1 Quality Management in Software Engineering. 2 Why do we need a QMS on a Project? To try to ensure...
-
Upload
ralf-waters -
Category
Documents
-
view
215 -
download
0
Transcript of 1 Quality Management in Software Engineering. 2 Why do we need a QMS on a Project? To try to ensure...
2
Why do we need a QMS on a Project?
To try to ensure that the project runs smoothly and we produce a quality product at the end of it. Applies to any project e.g. building a bridge or a television set or a computer system
3
Following QMS Procedures helps the following:
• Communication between individuals and teams ( via documents and reviews of documents )
• Manage changes to the design as the system is developed
• Manage fixing of bugs found during testing• Software version control for bug fix releases• QMS helps particularly in Change Management
area
4
ISO 9001 & TickIT
• Being ISO 9001 & TICKIT registered means the company adheres to these QMS standards
• Being ISO 9001 & TICKIT registered means the company is allowed to tender for large government contracts
• British Standards Institute (BSI) inspectors visit the company at least once a year to carry out audits to check ISO 9001 & TICKIT compliance
5
Having a QMS Doesn’t Guarantee Quality
• Team members may not follow the QMS• The project may be technically or
financially flawed from the start• Impossibly tight timescales reduce quality -
corners are cut• Swanick Air Traffic Control Centre – type
this into your search engine and be amazed when you read about the problems!
6
QMS In Manufacturing
• E.g. applying a QMS to Car Production• Use good quality steel, paint etc• Use robots which don’t suffer human failings - they
do a perfect job every time! (If they are ‘set-up’ right!)• A QMS will ensure the quality of the raw materials
and build quality through inspections and measurements throughout the build process
• Produces a quality car e.g a Mercedes - renowned for their quality
• Good quality costs - a Mercedes costs more than a Ford
7
When Safety Is Critical
• QMS in safety critical systems is vital in both the development of those systems and in the running of those systems
• The need for safety overrides cost factors which always limit the quality of a product
e.g. far more testing would be done on a safety critical system ( nuclear reactor control system, flight control system ) than for a non safety critical system
9
TickIT is a Quality Assurance Standard
specifically for software
The TickIT Guide costs around £42 and
contains guides for the auditors & s/w
developers
TickIT relates to constructing and operating a
Quality Management System for the
production of software systems
TickIT
10
Quality is:
“a degree of excellence” (The Oxford
English Dictionary definition)
fitness for purpose
conformance to requirements
11
(Crosby is one of the so-called Quality gurus)
Crosby’s definition of Quality:-“conformance to requirements”
Quality in the system processes:- prevention not cure
want to prevent faults getting into the product not just cure the faults when they’ve occurred
measure of Quality:- cost of quality
measure quality by the ‘cost of waste’. Implementing Quality Management Systems costs money but lack of quality costs more. Quality is an investment. “ Quality is Free”
the target of a Quality Management System: -- zero defects
Philip Crosby’s view of Quality
12
Quality Standards AQAP 1, 13 &14 (NATO) - one of the first standards - 1960 - a
military standard
ANSI/IEEE - 730 - a standard for s/w development
DEF-STAN 00-16 - a UK standard for s/w quality assurance
FAA-STD-018 - Federal Aviation Authority standard for s/w
development
DoD 2167 - an American Dept of Defence s/w development
standard
(ISO 9001/BS5750/EN29000) - international standards for Quality
Management Systems - all of these are similar
TickIT (ISO 9001:2000 and ISO 9000-3:1997) - international
standards for Quality Management Systems in the production of
s/w systems
13
What is TickIT?
It is a scheme based upon the ISO 9000-3
standard ISO9000-3:1997 ….
the application of ISO 9001 to software
a ‘sector certification scheme’ - run by the software profession - it
trains people to be auditors. Auditors are generally s/w professionals themselves who have experience in s/w engineering
- the TickIT scheme was funded and promoted originally by the Department of Trade
14
Why go for TickIT? to retain market share and satisfy the customer - the
customer may demand it. TickIT hopefully identifies you as a producer of high quality s/w
invariably a mandatory condition of Govt. contracting to improve both process and product - you get a better
quality product because you have quality procedures built into your processes
to stimulate (software) developers to think about: what quality really is how it may be achieved - the s/w development team
adhere to quality procedures and work in a quality way
15
The role of the Auditorvarious Auditor roles:
first, second and third party audits
first party - your own organisation audits itself internally
second party - someone else audits you against their
own standard e.g.McDonalds performs 2nd party audits.
McDonalds headquarters checks their outlets which are
franchises
third party - someone else e.g. Lloyds Registers audits
you against an international standard e.g. ISO 9001 - not one
of their own making
16
The Role of the Auditor
the auditors:
trained, registered and monitored
they check that a company conforms to the
basic principles of ISO 9000-3:
documented, implemented and effective
QMS
17
The Audit Process:
1. Application for Certification - the certificate gives the scope of the certification i.e. what parts of the standard you have conformed to
2. Certification Audit - a ‘lead’ auditor makes a preliminary visit to your company to discuss and plan the audit. The actual audit will take a few days and involve several auditors. There will be a debrief to discuss what the auditors have found. You pay for this audit.
18
The Audit Process:
3. Auditing - looks at documentation, records and activities. There may be non-conformances. There are 2 types of non-conformance. Major - means you fail to get certified. Minor - you get certified but subject to the company fixing some non-conformances.
4. ‘Health - check’ every 6 months - auditors should see a trend of quality processes improving
5. Full Review for Relevance Every 3 Years - full audit to determine if you still conform
19
TickIT / ISO 9001:2000
•In December 2000, following considerable review of the effectiveness of 9001:1994 and competitive systems such as the CMM, the International Standards Organisation (ISO/TC 176) published an update to ISO9001:1994 called ISO9001:2000 •ISO9001:2000 explicitly talks about continued improvement which previously was implicit. This brings ISO9001 more into line with the CMM which rates continual improvement as very important.•Existing QM systems in 2000 were given a maximum of 3 years for compliance with ISO9001:2000 •New QM systems are assessed against ISO9001:2000.
20
ISO 9001:2000 – Aim, Structure
• The stress is upon: meeting requirements, value of each process, measuring process performance and effectiveness, continual improvement.
• 9001 fundamentally takes a ‘process approach’ to QM systems – ‘plan, do, check, act’.
• The four Main sections of the standard are: - Management Responsibility; - Resource Management; - Product Realization; - Measurement, Analysis and Improvement.
21
Main Sections (i)
There are FOUR main sections to 9001:2000:
Management Responsibility
Commitment, Policy, Planning, Responsibility Authority and Communication, Review
Resource Management
Provision, Human, Infrastructure, Environment
22
Main Sections (ii)
Product Realization
- Planning, - Customer Related Processes, - Design and Development, - Purchasing, - Production and Service Provision, - Control of Monitoring and Measuring Devices.
Measurement, Analysis and Improvement
- each has specific notes to be adhered to…
23
Main Sections (iii)
Measurement,
Customer Satisfaction, Internal Audit, of Processes, of Product, - Control of Nonconforming Product.
Analysis- shall inform about conformity to requirements, trends in process and product, suppliers, and customer satisfaction.
ImprovementContinual Improvement, Corrective Action, Preventative Action. - one of the main things introduced by ISO9001:2000 - raising the profile of improvement in the QMS
24
What is ISO 9000-3, in detail?
quality system - 1. framework
quality system - 2. life-cycle activities
quality system - 3. supporting activities
25
ISO 9000 - 3 1. Framework
Defines procedures for:- Management responsibility
Quality Management System
Internal QS audits
Corrective action necessary to improve quality
26
ISO 9000 - 3 2. Life-cycle Activities
Purchaser’s requirements specification
Development planning
Quality System planning
Design and implementation
Testing and validation
Replication, delivery and installation
Maintenance ( Support )
27
ISO 9000 - 3 3. Supporting Activities
Config. management Document control Rules, practices and
conventions Tools and techniques Included software
product
Measurement Purchasing Training Quality records -
records of reviews, tests, things to put right following non-conformance