Software Quality Assurance Software Quality Assurance In Large Scale and Complex Software-Intensive Systems Edited by Ivan Mistrik Heidelberg, Germany Richard Soley Object Management Group, Needham, MA, USA Nour Ali University of Brighton, Brighton, UK John Grundy Swinburne University of Technology, Hawthorn, VIC, Australia Bedir Tekinerdogan Wageningen University, Wageningen, The Netherlands AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Morgan Kaufmann is an imprint of Elsevier Acquiring Editor: Todd Green Editorial Project Manager: Lindsay Lawrence Project Manager: Priya Kumaraguruparan Cover Designer: Maria Ineˆs Cruz Morgan Kaufmann is an imprint of Elsevier 225 Wyman Street, Waltham, MA 02451, USA Copyright © 2016 Elsevier Inc All rights reserved No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein) Notices Knowledge and best practice in this field are constantly changing As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein ISBN: 978-0-12-802301-3 British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the Library of Congress For Information on all Morgan Kaufmann publications visit our website at www.mkp.com List of Contributors Alain Abran Ecole de Technologie Supe´rieure (ETS), Montre´al, Canada Nour Ali University of Brighton, Brighton, UK Maurı´cio Aniche University of Sa˜o Paulo (USP) Department of Computer Science, Sa˜o Paulo/SP-Brazil Paris Avgeriou Department of Mathematics and Computing Science, University of Groningen, Groningen, The Netherlands Luis Azevedo Department of Computer Science, University of Hull, Hull, UK Jim Buckley Lero, University of Limerick, Ireland Luigi Buglione Engineering Ingegneria Informatica SpA, Rome, Italy; Ecole de Technologie Supe´rieure (ETS), Montre´al, Canada J.J Collins Lero, University of Limerick, Ireland Maya Daneva University of Twente, Enschede, The Netherlands Barry Demchak University of California, San Diego, La Jolla, CA, USA Michael English Lero, University of Limerick, Ireland Claudiu Farcas University of California, San Diego, La Jolla, CA, USA Emilia Farcas University of California, San Diego, La Jolla, CA, USA I Fleming SQA.net, USA; SugarCRM Inc., Cupertino, CA, USA William G Griswold University of California, San Diego, La Jolla, CA, USA xv xvi List of Contributors John Grundy Swinburne University of Technology, Hawthorn, VIC, Australia Eduardo Guerra National Institute of Space Research (INPE), Associated Laboratory for Computing and Applied Mathematics, Sa˜o Jose´ dos Campos/SP-Brazil Andrea Herrmann Herrmann & Ehrlich, Stuttgart, Germany Sohag Kabir Department of Computer Science, University of Hull, Hull, UK Marouane Kessentini Department of Computer and Information Science, University of MichiganDearborn, Dearborn, MI, USA Ingolf Krueger University of California, San Diego, La Jolla, CA, USA Anand Kumar Tata Consultancy Services, TCS Innovation Labs—Tata Research Development and Design Centre, Pune, Maharashtra, India Zengyang Li Department of Mathematics and Computing Science, University of Groningen, Groningen, The Netherlands; International School of Software, Wuhan University, Wuhan, People’s Republic of China Peng Liang State Key Lab of Software Engineering, School of Computer, Wuhan University, Wuhan, People’s Republic of China; Department of Computer Science, VU University Amsterdam, Amsterdam, The Netherlands Doji Samson Lokku Tata Consultancy Services, Hyderabad, Telangana, India Bruce R Maxim Department of Computer and Information Science, University of MichiganDearborn, Dearborn, MI, USA Massimiliano Menarini University of California, San Diego, La Jolla, CA, USA Ivan Mistrik Heidelberg, Germany Swaminathan Natarajan Tata Consultancy Services, TCS Innovation Labs—Tata Research Development and Design Centre, Pune, Maharashtra, India List of Contributors Padmalata V Nistala Tata Consultancy Services, Hyderabad, Telangana, India Kesav V Nori International Institute of Information Technology, Hyderabad, Telangana, India Yiannis Papadopoulos Department of Computer Science, University of Hull, Hull, UK David Parker Department of Computer Science, University of Hull, Hull, UK Kevin Patrick University of California, San Diego, La Jolla, CA, USA Fred Raab University of California, San Diego, La Jolla, CA, USA Septavera Sharvia Department of Computer Science, University of Hull, Hull, UK Richard Soley Object Management Group, Needham, MA, USA Ioannis Sorokos Department of Computer Science, University of Hull, Hull, UK Bedir Tekinerdogan Information Technology Group, Wageningen University, Wageningen, The Netherlands Martin Walker Department of Computer Science, University of Hull, Hull, UK Yan Yan University of California, San Diego, La Jolla, CA, USA Celal Ziftci University of California, San Diego, La Jolla, CA, USA Nikhil R Zope Tata Consultancy Services, Andheri (E), Mumbai, Maharashtra, India xvii Biography Ivan Mistrik is a researcher in software-intensive systems engineering He is a computer scientist who is interested in system and software engineering (SE/ SWE) and in system and software architecture (SA/SWA), in particular: life cycle system/software engineering, requirements engineering, relating software requirements and architectures, knowledge management in software development, rationale-based software development, aligning enterprise/system/software architectures, value-based software engineering, agile software architectures, and collaborative system/software engineering He has more than 40 years’ experience in the field of computer systems engineering as an information systems developer, R&D leader, SE/SA research analyst, educator in computer sciences, and ICT management consultant In the past 40 years, he has been primarily working at various R&D institutions in the United States and Germany and has done consulting on a variety of large international projects sponsored by ESA, EU, NASA, NATO, and UN He has also taught university-level computer sciences courses in software engineering, software architecture, distributed information systems, and humanÀcomputer interaction He is the author or coauthor of more than 90 articles and papers in international journals, conferences, books, and workshops, most recently a chapter Capture of Software Requirements and Rationale through Collaborative Software Development, a paper Knowledge Management in the Global Software Engineering Environment, and a paper Architectural Knowledge Management in Global Software Development He has written a number of editorials, most recently for the book on Aligning Enterprise, System, and Software Architecture and the book on Relating System Quality and Software Architecture He has also written over 120 technical reports and presented over 70 scientific/technical talks He has served in many program committees and panels of reputable international conferences and organized a number of scientific workshops, most recently two workshops on Knowledge Engineering in Global Software and Development at the International Conference on Global Software Engineering 2009 and 2010 and IEEE International Workshop on the Future of Software Engineering for/in the Cloud held in conjunction with IEEE Cloud 2011 He has been the guest-editor of IEE Proceedings Software: A special Issue on Relating Software Requirements and Architectures published in 2005 and the lead-editor of the book Rationale Management in Software Engineering published in 2006 He has been the coauthor of the book Rationale-Based Software Engineering published in May 2008 He has been the lead-editor of the book Collaborative Software Engineering published in 2010, the book on Relating Software Requirements and Architectures published in 2011, and the lead-editor xix xx Biography of the book on Aligning Enterprise, System, and Software Architectures published in 2012 He was the lead-editor of the Expert Systems Special Issue on Knowledge Engineering in Global Software Development and the coeditor of the JSS Special Issue on the Future of Software Engineering for/in the Cloud, both published in 2013 He was the coeditor for the book on Agile Software Architecture published in 2013 He was the lead-editor for the book on Economics-driven Software Architecture and the book on Relating System Quality and Software Architecture, both published in 2014 Nour Ali is a Principal Lecturer at the University of Brighton, UK She holds a PhD in Software Engineering from the Polytechnic University of ValenciaSpain for her work in Ambients in Aspect-Oriented Software Architecture She is Fellow of UK Higher Education Academy (HEA) Her research area encompasses service-oriented architecture, software architecture, model-driven engineering, adaptive software, and distributed and mobile systems In 2014, the University of Brighton granted her a Rising Stars award in Service Oriented Architecture Recovery and Consistency She is currently leading the Knowledge Transfer Partnership project for migrating legacy software systems using architecture centric approach She has also been the Principal Investigator for an Enterprise Ireland Commercialization Project in Architecture Recovery and Consistency and coinvestigator in several funded projects Dr Ali is the Applications Track Chair for 2015 IEEE International Conference on Mobile Services (MS 2015) and serves on the Programme Committee for several conferences (e.g., ICWS, ICMS, HPCC, etc.) and journals (e.g., JSS, or JIST) She has cochaired and co-organized several workshops such as the IEEE International Workshop on Engineering Mobile Service Oriented Systems (EMSOS) and the IEEE Workshop on Future of Software Engineering for/in the Cloud She was the coeditor of the JSS Special Issue on the Future of Software Engineering for/in the Cloud published in 2013 and Agile and lean service-oriented development: foundations, theory, and practice published in 2012 Her personal Web site is: http://www.cem.brighton.ac.uk/ staff/na179/ John Grundy is Dean of the School of Software and Electrical Engineering and Professor of Software Engineering at the Swinburne University of Technology, Melbourne, Australia He has published nearly 300 refereed papers on software engineering tools and methods, automated software engineering, visual languages and environments, collaborative work systems and tools, aspectoriented software development, user interfaces, software process technology, and distributed systems He has made numerous contributions to the field of software quality assurance and software engineering including developing a number of software architecture modeling and quality analysis tools; developing several performance engineering techniques and tools; analytical tools for software processes, designs and code; project management tools; and numerous software design tools He is particularly interested in the modeling of quality concerns and implementing appropriate analytical techniques to ensure these are met He has Biography focused much research on model-driven engineering techniques and tools to ensure repeatability of process and quality He is an Associate Editor in Chief of IEEE Transactions on Software Engineering and Associate Editor of IEEE Software and Automated Software Engineering He has been Program Chair of the IEEE/ACM Automated Software Engineering conference, the IEEE Visual Languages and Human-Centric Computing Conference, and has several times been a PC member for the International Conference on Software Engineering He is a Fellow of Automated Software Engineering and Engineers Australia Richard Mark Soley is Chairman and Chief Executive Officer of OMG®, Executive Director of the Cloud Standards Customer Council, and Executive Director of the Industrial Internet Consortium As Chairman and CEO of OMG, Dr Soley is responsible for the vision and direction of the world’s largest consortium of its type Dr Soley joined the nascent OMG as Technical Director in 1989, leading the development of OMG’s world-leading standardization process and the original CORBA® specification In 1996, he led the effort to move into vertical market standards (starting with healthcare, finance, telecommunications, and manufacturing) and modeling, leading first to the Unified Modeling Languaget (UML®) and later the Model Driven Architecture® (MDA®) He also led the effort to establish the SOA Consortium in January 2007, leading to the launch of the Business Ecology Initiative in 2009 The Initiative focuses on the management imperative to make business more responsive, effective, sustainable and secure in a complex, networked world, through practice areas including Business Design, Business Process Excellence, Intelligent Business, Sustainable Business, and Secure Business In addition, Dr Soley is the Executive Director of the Cloud Standards Customer Council, helping end-users transition to cloud computing and direct requirements and priorities for cloud standards throughout the industry In 2014, Dr Soley helped found the Industrial Internet Consortium and (IIC) serves as a Executive Director of the organization The IIC was formed to accelerate the development, adoption and wide-spread use of interconnected machines and devices, intelligent analytics, and people at work The members of the IIC catalyze and coordinate the priorities and enabling technologies of the Industrial Internet Dr Soley also serves on numerous industrial, technical and academic conference program committees, and speaks all over the world on issues relevant to standards, the adoption of new technology and creating successful companies He is an active angel investor, and was involved in the creation of both the Eclipse Foundation and Open Health Tools Previously, Dr Soley was a cofounder and former Chairman/CEO of A I Architects, Inc., maker of the 386 HummingBoard and other PC and workstation hardware and software Prior to that, he consulted for various technology companies and venture firms on matters pertaining to software investment opportunities Dr Soley has also consulted for IBM, Motorola, PictureTel, Texas Instruments, Gold Hill Computer and others He began his professional life at Honeywell Computer Systems working on the Multics operating system A native of Baltimore, MD, USA, Dr Soley holds bachelor’s, master’s, xxi xxii Biography and doctoral degrees in Computer Science and Engineering from the Massachusetts Institute of Technology Bedir Tekinerdogan is a full professor and chair of the Information Technology group at Wageningen University in The Netherlands He received his MSc degree (1994) and a PhD degree (2000) in Computer Science, both from the University of Twente, The Netherlands From 2003 until 2008, he was a faculty member at University of Twente, after which he joined Bilkent University until 2015 At Bilkent University, he has founded and led the Bilkent Software Engineering Group which aimed to foster research and education on software engineering in Turkey He has more than 20 years of experience in software engineering research and education His main research includes the engineering of smart software-intensive systems In particular, he has focused on and is interested in software architecture design, software product line engineering, modeldriven development, parallel computing, cloud computing, and system of systems engineering Much of his research has been carried out in close collaboration with the industry He has been active in dozens of national and international research and consultancy projects with various large software companies whereby he has worked as a principal researcher and leading software/system architect As such, he has broad experience in software engineering challenges of various different application domains including finance and banking, defense, safety-critical systems, mission critical systems, space systems, education, consumer electronics, and life sciences He has served on the Program Committee of many different software engineering conferences He also organized more than 50 conferences/ workshops on important software engineering research topics to initiate and trigger important developments He is the initiator and steering committee chair of the Turkish Software Architecture Design Conferences which have been organized since 2005 He is a member of the scientific advisory committee of the Integrated Software Excellence Research Program ERP that aims to establish research cooperation frameworks between researchers from universities in Europe and IT companies in Turkey He has reviewed more than 100 national and international projects and is a regular reviewer for around 20 international journals He has graduated around 40 MSc students and supervised/graduated more than 10 PhD students He has developed and taught more than 15 different academic software engineering courses and has provided software engineering courses to more than 50 companies in The Netherlands, Germany, and Turkey 358 Author Index Clements, P., 223, 227, 230À231, 291 CMMI®, 47, 338 CMMI-DEV, 64 Cockburn, A., 293 Cohen, J., 339À341 COMPASS, 272 Constantine, 53 Constantine, L.L., 181, 184À185 Conti, T., 154 Cordoba, J., 42 COSMIC, 162 Crosby, P.B., 47, 287 Crow, K., 153 Cunningham, W., 85 Curtis, B., 121t D Dache, G., 290 Dahl, O.J., 63À64 Daneva, M., 159, 163 Danilovic, M., 222, 228À229 De Almeida, J., 30À31 Dean, E.B., 153 Deissenboeck, F., 285, 289, 308À309 DeMarco, T., 179 Demchak, B., 280, 282À283, 293À294 Deming, W.E., 65À66, 143, 288, 333 Demirli, E., 230À231 Devanbu, P., 196 Dig, D., 40 Dijkstra, 140 Distefano, S., 264 Dogsa, T., 203 Doăllner, J., 121t Dromey, R.G., 49, 288 Dubai, G., 26À27 Ducasse, S., 185 Dugan, J., 264 E e Nat Pryce, S.F., 201 ECSS, 162 Edifor, E., 262 Eisenberg, R.J., 121t Eixelsberger, W., 10 Ejiogu, L.O., 180, 184 Ekman, T., 39À40 English, M., 178, 180 Erasmus, P., 159 Erdogmus, H., 202 Ericson, C., 31 Eriksson, I.V., 154À155 ESSaRel, 258, 260 EUROCAE, 238 Evans, 213 F Fairbanks, G., 211, 215 Falessi, D., 31, 121t Farcas, E., 291À294 Federal Information Security Management Act of 2002, 283 Fehlmann, T., 39 Feigenbaum, A.V., 288 Feiler, P., 263 Fenelon, P., 255 Fenton, N.E., 7, 179À180, 184 Firesmith, D., 29 Floyd, R.W., 63À64 Fowler, M., 36, 208, 210, 212, 292À293 Freeman, S., 206 Fukuda, R., 75 Fussel, J., 261À262 G Gaffney, J.E Jr., 179À180 Gage, D., 30 Galin, D., Gallina, B., 257 Gamma, E., 139, 181, 213 Gardner, D., 34 Garvin, D., 21 Garvin, D.A., 287 Gat, I., 121t Ge, X., 257, 271 George, B., 201À202 Georges, G., 63À64 Ge´rard, B., 63À64 German, R., 260 Gerosa, M.A., 214 Gharajedaghi, J., 136À137 Glib, T., 47 Glover, F., 244 Gonclaves, L., 33 Grady, R., 22À23, 151, 162, 162t Grady, R.B., 49, 288 Gross, D., Grunske, L., 259 Gryna, F.M., 287 Guădemann, M., 267À269, 272f Guerra, E., 210, 214 Guerra, E.M., 207, 212À213, 215 Guide to the Software Engineering Body of Knowledge, Guinta, L.R., 153À155 Guo, Y., 89, 121t, 292 Author Index H Haag, S., 155, 156f Hagner, O., 203 Hall, A., 26 Halstead, M., 289 Hansen, K.M., Hardy, T., 31 Harrison, N.B., Harrison, R., 178, 182 Hatton, L., 19 Hauser, J.R., 151À155, 153f, 154f Health Insurance Portability and Accountability Act of 1996, 283 Heintz, J.D., 121t Herrmann, A., 163 Herzwurm, G., 153À154, 157 Hoare, C.A.R., 63À64 Holvitie, J., 89, 121t Hoăst, M., 103, 105107, 117118, 185, 187, 195196 Houston, A., 334 Hrones Jr., J.A., 154À155 Huang, G., 9À11 Humphrey, W.S., 290, 335 Hura, G., 264 I IEEE, 177, 335, 340 IEEE 1012-2012, 25 IEEE Std 610.12, 3À4 Ishikawa, K., 288 ISO (International Organization for Standardization), 65, 72, 73f, 285À288, 290, 307, 309 ISO 9126-2, 335À336 ISO/IEC, 87À88, 177À178 ISO/IEC 12207, 133À134 ISO/IEC 42010:2007, 223 ISO/IEC/IEEE, 86, 89À93, 95À98, 120À123, 129À130 ISO/IEC/IEEE 24765:2010(E), 3À4 J Jain, A., 293À294 Jamwal Dr, D., 49 Jansen, A., 95À98 Janzen, D., 201À202 Janzen, D.S., 201À202 Jarzombek, J., 30 Jones, C., 134À135 Jordan, H., 179 Joshi, A., 263 JUNIT, 339À340 Juran, 334 Juran, J.M., 287 K Kaiser, B., 257, 258f Kan, S.H., 13, 134À135, 289 Kaner, C., 52À53 Kano, N., 64 Kazman Kazman, R., 291 Kemerer, C., 37, 177À178, 181 Kemerer, C.F., 178, 181À183 Kerievsky, J., 210, 214 Kim, M., 40 Kinoshita, B., 215 Kitchenham, B., 37 Kitchenham, B.A., 13 Klein, H.K., 185 Knodel, J., 221 Koegel, M., 39À40 Korpipaa, P., 33 Koschke, R., 810, 221 Krishna, V., 121t Kruchten, P., 87 Kruăger, I., 280, 294 Kuehlemann, A., 27À28 Kwiatkowska, M., 268 L Lago, P., 20 Landre, E., 213 Langr, J., 202 Lanza, M., 217 Lauesen, S., 158, 163 Lawler, J., 37 Lazaroni, M., 28À29 Leffingwell, D., 292 Lehman, M.M., 177À178, 181 Leite, J., 24 Leppaănen, V., 89, 121t Lethbridge, T., 186 Li, A.L., 201À203 Li, Z., 13, 85À91, 93t, 94À98, 120, 121t, 127À128 Linderss, B., 33 Lisagor, O., 252À254, 270 M MacKenzie, C., 282À283 Mackinnon, T., 206 Madeyski, L., 203 Mallikarunja, C., 35À36 359 360 Author Index Malmqvist, J., 140À141 Mancoridis, S., 185 Markowitz, H., 292 Marsan, M., 260 Martin, R., 183, 185 Martin, R.C., 183, 185, 201 Martı´nez-Lorente, A.R., 48À49 Maruhn, M., 263, 270À271 Maxim, B.R., 26, 33À35 McCabe, T.J., 53, 289 McCall, J., 5À6, 21À22 McCall, J.A., 161À163, 288 McConnell, S., 88, 157À159, 158f McDermid, J., 255, 260 McGregor, J.D., 121t Mead, N., 30 Melo, W., 37 Merle, G., 262 Merson, P., 216À217 Meszaros, G., 215 Mian, Z., 270À271 Misic, V.B., 183 Mitchell, B.S., 185 Mitzlaff, J., 260 Mottu, J., 27 Muller, M., 203 Murphy, G., 10, 221À223 Murthy, P.N., 75 Musa, J., 28 Muxika, E., 252À254, 271f, 274À275 Myers, M.D., 185 N NASA, 334À335 Neil, M., 180, 184 Nguyenkim, H., 37 Nierstrasz, O., 183 Niklaus, W., 140 Nikzad, N., 280, 298À299 Nistala, P., 143À144 Niu, R., 255 Nonaka, 135À136 Nord, R.L., 292À293 Nordhoff, S., 241t Nori, K.V., 67f, 136 Nugroho, A., 121t O Object Management Group, 282À283 Ohno-Machado, L., 301 Olague, H.M., 196 Ortmeier, F., 267À269 Ozkaya, I., 85 P Paige, R., 255, 257, 270À271 Papadopoulos, Y., 242À243, 246, 260, 263, 270À271, 274À275 Papazoglou, M.P., 13 Parmenter, D., 58 Parnas, D.L., 178, 180 Patel, C., 11 Patrick, K., 280, 296 Paulk, M., 290 Paulk, M.C., 48À49, 335 Peterson, S.K., 280À281, 296 Pfleeger, S.L., 179À180 Pfleger, S.L., PMI, 151, 163, 339 Pohl, K., 12 Point, G., 265 Ponisio, L., 183 Popescu, D., 221 Poth, A., 20 Praizler, N.C., 153À155 Pressman, R.S., 26, 33À35 Priyanka, K., 143À144 Puliafito, A., 264 Punnekkat, S., 257 R Radice, R.A., 143 Rahman, F., 196 Rajlich, V.T., 181 Ramachandran, M., 11 Rao, K., 264 Rauzy, A., 265 Redwine, S., 30 Redzic, C., 39 Reuveni, D., 35 Revelle, J., 24 Richardson, I., 153, 155À156 Robes, R., 39À40 Robidoux, R., 264 Robson, C., 185 Rokosz, V., 27 Rooksby, J., 35 Rosik, J., 221 Royce, W., 40À41, 56 Rugina, A., 263 Runeson, P., 103, 105À107, 117À118, 185, 187, 195À196 S S-18, 238À243 Saaty, T.L., 292 Saiedian, H., 201À202 Author Index Sandkull, B., 222, 228À229 Sangal, N., 228À229 Sant’Anna, C., 178, 183, 196 Sarkar, S., 178, 180, 182À183 Savolainen, R., 187 SC-167, 241 SC 65-A, 238 Scheepers, R., 118 Schneidewind, N.F., 177À178, 181 Schulmeyer, G., 3, 37 Scitools, 188 Seaman, C., 89, 121t, 292 Seddon, P.B., 118 SEI (Software Engineering Institute), 290 SEI CMMI® Maturity Profile Report, 337 SEVOCAB, 160 Sharif, K.Y., 179 Sharvia, S., 242À243, 246, 270À271 Shewhart, W.A., 59, 287, 333 Shull, F., 33 Siakas, K., 37À39 Simon, D., 8À10, 221 Siniaalto, M., 202 Sinn, R., 29À30 Slaughter, S., 177À178 Slaughter, S.A., 177 Sommerville, I., 70, 78 SOX, 337 Stake, R.E., 187 Steinberg, D.H., 203 Steiner, M., 260 Sterling, C., 26, 40 Stevens, W.P., 181 Stoermer, C., 8À10 Sudhir, V., 75 Suyaev, A., 20 Svensson, D., 140À141 Swaminathan, N., 136 Szyperski, C., 181 T TC 22/SC3, 238 Tekinerdogan, B., 230À231 Tennant, G., 47, 59, 333, 341, 343 Tian, J., TOPCASED, 272 Tullis, T., 8À9, 13 Turner, R., 293 Tutelage, M., 26À27 U US Department of Defense, 252 V van den Heuvel, W.J., 13 van Heesch, U., 91À93, 126 Vargs, J., 42 Vesely, W., 252 Villafiorita, A., 264À265 VV.AA., QFD, 153À154 W Wagner, S., 49 Walker, M., 256f, 261À262 Wallace, D.R., 185 Watts, S.H., 63À64 Wiegers, K., 32 Williams, L., 201À202 Wirth, N., 63À64 Wood, D., 25 Woods, E., 291 Y Yacoub, S., 27 Yang, Y., 258 Yin, R.K., 185 Yourdon, 53 Yourdon, E., 181, 184À185 Yu, E., Z Zachman, J.A., 75 Zazworka, N., 89 Zelkowitz, M.V., 185 Zope, N., 67f Zultner, R.E., 155 361 Subject Index Note: Page numbers followed by “f” and “t” refer to figures and tables, respectively A AADL See Architecture Analysis and Design Language (AADL) Absence relation, 222 Abstractness, 185 Acceptable quality, 65 Acceptance test-driven development (ATDD), 203 Adaptability, 166, 168À169 ADD See Attribute Driven Design (ADD) ADLs See Architecture Description Languages (ADLs) Agile development processes, 11, 40À41 Agile maturity model (AMM), 11 Agile processes, 40À41, 79, 79f, 290, 292 AH See Attribute Hiding Factor (AH) AIF See Attribute Inheritance Factor (AIF) Air wheel braking system, case study, 246À248 AltaRica, 265À267, 266f, 273 AltaRica Data-Flow, 267 AMM See Agile maturity model (AMM) Analysis Task Manager, 265 Analytic generalization, 118 Application requirements, 304À306, 306t Appraisal costs, 25 Architects, 90 Architectural drift analysis, 221 design structure matrix, 228À230 design structure reflexion matrix, 230À234 possible applications, 235 reflexion modeling, 222À223 reflexion viewpoint, 224À227 using software architecture viewpoints, 223À224 using DSRMs, 231f Views and Beyond (V&B) approach, 223 Architectural technical debt (ATD), 85 background and related work, 87À88 technical debt documentation, 88À89 case study, 103À118 ease of collecting the required information and documenting ATD views (RQ2), 109À112 implications for research and practice, 117 study execution, 105À108 study objective and research questions, 103À105 threats to validity, 117À118 understandability of ATD viewpoints usefulness in understanding ATD (RQ3), 112À113 Chronological viewpoint, 103 model kind, 128À129 concerns, 91, 120 correspondences between viewpoints, 129À130 Decision viewpoint, 95À98 model kind, 125 Detail viewpoint, 93À95, 129 model kind, 129 Distribution viewpoint, 98À101 model kind, 126À127 future work, 118À119 metamodel of ATD viewpoints, 120À124 -related Component viewpoint, 98 model kind, 125À126 Stakeholder Involvement viewpoint, 101À102 model kind, 127À128 stakeholders, 90À91 Architectural technical debt management (ATDM), 86, 90À91 Architectural violations, 222 Architecture Analysis and Design Language (AADL), 263, 274À275 Architecture decisions, 86, 95À98, 115 Architecture Description Languages (ADLs), 253À254, 270À271, 274 Architecture designs, evaluating, 8À9 Architecture evaluation frameworks, 291À292 Architecture evaluators, 90À91 Architecture prototyping, 10 Architecture Reflexion Viewpoint, 224À226 Architecture Tradeoff Analysis Method (ATAM), 9, 291 Architecture-to-code consistency analysis, 235 Architecture-View to Architecture-View Consistency Analysis ARP4754-A issue of independence in, 240À241 safety requirements in, 238À240 ASIL See Automotive Safety Integrity Levels (ASIL) ATAM See Architecture Tradeoff Analysis Method (ATAM) ATD See Architectural technical debt (ATD) ATDD See Acceptance test-driven development (ATDD) 363 364 Subject Index ATDM See Architectural technical debt management (ATDM) Attribute Driven Design (ADD), Attribute Evaluation, 315 Attribute Hiding Factor (AH), 38t Attribute Inheritance Factor (AIF), 38t Automated testing, role of, 26À28 Automatic allocation of DALs, 242À246, 246f air wheel braking system, case study, 246À248 HiP-HOPS, 242À243 reduction of search space, 243À244 Tabu Search, 244À246 Automotive Safety Integrity Levels (ASIL), 260 Availability and dependability analysis, 251 B Behavioral Fault Simulation (BFS), 253, 264À269 AltaRica, 265À267 applicability and challenges of, 270 Deductive Cause Consequence Analysis (DCCA), 268À269 Formal Safety Analysis PlatformÀNew Symbolic Model Verifier (FSAP/NuSMV-SA), 264À265 Safety Analysis Modeling Language (SAML), 267À268 BFS See Behavioral Fault Simulation (BFS) Big data applications, 14 Black-box techniques, 27 Boehm’s model, 22, 288À289 Boehm’s Seven Quality Factors, 51t Boolean Logic Driven Markov Processes, 264 Brake System Control Unit (BSCU), 246À247 Broadcast synchronization vectors, 266À267 BSCU See Brake System Control Unit (BSCU) C Capability Maturity Model (CMM), 48À49, 290 Capability Maturity Model for Software, 335 Capability Maturity Model Integration (CMMI), 8, 47, 64, 290, 335, 338À339 QPT’s roles and responsibilities within, 339 role conflicts of interest for a combined SQC, SQA, and SPI TEAM, 344 Software Process Improvement (SPI) within, 341 Software Quality Control (SQC) within, 339 SQA within, 340 CAR See Causal Analysis and Resolution (CAR) Causal Analysis and Resolution (CAR), 343 Cause Effect Graphs (CEGs), 257À258 CBAM See Cost Benefit Analysis Method (CBAM) CBO See Coupling between object classes (CBO) CCA process See Common Cause Analysis (CCA) process CDAC See Concern Diffusion over Architectural Components (CDAC) CEGs See Cause Effect Graphs (CEGs) CFTs See Component Fault Tree (CFTs) Challenges and future directions of software quality, 2, 13À14 Change management, 35À36, 39À40 CIs See CyberInfrastructures (CIs) CitiSense, 298À300, 299f architecture, 299À300 and implementation quality analysis, 320À323 implementation, 300 Class and module level metrics, investigating software modularity using, 177 coupling and cohesion metrics, 181À182 at higher levels of granularity, 182À184 utilized in this study, 184À185 discussion, 194À195 empirical design, 186À188 data collection and analysis, 186À188 system selection, 186 empirical study, 185 objectives and research questions, 186 results, 188À193 software measurement, 179À180 software modularity, 180À181 software quality measurement, 179 validity and reliability, 195À196 Classic waterfall model, 70 Clojure, 298 CLOUD See Compute & storage eLastic On-demand, User-friendly Data analysis environment (CLOUD) Cloud computing, 34À35 Cluster Factor, 185, 187À188, 190 CMM See Capability Maturity Model (CMM) CMMI See Capability Maturity Model Integration (CMMI) Code Climate, 216 Code smell, 8, 36 Code-level metrics, 13 Code-to-code consistency analysis, 235 Common Cause Analysis (CCA) process, 240À241 COMPASS project, 272 Compatibility, defined, 138t Component Fault Tree (CFTs), 257À258, 258f, 273 Architecture Analysis and Design Language (AADL), 263 Subject Index Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS), 260À262 State-Event Fault Tree (SEFT), 259À260 system dynamics and temporal considerations, 264 Compositional traceability, 140À142 Computational Tree Logic (CTL), 268À269 Compute & storage eLastic On-demand, Userfriendly Data analysis environment (CLOUD), 301 Conceptual model for SQA, 7f Concern Diffusion over Architectural Components (CDAC), 183 “Cone of uncertainty”, 157À159, 158f, 168À169, 171 “Conformance to requirements”, 287 Consistency, 75 Consistency Analysis, 230 Consistency tracker, 147t, 148 Construct validity, 117À118 Convergent relation, 222 COSMIC (the Common Software Measurement International Consortium), 162 Cost Benefit Analysis Method (CBAM), 291 Cost of quality, 24À25 CostÀbenefit analysis, 292 COTS platform, 300 Coupling and cohesion metrics, 181À182 at higher levels of granularity, 182À184 utilized in this study, 184À185 Coupling between object classes (CBO), 38t, 181À182 Crowdsourcing, 34À35 CSS, 298 CTL See Computational Tree Logic (CTL) Current software practices, limitations of, 133À136 managing software quality requirements, 135 quality management during the lifecycle, 134À135 CyberInfrastructures (CIs), 279À281, 285, 288 CitiSense, 298À300 CYCORE, 296À298 DELPHI, 300À301 development process, 293À294 evaluation methodology, 308À312 activities, 309À310 facts, 310À312 impact matrix, 312 iDASH, 301 PALMS, 294À296 requirements, 303À304, 303t CYCORE (CYberinfrastructure for COmparative effectiveness REsearch), 280À282, 296À298, 297f architecture, 296À298 implementation, 298 D DALs See Development Assurance Levels (DALs) Data Preservation system, 298 DCCA See Deductive Cause Consequence Analysis (DCCA) DDD See Domain Driven Design (DDD) Deductive Cause Consequence Analysis (DCCA), 268À269 Defect analysis and process improvement, 36 DELPHI (Data E-platform Leveraged for Patient Empowerment and Population Health Improvement), 300À301 Dependability analysis, 251À254 Depth of Inheritance Tree (DIT), 38t Design refinement, 237 ARP4754-A standard independence in, 240À241 safety requirements in, 238À240 automatic allocation of DALs, 242À246 air wheel braking system, case study, 246À248 HiP-HOPS, 242À243 reduction of search space, 243À244 Tabu Search, 244À246 requirements allocation, as research problem, 241À242 Design structure matrices (DSMs), 222, 228À230 Design structure reflexion matrices (DSRMs), 222, 230À234 applications, 235 Deterministic Stochastic Petri Nets (DSPNs), 260 Development Assurance Levels (DALs), 238À242, 239t automatic allocation of, 242À246 Development team, 2, 90À91, 322 Development-Operations (DevOps), 14 DFT approach See Dynamic Fault Tree (DFT) approach Diksuchi problem solving methodology, 75 Distance metric, 185, 189À190 Distributed QFD (DQFD), 155 Distributed systems, 309 DIT See Depth of Inheritance Tree (DIT) Divergence relation, 222 Divide-and-conquer strategy, 68 365 366 Subject Index DMAIC process, 39, 59 DMM See Domain mapping matrix (DMM) Domain Driven Design (DDD), 213 Domain mapping matrix (DMM), 230 DQFD See Distributed QFD (DQFD) DRBD See Dynamic Reliability Block Diagram (DRBD) DSM-Code-V, 230 DSMs See Design structure matrices (DSMs) DSPNs See Deterministic Stochastic Petri Nets (DSPNs) DSRMs See Design structure reflexion matrices (DSRMs) Dynamic Fault Tree (DFT) approach, 264 Dynamic Reliability Block Diagram (DRBD), 264 E ECSS organization See European Cooperation for Space Standardization (ECSS) organization Effective quality management (EQM), 20 act phase, 20 identification phase, 20 plan phase, 20 E-Health CyberInfrastructures, 279À280, 290, 293, 309 requirements, 302À308, 304t E-Health domain, 279 concept of operation, 281À282 E-Health services, 282À283, 284f E-Health system, Decomposition view for, 234f, 235 EHRs (Electronic Health Records), 279 Encapsulation, 180À181 End-to-end data tracing, 309 Engineering and management, requirements, 74À75 Engineering quality with patterns, 139À140 catalog of quality patterns, 139À140 functional correctness patterns, 140 structure of a quality pattern, 139 Engineering technical specifications, 75 Enterprise Service Bus (ESB) architecture, 294À295, 327 EntryÀTaskÀVerification & ValidationÀExit (ETVX), 143 EQM See Effective quality management (EQM) ESB architecture See Enterprise Service Bus (ESB) architecture ESSaReL tool, 258, 260 ETVX See EntryÀTaskÀVerification & ValidationÀExit (ETVX) European Cooperation for Space Standardization (ECSS) organization, 162 Evolutionary model of progress, 70 External metrics, 53À56 to dynamic testing, 55À56 testing the presence of, for given quality factor, 57 External validity, 118, 195À196 Extreme Programming (XP), 41, 213 F Factor-Criteria-Metric (FCM) approach, 288À289 Factors-Criteria-Model, 161À163 Failure costs, 25 Failure Logic Synthesis And Analysis (FLSA), 253À264, 270À271 applicability and challenges of, 269À270 Failure Propagation and Transformation Calculus (FPTC), 255À257 Failure Propagation and Transformation Notation (FPTN), 255 Failure Mode Editor, 265 Failure Modes and Effects Analysis (FMEA), 252À253, 268À269 Fan-in coupling, 184À185 FanIO (combination of Fan-in coupling and Fanout coupling), 185 Fan-out coupling, 184À185 Fault injection, 264, 270À271 Fault Injector modules, 265 Fault tree analysis (FTA), 240À241, 252À253, 268À269 FCM approach See Factor-Criteria-Metric (FCM) approach Federal Information Security Management Act (FISMA), 283 FISMA See Federal Information Security Management Act (FISMA) FLSA See Failure Logic Synthesis And Analysis (FLSA) FMEA See Failure Modes and Effects Analysis (FMEA) Formal methods, role of, 26 Formal Safety Analysis PlatformÀNew Symbolic Model Verifier (FSAP/NuSMV-SA), 264À265, 273 FSM techniques See Functional size measurement (FSM) techniques FTA See Fault tree analysis (FTA) Functional architecture, 75À76 Functional correctness patterns, 140 Functional size measurement (FSM) techniques, 152 Functionality, 50, 53, 55, 138t FURPS (Functionality, Usability, Reliability, Performance, Supportability) model, 22À23, 162, 288 Subject Index G Gantt chart, 160, 171 Goal/question/metric (GQM) approach, 20À21 Goals for quality review, 282À283 Google Web Toolkit (GWT), 294À296 GQM approach See Goal/question/metric (GQM) approach GTS See Guarded Transition Systems (GTS) Guarded Transition Systems (GTS), 267 “Guidelines”, 68À69 GWT See Google Web Toolkit (GWT) H Health Insurance Portability and Accountability Act (HIPAA), 283 HHH server See Home Health Hub (HHH) server Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS), 242À243, 260À262, 262f, 270À271, 273 High Level Modules (HLMs), 178, 183, 188À192 HIPAA See Health Insurance Portability and Accountability Act (HIPAA) HiP-HOPS See Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS) HLMs See High Level Modules (HLMs) Home Health Hub (HHH) server, 297À298 HoQ See House of Quality (HoQ) House of Quality (HoQ), 153À154, 154f HTML, 298, 322 I Iceberg metaphor, 158À159, 159f, 168À169 iDASH See Integrating Data for Analysis, Anonymization, and Sharing (iDASH) IEEE Software Quality Metrics Methodology, 10À11 Implicit requirements, 159 Installability, 166 Integrating Data for Analysis, Anonymization, and Sharing (iDASH), 301, 308 architecture, 301 implementation, 301 Inter-module coupling, 184 Internal metrics, 52À53 of quality characterization model, 54 Interval scale, 289 Intra-module coupling, 184 ISO 25010, 23, 49, 288, 307 software quality model, 23 ISO 9001, 290 ISO 9126, 6, 49À50, 288, 290 six high-level quality factors, 51t ISO/IEC 42010, 223 ISO/IEC/IEEE 42010 standard, 86, 89À93 J Java code, 40, 295À296 Java Virtual Machine (JVM), 294À295 JavaScript, 295À296, 298, 300 JVM See Java Virtual Machine (JVM) K Key Performance Indicators (KPIs), 58À59 KPIs See Key Performance Indicators (KPIs) L LAAAM See Lightweight Architecture Alternative Assessment Method (LAAAM) Lack of Cohesion in Methods (LCOM), 38t, 182 Lack of Concern-based Cohesion (LCC), 183 Large-scale and complex software-intensive systems quality concerns in, software quality management, 3À5 software quality models, 5À7 system qualities addressing, 8À10 assessing, 10À13 assessment processes, 10À12 current challenges and future directions of, 13À14 metrics and measurements, 12À13 LCC See Lack of Concern-based Cohesion (LCC) LCOM See Lack of Cohesion in Methods (LCOM) Lightweight Architecture Alternative Assessment Method (LAAAM), 291À292 M MA See Measurement and analysis (MA) Maintainability, 35À37, 60, 87À88, 138t, 177À178, 251, 285À286 Maintenance activities, 35À36, 283À285, 308À309 Matlab, 300 Matlab Simulink, 260À261, 270À271 Matrix of Change (MoC), 153À154, 157 McCall’s breakdown of reliability, 52t McCall’s quality model, 5À6, 21À22, 288 MCS See Monte Carlo Simulation (MCS) MDA® See Model-Driven Architecture® (MDA®) MDM, 230À231 Mean-time-between-failure (MTBF), 28À29 Measurement, 12À13, 20À21 367 368 Subject Index Measurement (Continued) concept of, definition, 179À180 scales, 289 Measurement and analysis (MA), 11, 342 Method Hiding Factor (MH), 38t Metrics, 6À7, 12À13, 289À290 MH See Method Hiding Factor (MH) Model checking, 264 Model-based dependability analysis, 251 Behavioral Fault Simulation (BFS), 264À269 AltaRica, 265À267 Deductive Cause Consequence Analysis (DCCA), 268À269 Formal Safety Analysis PlatformÀNew Symbolic Model Verifier (FSAP/NuSMV-SA), 264À265 Safety Analysis Modeling Language (SAML), 267À268 Component Fault Tree (CFTs), 257À258 Architecture Analysis and Design Language (AADL), 263 Hierarchically Performed Hazard Origin and Propagation Studies (HiP-HOPS), 260À262 State-Event Fault Tree (SEFT), 259À260 system dynamics and temporal considerations, 264 emerging integrated approaches, 269À273 applicability and challenges of BFS, 270 applicability and challenges of FLSA, 269À270 model-based integrated approach, 271f towards integrated approaches, 270À273 Failure Logic Synthesis And Analysis (FLSA), 254À264 Failure Propagation and Transformation Calculus (FPTC), 255À257, 273 Failure Propagation and Transformation Notation (FPTN), 255, 273 future outlook, 274À275 Model-Driven Architecture® (MDA®), 282À283 Modern software quality assurance, 19 agile development processes, 40À41 best practices, 42À43 change management, 39À40 cloud computing, 34À35 cost of quality, 24À25 crowdsourcing, 34À35 defect analysis and process improvement, 36 formal methods, role of, 26 maintenance and change management, 35À36 measurement, 20 non-functional requirements (NFRs), 24 product and process metrics, role of, 37 quality models, 21À23 quality perspectives, 21 manufacturer’s view, 21 product view, 21 transcendental view, 21 user view, 21 value-based view, 21 reliability, 28À29 requirement conformance versus customer satisfaction, 20 reviews and postmortems, 32À33 reviews and usability, 32 safety, 30À31 security, 29À30 social media, 34À35 statistical SQA, 37À39 testing and automated testing, role of, 26À28 user experience, 33À34 verification and validation (V&V) processes, 25 Module, 182 Monte Carlo Simulation (MCS), 264 MTBF See Mean-time-between-failure (MTBF) MULE, 295À296 Mutation analysis, 27 MySQL, 294À296 N NA See Number of Attributes (NA) NAS See Number of Associations (NAS) NC See Number of Classes (NC) NFRs See Nonfunctional requirements (NFRs) NLC See Number of Lines of Code (NLC) NOC See Number of Children (NOC) Nominal scale, 289 “Non-API method Closedness” Index, 182 Nonfunctional requirements (NFRs), 24, 75À76, 135, 159, 161 Number of Associations (NAS), 38t, 182 Number of Attributes (NA), 38t Number of Children (NOC), 38t Number of Classes (NC), 38t Number of Lines of Code (NLC), 38t NuSMV-SA Model Checker module, 265 O OASIS SOA Reference Model, 282À283 OMR See Organizations Measurement Repository (OMR) OPD See Organizational Process Definition (OPD) Open Source system, 185À186 OPF See Organizational process focus (OPF) Ordinal scale, 289 Subject Index Organizational Process Definition (OPD), 340, 342 Organizational process focus (OPF), 342 Organizations Measurement Repository (OMR), 342 Outcome quality management, 68 P PACS (Picture Archiving and Communication System), 279 Pair programming, 41 PAL See Process Asset Library (PAL) PALMS See Personal Activity Location Measurement System (PALMS) PAND gate See Priority-AND (PAND) gate Pandora, 261À262 Postmortems, 32À33 Pattern language, 140 Patterns, design, 8, 213À214 Performance, defined, 138t Personal Activity Location Measurement System (PALMS), 294À296, 295f, 315 architecture, 294À295 architecture and implementation quality analysis, 315À318 implementation, 295À296 quality analysis of architectural and implementation choices for, 316t Petri Nets, 260, 264 PF See Polymorphism Factor (PF) Phase, defined, 66 PMC (project monitoring and control), 11 Polymorphism Factor (PF), 38t POR See Priority-OR (POR) Portability, 6, 138t, 166, 167t, 168t, 169t, 170f, 286 PPQA See Process and Product Quality Assurance (PPQA) Practices, in quality management, 68À69 Prevention costs, 25 Priority-AND (PAND) gate, 261À262 Priority-OR (POR), 261À262 Process, 66 and its elements, 67f Process and Product Quality Assurance (PPQA), 11, 341 QPT responsibilities for, 340À341 Process Asset Library (PAL), 340 Process based approaches, to software quality, 48À49 Process capability, 59 Process instantiation and configuration structure, 144, 145t Process metrics, 7, 37 Process models, 32À33, 290 Process quality management, 68 Process-level metrics, 13 ProcessÀproduct correlation, 143 Product and process metrics, role of, 37 Product Breakdown Structure, 140À141 Product Line Architecture to Application Architecture Consistency Analysis, 235 Product metrics, Product operations, 5À6, 22 Product quality, holistic view of, 136À138 Product revision, 5À6 Product transition, 5À6 Project managers, 4, 90 Project metrics, Propagation rules, 89 Python, 300, 326 Q QC/sub-QC, 137 QF See Quality factor (QF) QFD See Quality function deployment (QFD) QMs See Quality models (QMs) QPT See Quality Process Team (QPT) Quality, definition of, Quality attribute, defined, Quality characterization model external metrics of, 54À56 internal metrics of, 54 measuring and monitoring quality factors and related metrics, 58 process improvements related to, 59À60 software quality control’s utilization of, 56À57 SPI utilization of, 57À60 Quality definitions, 287À288 Quality evaluation, 308À323 of Boehm, 51t CitiSense architecture and implementation quality analysis, 320À323 CYCORE architecture and implementation quality analysis, 318À320 evaluation methodology, 308À312 activities, 309À310 facts, 310À312 impact matrix, 312 PALMS architecture and implementation quality analysis, 315À318 Quality factor (QF), 5À6, 21À23, 163 defining criteria for, 50À51 ISO-9126 Six High-Level, 51t measuring and monitoring, 58 metrics for defining the presence of, 52À53 of McCall, 23 perspectives and definitions, 49À50 369 370 Subject Index Quality function deployment (QFD), 24, 47, 152À157, 153f, 154f, 160 QF2D, 164À165 example calculation, 166À171 symbols and weights, 155t Quality management, challenges to, 19 Quality management and software process engineering, 63 motivation, 63À65 process, notion of, 65À67 quality management, 67À69 quality management through SP engineering, 72À82 contextual constraints, 81À82 life cycle models of SP, 78À79 localizing focus on quality, 72À78 process quality and quality management, 79À81 software process, 69À71 software quality, 71À72 Quality management and software product quality engineering, 136À143 compositional traceability, 140À142 consistency tracker, 147t current software practices, limitations of, 133À136 institutional knowledge utilizing, support for, 135À136 managing software quality requirements, 135 quality management during the lifecycle, 134À135 engineering quality with patterns, 139À140 catalog of quality patterns, 139À140 functional correctness patterns, 140 structure of a quality pattern, 139 holistic view of product quality, 136À138 process instantiation and configuration structure, 144, 145t processÀproduct correlation, 143 requirement pattern, product quality map, 146t software quality requirements, 144À147 Quality models (QMs), 21À23, 161, 161f, 288À289 Quality of software system, 71À72, 134 Quality pattern, 139 catalog of, 139À140 requirement, 145À147 structure of, 139, 140t Quality perspectives, 21 manufacturer’s view, 21 product view, 21 transcendental view, 21 user view, 21 value-based view, 21 Quality Process Team (QPT), 335À338, 344 center of excellence recommendations for Validation and Verification, 340 common challenge, 337À338 leveraging increased SQA capabilities required for external regulations, 337 responsibilities for CMMI® SPI related process areas, 343 for Process and Product Quality Assurance, 340À341 for validation and verification, 339À340 roles and responsibilities within CMMI®, 339 SPI related process areas of CMMI®, 343À344 SPI WITHIN CMMI®, 341 SQA within CMMII®, 340 SQC within CMMI® implementation, 340 synergy and overlaps between SQA and SPI roles and responsibilities, 336À337 between SQA and SQC roles and responsibilities, 335À336 Quality requirements, 11, 135, 144À147, 307À308, 307t R Ratio scale, 163, 289 Refactoring, 40, 292 large, 209À210 Refactoring, 292 detection, 40 large refactoring, 209À210 REF-FINDER tool, 40 Reflexion Architecture Views, 226À227 Reflexion Decomposition View, 226À227, 227f Reflexion modeling, 221À223 deployment view, 227, 228f reflexion viewpoint, 224À227, 226t uses view, 227, 228f using software architecture viewpoints, 223À224 Reliability, 28À29, 118, 138t, 251 Replaceability, 166 Requirement quality pattern, 70, 146t, 147 Requirements, 302À308 allocation as problem, 241À242 application, 304À306 cyberInfrastructure (CI), 303À304, 303t quality, 307À308 Requirements Elicitation process, 163 Requirements management, 151 estimation capability, improving, 157À164 early phases, 157À160 requirements, working on, 160À162 stakeholders, working with, 163À164 Subject Index QF2D, 155t, 164À165 example calculation, 166À171 Quality Function Deployment (QFD), 152À157, 153f, 154f, 160 Requirements-level metrics, 12 Response for a class (RFC), 38t, 182 Reviews and postmortems, 32À33 Reviews and usability, 32 RFC See Response for a class (RFC) Rich Service architectural pattern, 294À295, 300 Rich Services (RS) architecture blueprint, 282À283 RS architecture blueprint See Rich Services (RS) architecture blueprint RTN (Real-Time Network), 256 S Safe HIPAA-compliant Annotated Data Deposit box (SHADE), 301 Safety, on computer software, 30À31, 251 Safety Analysis Modeling Language (SAML), 267À268, 272À273 as an intermediate language, 272f Safety Integrity Levels (SIL), 260 SAML See Safety Analysis Modeling Language (SAML) SAND See Simultaneous-AND (SAND) Sarbanes Oxley (SOX), 337 SATC See Software Assurance Technology Center (SATC) “Scope creep” concept, 157 SCP See Software Construction Process (SCP) SD See Software Design (SD) SDP See Software Design Process (SDP) Search space, reduction of, 243À244 Security, 2, 29À30, 138t, 286 SEFT See State-Event Fault Tree (SEFT) SEI See Software Engineering Institute (SEI) Service-oriented architecture (SOA), 282À283 Service-oriented development (SOD), 282À283 SHADE See Safe HIPAA-compliant Annotated Data Deposit box (SHADE) SIL See Safety Integrity Levels (SIL) Simulation X, 260À261, 270À271 Simultaneous-AND (SAND), 261À262 Six Sigma, 37À39, 47, 59, 343À344 SLIM language See System Level Integrated Modeling (SLIM) language SOA See Service-oriented architecture (SOA) Social media, 34À35 SOD See Service-oriented development (SOD) Software architectural design, 76 Software architecture, 8À9, 211, 221 Software Assurance Technology Center (SATC), 12 Software commissioning engineering, 77 Software construction engineering, 77 Software Construction Process (SCP), 69 “Software crisis”, Software Design (SD), 69, 73À74 Software Design Process (SDP), 69 Software engineering design, 76 Software Engineering Institute (SEI), Capability Maturity Model (CMM), 290 Capability Maturity Model Integration (CMMI), 290 Software installation engineering, 77 Software maintenance engineering, 78 Software measurement, 179À180 Software metric, defined, 179À180 Software modularity, 180À181 Software operations engineering, 77 Software Process (SP), 66À67, 67f, 69À71, 140t Software process improvement (SPI), 3, 20, 334, 337À338 action plan, 155À156 roles and responsibilities, 336À337 within CMMI®, 341 Software product, 20, 34À35, 42, 134 Software QFD (SQFD), 155, 156f Software quality attribute, 6, 10 Software quality characterization models defining criteria for quality factors, 50À51 measuring and monitoring quality factors and related metrics, 58 metrics for defining the presence of quality factors, 52À53 metric versus measurement, 52À53 of organization, defined, 53À56 process improvements related to, 59À60 quality factor perspectives and definitions, 49À50 software quality control’s utilization development, 57 external metrics for quality factor, 57 of quality characterization model, 56À57 systems analysis, 56 systems design, 56 SPI utilization of, 57À60 structure and utility of, 49À53 Software Quality Control (SQC), 3, 334, 338 roles and responsibilities, 335À336 utilization development, 57 external metrics for quality factor, 57 371 372 Subject Index Software Quality Control (SQC) (Continued) of quality characterization model, 56À57 systems analysis, 56 systems design, 56 within CMMI®, 339 Software quality management, 3À5, 179 Software quality models, 5À7 Software quality planning (SQP), Software quality requirements, 135, 144À147 Software re(verse) engineering, 78 Software Requirements Specification (SRS), 335À336 Software Service Provider, 63À64 Software Six Sigma, 39 SonarQube, 216 SOX See Sarbanes Oxley (SOX) SP See Software Process (SP) SPC See Statistical Process Control (SPC) SPI See Software process improvement (SPI) Spiral model, 70, 79, 80f SQC See Software Quality Control (SQC) SQFD See Software QFD (SQFD) SQP See Software quality planning (SQP) SRS See Software Requirements Specification (SRS) Stable Dependencies Principle, 185 Standards, defined, 68À69 State-Event Fault Tree (SEFT), 259À260, 264, 273 Static code analysis tools, 292 Statistical Process Control (SPC), 333À334 Statistical SQA, 37À39 Structural architecture, 75À76 System architectural design, 75À76 System architecture, 293, 315 System engineering design, 76 System Level Integrated Modeling (SLIM) language, 272 System modularity, 309 System qualities addressing, 8À10 assessing, 10À13 assessment processes, 10À12 metrics and measurements, 12À13 T Tabu Search, 244À246 TARA See Tiny Architectural Review Approach (TARA) TD See Technical debt (TD) TDD See Test-driven development (TDD) Technical debt (TD), 85, 88À89, 292À293 Test automation See Automated testing Test-driven development (TDD), 201 combining TDD with other design techniques, 210À214 architectural design, 211À212 design patterns, 213À214 domain modeling, 212À213 continuous inspection, 216À217 as design technique, 203À205 large refactorings, 209À210 modeling relations with, 205À209 designing dependencies, 207À208 hierarchy and abstractions, 208À209 mock objects, 206À207 preparing for TDD in a software project, 214À216 on software quality, 202À203 Testing and automated testing, role of, 26À28 Testing-in-the-wild, 35 Threat analysis, 29 TimeNET, 260 Tiny Architectural Review Approach (TARA), 291À292 Topcased project, 272 Total Quality Impact, 312 Total Quality Management (TQM), 48À49, 164, 333À335 for software development, 335 software process improvement, definition of, 334 software quality assurance, definition of, 334À335 Software Quality Control (SQC), 334 TQM See Total Quality Management (TQM) Traceability Matrix, 134 U Usability, 32, 138t, 147 User experience, 33À34 V Validation, 339 Verification, 339 Verification and validation (V&V) processes, 25 ViSSaAn (Visual Support for Safety Analysis), 258 VMware vCloud software, 301 W Waterfall model, 8, 70À71, 78 WBS See Work-Breakdown-Structure (WBS) Weighted Methods per Class (WMC), 38t Subject Index Weka, 186 directory structure of, 187f White-box testing techniques, 27 WMC See Weighted Methods per Class (WMC) Work-Breakdown-Structure (WBS), 65, 68 XP See Extreme Programming (XP) Y YANGNI, 292 Z Zultner QFD Project, 155 373 ... responsible for devising, designing, engineering, controlling, and evolving software intensive systems Instead of seeking pinpricks of understanding into vastly complex natural phenomenon—we find ourselves... organizations and individual developers and operators? ?in maintaining software quality for today’s, and tomorrow’s, software- intensive systems 13 14 CHAPTER Quality concerns in large- scale Systems seem... experience in software engineering research and education His main research includes the engineering of smart software- intensive systems In particular, he has focused on and is interested in software