Post Midterm Flashcards
1
Q
what are the three problem areas that contribute to “cost of poor software quality”
A
- cybercrime losses due to vulnerability
- salaries hover
- 20,000 per year on fixing bugs
2
Q
What contributes to software quality?
A
- conforms to requirements
- does it do the job
- is it reliable and error free
- are the users happy with it
3
Q
what are software quality attributes?
A
technical : correctness, reliability, capability, performance, maintainability
user : usability, installability, documentation, availability
4
Q
How can we categorize quality attributes another way than technical or user?
A
Discernable at runtime or not:
discernable: performance, security, functionality, usability
not discernable: modifiability, portability, reusability, testability, integrity
5
Q
What is correctness/accuracy?
A
lack of bugs or defects, measured by #bugs per line of code
6
Q
what is reliability?
A
does not fail or crash often, measured in failures per line
7
Q
what is capability?
A
does it do what it’s required to, measured in % of required operations implemented
8
Q
what is maintainability?
A
is the software easy to change and adapt to new requirements, measured time/effort to add a new feature
9
Q
what is performance
A
is it fast and small enough, seconds of CPU time
10
Q
what is usability?
A
is it sufficient for the intended users, % of happy users with interface
11
Q
what is installability?
A
convenient and fast to install, #install problems reported
12
Q
what is documentation?
A
is well documented, % of users happy with documentation
13
Q
what is availability?
A
is it easy to access and available when needed, % of users reporting access problems
14
Q
how do you achieve quality?
A
plan it from the beginning, continuous monitoring
15
Q
what are the quality assurance principles?
A
- know what you are doing
- current build, planning - know what you should be doing
- ues-cases, supplemental requirements, feedback, tests - know how to measure the difference
- require explicit measures, the four methods
15
Q
what are the four quality assurance methods?
A
- formal methods
- math models, expensive, slow and careful - testing
- create explicit inputs and frameworks to exercise the software and measure success - inspection
- regular human reviews of requirements, design - metrics
- analyze or instrument code to measure a known set of simple properties
16
Q
what is software testing?
A
process of exercising or evaluating a system/system component to verify that it satisfies specified requirements
17
Q
what is validation?
A
the software does the right thing
18
Q
what is verification?
A
software does the things right
19
Q
what are the levels of specification
A
functional specifications
design specifications
detailed design specifications
20
Q
what are functional specifications?
A
describe what the software should do, not how
21
Q
what are design specifications?
A
describe the architecture of the design, describe components, code units
22
Q
what are detailed design specifications?
A
describe how each component of the architecture is to be implemented
23
Q
what is an error
A
discrepancy in code
24
what is a fault
manifestation of an error in code
25
what is a code failure
external behavior is incorrect
26
what is debugging
the process of analyzing and locating bugs when the software doesnt behave as expected, debugging supports testing but cannot replace it
27
what is testing
methodically searching for and exposing bugs
28
what are some of the causes of software errors?
faulty def of req
communication failure
deviations from software req
logical design error
coding error
shortcomings of testing
procedural errors
documentation errors
29
what is unit testing
tests individual components to confirm that the component is correctly coded and carries out the intended functionality
30
what is integration testing
testing groups of subsystems to test the interfaces among the systems
31
what is system testing?
testing the entire system to determine if it meets the requirements
32
what is acceptance testing
evaluates the system delivered by devs to demonstrate that it meets the reqs and is ready to use
33
when should you write a test?
before the source code is written
traditionally, after the source code
34
what should you test?
exhaustive testing (all) is impractical, so prioritize testing so that when you stop you will have done the best in the time had
35
how can you rank priority for testing?
most severe failures, most visible failures, most likely faults, ask user for opinion, areas that have had the most faults in the past, more complex or critical
36
what is black box testing
when you cant see what the software does to test it, cases are chosen based on requirements
37
what is white box testing?
can see the software code, cases are chosen based on code
38
what is grey box testing?
a combination of white box and black box
39
what is equivalence partitioning
black box, inputs are divided into groups with similar expected behviour
40
what is boundary value analysis
test boundary between partitions
41
what are 3 white box testing techniques?
code coverage
logic path coverage (both TF on if etc)
mutation testing (many slightly different versions of the code by mutating
42
what are the coverage methods?
function, statement, decision, condition, branch, loop, path
43
what is function coverage?
calls every function in the program
44
what is statement coverage?
has every statement been executed
45
what is decision coverage?
a combination of function and branch coverage, has every decision (if, switch, while) in the program been made both ways
46
what is condition coverage?
has each boolean sub expression been evaluated to true and false
47
what is branch coverage
has each branch of each control structure been executed
48
what is loop coverage
has every possible loop been executed zero, one, or more times
49
what is path coverage
has every possible route through a part of code been executed
50
what are regression tests?
check to see if new version performs the same functions in the same manner
51
what is smoke testing
verifies the main functionality but not in depth
52
what is sanity testing
verifies the bugs those fixed in the previous build and new features
53
what is alpha testing
client uses software in dev environment, controlled setting, dev is there to fix bugs
54
what is beta testing
client uses own environment, realistic workout
55
what is stress testing
test the limits of the system to determine the breaking point
56
what is load testing
measure the performance on a large number of users
57
what is volume testing
test if large amount of data can be handled
58
what is configuration testing
test the system with each of the supported software and hardware configs
59
what is compatibility testing
test if its compatible with different environments
60
what is a code walkthrough
confirm small changes of code, usually fixing an error
61
what is code review
formal, if you've changed substantial amount of code, or added new, usually 3-5 people there
62
what is a code inspection
most formal, purpose is to find defects in a document (any)
63
what are the code inspection rules
lines of code to review at once
how long the review meeting must be
how much preparation each member needs to do
64
how much % of defect can code and documentation inspection remove
70-85%
65
what are the inspection roles
moderator
author
reviewer
scribe
management
66
what does the code moderator do
conducts the review, distribute the items to be reviewed
67
what does the code review author role do
wrote the design or code to be inspected
68
what does the code reviewer do at inspection
direct interest in the design or code but not author
69
what does the scribe do at code inspection
records errors that are detected and assign action items
70
what does the management role do at inspection
not a good idea to involve them, but send the report
71
what is the procedure for code inspection
planning, overview, preparation, meeting, report, rework, follow-up, informal meeting to discuss problems
72
what makes a code inspection affective?
checklists, focus on detection, assign scenarios, give enough time to prepare, distinct roles, moves at a good pace, < two hours, follow up plan
73
what should go on the inspection record?
defects found and where, time taken, size of product inspected, minor/major defect, what detected the defect, suggestions, failure counts
74
what is static program analysis
analyse the program without running it, no test cases, dont know what program should do, just look for violations and typical errors
75
what are metrics
methods based on using tools to count the use of features or structures in the code and compare them to standards
code size, code complexity, number of parameters/decisions/modules/methods/functions, structural complexity (depth of calls), design complexity
76
go back to slideshow 19 slide 26
77
exercise in slideshow 20 slide 6
78
what is clean code?
clean code always looks like it was written by someone who cares
searchable names
79
what are some rules for functions
they should be small, have one purpose, <150 char per line, < 20 lines, reduce num of args
80
do we want comments in our code?
if the function/code is descriptive enough then we dont need redundant comments, best ot use comments to explain intent or clarification
81
how should you organize your classes?
- public static constants
- private static static variables
- private instance variables
- public functions
- private utilities called by a public function right after the public function itself
82
what is SRP?
single responsibility principle
- only one responsibility, one reason to change
83
what is technical debt
a solution for a problem short term, that creates more problems long term
84
what is intentional technical debt
technical debt that is taken on as a strategic tool or knowingly
85
what is unintentional technical debt?
debt taken on in the result of doing a poor job
86
what is code debt
violations of coding standards, code duplication, poor/absent comments
87
what is design debt
poor choice of components, inconsistent design
88
what is test debt
brittle test suites, incomplete coverage
89
how can you identify technical debt
code smells, bad practices/solutions, deterioration of performance
90
what is a monolithic architecture
has all same styles, single build system, single testing infrastructure, everyone uses the same tools
91
what is a test strategy?
overall approach to testing
92
what is a test plan
details of how the test strategy will be carried out
93
what is test case design
inputs, conditions and expected results for a particular objective
94
what is test procedure
the process for conducting test cases
95
what is refactoring
change made to internal structure of software to make it easier to understand or cheaper to modify without the changes being observable to the behaviour
96
what is code duplication
when two code fragments look almost identical, bad practice
97
how can you fix code duplication?
extract method, pull up field/attribute, extract superclass
98
what is software evolution
a continual change from a lesser, simpler state to a better one
99
what is software maintenance
preventing software from failing to deliver the intended functionalities by means of bug fixing and preserving their functions
100
what are Lehman's Laws of software evolution
S-type, P-type, E-type
101
What is Lehman's S-type law of software evolution?
function is formally defined by and derivable from a specification (eight queens)
102
What is lehman's P-Type law of software evolution?
program is completely specified by procedure rules, playing chess
103
what is lehman's e-type law of software evolution
programs that mechanize a human or societal level activity, program becomes part of the world it models
104
what are the 9 e-type lehman's laws
1. continuing change
2. increasing complexity
3. self regulation
4. conservation of organizational stability
5. conservation of familiarity
6. continuing growth
7. declining quality
8. feedback system
105
what are types of maintenance
fault repairs, environmental adaption, functionality addition and modification (perfective maintenance), preventive maintenance
106
what is a legacy system
it has:
-evolved over 10-30 years
-actively used in a production environment
-considered irreplaceable because reimplementation is too expensive or impossible
-high maintenance cost
-designed without modern software design methodologies
107
what is software re-engineering
examination, analysis and restructuring of an existing software system to a new form
108
what are the three activites that make up re-engineering?
reverse engineering, re-design/restructuring, forward engineering
109
what is reverse engineering
create an easier to understand and more abstract form of the system
110
what is forward engineering
the traditional process of moving from a high-level abstraction/logical implementation to a physical implementation of the system
111
what is redesign
design characteristics are changed by redesigning the system (arch, data model, procedure replacement)
112
when would someone use reverse engineering
original programmers have left the company, obsolete language, insufficient documentation, isnt understood
113
what are the types of software aging
software not change
- caused by failure of the product owner to address changing needs
software changed
- caused by the result of the changes being made
114
what are the costs of software aging
lost customers, reduced performance, error prone
115
how do you prevent software aging
design for change, documentation, second opinions
116
what is MoSCoW in regards to prioritizing user stories
Must have
Should have
Could have,
Won't have (this time)
117
