Engineering Quality Software: A Review of Current Practices, Standards and Guidelines Including New Methods and Development Tools

During the 18 months since the publication of the 1st edition the practice of software quality and the availability of tools and guidance for its implementation has increased dramatically. The emphasis on the need for formal methods has increased and calls for certification of safety critical software are now common. In particular this 2nd edition: -Expands the treatment of static analysis and includes a com- prehensive but simple example in order to illustrate clearly the functions of each analyser in Chapter 8. -Describes formal requirements languages more fully in Chapter 6. -Updates the compendium of available guidelines and standards in Chapter 5. -Expands the description of the many high level languages in Chapter 9. -Improves and expands the exercise into a 49 page case study consisting of a documentation hierarchy for a safety system in Chapter 14. It is seeded with deliberate errors and ambiguities and now includes guidance in finding them.

Table of Contents:
1. The Background to Software Engineering and Quality.- 1 The Meaning of Quality in Software.- 1.1 Quality-What is it?.- 1.2 Quality-The Elusive Element.- 1.3 The Software Process-Craft or Science?.- 1.4 Blending Engineering Discipline and Software Design.- 1.5 The Conflict between Quality and Time.- 1.6 The Decline of Hardware and the Rise of Software.- 2 Software Failures-Causes and Hazards.- 2.1 Advantages and Disadvantages of Programmable Systems.- 2.2 Software-related Failures-Fault, Error, Failure.- 2.3 Causes of Faults.- 2.4 Safety Critical Software.- 2.5 Quantifying Software Reliability.- 3 The Effect of the Software Life-cycle on Quality.- 3.1 The Meaning of 'Life-Cycle'.- 3.2 Achieving Quality Software.- 3.3 Current Practice.- 3.4 Quality Control and Quality Assurance.- 2. Current Quality Systems and Software Standards.- 4 The Traditional Approach to Software Quality.- 4.1 Quality Systems.- 4.2 Quality Organisation, Management and Review.- 4.3 Design Documentation.- 4.4 Configuration Management and Change Control.- 4.5 Programming Standards.- 4.5.1 General Rules.- 4.5.2 Structured Programming.- 4.5.3 Describing the Modules.- 4.6 Design Reviews.- 4.7 Test and Integration.- 4.8 Subcontracted and Bought-in Software.- 4.8.1 Shelf versus Custom Software.- 4.8.2 Vendor Appraisal.- 4.8.3 Field Experience and History.- 4.9 Audit.- Checklists.- 5 Current Standards and Guidelines.- 5.1 The Need for Standards.- 5.2 How Standards Evolve.- 5.3 A Summary of Current Quality Systems.- 5.3.1 UK Defence Standard 05-21.- 5.3.2 British Standard 5750 (1987).- 5.3.3 NATO Standards-AQAP Series.- 5.3.4 UK Defence Standard 00-16.- 5.3.5 UK Defence Standard 00-55.- 5.3.6 ISO 9001 (1987).- 5.4 Current Software Standards and Guidelines.- 5.4.1 HSE Document: Programmable Electronic Systems in Safety Related Applications (UK).- 5.4.2 IEE: Guidelines for the Documentation of Software in Industrial Computer Systems (UK).- 5.4.3 EEA: Guide to the Quality Assurance of Software (UK).- 5.4.4 EEA: Establishing a Quality Assurance Function for Software (UK).- 5.4.5 EEA: Software Configuration Management (UK).- 5.4.6 EEA: A Guide to the Successful Start-Up of a Software Project (UK).- 5.4.7 Ministry of Defence MASCOT (UK).- 5.4.8 Ministry of Defence JSP188: Requirements for the Documentation of Software in Military Operational Real-Time Computer Systems (UK).- 5.4.9 IEEE: Software Engineering Standards (USA).- 5.4.10 ElektronikCentralen: Standards and Regulations for Software Approval and Certification (Denmark).- 5.4.11 Guidelines for the Nordic Factory Inspectorates.- 5.4.12 TUV handbook: Microcomputer in der Sicherheitstechnik (Germany).- 5.4.13 EWICS TC7 Documents.- 5.4.14 CEC Collaborative Project.- 5.4.15 US Department of Defense Standard 2167: Defense System for Software Development..- 5.4.16 IECCA: Guide to the Management of Software-Based Systems for Defence, 3rd Edition.- 5.4.17 I Gas E: SR15, The Use of Programmable Electronic Systems in Safety Related Applications in the Gas Industry.- 5.4.18 EEMUA: Safety Related Programmable Electronic Systems.- 5.4.19 STARTS: The STARTS Guide.- 5.4.20 Some Other Documents.- 5.5 Systems for the Future.- 5.5.1 Paperless Design.- 3. Software Quality Engineering-an Ideal Approach.- 6 An Engineering Approach to Defining Requirements.- 6.1 Engineer versus Programmer.- 6.2 A New Look at the Life-Cycle.- 6.3 Current State of the Art.- 6.4 Formal versus Free Expression.- 6.5 Expressing Requirements-Specification Techniques.- 6.6 Available Specification Languages and Design Methodologies.- 6.6.1 IORL (Input/Output Requirements Language).- 6.6.2 CORE (COntrolled Requirements Expression).- 6.6.3 VDM (Vienna Development Methodology).- 6.6.4 Z.- 6.6.5 OBJ.- 6.6.6 SREM (Software Requirements Engineering Methodology).- 6.6.7 MASCOT (Modular Approach to Software Construction, Operation and Test).- 6.6.8 SSADM (Structured Systems Analysis and Design Methodology).- 6.6.9 JSD (Jackson System Development).- 6.6.10 SADT (Structured Analysis and Design Technique-Ross).- 6.6.11 SSA (Structured System Analysis-De Marco).- 6.6.12 PSL/PSA (Problem Statement Language/ Analyser).- 6.6.13 Petri-nets.- 6.6.14 Object Oriented Design.- 6.7 Future Trends and Goals.- 7 Putting Design into an Engineering Context.- 7.1 Verification and Validation.- 7.2 The Design Process.- 7.3 Programming Standards.- 7.3.1 Module Specification Standard.- 7.3.2 Module Definition (Documentation and Code Package) Standard.- 7.3.3 Software Coding Standard.- 7.4 Design Review-Obtaining Visibility.- 7.5 Reviews Inspections and Walkthroughs.- 7.5.1 Reviews.- 7.5.2 Inspections.- 7.5.3 Walkthroughs.- 7.6 Configuration Management.- 7.7 Formal Verification.- Checklists.- 8 A Structured Approach to Static and Dynamic Testing.- 8.1 Limitations of Test.- 8.2 An Overview of Test Strategy.- 8.2.1 Code Inspection and Walkthrough.- 8.2.2 Symbolic Evaluation.- 8.2.3 Static Analysis.- 8.2.4 Dynamic Analysis.- 8.3 Static Analysers.- 8.3.1 MALPAS and Example.- 8.3.2 SPADE.- 8.3.3 TESTBED (LDRA).- 8.4 Dynamic Testing.- 8.4.1 Test Levels.- 8.4.2 Dynamic Test Tools.- 8.5 Test Management.- Checklists.- MALPAS Example.- 9 Languages and Their Importance.- 9.1 Programming Language-The Communication Medium.- 9.2 The Requirements of Real Time Languages.- 9.2.1 Simplicity.- 9.2.2 Security.- 9.2.3 Adaptability.- 9.2.4 Readability.- 9.2.5 Portability.- 9.2.6 Efficiency.- 9.3 Program Structures.- 9.4 Concurrency.- 9.5 Design of Languages.- 9.6 Future Languages.- 9.7 Compiler Evaluation.- 9.8 Current Languages.- 9.8.1 Procedural (Ada, Pascal, Modula 2, C, FORTRAN 77, CORAL 66, COBOL, BASIC, Algol 60, APL, PL/1).- 9.8.2 Declarative (PROLOG, LISP, Hope, FORTH).- 9.8.3 Object Oriented Languages.- 9.8.4 Fourth Generation Languages.- 10 Aspects of Fault Tolerance in Software Design.- 10.1 Redundancy, Diverse Software and Common-Cause Failure.- 10.2 Error Prevention.- 10.2.1 Electromagnetic Interference (emi).- 10.2.2 Hardware Design and Architecture.- 10.3 Error Identification and Correction.- 10.3.1 Error Detection.- 10.3.2 Error Correction.- 10.4 Data Communications.- 10.5 Graceful Degradation and Recovery.- 10.6 High Integrity Systems.- Checklists.- 4. New Management For Software Design.- 11 Software Project Management.- 11.1 Use of Automated Tools.- 11.2 The New Approach to Software Quality.- 11.3 Setting Up an Audit.- 11.3.1 Objectives of the Audit.- 11.3.2 Planning the Audit.- 11.3.3 Implementing the Audit.- 11.3.4 The Audit Report.- 11.4 Estimating.- 11.4.1 Seeking Metrics.- 11.4.2 Actual Methods.- 11.5 New Software Quality Programmes.- 11.5.1 The Alvey Programme.- 11.5.2 STARTS.- 11.5.3 ESPRIT Programme.- 11.5.4 EWICS TC7.- 11.5.5 CEC Collaborative Project.- 11.5.6 SEI.- 11.5.7 MCC Programme.- 11.5.8 SPC.- 11.5.9 STARS.- 11.5.10 JSEP.- 11.5.11 SIGMA.- 11.5.12 SPP.- 11.5.13 RACE.- 11.6 Software Security.- 11.6.1 Security Against Data Theft.- 11.6.2 Security Against Data Loss.- 11.6.3 Viruses.- 11.7 Software Safety and Liability.- 12 Quality-can it be Measured?.- 12.1 By the System Designer.- 12.2 By the Buyer.- 12.3 By means of Metrics.- 12.4 By Failure Distribution Modelling.- 12.4.1 Jelinski Moranda.- 12.4.2 Musa.- 12.4.3 Littlewood and Verral.- 12.4.4 Shooman.- 12.4.5 Schneidewind.- 12.4.6 Brown and Lipow.- 12.4.7 Seeding and Tagging.- 12.5 The Problem of Certification.- 12.6 Failure Data Acquisition.- 12.7 Benefits and Drawbacks of Assessing Software.- 12.7.1 Integrity Assessment.- 12.7.2 Benefits.- 12.7.3 Drawbacks.- 13 The Role of the Software Engineer.- 13.1 What is Needed.- 13.2 Structured Training for a Structured Discipline.- 13.3 The Importance of the Working Environment.- 5. Exercise.- 14 Software System Design Exercise-Addressable Detection System.- Checklist Application Chart.- Glossary of Terms.- A Terms Connected with Failure.- B Terms Connected with Software.- C Terms Connected with Software Systems and their Hardware.- D Terms Connected with Procedures, Management and Documents.- E Terms Connected with Test.- F Common Abbreviations.- 1 British Standards.- 2 UK Defence Standards.- 3 US Standards.- 4 Other Standards and Guidelines.- 5 Books.

About the Author :
David J. Smith, past Chairman of the Safety and Reliability Society is the author of six successful works on reliability, quality, software and statistics. He has been directly associated with this branch of engineering, in the process and telecommunications industries, for over 20 years and is well known for his courses and workshops on these subjects. He currently runs his own consultancy.