Software Engineering

Short Questions with

What is risk?
Answers
Answer

risk is any anticipated unfavorable event or

A
ciICumstance that can 0ccur while a project is undertaking.
02. What are the three phases of risk
Answer :
management?
Risk identification
2 Risk projection
Risk refinement.
Q3. What is risk management?
Answer :

Itis the proess of anticipating hurdles in canying out the original p.an and providing alternate plans so that
the impact on the originally anticipated final outcome is minimal.
Q4. What is RMMM?
Answer:
RMMM stands for risk mitigation, monitoringand management.
Q5. What are objectives of RMMM plan?
Answer :

To identify whether risks that are measured do occur really during the project execution.
2. To confirm, whether steps that are defined to reduce the risk are applied in proper manner.
3 To collect he required information for future risk analysis.
Q6. Define risk refinement?
Answer :
Risk refinement is a process of refining the already stated risk definition and representing it in a more
detailed from.
Q7. Explain risk projection?
Answer :
1. Developameasure using which probability of existence of a risk can beknoum
2 Depict the outcomes of risk.
3 ninct tho ofects which can be observed on both the project as well as the end product which is
being developed.
Finally measured the appropriateness of the risk proiection
4.
V8. Discuss the importance of quality assurance.
Answer :
Ouality Assurance(QA) is the activity wherecertainauditng andreportingfunctions are performod inorder
control activities
quality
Oassess the completeness and effectiveness of
Importance
It helps in defining ways in which S/W
quality can beachieved

book is a CRIMINAL Act. Anyone found guilty is LIABI Eto face LEGAL
:Xerox/Photocopying of thls
Warring: proceedings
 Software Engineering
2 t helps
development organizations to examine whether the required quality level has been 5.4
3.
not.

It helps to reduce the amount of rework that will

achieved or
result to lower cOStS.
4. Quality Assurance look Software from customer's point of view and hence
professionals act as
representatives, their
Q9. Discuss the quality
conformance.
Answer:
It is the degree to which the specifications are followed during manufacturing. If the
conformance is more than it indicates design
higher quality. degree of
Along with quality of design and quality of conformance, customers' satisfaction is very important factori
any software product.
According to Robert glass - an authority in software field.
User satisfaction = Compliant product+ Good quality + Delivery within budget.
Q10. Define the quality control.
Answer :
Quality control is a process in which activities are conducted in order to maintain the quality of product.
These activities are series of inspections, reviews and tests used throughout the S/W processes.
Q11. What is definition of quality assurance?
Answer :

It is planned and systematic pattern of activities necessary to provide a high degree of confidence in the
quality of a product. It provides quality assessment of the quality control activities and determines the validity of
the dataor procedures for determining quality.
Q12. What are the activities of SQA.
Answer :
SQA tasks are associated with
(a) Software engineers
(Responsible for developing the product)
(b) SQA group
(Responsible for performing quality assurance planning, oversight, record keepina, analysis and
reporting).
Q13. What is Six Sigma?
Answer :
Six sigma is widely used statistical SQA strategy. It is a business driven approach to process improvement.
redued costs and increased profit.

Define Measure Analyze

Improve Control
Figure: Six sigma frame work

Q14. What is software reliability?

Answer :
of failure free operation of a computer programin a environment
It is defined as the probability
specifiedtime.
specified
ora
wingof this book is aCRIMINAL Act. Anyone found guity edings
 5.5
Howto measure Software Engineering
o15. the reliability and
Answer:
availability.
Reliability
MTBF- Mean-1ime-between-failure is a simple measure of S/Wreliability which can be calculated s.

MTBF = MTTF + MTTR

MTTF ’ Mean - Time - To - Failure
MTTR ’ Mean - Time - To - Repai.
Availability

Availability = (MTTF / (MTTF + MTTR)) *100%

Q16. Define quality 'standard.
Answer:
systems. It focuses on
IS09001:2000 is a quality assurance standard which is applied to S/W engineering
management systems.
process flows, customers satisfaction, and the continual improvement of quality
Q17. What is statistical SQA?
Answer:
in the S/W can be made in order to improve those
It is a simple concept which represents that changes
elements of the process that introduce error.

Q18. What are the types of risks?

Answer:
1. Project risk.
2. Technical risk

3. Business risk
quality.
Q19. Define ISO 9000standard
Answer:
by thrid - party auditors for a compliance to the
In ISO9000 quality system and operations are scrutinized
called registration to ISO 9000,
standard and effectie operation. Thisprocess is
FTR?
Q20. What are the objectives of
Answer:
Objectives
logic, functions.
FTR is useful to uncover errors
meets specified requirement.
2 Pupose of FTR is to ensure that SAW
 Essay
5,1 RISK MANAGEMENT
Questions with Answers
Q Explain the reactive and proactive risk
Answer: strategies.
Definition of Risk
It
denotes the uncertainty that may occur in the choices due to past actions and risk is
causes heavy losses.
Definition of Risk Management
something whc
It refers to the process of
making decisions based on an evaluation of the factors thatthreats to the
Various activities of risk
management - busines
1. Risk identification
2. Risk projection
3. Risk refinement
4. Risk mitigation, monitoring and
Reactive Risk Strategy
management.
(a) It is risk management is a risk management strategy in which when project gets into trouble then or,
corrective action is taken. But when such risks can not be managed and new risks come up one ater t
other, the software team flies into action in an attempt to
called "firefighting" activities. correct problems rapidly. These activities are
(b) Resources are utilized to manage such risks. And if still the risks do not
danger. get managed then projectsr
(c) In this strategy no preventive care is taken
about the risks. They are handled only on their
(d) This is an older approach of risk management.
ocCurrences
Proactive Risk Strategy
(a) Proactive risk management strategy
begins betore the technical acti ity by considering the
(b) In this strategy potential risks are identified first probabie ris
then their probabil1ty and impact is
(c) Theobiective of this strategy is to avoid anakzed
the risks. But it is not pOss ble to avoid all
prepares the risk management plan in such a manner that risk the risks. hence te2
cont1 olling can done efficientu
d) This is an intelligent strategy for risk managenent and
now a day it is used by
Q2. Explain the different categories of risks. mosttof the IT industres
Answer :
There are two chara teristics of the risks

1 The risk may c may not happen. It snows the

uncertainty of the riske
2 When risks oc ur, unwanted consequences or losses will oreu,
ifferent types of risk
Project risk
It arise in the softwar: development process 'hen they b scally affect budoet. schedule staffng rescure
Decorne severe th n
and requirements. when project risks the total cost of
Photocopying of trs book n a CRIMINAL Act Anyone found
project gets increased
is
5.7 Software Engineering
Technical risk
It affect quality and timeliness of the project. If technical risks become reality
then potential design
implementation, interface,verification and maintenance problems qets created. Technical risks occur when
problem becomes harder to solve.
Business risk
3
When teasibility of software product is in suspect then business risks occur. Business risks can be further
categorized as:
a Market risk: When a quality software product is built but if there is no customer for this product.
b) Strategic risk: When a product is built and if it is not following the company's business policies then
such a product brings strategic risks.
c) Sales risk: When a product is built but how to sell is not clear then such a situation brings sales risk.
d) Management risk: When senior management or the responsible staff leaves the organization then
management risk occurs.
e) Budget risk: Losing the overall budget of the project is called budget risk.
Risks

Technical risk Business risk

Project risk
Market

Strategic
Sales

Management
Budget
Known risks are those risk that are identified after
Another categorization of risk proposed by Charette is -
evaluating the project plan.
There are two types
1. Predictable risks

2. Unpredictable risks
identificaiton.
Q3. Explain about risk
Answer: project plan.
eftorts taken tospecity threats to the
Risk identification can be defined as the predictable risks
identification can be done by identitying the known and
Risks
h.ased on two ápproaches
The risk identification is identification to software proiect
Generic risk identification: It includes potential threat
1.
identification: It includes product specific threat identification by
Product-specific risk
and working environment in which the product gets built.
understanding peop.e, technology
2.
managr who follows following steps -
ation is done by the project
Normally therisk identific em check ist
Step 1 : Preparation of risk CW
owing k. cand predictable components
ide. Lied using
The risk items can be
i) Product size
Bsresimpact
ii) CRIMINAL L t Anyone fo:und guity is JABLE to face LEGAL proceedings
is a
copying of tt is book
: Xerox/Photo
Warning
 Software Engineering A5.5
ii) Customer characteristics
IV) Process definition
v) Development environment
vi) Staff size and experience
vii) Technology to be built
After preparing a risk item checklist a questionnaire is prepared.
Step 2: Creating risk components and drivers list.
The set of risk components and drivers list is prepared along with their probability of occurrence. The.
their impact on the project can be analysed.
Risk Components and Drivers
a) Performance risk : It is the degree of uncer-tainty that the product willsatisty the requirements
b) Cost risk:Itis the degree of uncertainty that the project willmaintain the budget.
c) Support risk : It is thedegree of uncertainty that the software project being developed will be easy to
correct, modify or adapt.
Schedule risk: It is the degree of uncertainty that the software project will maintain the schedule andthe
project will be delivered in time.
Perfomance Cost risk
risk

Risk
components
Support Schedule risk
risk

Figure: Components of Risk

Associated with these components are the risk drivers that are used to analyse the impact of risk. Thes
four risk drivers are listed below.

Negligible Marginal Critical Catastrophic

Howto acess overallproject risk means, the best approach is to prepare a set of questions that can be
answered by project managers in order to assess the overallproject risks.
These questions are
1 Willthe project get proper support bythe customer manager ?
2. Are the end-users committed to the software that has been produced ?
3 Is there a clear understanding of requirements ?
4 Is project scope stable ?
5. Are there team members with required skills ?
6. Are project requirements stable?
Q4. Explain about the risk projection.
Answer:
estimation.
The risk projection is also called risk
There are two ways by which risk can be rated

Probability that the

Consequences of problem
risk is real
Associated with the risk
CRIMINAL Act.
Xerox/Photocopying of this book is a Anyone found guilty is LIABLE to procotings
Warning : face LEGAL
9 Software Engineering
The project planner, technical staff, project manager performs followingsteps to perform
rriskprojection following steps
Fstablish a scale that indicates the probability of risk being real.
Enlist the consequences of the risk.
Estimate the impact of the risk on the project and product.
Maintain the overall accuracyof the risk projection in orderto have clear understanding of the software
that is to be built.
ulding a Risk Table
Building the risk table is the simplest and most commonly used technique adopted by project managers in
order to project the risks.
Risk Category Probability Impact RMMM

Is the skilled staff available Staff 50 % Catastrophic

Is that the team size sufficient Staff 62% Critical
Have the staff received sufficient training Staff 25% Marginal
Willtechnology meet the expectations Technology 30% Critical
Is the software management tool available Environment 40 % Negligible
How much amount of reused software is Project size 60% Marginal
required?
Customer 20 % Critical
Willcustomer change the requirement?

While building the risk table

1. The project team first of all enlists all probable risks with the help of risk item checklist.
2. Each risk is then categorized.
Project size
b) Techrnology
c) Customer
d) Staff
e Business
Developing environment.
3.
After building this table it is then sorted by probability and impact called first-order prioritization.
4. Then the project manager goes through this first-order prioritized risk table and draws a horizontal line at
somepoint in the table.
5
The risk table below thecut off line is again sorted and a second-order prioritization is applied on this table

Assessing Risk Impact

factors are considered
While assessingthe risks impact three
1 Nature of risk
2 Scope of the risk
3 Timing at which risk occurs.
Risk exposure
It can be calculated by
occurence of risk x cost|
Risk explouser = Probabilityof
Act. Anyone found guilty is LIABLE to face LEGAL proceedings
this book is a CRIMINAL
: Xerox/Photocopying of
Warning
 Software Engineering 5.10
Q5. Explain about the refinement and RMMM. 2 The deqree in whichthe tearm perforns with the
oirt of "Team work
Answer
3 The type of co operation among the team
Risk Refinement
members.
It is a process of specifyinq the isk in more detail The types of problerns that are occurring
The risk refinement can be represented using CTO
format suggested by DPGIuch Availability of jobs within and outsido a
The CTC stands for condition transition orqanization

consequence The condition is first stated and thern Risk managemnent

based on this condition sub conditions can be derived.
Then delermine the effects of these sub conditions in Project manager performs this task when risl
order to refine the risk This refinement helps in exposing becomes areality. If project manager is successtul in
the underlying risks. This approach makes it easier for applyinq the project mitigation effectively then t
becomes very uch easy to manage the risks.
the project manager to analyw the risk in qreater detail.
RMMM Q6. Explain about process risks.
It stands for risk mitiqation, monitoring and Answer :
manaqement. There are three issues in strategy for
handling the risk is Process Risk
1 Risk avoidance
Risk encountered when to software engineering
2 Risk monitoring process is not defined in accordance to the required
3 Risk management. specification or when the design and testing are not
performed in the planned fashion.
Risk mitigation
The probability occurrences of process risks is
It means preventing the risks to occur (risk 40% and its impact on the organizations is marginal
avoidance). due to which there is less reduction in technical
Following are the steps to be taken for mitigating performance. However, if process risk is high, then the
the risks. risk associated with the product development is also
high.
Communicate with the concerned staff to find
of probatble risk. The following are certain risk item issues
2 Find out and eliminate allthose causes that can considered with respect to process risk.
create risk before the project starts. Is there a document developed that
description about the software processspecifies
the
3 Develop apolicy in an organization. to be ueu
4 Everybody in the project team should be acqu within the project?
ainted with the current development activity. 2.
Does the team member perform the sottwate
Maintain the coresponding documents in timely process in accordance to the
specification. documented
manner.
3
Conduct timely reviews in order to speed up the Are the RTR
being performed reqularly by
work.
4
developed and testing team.
7 For conducting every critical activity during Are the results of FTR documented such thatit
software development, provide the additional include both the defects encountered andthe
staff if required resotces used
Risk Monitoring Isthee a need of confiquration management lor
In risk monitoring process following things ust maintaining
System. consistency with the project
the

be monitored by the project manager:

the behaviour of the team Is there a
The approach or need of a controlling
varies.
members aspresSure of project
the
modification don withmechanism
requirements
arning : Xerox/Photocopying ofthis book is a CRIMINAL Act. Anyone found guilty isthat can
respect t
for enduuse
tothe product
effect the overal
 Software Engineering
Distinguish between generic risk and product specific risks.
nsWer:

Generic Risks Production specific risks

1 It essential threat to every software project It essential threat that is specific to software project
2 It can be identified easily. It can be identified by examining of project plan
and software slope.
constraints about
3 It occurs due to uncertainties involved in It occurs due to conditions and
organization
accessory or estimating various inputs resources customers and lack of
to the software process. support
understand.
4. Are simple to understand. Product specific risks are difficult to

5.2 QUALITY MANAGEMENT

8. Explain different types of cost of quality.
Answer:

Quality
requirements, explicitly
stated functional and performanceprofessionally
It defined as "the conformance to explicitlycharacteristics that are expected of all develc |ed
documented development standards, and implicit
software.
There are two types
1 Quality of design
2 Quality of conformance
1. Quality of design
specified for the designer.
It is the characteristics of the item which is
2. Quality of conformance
specifications are followed during nmanufacturing. If
Quality conformance is the degree to which the design
indicates higher quality.
the degree of conformance is more then it
software field.
According to Robert Glass - an authority in
User satisfication= Complain product + Good + Delivery within budget.
Quality Control aciri.jes
in order to maintain the quality of product. Tnese
It is aprocess in which activities areconducted process.
tests used throughout the software
are series of inspections, reviews and tion
it can be completely manual or itcan t a cumbin
The guality control activities can be fuly automated or
procedures.
of automated tools and manual
Quality Assurance
necessary to provide a high degree of cunfidence i the
It is planned and systematic pattern of activities
assessment of the quality control activities and terroinE, evaiditu ) the
quality of a product. Itprovides quali
determining quality.
data or procedures for
Cost of Quality ity
the quality in the produc and :T cor uct the qu
It can be defined as the total cost required to obtain
related activities.
comporienrs such as:
The cost of quality has various
fo mal technical reviews test enuinm nt
1 Prevention cost: It required for conducting quality planning,
and training
bc.ok is a CRIN NAL Act. An,one found guilty is LIABLE to r. ce i GAL proce. rgs
V hotocopying of this
 Software Engineering
2. Appraisal cost: It required for gaining the insight intothe product. It includes the cost
5.12
process and inter process inspection, maintenance and testing. required for in:
3. Failure cost: It means the cost required to removethe defects inthe software product before
to customer. delivering it
There are two types
(a) Internal failure cost: It is nothing but the cost of defects occurred in the product before
it to customer.
delivering
(b) External failure cost: Defects occurred in the product after delivering it to the customer.

Prevention Failure
cost cost

Appraisal
Cost Internal External

Figure: Cost of Quality

Q9. What are the activities of SQA?
Answer:
SQA
There are three main reasons for why software quality gets failes.
1 Software requirements must be well understood before the software development process begins.
2 Similar to explicit requirements it is also essential to understand the implicit requirements of the software.
3. The set of development criteria has to be decided in order to specify the standards of the product.
SQA activities

SW engineers SQA group

(Responsible for (Responsible for perfoming
developing the product) Quality assurance planning.
Oversight, record keeping.
analysis reporting.
1. repare an SQA Plan for a Project
ASOAplan isdeveloped while planning the Project. Quality
indicated in this plan. This plan basically assurance activities are conductedthat are
1. ldentifies evaluations to be performed.
2. Audits and reviews to be pertormed, Standards that should be
adopted for the nroioct
3 Procedures for error reporting and tracking.

4 It also specifies documents to be produced by SOA ooun

Amount of feedback provided to the software project team
5.
Warning: Xerox/Photocopying of this book is a CRIMINAL Act. Anyone ound guilty is
LIABLE to ace LE
3 SoftwareEngineering
Participates in the development of the project's software process description.
Theprocess selected by the software team is reviewed bythe SQA group. This review is for
a Process description to ensure that it follows the organizational policy.
b) Internal software standards.
Some standards that are adopted by the organization.
Reviews software engineering activities to verify compliance with the defined software process
The SQA group identifies and documents the processes. The group also verifies the correctness of software
process.
software
Audits designated software work products to verify compliance with those defined as part of the
process.

The SQA group performs following tasks

(a) Reviews selected work product
(b) ldentifies the process
(c) Documents them
(d) Tracks deviations
(e) Verifies the correctness made in the processes
manager.
Regular reporting of results of its work to the project
Ensure the deviations in software work.
management.
Records anynoncompliance and reports to senior
review?
10. What is the need of Software
swer:

bftware Review
process. Such reviews are applied at various points
Software reviews are filter to software engineering and defects that can
objective of software reviews is to uncover erors
aring softwaredevelopment life cycle. The
removed.

The software reviews are

conducted for following reasons
or team.
improvements in the product of a single person
a) Point out needed
improvement is not desired.
parts of the product in which
b) Confirm those order to
can be achieved without reviews, in
Achieve technical work of more uniform quality than
c) manageable.
make technical work more
be conducted.
by which software review can
There are three different ways
Informal meeting
Formal presentations
(FTR)
Formal Technical Reviews
defect amplificaiton model.
1. Discuss about the
Answer : illustrate the generation and detection of errors during the
model can be used to
Adefect amplification
steps in the softuware engineering process.
to face LEGAL proceedings
CRIMINAL Act. Anyone found guilty LIABLE
is
this book is a
Kerox/Photocopying of
Warning :
Software Engineering
This model is as given below - 5.14
SW development phase 1
2
Defects Detection
3

Erors from Erors passe. through Percent

Previous step efficiency Errors passed
for 5
Amplified erors 1: x to next step
error

Newly generated detection

erors

Figure
In this model the outer box indicates the software development stage. This bOX iS partitioned into two
categories, defects and detection of errors. Under the defect column we list out number of errors. Errors can be
those coming from previous stage or it could be newly generated errors.
The previous errors can be those that are passed through errors as well as the amplified errors. The eor
amplification factor is denoted by x.

Erors passed
Prelim.design phase through
Erors
from Detailed design phase
previous 10 6
0% 6
stages Testing phase
4 × 1.5 0%
37 10
10 10

25 27 27 x 3 20%
Amplified Errors
erors Newly detected
generated 25
errors

From prelim design stage

10errors are moving to
next 'Detailed design stage'
out of which 6 eror are
passed through and 4 eors
are amplified errors
with arnp. Factor
X = 1.5

Figure
Q12. Explain briefly on the following with respect to FTR.
a) Review Guidelines
b) Sample Driven Reviews
Answer :
Review Guideline
(a)
Guidelines for the conducting of formal technical reviews must be establishedin advance Thi gudeine
reviewers, agreed upon, and then followed.
must be distributed |to all
a
XeroxPhotocopying of this bookis CRIMINAL Act. Anyone found guitty is LABLE to face proceedr
Warring: LEGAL
 Software Engineering
Sor example -Guideline fo review may include following things
Concentrate on work product onl.
Set an agenda of review and maintain it.
When certain issues are raised thendebate or arquments should be limited
Find out problem areas, but don't attempt to solve everyproblem noted.
Take written notes.
Limit the number of participants and insist upon advance preparation.
Deveiop a checkist for each product that is likeiy to be reviewed.
Allocate resources and time schedule for FTRs in order to maintain time schedule.
Conduct meaningfultrainings for al reviewers in order to make the reviews effective
Review earlier reviews which servers as the base for the current review being conducted.
) Sample - Driven Reviews
for
In real world situation, for conducting the software projects the resources are limited and time span
this may affect the overall
empletion of project is very short. Hence many times the reviews are skipped. But
ality of software product.
Thelin and his colleagues addressed this issue bysuggesting the sample driven review process.
inspected to determine which
In this process samples of all software engineering work products are
work product are most error prone.
The FTR resources then focus on only those work products that are error-prone.

To accomplish this following steps are suggested -

tep 1
of the work product i. From this
Divide the project into number of work products. Inspect each fraction x
ork product identify and record the fault fi found within x,.
tep 2
product by using the following
Calculate the overall estimate for the number of faults within the work
ormula -
{x lw,
tep 3
overall estimate of the number of taults in each
Sort the work products in descending order according to
tep 4 faults
formal technical review on the work products that have the high estimated number of
Apply
about review reporting and record keeping.
R13. What is meant by FTR? Discuss
Answer :
assurance activity performed by software engineer
Formal Technical Review is a software quality
IepeSEDkaIO, U Üle suwdlk
tunction and mplemeiialionio dny
FTRis usefulto uncover errorsin loqic,
requirements
purpose of FTR is to ensurethat software meets specified
The standards
3 that the software is represented according to predetined
It also ensures process.
review the uniformity insoftware development
Ithelps to
manageable.
It makes the project more
5
face LEGAL prooedings
CRIMINAL Act. Anyone found gullty is LIABLE to
:Xerox/Photocopying of this book is a
Warning
 Software Engineering
Revtew Meeting 5.16
constraints
tvery review meeting should be conducted by considering the following
Involvement of people
Between 3 and 5 people should be involved in the review.
b) Advance preparation
Advance preparation should occur but it should be very short i.e. at the most 2 hours of work for earch
person can be spent in this preparation.
c) Short duration

The duration of the review meeting should be less than 2 hours.

Review Reporting and Record Keeping
During the FTR, the reviewer actively records all issues that have been raised. At the end of meeting these
allraised issues are consolidated and review issues list is prepared. Finally, a formal technical review summary
report is produced.

FTR summary report

Review reporting and
record keeping Review issues list

Q14. What are the steps to be followed by statistical quality assurance?

Answer:

Statistical between quality assurance is asimple concept which represents that change in the software can
be made in order to improve there elements of the process that introduce error.
It can be performed with the help of following steps.
1. Collect the information about software defect categorize them.
2. Mek an attempt to trace each different to is root case.
3. Isolate thevital few cause of the major source of all errors by using the
80-20 principle (known as pareto
principle)
4 Then move to corect the problems that have cause the defects

Example
Consider a well known software trim has collected some
the software product.
intormation about the defects that are occuring

Defect occurred during

software development
process
Collection of defects
Occurs at two stages

Defect occurred after

delivering the product
to end- user
Xerox/Photocopying of ths book is a CRIMINAL
LAct. Anyone found
guilty is digs
17 Software Engineering
The causes of detects are tabularized as tew
Causes of defects Abbreviations
Eror in data repreertation EDR
Error in design bg EDL
Unciear hurnar computer iterface HCI
Incompiete andor erroneoussperificatirs IES
Intertiornal deviations frorn specifatins IDS

Suppose that some sarple represertative data of detet caues is lected then one can buid a statistical
Airom t The sarr1pie data about the deiect causes is as given beiow.
Causes of defect Numbe of errors Percentage
IES 200 21
EDR 128 14
EDL 45 5

HCI 30 3
IDS 48 5

Sample Date collection for statistical SOA

From above tabie it is clear the major deiect cause is
IES+ EDR + EDL

21+ 14 +5 = 40% of total errors

We car s2y there errors are few vital errors that cause the major defect in the soft.are product. Once such
ital causes one deternined then it becomes very eary for a software erngineer to take corective action. For
stance in the vita cause given above.

Thus IES - EDR - EDL ie., 4% of defects cause is removed This will utimately heip in improving the
tware quality
Q15. Explain six sigma strategy for statistical SQA.
An wer :

Six saor na is widely used statistical software quality assurance strategy. It is a business driven approach to
Pres imprwerent, redured costs ad inCrez sed profit.
The word "six sigma is denvec from sa siariard deviatiors 34 defects per million occurrences. Six
siga crgirztud at lMutoro'a in the eary 19805

Define Measure Aralyze Improve Control

Figure: Six Sigma Frame Work

There are three core steps in six sigma method

1. Define
The custormer requirernents. project goals and deiverables are defined by communicating the customers

Measure
The existing process and its output is measured in order to determine current qualitu performance
CRIMINAL Act Anyone found guity is LIABLE to face LEGAL
hotocopying of this book is a Pprocoeding
Software Engineering 5.18
3. Analyze 2. Availability
In this phase defect metrics are analyzed in order It's another measure of software reliability
to determine the few causes.
software availability is defined as the probability that
If an improvement is needed to an existing the program is working according to the requirements
software then there are additional two methods at a given points in time.
in six sigma It is measured as
Improve : By eliminating the root causes of Availability = (MTTF/(MTTF+MTTR))*100 %
defects the process can be improved.
MTBF is equally sensitive to MTTF
Control -The process can be controlled in such
a way that the causes of defects can not be and
reintroduced.
MTTR but availablity is more sensitive to MTTR
These steps can sometimes be referred as
DMAIC. Q17. Explain the software safety in terms of
SQA.
For a newly developing software, some Answer :
organizations are suggesting following two alternating
steps. Software Safety
1. Design Software safety is a quality assurance activity in
In this step avoid root
causes of defects and meet which potential hazards are identified and assessed.
the customer requirements. These hazards may bring the total failure of the system.
If such hazards are identified and specified in eary stage
2. Verify of software development then such hazards can be
To verify the process, avoid defects and meet eliminated or controlled in order to make the software
safe.
customer requirements.
These steps can sometimes be referred as Modelingand analysis process is conducted as
DMADV. a part of software safety.
Q16. What is meant bysoftware reliability and Example:
availability? Example it. In acomnputer based automobile system
software
Answer: hazards are
Software reliability is defined as the probability
1
Uncontrolled acceleration that can not be
of failure free operation of a computer program in a stopped.
specified environment for a specified time. 2 Does not respond to slow the system when breaks
are applied.
The software reliability can be measured, oirected
and estimated. 3
Slowly gains the speed.
Measure of Reliability and Availability How to handle the systemn level
hazards ?
Normally there are two measures of software
reliability. Following are the steps that can be
applied to
preserve the software safety.
1. MTBF Mean-Time-Between-Failure is a simple Step 1 :
measure of software reliability which can be
calculated by The hazards are
Step 2:
identified.
MTBF MTTF + MTTR
where MTTF means mean-time-to-failure Analysis techniques are used to assign severity
of these hazards. The
and of such hazards is probability of occurren
also analuzed with the
analysis techniques. helpo
MTTR stands for mean-time-to-repair.
The
Many software researchers feel that MTBF is
defects/
commonly
fault-tree used analysis techniques are
analysis, real-time logic and Petri-net
more useful measure of software reliability than models. These techniques basically predictthe
KLOCor defects/FP chain of events that can
Xerox/Photocopying of this book is a CRIMINAL Act.
cause hazards.
Warning : Anyone found guilty is
LIABLE to LEGAL proceedings
face
 5.19
Software Engineering
Step3 :
10. Provide quality personnel
Once hazards are identified, safety related
requirements can be specified for the software.
11. Provide quality infrastructure
Step 4 : 12. Provide quality environment
Finally the role of software in managing 13. Control realization planning
undesirable event is specified.
14. Control customer processes
o18. Discuss about ISO 9000 quality standards. 15. Control product development
Answer :
16. Control purchasing functions
ISO 9000is a family of quality assurance system. 17. Control operational activities
It can be applied to alltypes of organizations. It doesn't
matter what size they are or what they do. It can help 18. Control monitoring devices
both product and service oriented organizations to 19. Control non confirming products
achieve standards of quality. ISO 9000 is maintained
by ISO, the International 20. Analyze quality information
Organization for
Standardization and is administered by accreditation 21. Make quality improvement
and certification bodies. In ISO 900, company's quality
system and operations are scrutinized by third-party Q19. Explain about review metrics and their use
in detail.
auditors for a compliance to the standard and effective
operation. This process is called registration to 1SO Answer:
9000. On successful registration, the company gets a
certification from accreditation bodies of 1SO. Such a Review Metrics
company is then called "ISOcertified company". Are the metrics that are generated after
ISO9001: 2000 is a qualityassurance standard
conducting each review to determine the working of
the quality control activities. These metrics determine
which is applied to software engineering systems. It the efforts needed to conduct the review and types of
focuses on process flows, customer satisfaction, and the errors and their impact, that are not covered diromg
the review. The collected metrics are used to evaluated
continual improvement of quality management systems. the effectiveness of the already conducted reviews.
ISO 9001:2000 specifies requiremernts for a quality
Though many metrics have been defined only few of
system that can be applied to any size or type of them are concrement.
organization.
Following are some of the review metrics.
The guidelines steps for ISO 9001: 2000 are
1 Effort in preparation (EP)
1. Establish quality management system - Identify
It is the effort of aperson in house needed to
and manage the processes in the quality
review a work product before the actual review
management system.
meeting.
2 Document the quality management system 2. Effort Assessment (E)
3 Support the quality It is the etfort ofa erson in house spent
during
4
the actual rev iew.
Satisfy the custonmers
3 Error in Rework (Er)
5 Estabish quality policy
It is the effort of an individual (in hours) spend
6
Conduct quality planning to remove the bugs that are not correct during
the review.
Control quality systems
8 Perform management reviews
4.
ldentification of Major Errors (E_major)
It is the identification of the no. of enors that can
Provide quality resources termed as major.
Warning : Xerox/Photocopying of this book is a CRIMINAL Act. Anyone found
guilty is LIABLE to face LEGAL procr digS
Software Engineering
520
5. ldentification of minor errors (E, minor)
errors that can be termed as minor.
It is the identification of the no of
6. Size of the work product (SWP) may be UML
that has been reviewed. The work product modes
It is the measure of work product size of UML models or
measured numerically such as no. docurner
document pages or lines of code that can be
pages or lines of codes.
reliability and software satety?
Q20. What is the difference between software
Answer :

and safety are closely related to each other. However the difference between them
1 Software reliability
in degree and not the type.
reliability uses statistical analysis made to determine the occurrence or software failure. Thes
2 Software ta
requirements in which failure results in conditions
tailures willcause simply dissatisfaction of customer
can lead to hazrds.
But the software safety defects the failures
3. Software reliability does not defect the failures in depth.
contact of an entire computer based system.

proc
of this book is a CRlMINAL Act. Anyone found guilty is LIARI EGAL