SE Unit5
SE Unit5
SE Unit5
me/jntuh
Risk is an undesired event or circumstance that may occur during a project. Risk
management involves anticipating, identifying, analyzing, and managing various
risks that a project may be susceptible to. There are reactive and proactive risk
management strategies.
Software Risks
Software risks involve two characteristics:
1. Uncertainty:
Risks may or may not happen.
2. Loss:
If a risk becomes a reality, unwanted loss or consequences will occur.
1. Project Risk:
Threatens the project plan and affects the schedule and resultant cost.
2. Technical Risk:
Threatens the quality and timeliness of the software to be produced.
3. Business Risk:
Threatens the viability of the software to be built.
4. Known Risk:
1. Risk Identification:
Identifying potential risks that could impact the project.
2. Risk Projection:
Assessing the probability and impact of identified risks.
3. Risk Refinement:
Detailed analysis and further understanding of the risks.
4. Risk Mitigation, Monitoring, and Management (RMMM):
Developing a plan to handle and mitigate risks.
5. RMMM Plan:
Documented plan outlining strategies for risk management.
Risk Identification
Risk identification is a crucial step in the risk management process. It involves
identifying all possible risks, creating item checklists, categorizing risks into
components (such as performance risk, cost risk, support risk, and schedule risk),
and assessing the severity of risks.
Negligible (0)
Marginal (1)
Critical (2)
Product Size
Business Impact
Development Environment
Process Definition
Customer Characteristics
Technology to be Built
Staff Size and Experience
Risk Projection
Risk projection, also known as risk estimation, estimates the impact of identified
risks on the project and the product. This estimation is typically done using a Risk
Table, which categorizes risks based on their likelihood and consequences.
Ignore risks with low management concern (low impact or low probability).
Consider all risks with high management concern (high impact or
moderate/high probability).
Catastrophic (1)
Critical (2)
Marginal (3)
Negligible (4)
Risk Refinement
Risk refinement, also known as risk assessment, involves reviewing the risk impact
and refining the risk table based on the nature, scope, and timing of potential
problems. It is a crucial step in the risk management process.
1. Nature:
Examining likely problems that may occur if the risk materializes.
2. Scope:
Assessing the seriousness of the risk.
3. Timing:
Determining when the risk may occur and how long it may impact the
project.
Risk Elaboration:
Where:
RMMM
Risk Mitigation, Monitoring, and Management
1. Risk Avoidance:
Proactive planning to avoid potential risks.
2. Risk Monitoring:
Assessing whether predicted risks occur.
Ensuring that risk aversion steps are properly applied.
Collecting information for future risk analysis.
3. Risk Management:
Contingency planning for actions to be taken in case mitigation steps
fail and the risk becomes a live problem.
RMMM Plan:
The RMMM plan documents all work performed as part of risk analysis. It includes:
The RMMM plan provides a structured approach to handling risks throughout the
project lifecycle.
Quality Management
Quality management ensures that the software development process adheres to
high-quality standards. It involves various aspects such as quality concepts,
software quality assurance, software reviews, statistical software quality assurance,
the Capability Maturity Model Integration (CMMI), software reliability, and the ISO
9000 quality standards.
Quality Concepts:
Fundamental principles of quality in software development.
Software Quality Assurance (SQA):
The process of monitoring and improving the software engineering
process to ensure quality.
Software Reviews:
Quality Concepts
1. Variation Control:
Variation control is the core of quality control.
Aims to minimize the difference between predicted and actual resources
used in various projects, including staff, equipment, and calendar time.
2. Quality of Design:
Refers to the characteristics specified by designers for the end product.
Focuses on defining the desired features and attributes of the final
product.
Quality Management:
1. Quality of Conformance:
Reflects the degree to which design specifications are followed during
the manufacturing of the product.
2. Quality Control:
Involves a series of inspections, reviews, and tests used to ensure that a
work product conforms to its specifications.
3. Quality Assurance:
Encompasses auditing and reporting functions to assess the
effectiveness and completeness of quality control activities.
Cost of Quality:
1. Prevention Costs:
SQA Activities:
Software Reviews
Purpose of Software Reviews:
1. Membership:
Consists of three to five members.
Each person should prepare for the meeting in less than two hours.
2. Duration:
Meeting duration should be less than two hours.
3. Focus:
Centered on a specific work product, such as requirement specifications,
detailed component design, or source code listing.
4. Initiation:
The producer informs the project leader of the completion of the work
product and the need for a review.
The project leader contacts a review leader, who evaluates product
readiness and organizes the review.
5. Preparation:
The review leader distributes copies of the product material to two or
three review members for advance preparation.
Reviewers spend one to two hours reviewing the product and making
notes.
6. Meeting Conduct:
Attended by the review leader, all reviewers, and the producer.
The producer introduces the product, walks through it, and reviewers
raise prepared issues.
Errors found are noted by a recorder.
1. Recording Issues:
A recorder documents all issues raised during the review.
2. Review Summary Report:
Answers key questions: What was reviewed? Who reviewed it? What
were the findings and conclusions?
A single-page form with possible attachments.
3. Review Issues List:
Serves to identify problem areas in the product.
Acts as an action item checklist guiding the producer in making
corrections.
Review Guidelines:
Software Defects:
Pareto Principle:
Utilize the Pareto principle, where 80% of defects can be traced to 20% of
causes.
Identify the "vital few" defect causes.
Defect Resolution:
Isolate and address the root causes of defects in the "vital few."
Core Steps:
1. Define:
Clearly define customer requirements, deliverables, and project goals
through effective communication methods.
2. Measure:
Measure each existing process and its output to determine current
quality performance (e.g., compute defect metrics).
3. Analyze:
Analyze defect metrics to identify the "vital few" causes.
1. Improve:
Enhance the existing process by eliminating root causes for defects.
2. Control:
Implement controls to ensure that future work does not reintroduce
causes of defects.
1. Design:
Design each new process to avoid root causes of defects and align with
customer requirements.
2. Verify:
Verify that the process model will prevent defects and meet customer
requirements.
Key Principles:
1. Information Traceability:
Software Reliability
Definition:
Measures of Reliability:
MTTF (Mean Time To Failure) is the average time a system runs between
failures.
MTTR (Mean Time To Repair) is the average time it takes to repair a
system after a failure.
2. Availability:
Availability = [(MTTF / (MTTF + MTTR))] x 100%
1. ISO 9001:
Applies to organizations engaged in design, development, production,
and servicing of goods, including most software development
organizations.
2. ISO 9002:
Applies to organizations involved only in production, not design.
Examples include steel and car manufacturing industries.
3. ISO 9003:
Applies to organizations involved only in the installation and testing of
products.
1. Application:
The organization applies to the ISO registrar office for registration.
2. Pre-Assessment:
The registrar conducts a rough assessment of the organization.
3. Document Review and Adequacy of Audit:
The registrar reviews the organization's documents and suggests
improvements.
4. Compliance Audit:
ISO 9000 standards emphasize a quality system approach, ensuring that proper
stages are followed for production, leading to high-quality products. Certification
is awarded to organizations that successfully implement these quality practices.