The practical guide to evaluating and improving the quality of mission-critical software.
Large software systems will never be perfect, but decision makers need better ways to evaluate and enhance software qualityespecially where software is mission critical or used in life-or-death environments. Solid Software presents realistic techniques for analyzing and improving the quality and robustness of any software system or software-intensive product.
Solid Software isn't theoretical: it's a relentlessly practical decision maker's guide to making intelligent, responsible trade-offs that lead to the best software at the best cost.
Solid Software draws upon dozens of real-world examples, based on the authors' extensive experience as software quality consultants, and interviews with key software decision makers worldwide. Whether you're a developer, project manager, architect, executive, manager, or regulator, it's your single source for improving software qualityin the real world.
(Note: Each chapter concludes with section on References.)
1. Why Is This Book Needed?
Software: The Universal Weak Link? Why Is This So Hard? Solid, Survivable Software. Surviving a Software Project. The Road Ahead.
Five Views of Quality. Risky Business. Risk and Quality. Consequences of Failure. Rules of the Road.
The Rewards of Caution. What is Hazard Analysis? HAZOP. Fault-Tree Analysis. Failure Modes and Effects Analysis. How to Describe Problems. Planning for Hazard Analysis. For Additional Information.
Types of Faults. Testing Strategies. Test Cases and Results. Who Should Test? Automated Testing Tools. Testing: Good and Bad. How Much Testing Is Enough? Assessing Testing Risk and Trade-offs.
The Audience for Design. The Meaning of Good Design. Issues to Consider in Good Design. Design Leverage Points.
Predicting Software Characteristics. Predicting Effort. Evaluating Mode Accuracy. Predicting and Evaluating Return on Investment. Predicting and Managing Risk.
What Is a Review? Review Effectiveness. Product Inspection. Process Improvement. How to Improve Review Results: The Psychological Basis. Automating the Review Process. Pitfalls of the Review Process. The Role of Checklists.
Static Fault versus Dynamic Failure. When Faults Cause Failures. Early versus Late Detection. Measurements for Static Analysis. Coverage: How Much is Enough? Approaches to Static Analysis. Static Noise.
Constant Change. Worth the Effort? Getting Control. Versions, Releases, and the Challenge of Commercial Components. The Fur Facets of SCM. Applying the Principles: Regression Testing. Change Control Boards. Impact Analysis. One Size Does Not Fit All. Tool Support. Begin with the End, but Start Where You Are.
How Tools Develop. The Evolution of Software Tools. Tool Properties. The Anatomy of a Valuable Tool. Tool Quality. Tooling and Process. Tooling and the Organization.
Where We Are. Learning from Mistakes. The Importance of Being Human. Best Practices. Making Decisions. What's Next?
They constantly try to escape...by dreaming of systems so perfect that no one will need to be good.
T. S. Eliot, Choruses from The Rock, VI
You're in charge. The buck or pound or peso stops with you. Your developers are to build a safety- or business-critical system, and you have a lot of questions to answer. How solid is the software supposed to be? How will you be able to demonstrate to the clients that it is as solid as they wish it? How will your developers be able to demonstrate to you that the software will be solid and (eventually) is solid, so that you can give assurances to your boss and to the clients? You know that there is (unfortunately) no easy solution to the challenges you face-no "eat all the cake you want and still lose weight diet" for developing critical software. But you can take advantage of the experience of others in a wide range of critical software projects.
There are many books for developers and much research about the theoretical ways to build software that does what it is supposed to do (and nothing more, like a virus or Trojan horse) and does it in a consistent, predictable, and safe way. There are theoretical books about how to evaluate the software before you field it or deliver it. But with safety-critical systems, many of which would need over 100,000 years of failure-free testing to confirm required reliability, theory is not enough. You need to know what is practical, what is available right now, and what can give you confidence in the quality of the requirements, design, code, and test procedures.
This is the book for you. In Solid Software we describe the problem and suggest what you can and cannot expect from your developers, their techniques and tools, and their software. We discuss what you should know about software quality-not just about the faults and failures but also how the quality affects your company's bottom line. Then we introduce eight techniques, one chapter at a time, that can help to increase your confidenceand that of your clientsin how the software will perform:
None of these techniques is foolproof, but each one helps you to manage the risks inherent in producing such critical code. When properly applied, each one gives you added confidence that you have addressed key points of vulnerability. When used in concert, these techniques stabilize the software, making it less likely to fail and more easy to change and expand.