions in which people are engaged in achieving the organization’s quality
objectives.
3. Engagement of People
o Competent, empowered, and engaged people at all levels are essential to enhance an
organization’s capability to create and deliver value.
4. Process Approach
o Consistent and predictable results are achieved more effectively and efficiently when
activities are understood and managed as interrelated processes.
5. Improvement
o Successful organizations focus on continual improvement.
o Maintaining ongoing focus on improvement is necessary to maintain current
performance levels, to react to changes in internal and external conditions, and to
create new opportunities.
6. Evidence-Based Decision Making
o Decisions based on the analysis and evaluation of data and information are more likely
to produce desired results.
7. Relationship Management
o An organization and its interested parties (such as suppliers) are interdependent.
o Sustained success is more likely when an organization manages relationships with its
interested parties to optimize their impact on its performance.

Key Components of ISO 9001

1. Context of the Organization

o Understanding the organizational context, needs, and expectations of interested
parties.
2. Leadership
o Top management's commitment and accountability for the QMS.
3. Planning
o Addressing risks and opportunities.
o Setting quality objectives.
 4. Support
o Providing resources.
o Ensuring competence and awareness.
o Maintaining documented information.
5. Operation
o Planning, controlling, and delivering processes to meet quality requirements.
6. Performance Evaluation
o Monitoring, measurement, analysis, and evaluation.
o Internal audits and management reviews.
7. Improvement
o Continual improvement of the QMS.
o Managing nonconformities and corrective actions.

Certification

Organizations can become ISO 9001 certified by undergoing a certification audit conducted by
an accredited certification body. This process includes:

1. Gap Analysis (optional)

o Identifying areas where the organization's current QMS does not meet ISO 9001
requirements.
2. Stage 1 Audit
o A preliminary review of the QMS documentation and readiness for the Stage 2 audit.
3. Stage 2 Audit
o An in-depth evaluation of the QMS implementation and effectiveness.
4. Certification
o Issuance of the ISO 9001 certificate upon successful completion of the Stage 2 audit.
5. Surveillance Audits
o Periodic audits to ensure ongoing compliance with ISO 9001.
6. Recertification
o A full audit every three years to renew the certification.

By adhering to ISO 9001, organizations can improve their processes, enhance customer
satisfaction, and achieve sustainable business success.

Quality Measures
Customer satisfaction
- customer satisfaction means that customer expectations are met
- A company needs to measure customer satisfaction as it directly impacts quality
metrics.

Quality planning
- A good quality management plan starts with a clear definition of the goal of the project.
 - sets the quality standards for a given project, can help define what quality means for your
project and outline a methodology to ensure ...
- involves defining the quality standards and determining the necessary processes and
resources to meet them.

Investment
- Investment is traditionally defined as the "commitment of resources to achieve later
benefits".
- Return on investment. The amount of time you need to spend on a single project is
incredibly important when measuring the ROI
-
Cost
- ACTUAL COST. Actual Cost KPI tells you how much money your team has actually
spent on the project.
- Earned value is also called Budgeted Cost of Work Performed (BCWP). This metric
provides a reality check during the process of a project. Earned Value (EV) = % ...
- Cost: Projects are bound by budgets. Maintaining the quality of a project without
increasing its cost is a significant challenge. Quality: This is about the ...

Cost performance
- Cost Performance Index (CPI) The Cost Performance Index allows you to optimize
spending by measuring the value of work completed compared to the actual cost ...
- Cost Performance. Your cost-efficiency metric is called the Cost Performance Index
(CPI). To determine your CPI, simply divide the value of work performed ...
- Cost Performance Index: Compares the budgeted cost of the work you've accomplished
so far to the actual amount spent.

Defining quality assurance activities

- Quality assurance provides evidence to stakeholders that all quality-
related activities are being done as defined and promised. It ensures safeguards are in ...
- Quality assurance activities include audits, peer reviews, and process analysis. Sample
checklist for quality assurance in project management: Review Process ...

Engage stakeholders
- Engage stakeholders. Regularly communicate with stakeholders about quality
expectations and updates, scheduling briefings, standups, and workshops to keep ...
- Stakeholder Satisfaction: This measures the satisfaction levels of
all stakeholders involved in the project, not just the clients or customers. It's important ...

Outcome quality
- Quality management is a crucial aspect of any project, as it ensures that the deliverables
meet the expectations and requirements of the stakeholders.
- It takes patience and strong organizational skills to deliver top-tier results. But by
practicing effective project quality management (PQM), managers can boost ...
 -
Process metrics

- Process Metrics. Process quality indicators are used to assess how well your processes
work in general.
- This process includes developing a quality management plan, identifying relevant
quality metrics, and establishing quality control and quality assurance ...
- Quality metrics are quantifiable measures used to assess the performance, effectiveness,
and overall quality of a product, process, service, or system.

Quality
- Quality assurance. Quality assurance provides evidence to stakeholders that all quality-
related activities are being done as defined and promised.
- Stakeholders play a crucial role in defining quality standards for a project. Their roles are

Cost of quality
- Basically, the cost of quality is the amount of money that a company loses from poor
products or services.
- Cost of quality: It is a measure of the performance of quality initiatives in an
organization. It's expressed in monetary terms.

Defect rate
- Defect Rate. The defect rate measures the number of defects discovered per unit of
work, and a high defect rate indicates issues in the development
- Defect prevention: Quality management also aims at defect prevention. It's not about
finding and fixing problems but designing the project's

Employee satisfaction
- An Employee Satisfaction Index (ESI) is designed to help you determine the morale
levels of your employees
- In addition to client satisfaction, you can measure your internal team's satisfaction with
a project to determine its success.

Flowcharts
 - Flowcharts visually represent a process, detailing every step involved. A common type is
the swimlane diagram, which segments a process

Performance measurement
- Performance measurement is the process of collecting, analyzing and/or reporting
information regarding the performance of an individual, group, organization, system or
component.
- Quality metrics are quantifiable measures used to assess the performance, effectiveness,
and overall quality of a product, process, service, or system.

Productivity
- There are other productivity metrics available to you, which include the number of lines
of code produced per employee or the number of projects completed
- Productivity shows the relationship between inputs and outputs.

Requirement definition
- Stakeholders play a crucial role in defining quality standards for a project.

Quantitative Quality Management Planning

Quantitative Quality Management A good quality management approach should provide warning
signs early in the project and not only towards the end, when the options available are limited.
Early warnings will allow timely intervention. For this, it is essential to predict values of some
parameters at different stages in the project such that controlling these parameters in project
execution will ensure that the final product has the desired quality. If these predictions can be
made, then the actual data during the execution of the process can be used to judge whether the
process has been effectively applied. With this approach, a defect detection process does not
finish by the declaration that the process has been executed – the data from process execution is
used to ensure that the process has been performed in a manner that its full potential has been
exploited.

The effectiveness of this approach depends on how well can we predict the defect levels at
different stages of the project. At Infosys, defect patterns observed in past projects are used for
predicting defect levels.
Through this approach, phase-wise control can be established. However, this level of control is
too “macro” for a project as a phase is too large an activity, and a finer or more “micro” control
is needed such that corrective and preventive actions can be taken quickly. This is achieved by
employing SPC technique to the two quality control activities that detect the maximum defects –
reviews and unit testing. For employing SPC, based on past data, control limits are established
for key parameters like defect density, coverage rate, etc.

Product Quality &Process Quality Metrics

Software quality metrics are a subset of software metrics that focus on the quality aspects of the
product, process, and project.

Software quality metrics can be further divided into three categories

 Product quality metrics

 In-process quality metrics
 Maintenance quality metrics

Product Quality Metrics

This metrics include the following −

 Mean Time to Failure

 Defect Density
 Customer Problems
 Customer Satisfaction

Mean Time to Failure

It is the time between failures. This metric is mostly used with safety critical systems such as the
airline traffic control systems, avionics, and weapons.
Defect Density
It measures the defects relative to the software size expressed as lines of code or function point,
etc. i.e., it measures code quality per unit. This metric is used in many commercial software
systems.
Customer Problems
It measures the problems that customers encounter when using the product. It contains the
customer’s perspective towards the problem space of the software, which includes the non-defect
oriented problems together with the defect problems.
The problems metric is usually expressed in terms of Problems per User-Month (PUM).
PUM = Total Problems that customers reported (true defect and non-defect oriented
problems) for a time period + Total number of license months of the software during
the period

Where,

Number of license-month of the software = Number of install license of the software ×

Number of months in the calculation period

PUM is usually calculated for each month after the software is released to the market, and also
for monthly averages by year.

Customer Satisfaction

Customer satisfaction is often measured by customer survey data through the five-point scale −

 Very satisfied
 Satisfied
 Neutral
 Dissatisfied
 Very dissatisfied

Satisfaction with the overall quality of the product and its specific dimensions is usually obtained
through various methods of customer surveys. Based on the five-point-scale data, several metrics
with slight variations can be constructed and used, depending on the purpose of analysis. For
example −

 Percent of completely satisfied customers

 Percent of satisfied customers
 Percent of dis-satisfied customers
 Percent of non-satisfied customers

Usually, this percent satisfaction is used.

In-process Quality Metrics

In-process quality metrics deals with the tracking of defect arrival during formal machine testing
for some organizations. This metric includes −
  Defect density during machine testing
 Defect arrival pattern during machine testing
 Phase-based defect removal pattern
 Defect removal effectiveness

Defect density during machine testing

Defect rate during formal machine testing (testing after code is integrated into the system library)
is correlated with the defect rate in the field. Higher defect rates found during testing is an
indicator that the software has experienced higher error injection during its development process,
unless the higher testing defect rate is due to an extraordinary testing effort.

This simple metric of defects per KLOC or function point is a good indicator of quality, while
the software is still being tested. It is especially useful to monitor subsequent releases of a
product in the same development organization.

Defect arrival pattern during machine testing

The overall defect density during testing will provide only the summary of the defects. The
pattern of defect arrivals gives more information about different quality levels in the field. It
includes the following −

 The defect arrivals or defects reported during the testing phase by time interval (e.g.,
week). Here all of which will not be valid defects.
 The pattern of valid defect arrivals when problem determination is done on the reported
problems. This is the true defect pattern.
 The pattern of defect backlog overtime. This metric is needed because development
organizations cannot investigate and fix all the reported problems immediately. This is a
workload statement as well as a quality statement. If the defect backlog is large at the end
of the development cycle and a lot of fixes have yet to be integrated into the system, the
stability of the system (hence its quality) will be affected. Retesting (regression test) is
needed to ensure that targeted product quality levels are reached.

Phase-based defect removal pattern

This is an extension of the defect density metric during testing. In addition to testing, it tracks the
defects at all phases of the development cycle, including the design reviews, code inspections,
and formal verifications before testing.

Because a large percentage of programming defects is related to design problems, conducting

formal reviews, or functional verifications to enhance the defect removal capability of the
process at the front-end reduces error in the software. The pattern of phase-based defect removal
reflects the overall defect removal ability of the development process.
With regard to the metrics for the design and coding phases, in addition to defect rates, many
development organizations use metrics such as inspection coverage and inspection effort for in-
process quality management.

Defect removal effectiveness

It can be defined as follows

DRE=DefectremovedduringadevelopmentphaseDefectslatentintheproduct×100%𝐷𝑅𝐸=𝐷𝑒𝑓𝑒𝑐𝑡𝑟
𝑒𝑚𝑜𝑣𝑒𝑑𝑑𝑢𝑟𝑖𝑛𝑔𝑎𝑑𝑒𝑣𝑒𝑙𝑜𝑝𝑚𝑒𝑛𝑡𝑝ℎ𝑎𝑠𝑒𝐷𝑒𝑓𝑒𝑐𝑡𝑠𝑙𝑎𝑡𝑒𝑛𝑡𝑖𝑛𝑡ℎ𝑒𝑝𝑟𝑜𝑑𝑢𝑐𝑡×100%

Statistical Process Control Capability Maturity Model

The Statistical Process Control (SPC) Capability Maturity Model (CMM) is a framework that
helps organizations assess their maturity in implementing and using SPC to improve process
quality and efficiency. The model outlines various levels of maturity, each representing the
extent to which SPC techniques are integrated into the organization's processes and culture.
Here's an overview of a typical SPC Capability Maturity Model:

Level 1: Initial (Ad Hoc)

 Characteristics:
o Processes are unpredictable and poorly controlled.
o SPC is not systematically applied.
o There may be isolated efforts to use control charts, but they are inconsistent and
not well understood.
o Data collection and analysis are sporadic.
 Focus:
o Awareness of SPC concepts.
o Initial, unstructured efforts to apply SPC tools.

Level 2: Managed (Repeatable)

 Characteristics:
o Basic processes are established and can be repeated.
o SPC tools like control charts are used more consistently for key processes.
o Data collection is more systematic, but still limited to critical areas.
o There is an understanding of process variation, but control is limited.
 Focus:
o Training on basic SPC techniques.
o Establishing consistent data collection methods.
o Starting to control process variation.
Level 3: Defined

 Characteristics:
o Processes are well-defined and documented.
o SPC methods are standardized and integrated into processes.
o Control charts are used regularly to monitor process performance.
o Data-driven decision-making is common.
o There is a culture of continuous improvement.
 Focus:
o Formalizing SPC procedures and documentation.
o Expanding SPC usage across more processes.
o Enhancing staff competency in SPC.

Level 4: Quantitatively Managed

 Characteristics:
o Processes are quantitatively understood and controlled.
o SPC is a critical part of the quality management system.
o Advanced statistical methods (e.g., process capability analysis, Six Sigma) are
used.
o Processes are optimized based on quantitative data.
o There is proactive identification and mitigation of process variability.
 Focus:
o Advanced training in statistical methods.
o Integrating SPC with other quality improvement methodologies.
o Using SPC data to drive process optimization.

Level 5: Optimizing

 Characteristics:
o Continuous process improvement is embedded in the organizational culture.
o SPC data is used in real-time to drive decision-making and improvements.
o Predictive analytics and advanced quality tools (e.g., machine learning) are
employed.
o There is a focus on innovation and sustaining high levels of process performance.
 Focus:
o Leveraging advanced technologies for real-time SPC.
o Fostering a culture of innovation and continuous improvement.
o Ensuring sustainability and scalability of process improvements.

Implementing the SPC Capability Maturity Model

1. Assessment: Evaluate the current maturity level of your organization using the model.
2. Planning: Develop a roadmap to move from the current level to the next, identifying key
actions and milestones.
 3. Training: Provide targeted training to staff at all levels to build SPC knowledge and
skills.
4. Integration: Gradually integrate SPC tools and techniques into daily operations.
5. Monitoring: Use regular audits and reviews to monitor progress and ensure continuous
improvement.

Benefits of the SPC Capability Maturity Model

 Improved Process Quality: Systematic use of SPC leads to more predictable and higher-
quality processes.
 Data-Driven Decisions: Organizations can make more informed decisions based on
reliable process data.
 Continuous Improvement: The model fosters a culture of ongoing improvement and
innovation.
 Competitive Advantage: Higher maturity levels can lead to better product quality,
reduced waste, and increased customer satisfaction.

By following the SPC Capability Maturity Model, organizations can systematically enhance their
process control capabilities, leading to better quality management and overall operational
excellence.

Enhancing software Quality

Enhancing software quality is a multifaceted endeavor that involves implementing best practices
across various stages of the software development lifecycle. Here are some key strategies to
enhance software quality:

1. Requirements Analysis and Specification

 Clear Requirements: Ensure requirements are well-defined, clear, and unambiguous.

Use techniques like user stories, use cases, and requirement specifications.
 Stakeholder Involvement: Involve stakeholders early and continuously to ensure
requirements meet business needs.

2. Design

 Architecture Design: Develop a robust architecture that can handle future changes and
scalability.
 Design Patterns: Utilize design patterns and principles (like SOLID) to create a
maintainable and scalable design.
 Code Reviews: Conduct design reviews to catch flaws early.
3. Coding Standards

 Coding Guidelines: Establish and adhere to coding standards and guidelines to ensure
consistency.
 Static Code Analysis: Use tools for static code analysis to catch issues early in the
development process.

4. Testing

 Unit Testing: Implement comprehensive unit tests to verify the smallest parts of the
application.
 Integration Testing: Ensure components work together as expected.
 System Testing: Validate the complete and integrated software product.
 Automated Testing: Automate regression tests to quickly detect new bugs in existing
functionality.
 Continuous Testing: Integrate testing into the CI/CD pipeline to catch issues early and
often.

5. Quality Assurance (QA) Processes

 QA Teams: Employ dedicated QA teams to perform manual and automated testing.

 Test Plans and Strategies: Develop thorough test plans and strategies covering all
aspects of testing (functional, non-functional, performance, security).
 Defect Tracking: Use defect tracking tools to manage and prioritize issues.

6. Continuous Integration and Continuous Deployment (CI/CD)

 CI/CD Pipelines: Implement CI/CD pipelines to automate the build, test, and
deployment processes.
 Frequent Releases: Release frequently to catch issues early and get faster feedback.

7. Code Reviews and Pair Programming

 Code Reviews: Conduct regular code reviews to ensure code quality, share knowledge,
and improve collaboration.
 Pair Programming: Practice pair programming to enhance code quality and knowledge
sharing.

8. Documentation

 Documentation Standards: Maintain proper documentation for code, design, and user
manuals.
 API Documentation: Ensure APIs are well-documented for ease of use and integration.
9. Training and Knowledge Sharing

 Continuous Learning: Invest in training and development for the team to keep up with
the latest best practices and technologies.
 Knowledge Sharing: Encourage knowledge sharing through brown bag sessions, internal
wikis, and code reviews.

10. User Feedback and Maintenance

 User Feedback: Collect and act on user feedback to continuously improve the software.
 Maintenance: Regularly update and maintain the software to fix bugs, improve
performance, and add new features.

11. Security

 Security Best Practices: Follow security best practices and conduct regular security
audits.
 Penetration Testing: Perform penetration testing to identify and address vulnerabilities.

12. Performance Optimization

 Performance Testing: Conduct performance testing to ensure the software can handle
the expected load.
 Optimization: Continuously monitor and optimize the software for performance.

Tools and Technologies

Utilize various tools and technologies to support these practices:

 Version Control: Git, SVN

 CI/CD Tools: Jenkins, GitLab CI, CircleCI
 Testing Frameworks: JUnit, Selenium, TestNG
 Code Quality Tools: SonarQube, ESLint, PMD
 Documentation Tools: Javadoc, Swagger
 Monitoring Tools: New Relic, Nagios

By implementing these strategies, software quality can be significantly enhanced, leading to

more reliable, maintainable, and user-friendly applications.