unit9. software quality standards

1

Unit9. Software Quality Standards

Software Quality

A Standard is a document of voluntary application, containing technical specifications based on experience and technological development results.

Standards are developed by consensus among every part involved or interested in activities concerning to it. Moreover, it must be approved by a Standards organization.

Standards

Calidad del Software

Standardization

Standardization is the process of

elaboration, application, and

improvement of standards, which are

applied to different scientific, industrial

or economic activities with the purpose

of ordering and improving them.


Goals:

• Simplification: Reduce models

maintaining only what is necessary.

• Unification: Permit changeability at

international level.

• Specification: Create a common

language to avoid identification errors.

Standardization


there are two international standards

organizations:

• IEC International Electrotechnical

Commission, responsible of electrotechnic

and electronic standards.

• ISO International Organization for

Standardization, which covers the rest of

activity sectors.

International Standards


• ISO & IEC share the responsibility of

developing standards related to

Information Technologies.

• To adopt standards elaborated by ISO or

IEC is not mandatory for countries

members of these organizations.

ISO & IEC


• CEN European Committee for Standardization.

• CENELEC European Committee for Electrotechnical Standardization.

• ETSI European Telecommunication Standards Institute.

European standardization organisms force all their members to adopt, without modifications, European standards developed by them.

European standards are systematically incorporated to AENOR catalog, reaching category of national standards.

European Standards


• AENOR began in 1986, Real Decreto

1614/1985, it is the only one Spanish

Standards Organization approved for

developing standardization and certification

tasks in our country.

• AENOR is member and represents Spain in

International Standards Organizations (ISO,

IEC, CEN, CENELEC, ETSI, COPANT).

AENOR


ISO is not an acronym for the organization's full name in either official language; rather, the organization adopted ISO based on the Greek word isos (ἴσος), meaning equal

ISO has three membership categories:

• Member bodies, one per country.

• Correspondent members are countries that do not have their own standards organization.

• Subscriber members are countries with small

economies. They pay reduced membership fees, but

can follow the development of standards.Calidad del Software

ISO

Importance of Standards

• A standard is defined as the set of fulfilling of

a quality criteria. It defines the range of

quality acceptance for a determined process.

• They offer a set of best practices, avoiding

repeated errors and catching valuable

knowledge for the organization.


Standards and Models

Image obtained from INTECO : www.inteco.es/. Curso de Metodologías y Certificaciones


Quality Management

Governance level

Processes improvement

Development Services Acquisition

http://www.inteco.es/



ISO 9000 Standard Family

• The set of ISO 9000 standards constitute a

family of international standards and quality

guides world wide recognized. They shape

the base for establishing Quality

Management Systems.

• Application field of these standards are any

kind of enterprise independently of their

size or activity.


The family is composed by the following 4 standards:

•UNE-EN ISO 9000. Quality Management Systems.

Fundamentals and vocabulary.


Requirements.


Instructions for performance improvement.

•UNE-EN ISO 19011. Guidelines for auditing

Quality/Environmental Management Systems.



ISO 9000 presents organization as a socio-technical

complex system in which organization not only deals

with productive system results, but also to get

advantage of resources, specially human resources,

to get a bigger flexibility.

This philosophy is based on:

• Improvement cycle.

• Processes based approach.



ISO 9000:2000

It describes quality fundamentals and its purpose is

to establish a specific terminology of using in the

family of standards, like in ISO 9001 and in ISO 9004.

It defines a series of basic principles to be promoted

from the organization management that pretend to

obtain a continual improvement.

This principles are known as Quality Management

Principles.

ISO 9000 Standards Family

ISO 9000 is based on eight quality management

principles:

• customer focus.

• Leadership.

• Involvement of people.

• Process approach.

• System approach to management.

• Continual improvement.

• Factual approach to decision making.

• Mutually beneficial supplier relationship.


ISO 9000:2000

Standard ISO 9001 specifies requirement for

a quality management system that can be

internally used in the organization, for its

certification or with contractual aims. It is

focused on quality management system

efficacy in order to fulfill customer´s

requirement.

ISO 9001:2008


• Contents:

• Front page.

• Antecedents.

• Declaration.

• Prologue.

• Introduction.

1. Guides and general descriptions.

2. Normative references.

3. Terms and definitions.

ISO 9001:2008


4. Quality Management System ( it contains the general requirements and documentation requirements).

5. Management responsibility ( it contains management commitments like policy and responsibilities).

6. Resource management (Human resources, infrastructure and work environment)

ISO 9001:2008


7. Product realization (productive requirement, from customer attention to product or service delivery).

8. Measurement, Analysis and improvement (processes of taking information, analysis and improvement plans)

• Annexes A y B

• Bibliography

ISO 9001:2008


AENOR Certification


ISO 9000

Certification Process

Application

1

Documentation study

and previous visit

2

Audit

3

Response to Audit

(Corrective actions plan)

4

Are requirement

achieved?

Certification

6

Assessment and

Decision

5

YesNo

Annual tracking

• This standard establishes guidelines for continual improvement and global efficiency for those organization whishing to move beyond the requirements of ISO 9001.

• It exposes recommendations to develop the improvement of quality management system, and additional explanations with relation to requirements of standard ISO 9001:2000.

ISO 9004:2000


• ISO 9001 and ISO 9004 have been developed as a

consistent pair of quality management system

standards which have been designed to complement

each other

• ISO 9001 specifies requirements for a quality

management system, while the other one

complements the first one when proposes ideas for

organization improvement.

• ISO 9004 is not intended for certification or

contractual purposes. Only ISO 9001 can be certified.

Relationship between

ISO 9001 & ISO 9004


• ISO 9126 is an international standard for software evaluation.

• It is supervised by SQuaRe Project, ISO 25000:2005.

• ISO 9126 defines a quality model in which is determined every characteristic that a software model must fulfill to satisfy established needs.

• It is thought for developers, acquirers, quality and assessment people, responsible of specifying and assessing software product quality.

ISO/IEC 9126


The standard is divided into four main parts:

• Quality model

• External metrics

• Internal metrics

• Quality in use metrics

Software quality can be evaluated by measuring internal attributes (static measures or intermediate products) or external attributes (code behavior when software is running).

ISO/IEC 9126


ISO/IEC 9126 & ISO/IEC 14598


• ISO 25000:2005 (SQuaRE -Software Quality Requirements and Evaluation) base on ISO 9126 & ISO 14598, it provides a general vision of contents, models and definitions need to obtain software of quality and to evaluate software quality.

• It contains an explanation of processes transition among ISO 9126, ISO 14598 and SQuaRe.

ISO 25000:2005


Integration of ISO 9126, ISO 15939 (Measurement Process), and ISO 14598 (Evaluation Process) permits to think about a 4 steps process:

•Requirements identification related with softwareproduct quality, that is to select quality model partrelevant to quality evaluation (ISO/IEC 9126-n).

• Identification of the interpretational context. That is,selection of reference values, and targets determinationin a determined context.

•To use measures produced in data elaboration stage.

•Analysis and comparison of obtained results with the setof reference values.

ISO 25000:2005


It is composed by 14 documents assembled into 5

divisions:

• Quality Management Division ISO 2500n: (1)

Guide for SquaRE – Structure & Terminology

Overview and (2) Scheduling and y Management– it

provides a guide to plan and manage software

evaluations.

Quality Model Division ISO 2501n: it describes the

internal and external quality model and quality in

use (characteristics and subcharacteristics)

ISO 25000:2005


Quality Measurement Division ISO 2502n: measurementprimitives, internal quality measurements, external qualitymeasurements and quality in use measurements.

Quality Requirements Division ISO 2503n: it enablessoftware product quality to be specified as qualityrequirements.

Quality Evaluation Division ISO 2504n: it providesrequirements for quality evaluation for: developers,acquirers, evaluators.

ISO 25000:2005


Benefits of using ISO 25000

• Model represents expected software product quality.

• It distinguishes among needs on quality in use, external

quality and internal quality.

• It allows a bigger efficacy in software definition.

• It expresses intermediate products evaluation.

• It proposes a final quality by intermediate evaluations.

• It permits traceability among expectations, requirements

and evaluation measurements.

• It improves product quality.


Process review principles are:

• Application to all product and service sectors, and to all kind of organizations.

• Easy of use, clear language, easy of translating and to make them more comprehensible.

• Ability to connect Quality Management Systems with process of the organization.

• Oriented to continual improvement and customer satisfaction.

• Compatibility with other management systems like ISO 14000 for environmental management.

Standards Reviews


• Certification is an action carried out by an

organization recognized like confident and

independent of interested parts, by means

of that demonstrates the conformity of a

company, product or process, service or

person with the requirements defined in

standards or technical specifications.

Certification




Model’s

electionOrganization

Assessment

Organization

Situation

comparison

Improvement

Process

Design

Evaluation

for

Certification



Stage 1 Diagnostic

Audit

Stage 2

Sensitization

Stage 3

Workshop of QMS Processes

Stage 4

QMS Documentation

Stage 5

Documentation

Stage 6

Internal Audit

Stage 7

Pre-internal

Audit of Certification

Stage 8

Corrective or preventive actions

Stage 9

Audit of Certification

Stage 10

Tracking

Quality

Management

System

10 Steps

towards

“Excellence”

Working Program

Deployment

AENOR

Audit

unit9. software quality standards

Documents