Chapter 25 – |
Software Development and Quality Assurance |
Diane E. (Dione) Levine
Chapter Contents:
|
25.1 |
|
Introduction
|
|
25.2 |
|
Goals of Software Quality Assurance
|
|
25.2.1 |
|
Uncover All of a Program's Problems
|
|
25.2.2 |
|
Reduce the Likelihood that Defective Programs Will Enter Production
|
|
25.2.3 |
|
Safeguard the Interests of Users
|
|
25.2.4 |
|
Safeguard the Interests of Software Producers
|
|
25.3 |
|
Software Development Life Cycle
|
|
25.3.1 |
|
Phases of the Traditional Software Development Life Cycle
|
|
25.3.1.1 |
|
Investigation
|
|
25.3.1.2 |
|
Analysis
|
|
25.3.1.3 |
|
Design
|
|
25.3.1.4 |
|
Decoding and Debugging
|
|
25.2.1.5 |
|
Testing
|
|
25.3.1.6 |
|
Implementation
|
|
25.3.1.7 |
|
Maintenance
|
|
25.3.2 |
|
Classic Waterfall Model
|
|
25.3.2.1 |
|
Analysis or Requirements Analysis
|
|
25.3.2.2 |
|
Design
|
|
25.3.2.3 |
|
Implementation
|
|
25.3.2.4 |
|
Testing
|
|
25.3.2.5 |
|
Maintenance
|
|
25.3.3 |
|
Rapid Application Development and Joint Application Design
|
|
25.3.4 |
|
Importance of Integrating Security at Every Phase
|
|
25.4 |
|
Types of Software Errors
|
|
25.4.1 |
|
Internal Design or Implementation Errors
|
|
25.4.1.1 |
|
Initialization
|
|
25.4.1.2 |
|
Logic Flow
|
|
25.4.1.3 |
|
Calculation
|
|
25.4.1.4 |
|
Boundary Condition Violations
|
|
25.4.1.5 |
|
Parameter Passing
|
|
25.4.1.6 |
|
Race Condition
|
|
25.4.1.7 |
|
Load Condition
|
|
25.4.1.8 |
|
Resource Exhaustion
|
|
25.4.1.9 |
|
Other Sources of Error
|
|
25.4.2 |
|
User Interface
|
|
25.4.2.1 |
|
Functionality
|
|
25.4.2.2 |
|
Control (Command) Structure
|
|
25.4.2.3 |
|
Performance
|
|
25.4.2.4 |
|
Output Format
|
|
25.5 |
|
Designing Software Test Cases
|
|
25.5.1 |
|
Good Tests
|
|
25.5.2 |
|
Emphasize Boundary Conditions
|
|
25.5.3 |
|
Check All State Transitions
|
|
25.5.3.1 |
|
Test Every Limit
|
|
25.5.3.2 |
|
Test for Race Conditions
|
|
25.5.4 |
|
Use Test-Coverage Monitors
|
|
25.5.5 |
|
Seeding
|
|
25.5.6 |
|
Building Test Data Sets
|
|
25.6 |
|
Before Going Into Production
|
|
25.6.1 |
|
Regression Testing
|
|
25.6.2 |
|
Automated Testing
|
|
25.6.3 |
|
Tracking Bugs from Discovery to Removal
|
|
25.7 |
|
Managing Change
|
|
25.7.1 |
|
Change Request
|
|
25.7.2 |
|
Tracking System
|
|
25.7.3 |
|
Regression Testing
|
|
25.7.4 |
|
Documentation
|
|
25.8 |
|
Sources of Bugs and Problems
|
|
25.8.1 |
|
Design Flaws
|
|
28.8.2 |
|
Implementation Flaws
|
|
25.8.3 |
|
Unauthorized Changes to Production Code
|
|
25.8.4 |
|
Incompetent Programmers
|
|
25.8.5 |
|
Data Corruption
|
|
25.8.6 |
|
Hacking
|
|
25.9 |
|
Conclusion
|
|
25.10 |
|
Bibliography and For Further Reading
|
|
|
|