- McDermond Award
- Chairman’s message
- 4WCSQ Announcement
- Changes in Software Quality Assurance
- Bracing for the Brain Drain
- Aerospace Corner
- Division 6 Report
- Region 10 Report
- Region 13 Report
- ASQ SD Organization Chart
Division Chair: W.L. “Bill”
Chair-Elect: Nicole Radziwill
Division Secretary: Tom Ehrhorn
Division Treasurer: Brenda Fisk
If no other nominations are submitted, these nominees
will be elected to these positions on May 4, 2008.
To nominate a person, please contact Doug Hamilton at
It is a great pleasure to announce that the ASQ Software
Division has been awarded the J. S. McDermond Award for
meeting performance objectives in division management.
It is great to be part of a team of volunteers that
run a professional group like a paying project.
ASQ Software Division has reached an agreement with Computer Aid Inc’s IT Metrics and Productivity Institute to bring two great benefits for members.
- The software best practices webinars. The
registration is free, and they are scheduled just about
each week. Computer Aid Webinars
- The 2008 Software Best Practices Conferences at a discount rate of $395 (regular $695).
The following discount code is needed for the on-line
registration to the Software Best Practices
“ASQ########” where “########” is your member number (varies from 4-8 digits).
Keep Quality First As the economy weakens, remember to keep quality first in your business plan. Remember, “The bitterness of poor quality lingers long after the sweetness of low cost is gone.” As Corporations seek to cut costs, we are seeing more short term thinking and vision. This leads to disaster. Be the best…Not the cheapest!
Are you passionate about building better software? Do you want to be part of a major new effort, partnered with leading experts in software quality, to define how the practice of software quality should evolve to meet ever-increasing demands? If so, plan to attend the 4th World Congress for Software Quality (WCSQ) at the Hyatt Regency in Bethesda, Maryland from 15-18 September 2008. Not only is this exciting event a partnership between the Software Division of the American Society for Quality, the Software Group of the European Organization for Quality, and the Union of Japanese Scientists and Engineers, it also provides the opportunity to attend VERIFY, a leading conference on testing topics. See http://www.asq.org/conferences/wcsq for details.
Article By: Mike Kress, Boeing Associate Technical Fellow, ASQ Certified Software Quality Engineer, ASQ Fellow. RABQSA Registered Aerospace Industry Auditor, Boeing Commercial Airplane Group, past Chair ASQ Software Division
In today’s world, the range of Software Quality Assurance (SQA) functional responsibilities is much more than just “assuring” things like compliance and conformity. Rather, the message of ISO 9001/AS-9006 is more system-oriented approach with metrics for process control as well as metrics for management and customer visibility. For example, today’s SQA practitioners are expected to check on both supplier and internal software development for “Earned Value Tracking” as well as schedule cost management. As little as ten years ago, if SQA personnel wandered into these disciplines, “old school” managers would tell us to “get out, that’s not your job.”
Today, the roles and responsibilities between SQA practitioners, Software Engineering Process Group (SEPG) members, and Integrated Product Development Team (IPDT) members are blurring. Such lack of distinction is a double-edged sword. The upside is that SQA horizons are expanding and expectations for a SQA engineer are broadening, making us more valuable and respected. The downside is that we are often held accountable for matters beyond our control, like design malfunctions, schedule slippages, and cost overruns. On the other hand, when platitudes such as “Quality is everyone’s job” are preached, often times, no one group is held accountable. At that point, specific roles and responsibility suddenly become empty and meaningless.
In addition, there is a growing awareness that software quality today must include “Data Quality.” The need to have data that meets requirements for such features as accuracy, precision, security, interoperability, timeliness, currency, etc. is being addressed by the new draft ISO standard 25012. This standard will help all stakeholders benefit from data that provides consistent, correct, and complete information. For example, the correctness and completeness of your medical data is important, maybe even life-critical, when used by your general practitioner, cardiologist, orthopedic surgeon, hospital personnel, your pharmacist, and insurance carrier. They should all be working from the same data.
The SQA professionals must retain our longtime revered mission of being a discipline that is free and independent to evaluate product and process quality. We need specific authority to “stop the process/product line” or “prevent” non-conforming products from entering the marketplace and to enforce corrective action. Beyond that, the contribution SQA members can make to systems/project management is process goodness. Whatever expanded horizons we may accept, the software quality discipline can not lose sight of our basic responsibility of being a champion and advisor for process goodness ~ using qualitative and quantitative terms ~ as well as the IPDT authority on product acceptance.
The expectations for SQA practitioners will continue to grow. As a professor once said at a conference I attended, “In the future, only two commodities will matter, oil and software. And there are alternatives to oil.”
Mike Kress continues to lead the efforts of the
American Aerospace Quality Group (AAQG) in the creation of
AS9115, the draft international standard for Software
Quality Management System requirements. The draft will be
harmonized with ISO 12207 and the new version of AS9100:8/9
which is due out late this year.
[ASQ SD Action Plan: While reading the potential brain drain discussed in the following article, SD members should keep in mind that to address this concern, three of eleven of the ASQ Software Division’s strategic goals in our business plan for 2008 focuses upon efforts in the area of Transfer of Knowledge, as well as an updated offering of the Computer Software Quality Engineer certifications to better prepare and differentiate among new software practitioners.]
As reported in March 2008 by Associated Press Business Writer, Ms. Joelle Tessler, over the next decade a potential brain drain happens as a generation of Cold War Scientists and Engineers hits retirement age, and not enough qualified young Americans seek to take their place.
The AP Newswire article states that the problem is that almost 60 percent of all U.S. Aerospace workers in 2007 ~not just software/systems engineers alone ~ were age 45 or older. This could affect national security and even close the door on commercial products that start out as military technology. Making the condition more problematic is that while U.S. universities are awarding 2½ times more engineering, math, and computer science degrees than they did 40 years ago, aerospace and defense companies must compete with companies like Google, Microsoft, and Verizon for the best and brightest.
In addition, aerospace and defense industries often have higher experience expectations in quality systems, e.g. AS-9100 and software processes such as Capability Maturity Model Integrated (CMMI) than many universities now provide.
Some additional “good news/bad news” is that in addition to fierce competition for the limited pool of math and computer science experts from all corners of corporate America, contractors working on classified government aerospace/defense contracts are hamstrung by another factor ~ restrictions on hiring foreign personnel or off-shoring work to other countries.
This aerospace/defense industry confronts another challenge with security clearances. Unlike commercial technology companies, defense companies generally have to hire U.S. citizens since they need employees who can obtain a security clearance. This restriction eliminates many foreign graduates of American universities as well as foreign citizens in the U.S. on H-1G non-immigrant visas, which only allows a U.S. company to employ a foreign individual up to six years. Similarly, major aerospace/defense contractors can not easily outsource significant avionics systems technology and software development to countries without technically qualified workers with the necessary security credentials.
Some projections by major aerospace/defense industries have been reported by Lockheed Martin, Northrop Grumman, and Boeing Corporations. About half of Northrop Grumman’s 122,000 employees will be eligible to retire in the next ten years. The trend is the same at Lockheed Martin Corporation of Bethesda, Maryland, which could lose as much as half of its 140,000 person work force to retirement over the next decade. At Chicago-based Boeing, about 15 percent of the company’s employees are age 55 or older and are eligible to retire now.
Reader comments, as well as requests for additional information and/or clarification may be addressed to the SD newsletter and/or firstname.lastname@example.org.
(W.L. “Bill” Trest is Regional Councilor
Coordinator for ASQ Software Division as well as a Computer
Software Quality Engineer employed by Lockheed Martin
Aeronautics Company in Fort Worth, Texas, with 25+ years
experience in Military Aerospace Software/Systems Quality.
Bill is also a Senior Member of the Greater Fort Worth
Section 1416 of the American Society for Quality, and is a
Certified ASQ CSQE).
Safety Assurance Certification
Safety assurance certification is often part of overall systems product software development efforts. Safety assurance certification information is developed as needed for the various levels of hazard risk analysis.
Planned levels of safety assurance certification data development and record keeping allow a degree of flexibility. Instead of constraining the whole development program to follow specific methodology, the developer “customizes” the process rigor necessary for the safety criticality of the subsystem component(s), after performing Hazard Risk Analysis. In other words, a developer need not apply the same process rigor to a subsystem component that does not process safety critical information, as opposed to a subsystem that does.
This flexible approach has been accepted as compliant with such standards as MIL-STD-882, UK Def-Stan-0055 and RTCA/DO-178B. Notwithstanding, the benefits of process “flexibility” can not override the demands of safety; therefore, the evidence generated by the developer must always fully address the safety requirement.
A safety assurance certification level is a qualitative statement of the requirement for a degree of confidence in the evidence that specific safety goals have been achieved. The degree of confidence relates to the strength and coverage of the safety evidence. In other words, a safety assurance certification is equivalent to a confidence level.As an example, on many aerospace programs, as few as three categories of safety evidence assurance levels are established. Each level has a corresponding planned process element activity that guides the software developers towards achieving and retaining the required safety assurance certification data. The three nominal levels of safety assurance certification are:
Low Risk (from Hazard Risk Analysis) ~ Requires the use of peer reviews and/or static inspections of software products. An important element is the inspection/peer review process required for every software product with particular emphasis on the use of detailed inspection criteria checklists. Such intensive review records provide the ultimate product quality records and have historically been a key resource for the early elimination of errors.
Safety Related Hazard ~ In addition to peer reviews and inspections, structural tests are performed to assure that all unique software code paths are exercised during documented testing. This coverage can be obtained during unit, software integration tests, and/or software qualification tests. Failure Mode and Effects Testing (FMET) may be performed to analyze a complete set of failure modes and their effects, in order to provide validation of system/software requirements. Programming practices and features deemed unsafe, i.e. run-time code recreation, are often disallowed.
Safety Critical Hazard ~ Complete structural test coverage is performed and software source-to-object correspondence (100 percent) checks are added, including any assembly language use. Static code analysis often involves the use of a tool that performs the following checks: programming language construct violations, out of bounds array accesses, un-initialized variables, unreachable and dead code statements, unused variables, and infeasible paths. Generation of cyclometric complexity is required and/or monitored within established quality thresholds of design.Data related to safety assurance is collected into appropriate quality records storage systems. In another fundamental practice, the process for collection and retention of software safety assurance records are routinely evaluated for compliance with software development planning as part of an independent software quality assurance program. The technical adequacy of actual safety assurance records is evaluated by assigned safety personnel.
(W.L. “Bill” Trest is Regional Councilor Coordinator for ASQ Software Division as well as a Computer Software Quality Engineer employed by Lockheed Martin Aeronautics Company in Fort Worth, Texas, with 25+ years experience in Military Aerospace Software/Systems Quality. Bill is also a Senior Member of the Greater Fort Worth Section 1416 of the American Society for Quality, and is a Certified ASQ CSQE).
FROM THE REGIONS
The following links will provide you with a snapshot of the latest activities in the regions.
The University of Washington Extension is taking applications for the 90 hour Software Testing Certificate program held evenings in October in Bellevue, WA. This is a great resource for testers who trained “on the job” to get information and skills to become a better tester. See http://www.sasqag.org for links and more information.
Also in October the annual Pacific Northwest Software Quality Conference will be held October 13-15, 2008 (http://www.pnsqc.org/) at the Oregon Convention Center in Portland, Oregon. The theme for 2008 is “Collaborative Quality.”
The Seattle SPIN (Software Process Improvement Network) is holding monthly meetings. The organization is driven with a single, clear-cut goal in mind: change an organization in a way that improves that organization’s ability to develop software. If you are interested in more information on SeaSpin, you can go to http://www.seaspin.org.
If you are in the Seattle area on the third Thursday of every month (except December), the Seattle Area Software Quality Assurance Group (SASQAG) holds monthly public meetings in the Seattle area. SASQAG also supports certification and study groups. If you are in the area and want to attend, please look at http://www.sasqag.org for upcoming events, directions, and meeting times.
If you have information on local software quality and testing events in your area of Region 6, please send them to me for our events calendar. Visit http://www.tomgtomg.com/asq6 for information on events around Region 6.
Region 10 Report:
The Great Lakes SPIN meets the second Thursday of the month at Oakland University in Rochester. Information about programs and events is at http://www.gl-spin.org/.
The Southeastern Michigan Software Quality Assurance Association (SEMISQAA) sponsors monthly meetings on the second Tuesday of each month. Event locations vary throughout the year. More information at semisqaa.org.
Ann Arbor Software Quality Professionals (AASQP) has suspended its monthly meetings due to low participation. The mailing list remains active as a source of communication and information. Access is through the Yahoo group tech.groups.yahoo.com/group/aa-sqp.
ASQ chapters in southeastern Michigan provide programs primarily related to manufacturing. Any programs focusing on software and software quality will definitely be highlighted when available.
If you have any information for Region 10 members or
need referrals for software quality matters, please give me
a shout at l(dot)tamres(at)computer(dot)org.
Region 13 Update:
Section 1304 St. Louis will be holding the Spring Quality Conference on April 1-4, 2008. Gene Kelly, Section 13 RC will present a session on “Software QA in Regulated Industries.” He will cover software regulations in both the aerospace and medical device industries and discuss cross-industry approaches and best practices in software QA/V&V. Specifically, an overview of the DO-178B aviation software standard will be presented, as well as the FDA regulation 21 CFR Part 820, and associated FDA software guidance. Typical software development life cycle models will be reviewed, focusing on software QA/V&V. Cross-industry best practices in V&V will also be presented, as well as future industry trends impacting software QA/V&V.