Welcome!

Open Source Cloud Authors: Zakia Bouachraoui, Pat Romanski, Elizabeth White, Liz McMillan, Yeshim Deniz

Related Topics: Microservices Expo, Java IoT, Microsoft Cloud, Open Source Cloud, @CloudExpo, SDN Journal

Microservices Expo: Blog Feed Post

Emerging Trends and Software Quality Assurance

The standard software quality activities defined by IEEE are integrated into the software development cycle

The future challenges for Software Quality assurance (SQA) follow a few software trends, including:

  • Complex and large software packages
  • Integration with external components and interfaces
  • The need to deliver quickly
  • The need to deliver bug free software

The standard software quality activities defined by IEEE, such as verification and validation, are integrated into the software development cycle. We see dedicated SQA roles and resources in major organizations. Also, many multi-national companies are pushing to have a central team drive and manage the quality processes, methodologies, and tools across all their sites and teams.

CAST-software-quality-software-risk-codeThe center of excellence is an example of such a central team, which are focused on defining and driving SQA activities, process, methods, and tools within the organization. They introduce specific software metrics to measure their key process areas (KPAs) at every phase of the software development life cycle. The main idea is to reduce cost of software production and quality, and therefore improve the overall productivity.

With the emerging software system architecture which is mainly oriented around mobile, cloud or SaaS, the need to better understand, manage, and adopt the SQA activities is increasing.

Organizations have started to understand, define, and implement quality models which are specific and relevant to their line of business. There is a strong push to study and apply the appropriate quality model, which could be based on either a standard model such as McCall's factor model, or a specific quality model to address few quality requirements such as security or reliability within every organization. For example: The McCall's factor model classifies all software requirements into eleven software quality factors. These eleven factors are grouped into three categories as follows (Galin, 2004):

  • Product operation factors: Correctness, Reliability, Efficiency, Integrity, Usability.
  • Product revision factors: Maintainability, Flexibility, Testability.
  • Product transition factors: Portability, Reusability, Interoperability.

There are few challenges in terms of adoption of these processes, methodologies, and tools mainly due to the following reasons:

  • Multiple development sites - This challenge is pretty common because the processes working at one site may not work at another site due to several reasons, including lack of resources, not enough expertise on process, not sharing the same priority, etc.
  • Integration of many external components or third parties - Today many organizations promote the use of external components or open source software within their development teams, and forget to anticipate the risks around testing them and getting them the proper support.
  • Not enough standards for software requirements - Although we have seen many standards defining processes including the CMM, CMMI, and ISO, when it comes to quality requirements, we see a lack of software quality standards. There are many institutes which focus on specific areas of software like security, networking, accessibility, and performance.
    • Examples of such institutes are Mitre Corporation, which has defined the popular security vulnerabilities which must be tackled by every software system. They are referred to as Common Weakness Enumeration (CWE). You can find more information at http://cwe.mitre.org/top25/
    • The evolving CISQ standards for software systems led by Object Management Group (OMG). The first version of the CISQ standard was published last year. The CISQ requirements are mainly based on four key quality characteristics - reliability, performance and efficiency, security, and maintainability. You can find more information at http://it-cisq.org/standards-page/
  • Not enough support from management in terms of strategy for SQA processes - There are organizations which still need to mature in terms of defining and implementing the right SQA for their business. They tend to fail due to lack of focus on quality processes.For example, organizations which compromise on testing by reducing or skipping non-functional testing, system testing, or integration testing may face issues in terms of dependencies or other problems linked to environment and platform, security, and performance, which are very critical for business to run smoothly.

The advantages of overcoming the challenges described above include process improvement, optimization, and higher productivity.

The use of standard SQA processes (based on Capability Maturity Model or Testing Maturity Model) should be recommended to develop an efficient SQA function within the organization. And the requirements of test automation should be promoted and enforced.

Based on experience, I would strongly recommend introducing static and dynamic code analysis as part of the QA activities to detect major violations early in the development phase. For example: There are many SCA tools such as CAST Application Intelligent Platform, Fortify, and Coverity which can be integrated into the daily or weekly software development testing activities.

This will have a positive impact on the overall productivity and quality of the software delivered.

Conclusion
Be it on-premise, on-demand, on-mobile, or on-cloud the requirements will evolve. Therefore we have to align the SQA process and tools to better suit these requirements. The software development team is still in charge or responsible for ensuring the quality of the system he is delivering to the market.

No matter which process we try to adopt or follow, as humans we need time to coach ourselves and practice the new process before we can really become the process champions.

Read the original blog entry...

More Stories By Lev Lesokhin

Lev Lesokhin is responsible for CAST's market development, strategy, thought leadership and product marketing worldwide. He has a passion for making customers successful, building the ecosystem, and advancing the state of the art in business technology. Lev comes to CAST from SAP, where he was Director, Global SME Marketing. Prior to SAP, Lev was at the Corporate Executive Board as one of the leaders of the Applications Executive Council, where he worked with the heads of applications organizations at Fortune 1000 companies to identify best management practices.

IoT & Smart Cities Stories
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (November 12-13, 2018, New York City) today announced the outline and schedule of the track. "The track has been designed in experience/degree order," said Schmarzo. "So, that folks who attend the entire track can leave the conference with some of the skills necessary to get their work done when they get back to their offices. It actually ties back to some work that I'm doing at the University of San...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
If a machine can invent, does this mean the end of the patent system as we know it? The patent system, both in the US and Europe, allows companies to protect their inventions and helps foster innovation. However, Artificial Intelligence (AI) could be set to disrupt the patent system as we know it. This talk will examine how AI may change the patent landscape in the years to come. Furthermore, ways in which companies can best protect their AI related inventions will be examined from both a US and...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in development and launches of disruptive technologies to create new market opportunities as well as enhance enterprise product portfolios with emerging technologies. His most recent venture was Octoblu, a cross-protocol Internet of Things (IoT) mesh network platform, acquired by Citrix. Prior to co-founding Octoblu, Chris was founder of Nodester, an open-source Node.JS PaaS which was acquired by AppFog and ...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...