Technische Universität München

A Unifying Model for Software Quality Workshop on Software Quality Szeged 2011

Klaus Lochmann, Andreas Göb

Technische Universität München

Motivation & Problem Statement •

Software quality is – intermingled with most activities of software engineering • Requirements • Design & Architecture • Implementation • Test – intermingled with most disciplines of software engineering • Security engineering • Usability engineering

•

Common foundation to describe software quality is missing

2

Technische Universität München

Motivation & Problem Statement • Different approaches in each discipline: – – – –

Checklists and guidelines Static code analysis tools Dynamic tests Quality models

• Common foundation is missing  Loss of information between the different development phases  Additional tracking effort

3

Technische Universität München

Quality Meta-Model • Objective: – Describing concepts related to software quality – Integrate the different concepts

• Meta-Model: – Based on Quamoco *

* http://www.quamoco.de/

Technische Universität München

Quality Meta-Model Entity

Impacts

Property

Attribute

Measures Measure 1) Property

[redness@apple]

2) Entity

„apple“

3) Attribute

„redness“

4) Impact

[redness@apple] [mellowness@apple]

5) Measure

„weight in lbs“

Technische Universität München

Quality Model An exemplary instance of the meta model, showing the concepts of • activity based quality models • static code analysis tools • checklists • functional test cases • guidelines • ISO 25010 „-ilities“

6

Modeling > Activity-based Quality Models Technische Universität München

Product Properties

Activity Properties

Structural Properties

Effectiveness @Attack

Encryption @Communication

Color independent @UI Element Unnec. complicated @Arith. Expression

Eff. & Eff. @Perceive

Eff. & Eff. @Maintain

Modeling > Static Code Analysis

Technische Universität München

Product Properties

Activity Properties

Structural Properties

Effectiveness @Attack

Encryption @Communication

Color independent @UI Element Static Code Analysis FindBugs “INT_BAD_REM_BY_1”

Unnec. complicated @Arith. Expression

Eff. & Eff. @Perceive

Eff. & Eff. @Maintain

Modeling > Manual Inspections

Technische Universität München

Product Properties

Activity Properties

Manual Inspections Checklist Item

Checklist Item

Static Code Analysis FindBugs “INT_BAD_REM_BY_1”

Structural Properties

Effectiveness @Attack

Encryption @Communication

Color independent @UI Element Unnec. complicated @Arith. Expression

Eff. & Eff. @Perceive

Eff. & Eff. @Maintain

Modeling > Functional Test Cases

Technische Universität München

Product Properties Functional Properties

Register Customer @Product

Activity Properties Eff. & Eff. @Book flight

Password @Product Manual Inspections Checklist Item

Checklist Item

Static Code Analysis FindBugs “INT_BAD_REM_BY_1”

Structural Properties

Effectiveness @Attack

Encryption @Communication

Color independent @UI Element Unnec. complicated @Arith. Expression

Eff. & Eff. @Perceive

Eff. & Eff. @Maintain

Modeling > Functional Test Cases

Technische Universität München

Product Properties Functional Test Cases Functional Test Case 1 Functional Test Case 2 Manual Inspections Checklist Item

Checklist Item

Static Code Analysis FindBugs “INT_BAD_REM_BY_1”

Functional Properties

Register Customer @Product

Activity Properties Eff. & Eff. @Book flight

Password @Product Structural Properties

Effectiveness @Attack

Encryption @Communication

Color independent @UI Element Unnec. complicated @Arith. Expression

Eff. & Eff. @Perceive

Eff. & Eff. @Maintain

Modeling > Guidelines

Technische Universität München

Product Properties Functional Test Cases Functional Test Case 1 Functional Test Case 2 Manual Inspections Checklist Item

Checklist Item

Static Code Analysis FindBugs

Functional Properties

Register Customer @Product

Eff. & Eff. @Book flight Password @Product Structural Properties

Effectiveness @Attack

Encryption @Communication

Color independent @UI Element Unnec. complicated @Arith. Expression

“INT_BAD_REM_BY_1”

Environment Metrics

Activity Properties

Environment Properties

Fortified @Hardware

Physical Accessibility @Hardware

Existence @Debugger

Adequateness @Development Tools

Eff. & Eff. @Perceive

Eff. & Eff. @Maintain

Modeling > ISO 25010 „-ilities“

Technische Universität München

Product Properties Functional Test Cases Functional Test Case 1 Functional Test Case 2 Manual Inspections

Functional Properties

Register Customer @Product

Activity Properties Eff. & Eff. @Book flight

Where Password do the ISO 25010 „-ilities“ fit in here? @Product Structural Properties

Maintainability Encryption @Communication and efficiency with “The degree of effectiveness which the product can be modified.”

Effectiveness @Attack

Checklist Item

Checklist Item

Static Code Analysis FindBugs “INT_BAD_REM_BY_1”

Environment Metrics Fortified @Hardware Existence @Debugger

Color independent @UI Element Unnec. complicated @Arith. Expression

Eff. & Eff. @Perceive

Eff. & Eff. Security @Maintain “The degree to which information and data are protected so that unauthorized persons or systems Environment Properties cannot read or modify them and authorized persons or Physical Accessibility systems are not denied access to them.” @Hardware Adequateness @Development Tools

Modeling > ISO 25010 „-ilities“

Technische Universität München

Product Properties Functional Test Cases Functional Test Case 1 Functional Test Case 2 Manual Inspections Checklist Item

Checklist Item

Static Code Analysis FindBugs

Functional Properties

Quality Attributes

Register Customer @Product

Functional Correctness @Product

Eff. & Eff. @Book flight

Password @Product Security @Product

Effectiveness @Attack

Accessibility @Product

Eff. & Eff. @Perceive

Maintainability @Product

Eff. & Eff. @Maintain

Structural Properties

Encryption @Communication

Color independent @UI Element Unnec. complicated @Arith. Expression

“INT_BAD_REM_BY_1”

Environment Metrics

Activity Properties

Environment Properties

Fortified @Hardware

Physical Accessibility @Hardware

Existence @Debugger

Adequateness @Development Tools

Technische Universität München

Summary • Quality meta-model and exemplary quality model for describing various concepts related to software quality – other quality models – checklists & guidelines – static and dynamic testing

• Quality model able to describe these concepts • Further work: – a more complete quality model – especially: reliability, safety, etc.

15