CISQ Introduction & Objectives - Dr. Bill Curtis

7
1 CISQ Introduction CISQ Introduction and Objectives and Objectives Dr Bill Curtis S il Dr. Bill Curtis Director, CISQ www.it-cisq.org 1 Special thanks to CISQ Executive Forum Agenda CISQ Executive Forum Agenda 9:00- 9:30 Welcome & Introductions Mr. Ganesh Natarajan, NASSCOM 9:30-10:15 Introduction to CISQ Dr. Bill Curtis, CISQ 10:15-10:30 break 10:15-10:30 break 10:30-11:15 Introduction to the SEI Dr. Paul Nielsen, SEI 11:15-12:00 Introduction to OMG Dr. Richard Soley, OMG 12:00- 1:00 lunch 1:00- 2:30 ForumQuality Issues Moderator: Bill Curtis 2:30 2:45 break 2:30- 2:45 break 2:45- 4:00 ForumCISQ Objectives Moderator: Bill Curtis 4:00- 4:30 Summary and Adjourn Nielsen, Soley, & Natarajan 2

description

 

Transcript of CISQ Introduction & Objectives - Dr. Bill Curtis

Page 1: CISQ Introduction & Objectives - Dr. Bill Curtis

1

CISQ Introduction CISQ Introduction and Objectivesand Objectives

Dr Bill Curtis S i lDr. Bill CurtisDirector, CISQwww.it-cisq.org

1

Specialthanks to

CISQ Executive Forum AgendaCISQ Executive Forum Agenda

9:00- 9:30 Welcome & Introductions Mr. Ganesh Natarajan, NASSCOM

9:30-10:15 Introduction to CISQ Dr. Bill Curtis, CISQ

10:15-10:30 break10:15-10:30 break

10:30-11:15 Introduction to the SEI Dr. Paul Nielsen, SEI

11:15-12:00 Introduction to OMG Dr. Richard Soley, OMG

12:00- 1:00 lunch

1:00- 2:30 Forum−Quality Issues Moderator: Bill Curtis

2:30 2:45 break2:30- 2:45 break

2:45- 4:00 Forum−CISQ Objectives Moderator: Bill Curtis

4:00- 4:30 Summary and Adjourn Nielsen, Soley, & Natarajan

2

Page 2: CISQ Introduction & Objectives - Dr. Bill Curtis

2

The Software Quality DilemmaThe Software Quality Dilemma

National Research CouncilNational Research CouncilSoftware for Dependable SystemsSoftware for Dependable Systems

“As higher levels of assurance areAs higher levels of assurance are demanded…testing cannot deliver the level of confidence required at

a reasonable cost.”

“The cost of preventing all failures will usually be prohibitively

expensive, so a dependable system will not offer uniform levels of

“The correctness of the code is rarely the weakest link.”

will not offer uniform levels of confidence across all functions.”

Jackson, D. (2009). Communications of the ACM, 52 (4)

Software Engineering’s Software Engineering’s 44thth Wave Wave

What: Architecture, Quality characteristics, ReuseWhen: 2002Why: Ensure software is constructed to standards

that meet the lifetime demands placed on itProductProduct

44

What: Design methods, CASE toolsWhen: 1980-1990Why: Give developers better tools and aids for constructing

22

What: CMM/CMMI, ITIL, PMBOK, AgileWhen: 1990-2002Why: Provide a more disciplined environment for

professional work incorporating best practicesProcessProcess

33

What: 3rd & 4th generation languages, structured programmingWhen: 1965-1980Why: Give developers greater power for expressing their

programsLanguagesLanguages

11

Why: Give developers better tools and aids for constructing software systemsMethodsMethods

Page 3: CISQ Introduction & Objectives - Dr. Bill Curtis

3

Why CISQ?Why CISQ?

• Industry needs software quality measures:– Visibility into business critical applications– Control of outsourced work– Control of outsourced work– Benchmarks

• Current limitations:– Manual, expensive infrequent use– Subjective not repeatable or comparablej p p– Inconsistent definitions burdens usage

5

Partnership

What Is CISQ?What Is CISQ?

CISQIT organizations,

Outsourcers,Government

p

IT Executives

Technical experts

Government, Experts

Define industry issuesDrive standards adoptionCreate assessment

infrastructure

Application quality standardOther standards, methodsTechnical certification

6

Page 4: CISQ Introduction & Objectives - Dr. Bill Curtis

4

CISQ MembersCISQ Members

Initial CISQ ObjectivesInitial CISQ Objectives

Raise international awareness of the critical challenge of IT software quality1

Develop standard, automatable measures and anti-patterns for evaluating IT software quality2

Promote global acceptance of the standard in acquiring IT software and services3 acquiring IT software and services

Develop an infrastructure of authorized assessors and products using the standard4

Page 5: CISQ Introduction & Objectives - Dr. Bill Curtis

5

CISQ OperationsCISQ Operations

• CISQ Executive Meetings– Annual Executive Forums– Quarterly Webinars on progress and special topics

• Quarterly CISQ Technical Meetings– Initiated Q1 2010– Virtual to the extent possible– Distributed work on prioritized quality attributes

9

• Member Involvement– Executives – 1 day per year– Delegates – 2-4 weeks per year

CISQ StatusCISQ Status

• Executive Forums in Frankfurt, Germany; Arlington, Virginia; & Bangalore, India

• Five Technical Work Groups established⎯ Based on Executive Forum priorities⎯ Member assignment of delegates underway

• Standards targeted for 2011, first draft for some Work Groups expected in December 2010Work Groups expected in December 2010

Page 6: CISQ Introduction & Objectives - Dr. Bill Curtis

6

CISQ Standards ProcessCISQ Standards Process

Function Points

Technical Work Groups

Defined Measures

Knowledge Discovery Meta-modelStructured Metrics Meta-model

ISO2500014143

CISQExec

Forum

Maintainability

Reliability & Performance OMG Best

Practices

Measures 27000

ISO15939

Security

Methods for Metrics Use

Weaknesses& Violations

Pattern MetamodelKnowledge Discovery Meta-model

ISO17799CVSS

Size Technical Work GroupSize Technical Work Group

Team Lead

David

ObjectiveCreate a definition of Function Points that is as close to IFPUG ti l

David Herron

DCG

IFPUG counting rules as possible, while resolving the issues necessary to enable fully automated counting at the source code level

Page 7: CISQ Introduction & Objectives - Dr. Bill Curtis

7

Security Technical Work GroupSecurity Technical Work Group

Team Lead

Robert

ObjectiveDevelop automated source code measures that predict the

Robert Martin

MITRE

code measures that predict the vulnerability of source code to external attack. Coordinate work products with work in the software assurance community

Future CISQ DirectionsFuture CISQ Directions

• CISQ will pursue member-driven objectives– Determined by CISQ Executive Forum– Consensus among CISQ members of problem to be addressed

• Early requests for additional objectives:– Defect and failure-related definitions– Business value measures related to application quality– Size measures

• Use of Executive Forum for addressing industry issues– Quality-based SLAs in outsourcing contracts– Benchmarking– Industry response to regulatory challenges

14