• Keine Ergebnisse gefunden

ManagementDr. Stefan Wagner

N/A
N/A
Info
Herunterladen
Protected

Academic year: 2021

Aktie "ManagementDr. Stefan Wagner"

Copied!
18
0
0

Wird geladen.... (Jetzt Volltext ansehen)

Jetzt herunterladen ( 18 Seite )

Volltext

(1)

Technische Universität München

Management

Dr. Stefan Wagner

Technische Universität München

Garching 11 June 2010

Software Quality

1

(2)

Last QOT: Why do we need continuous quality control in software development?

"Failures are cheaper to fix if catched early."

"To correct the standard of quality assurance in any time."

"For maintaining the aggregation properties"

2

The most obvious reason for continuous quality control is that you detect defects earlier when they

are still cheap to fix. Failures have a specific meaning!

The control loop also helps to adjust your quality assurance approach.

Continuous quality control is not necessary for aggregating properties of the software. If this

comment aims more into the direction of integration, it could be reasonable if early detection

of problems by continuous integration is meant.

New QOT: "Why is software reliability a random process?"

(3)

Measurement theory

3

Review of last week's lecture:

Scales

Aggregation operators GQM

(4)

Product

Metrics and

Measurement

Management

Certifi- cation Process

Quality

Quality Quality Basics

4

We are in the part "Metrics and Measurement".

(5)

Quality

measures

Visualisation Reliability

models

5

This lecture covers three parts:

Reliability (growth) models

An overview of quality measures (and a classification) Visualisation of quality measures

(6)

Reliability models

6

(7)

Software reliability

Probability of a

failure-free operation of a software system for a

specified period of time in a specified environment.

7

The standard definition of software reliability adopted by various standardisation bodies such as IEEE.

It shows that reliability depends on the definition of failure, that reliability is a stochastical concept,

and that it can only be defined for a specified period and a specified environment.

In contrast to hardware, software does not wear off. Hardware can become disfunctional just

by mechanical influence. This does not hold for software. Theoretically, software could run

forever without any failure. The change in reliability in software comes from changing the

software, i.e., from fixing bugs.

(8)

Measures

• Probability of failure on demand (POFOD)

• Mean time to failure (MTTF)

• Mean time to repair (MTTR)

• Availability (MTTF/(MTTF+MTTR))

• Failure intensity

• Rate of fault occurrence (ROCOF)

8

We can find various measures that describe different aspects of reliability in the literature.

Most of them come from hardware reliability engineering.

MTTR, for example, is mostly interesting in high-availability systems.

Otherwise, most software

systems are not optimised for MTTR.

ROCOF is a synonym for failure intensity

(9)

Reliability

Failure intensity

Time

Reliability changes

9

In reliability models, the most commonly used measure is failure intensity. It describes the

number of failures in a certain time period. Interesting is also to use other means to describe

time periods. For example, in a telecommunication system, failure intensity is often defined

as failures per incident where an incident is one call made with the system.

Reliability is the reciprocal value of the failure intensity.

This reliability growth over time only occurs if we fix defects.

(10)

Process

Requirements Design and

Implementation Test Definition of

required reliability

Development of operational profiles

Test planning

Test execution Usage of failure data for decision making

10

This is the process for software reliability engineering in a nutshell. The development process

is reduced to requirements specification, design and implementation, and test.

During the

requirements specification, we define the required reliability of the software to be built. Along with

it, we develop operational profile, i.e., how will the users work with the system?

During design

and implementation we start with planning tests according to the operational profiles. The test

plan as well as the goal of the required reliability is the basis for executing the tests. The failure

data from the tests (usually system and field tests) is used as basis for decision making.

This is usually called the "When to stop testing?" problem. When is testing finished? When have

I reached the required reliability?

Testing less or more can be expensive!

(11)

Reliability theory

System

Input space

Output space

i

n

i

1

correct incorrect

11

As we need to analyse the current level of reliability and how it will change, we need a theory of

reliability that is the basis for the analyses.

The simple model that is usually employed sees the system as a function that transforms values

from the input space to the output space. The output space is divided into correct and incorrect

values. If the system outputs an incorrect value, a failure occured.

The transformation from the input to the output is (usually) deterministic for a software system.

Where stochastics come in is the distribution of the input values. What input values are put into

the system is seen as a random process.

(12)

Reliability growth model: Musa basic

Parameter:

v

0

: total number of faults λ

0

: initial failure intensity

μ(t): number of failures up to time t λ(t): failure intensity at time t

12

There are various models that formalise this random process based on different assumptions.

A well-known model is the Musa basic model developed by John Musa. This model assumes there

is an exponential change of the initial failure intensity over time that is influenced by the total

number of faults that were initially in the system.

This allows to calculate the number of failures that will have occured at a time t in the future as

well as the failure intensity that the system will have at time t.

(13)

µ(10) = 100(1 − exp( − 10

100 × 10)) = 63 failures λ(10) = 10 × exp( − 10

100 × 10) = 3.68 failures/hour

Reliability growth model: Musa basic

We have a program with an initial failure intensity of 10 failures/hour and 100 faults in total.

How many failures will have occured after 10 hours? How high is the failure intensity afterwards?

13

This example is simple, because we calculate only with hours. The difficulty in practice usually

lies in finding a useful measure for time, because only passing clock time does not make failures

occur. The system has to be used. Therefore, the notion of time should represent this usage

somehow. For a web server, this could be number of requests served.

In practice, we do not have number of initial failure intensity and total number of faults. This

is either done by estimating from earlier, similar projects, or by using the first data from system

tests to fit the failure intensity curve. This is done, for example, using the least squares method.

(14)

Quality

measures Reliability models

Visualisation

14

(15)

Quality

measures

15

(16)

Exercise

• Each of gets names of quality measures.

• Look on the Web for information.

• Make yourself an expert and find an example.

• Which quality attribute does it measure?

• 15 Minutes

• You will present each metric.

• Assign it to one of Garvin's quality approaches (on the white board).

• You can discuss with your neighbours.

16

34 measures

(17)

17

The assignment of measures to the user, product, or process level is not always easy. Some measures,

such as "Lenght of method" clearly measure directly something of the product.

Others, such as

"Percentage of successful bug fixes" says mostly something about the process, but also about the

product.

(18)

Quality

measures Reliability models

Visualisation

18

Referenzen

Jetzt herunterladen ( PDF - 18 Seite - 788.15 KB )

ÄHNLICHE DOKUMENTE

a) Show that {ω

Sehen Sie einen Zusammenhang mit der

Some day we will build a think- ing machine. It will be a truly intelligent machine. One that can see and hear and speak. A machine that will be proud of us.

the top of the list: building a computer ca- pable of a teraflop-a trillion floating- point operations per second. Not surprisingly, Thinking Machines 63.. had an inside track

it "that

Luiz informed Albuquerque "that the king of Narsinga was getting himself ready with .five thousand men on foot and two thousand on horse, for an expedition

I am aware of the fact that the author retains the rights specified in p

By testing four different models of economic growth in transition countries differentiated by the method of aggregation used to represent structural reforms, we can conclude that the

(a) Show that M∩(−M) is an ideal of A

Fachbereich Mathematik und

It is clear that stod reflects Iran

the original meaning of the Ossetic word for 'smoked' (fat) and 'settled'.. (beer) should be reconstructed as 'put, settled' and the word

The NICE Cost-Effectiveness Threshold: What it is and What that Means

Given the fixed budget of the The National Institute for Health and Clinical NHS, the appropriate threshold is that of the oppor- Excellence (NICE) is charged with the task of

Bitcoin Price: Is it really that New Round of Volatility can be on way?

This article has aimed to offer a discussion into Bitcoin price volatility by using an optimal GARCH model chosen among several extensions.. By doing so, the findings suggest an