Software Reliability .The ISO 9000 Quality Standards

Software Reliability: The ISO 9000 Quality Standards:

Reliability of a computer program is an important element of its overall quality. If a program repeatedly and frequently fails to perform, it matters little whether other software quality factors are acceptable.           Software reliability, unlike many other quality factors, can be measured directly and estimated using historical and developmental data. Software reliability is defined in statistical terms as “the probability of failure–free operation of a computer program in a specified environment for a specified time” [Mus87]. To illustrate, program X is estimated to have a reliability of 0.999 over eight elapsed processing hours. In other words, if program X were to be executed 1000 times and require a total of eight hours of elapsed processing time (execution time), it is likely to operate correctly (without failure) 999 times.

If we consider a computer-based system, a simple measure of reliability is mean-time-between-failure (MTBF) :           MTBF = MTTF + MTTR where the acronyms MTTF and MTTR are mean-time-to-failure and mean-time-to-repair, respectively.

For example, consider a program that has been in operation for 3000 processor hours without failure. Many defects in this program may remain undetected for tens of thousand of hours before they are discovered. The MTBF of such obscure errors might be 30,000 or even 60,000 processor hours. other defects, as yet undiscovered, might have a failure rate of 4000 or 5000 hours. Even if every one of the first category of errors (those with long MTBF) is removed, the impact on software reliability is negligible.           An alternative measure of reliability is failures–in–time (FIT)–a statistical measure of how many failures a component will have over one billion hours of operation. Therefore, 1 FIT is equivalent to one failure in every billion hours of operation. Software availability is the probability that a program is operating according to requirements at a given point in time and is defined as

Software safety is a software quality assurance activity that focuses on the identification and assessment of potential hazards that may, affect software negatively and cause an entire system to fail. If hazards can be identified early in the software process, software design features can be specified that will either eliminate or control potential hazards.           A modeling and analysis process is conducted as part of software safety. For example, some of the hazards associated with a computer-based cruise control for an automobile might be : (1) causes uncontrolled acceleration that cannot be stopped, (2) does not respond to depression of brake pedal (by turning off), (3) does not engage when switch is activated, and (4) slowly loses or gains speed. once these system-level hazards are identified, analysis techniques are used to assign severity and probability of occurrence.

Once hazards are identified and analyzed, safety–related requirements can be specified for the software.           Although software reliability and software safety are closely related to one another, it is important to understand the subtle difference between them. Software reliability uses statistical analysis to determine the likelihood that a software failure will occur.         Software safety examines the ways in which failures result in conditions that can lead to a mishap.

A quality assurance system may be defined as the organization structure, responsibilities, procedures, processes, and resources for implementing quality management [ANS87]. Quality assurance systems are created to help organizations ensure their products and services satisfy customer expectations by meeting their specifications. ISO 9000 describes quality assurance elements in generic terms that can be applied to any business regardless of the products or services offered.           To become registered to one of the quality assurance system models contained in ISO 9000, a company’s quality system and operations are scrutinized by third-party auditors for compliance to the standard and for effective operation. Upon successful registration, a company is issued a certificate from a registration body represented by the auditors.

The requirements delineated by ISO 9001.2000 address topics such as management responsibility, quality system, contract review, design control, document and data control, product identification and traceability, process control, inspection and testing, corrective and preventive action, control of quality records, internal quality audits, training, servicing, and statistical techniques. In order for a software organization to become registered to ISO 9001.2000, it must establish policies and procedures to address each of the requirements just noted (and others) and then be able to demonstrate that these policies and procedures are being followed. If you desire further information on ISO 9001.2000.