GRIFFITH UNIVERSITY

school of computing and information technology

bachelor of information technology &

bachelor of engineering (software engineering)

cit12162 software quality principles

FINAL EXAMINATION SEMESTER TWO 2002

instructions: open book examination

answer all questions
on the exam paper

question 1 software product quality -- (10 marks)

a) explain what steps you would take to keep the number of defects associated with a
software product you were commissioned to build as low as possible? in your response
cover quality defects as well as defects associated with the functionality of the system.
(5 marks)

2
question 1 software product quality (continued)
b) what ethical responsibilities does a software profession have in relation to software
quality when conducting a software project?
(3 marks)

3
question 1 software product quality (continued)

c) what general quality strategies are relevant for producing quality software?
(2 marks)

4
question 2 software product quality -- (10 marks)

a) telephone “payment-by-credit-card” systems are now used by a number of councils,

government agencies and companies. as a software engineer well versed in software
quality principles what quality considerations would you make in designing such a
system? justify your design decisions. such systems are obviously prone to user input
error. in your answer to this question make possible suggestions for minimising the risk
of such errors.

(5 marks)

5
question 2 (software product quality ) (security)
(continued)
(b) identify the differences between symmetric and asymmetric encryption algorithms. include
in your response how key management integrates into each encryption algorithm. diagramatic
representation of key usage is recommended.
(5 marks)

6
question 3 (software process) (10 marks)
a) in the measurement framework defined in iso 15504 – software process assessment,
what are the characteristics of the established process? (3
marks)

7
question 3 (software process) (continued)
b) what is the key output from an assessment of capability conducted according to iso
15504?
(3 marks)

8
question 3 (software process) (continued)

c) identify and briefly describe the phases of the ideal approach to software process
improvement.
(4 marks)

9
question 4 (standards) (10 marks)
the following extract is drawn from iso 9001: 2000, quality management systems —
requirements. from this extract:

10
question 4 (standards) (continued)
1) identify (by clause number and paragraph) the requirements that would have to be
met in order to claim conformance. (2
marks)

11
question 4 (standards) (continued)
2) for each requirement, evaluate the extent to which objective evidence could be
provided that the requirement has been met. (3
marks)

12
question 4 (standards) (continued)
3) list the types of evidence that would be available, and the types of judgement that
would have to be made in order to determine conformance.
(5 marks)

13
question 5 (software system testing – test strategy (10
marks)

1) you are to consider a test strategy for the ebay.com web site, and plan test
activities to undertake.

ebay.com is an e-commerce marketplace and auction site for goods ranging

from airline tickets to pet supplies.

you are to assume that you are testing the complete redevelopment of a site
similar to what ebay currently provides.

2) complete a risk assessment for the above system:

a) identify quality attributes
b) identify risks for each quality attribute
c) assign risk levels to each risk
d) document in a risk register

3) analyse test activities to be applied:

a) record for each risk the activities that will mitigate that risk
b) summarise the activities

14
the following quality characteristics should be used as the basis for the risk assessment:

quality characteristic
functionality
suitability
attributes of software that bear on the presence and appropriateness of a set of
functions for specified tasks.
accuracy
attributes of software that bear on the provision of right or agreed results and effects.
interoperability
attributes of software that bear on its ability to interact with specified systems.
compliance
attributes of software that make the software adhere to application related standards or
conventions or regulations in laws and similar prescriptions.
security
attributes of software that bear on its ability to prevent unauthorised access, whether
accidental or deliberate, to programs and data.
reliability
maturity
attributes of software that bear on the frequency of failure by faults in the software.
fault tolerance
attribute of software that bear on its ability to maintain a specified level of performance
in cases of software faults or of infringement of its specified interface.
recoverability
attribute of software that bear on its capability to re-establish its level of performance
and recover the data directly affected in case of a failure and on the time and effort
needed for it.
usability
understandability
attributes of software that bear on the user’s effort for recognising the logical concept
and its applicability.
learnability
attributes of software that bear on the user’s effort for learning its application (for
example, operation control, input, output).
operability
attributes of software that bear on the user’s effort for operation and operation control.
efficiency
time behaviour
attribute of software that bear on response and processing times and on throughput
rates in performing its function.
resource behaviour
attribute of software that bear on the amount of resources used and the duration of such
use in performing its function.
maintainability
analysability
attribute of software that bear on the effort needed for diagnosis of deficiencies or
causes of failures, or for identification of parts to be modified.
changeability
attribute of software that bear on the effort needed for modification, fault removal or for
environmental change.
stability
attribute of software that bear on the risk of unexpected effect of modification.
testability
attribute of software that bear on the effort needed for validating the modified software.
portability
adaptability
attribute of software that bear on the opportunity for its adaption to different specified
environments without applying other actions or means than those provided for this
purpose for the software considered.
installability
attribute of software that bear on the effort needed to install the software in a specified
environment.
15
 conformance
attribute of software that make the software adhere to standards or conventions relating
to portability.
replaceability
attributes of software that bear on the opportunity and effort of using it in the place of
specified other software in the environment of that software.

16
 risk is the product of severity of impact and likelihood of occurrence. remember
that it is easiest to think of the combination of severity and likelihood to derive
a risk level as a matrix.

likelihood
vh h l vl
s
e
v
e
vh a-1 a-2 b-2 b-4
r
i
t
y
h a-2 b-1 b-3 c-1
l b-2 b-3 b-5 c-2
vl b-4 c-1 c-2 c-3

use qualitative guidewords when considering severity and likelihood levels.

severity
leve meaning
l
vh catastrophic
h very serious
l important
vl noticeable

likelihood
leve meaning
l
vh almost
certain
h likely
l unlikely
vl incredible

17
 risk register

category risk description risk activity

level
functionality - suitability
functionality - accuracy

functionality -
interoperability
functionality - compliance
functionality - security

reliability - maturity

reliability - fault tolerance

reliability - recoverability

usability -
understandability
usability - learnability

usability - operability

efficiency - time behaviour

efficiency - resource
behaviour
maintainability -
analysability
maintainability -
changeability
maintainability - stability

maintainability - testability

portability - adaptability

portability - installability

portability - conformance

portability - replaceability

18
question 5 software system testing – test strategy (continued)

19
question 5 software system testing – test strategy (continued)

20
question 5 software system testing – test strategy (continued)

21
question 5 software system testing – test strategy (continued)

22
question 5 software system testing – test strategy (continued)

23
question 6 (10 marks)

the book “ zen and the art of motorcycle maintenance” raises a number of issues that are relevant
to achieving quality services and producing quality products. discuss the quality issues that are
raised in this book and show how they are relevant to producing quality software cost effectively.

24
question 6 (continued)

end of exam
25