Issues with implementing Software Quality Assurance (SQA)

Issues with implementing Software Quality Assurance (SQA)
by: Ian Fleming

Issues with implementing Software Quality Assurance (SQA).

Software Quality Assurance SQA Definition:-

"The function of software quality that assures that the standards, processes, and procedures are appropriate

for the project and are correctly implemented." From software definitions at NASA.

This definition comes directly from the Quality Movement that was first established in Japan in 1946 by the U.S. Occupation Force's. The only difference between QA of the Quality Movement and SQA is the term software is introduced to both the term and the definition.

It is understandable that many attempts have been made to metamorphous the manufacturing QA definition (and practice) into software QA, due to the overwhelming success of the quality movement as demonstrated in Japanese manufacturing. Some 60 years later, however, the only aspect of QA that has been successfully transformed to SQA is the goals, namely Fujitsu’s slogan of “Quality built-in, with cost and performance as prime consideration”.

The main issue with basing SQA on QA is due to the intangible nature of the software product.

As stated by Frederick P. Brooks, Jr. in his No Silver Bullet: Essence and Accidents of Software Engineering

“The essence of a software entity is a construct of interlocking concepts: data sets, relationships among data items, algorithms, and invocations of functions. This essence is abstract in that such a conceptual construct is the same under many different representations. It is nonetheless highly precise and richly detailed”.

It is the abstract nature of software that impedes the manufacturing QA definition being applied directly to software. To be more precise it is actually Quality Control (QC) that is problematic for software. In manufacturing there would be a separate group Quality Control (QC) that would measure the components, at various manufacturing stages. QC would make sure the components were within acceptable “tolerances”, i.e. they did not vary from agreed specifications. Within software production, however, the intangible nature of software makes it difficult to set up a Test and Measurement QC department that follows the manufacturing model.

In order to overcome the essential difficulties of implementing Software Quality Control SQC procedures two strategies have evolved. These strategies are typically used together in the Software Development Life Cycle (SDLC).

The first strategy involves a pragmatic characterization of software attributes that can be measured, thereby subjecting them to SQC. The idea here is to make visible the costs and benefits of software by using a set of attributes. These attributes include Functionality, Usability, Supportability, Adaptability, Reliability, Performance etc. Then Quality Control can be set up to ensure that procedures and guidelines are followed and these procedures and guidelines exist in order to achieve the desired software characteristic. The adage, "what can be measured can be controlled" applies here. This means that when these characteristics are measured the effectiveness of the procedures and guidelines can be determined. The software production process can then be subjected to SQA (audits to make sure procedures and guidelines are followed) as well as continuous process improvement.

SQA is only a part of continuous improvement (see CMMI); however continuous improvement cannot be achieved without the measurements of SQC and the audits of SQA.

A number of models, and references, for software characterization can be found on the internet. One such model is called the FURPS model which was developed by Robert Grady at Hewlett Packard. If a pure implementation of the FURPS model, or similar, was possible then QC and QA, from manufacturing, could be applied to software production.

The second strategy, to overcome the essential difficulties of software production, is prototyping.

With this approach a risk (or immeasurable characteristic) is identified, i.e. Usability, and a prototype that addresses that risk is built. In this way a given aspect of the software product can be measured. The prototype itself could evolve into the end product or it could be 'thrown away'. This approach takes an interactive path as it is quite possible the software requirements (which should include all the software characteristics) may need to be revisited.

Whilst SQA and SQC, definitions, can be traced to their manufacturing counter parts, the implementation of SQA and SQC continues to find their own unique paths. The goal of SQA and QA, however, still remain the same and that is Fujitsu’s slogan "Quality built-in, with cost and performance as prime consideration". It is the actual measurement of the "cost and performance" of software that make SQA and SQC so problematic.

About The Author
Ian Fleming

25 years IT experience, including HP Labs Inc. and SAP Labs inc. Founder of SQA (close new window/tab to return to this page).

Computer Security - Startling Facts

Computer Security - Startling Facts
by: Peter Crest

Working on the Internet provides Internet marketers with the opportunity to make a living in the comfort of their own home. Computer Security includes threats such as viruses, identity theft, spyware, adware to name but a few. The latest statistics show that at least over 900 new viruses are created each month which makes keeping track of them really quite difficult. This article would cover three (3) subtopics namely: The Internet, Spyware and Antivirus.


If you use your computer on the internet, you need (at minimum) anti virus software. The problem of computer security is the number one problem in todays networks and Internet engineering. As hackers use different means to crack the security systems it often happens to be impossible to resist and computer security system fail.

Computer Security on the internet is vital for home and business use as there are increasingly hostile environments when users surf the net. It is very important for users to be educated on the dangers they may face while on the internet. Your computer connected to the internet is similar to your house in many ways. Users search on the internet for free computer security software which they dump into their computers and hope for the best.

The Internet is a wonderful place. Anyone with an Internet connection can stay in touch with family and friends via email. Computer security is growing rapidly by the minute and the only one who has control over their files of information is the user. It is strongly suggested that users equip their pc with an armed fire wall for vital protection.

An advice is to use Microsoft Windows Update to keep your operating system and Internet Explorer patched. Other advice could be to only conduct Internet transactions that have secured processing. Even if you have a computer connected to the Internet only to play the latest games or to send email to friends and family, your computer could be a target.

Although confidentiality, integrity and authenticity are the most important things when it comes to computer security in general, for everyday internet users, privacy is the most important one, because many people think that they have nothing to hide or the information they give doesn't seem sensitive when they register with an internet service/site.


An avenue for Spyware to infect your machine is through popular Peer-to-Peer File Sharing software such as Kazaa. Extreme spyware like Rootkits and other advanced spyware have fundamentally changed the playing field in todays computer security.

While it may seem to be common sense, many of the most widely-spread attacks have involved spyware and email attachment worms. Often these packages come as “suites” including a firewall and Spyware scanner. They scan and destroy spyware as it’s found in the user’s computer.

Regardless of the type of spyware, it can slow your computer to a crawl and needs to be removed from your computer. Spyware occurs when certain websites run programs in the back ground of your computer while gleaning information from it. There is now a bill in the US Congress to make Spyware illegal.

Anti-spyware tools will greatly assist in protecting your privacy and restoring full computer functions that spyware may have taken over. In the internet world it is vital for users to have a good spyware scan (a recommended and reliable one can be found in the Author Resource Box below) and removal tool because of the multitude of different spyware, adware, Trojans and other malware constantly looking to attack your system. Spyware can slow down your computer, and would have to be removed.

There are tools available which include good free Spyware removal software among other security measures the user can take to protect the computer from malicious attack such as Viruses, Spyware and Adware. The recommended one is staed below. Spyware not only covertly runs in the background and steals personal information of the user it is a potential security threat of which the extent of the damage cannot be determined.


With all of the marketing commotion that surrounds viruses, you should already have antivirus software on all of your computers. Let me explain something, just because you have a antivirus software program on your computer you are not cured. Until recently could one install a firewall and an antivirus program and feel quite secure.

Protection services could commonly include the ability of an administrator to monitor activity throughout the system as well as potentially block hazardous material on the internet from being viewed by other users, the ability to manage automatic updates and what's more the ability to enquire about the status of antivirus software. These include firewall, spyware scanning software and antivirus software.

Everyone needs to have proper computer security measures in place to make sure they are consistently free from all these malicious software. Urgent action should be taken now.

About The Author
Peter Crest is a Webmaster at PC Matters (close new window/tab to return to this page). Check out other Computer Security Articles there.