Defect Prevention Training

  • November 2019
  • PDF

This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA


Overview

Download & View Defect Prevention Training as PDF for free.

More details

  • Words: 3,061
  • Pages: 46
Defect Prevention Training Induction – Sep 2007

Protection notice / Copyright notice Version 2.0

Introduction Defect Prevention is a process of improving quality and productivity by preventing the injection of defects into a software work product. Definition: “…an activity of continuous institutionalized learning during which common causes of errors in work products are systematically identified and process changes eliminating those causes are made.” [Eickelmann] SEI has identified ‘Causal Analysis and Resolution’ as Level 5 PA of CMMI

Page 2

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Objectives Course Objective To enable participants understand and apply defect prevention concepts

Defect Prevention Objectives  Identify and analyze the causes of defects& Reduction in number of defect categories  Reduction in the extent of defect escape between phases  Reduction in frequency of common defects  Improvement in PCB values

Page 3

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Contents Defects and Bugs (Examples) Origin of Defects Classification of Defects Defect Management Defect Detection Defect Prevention Cycle

Page 4

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Objectives of Defect Prevention • Establish practice of Root Cause Analysis within projects for Analysis of Identified Defects • Identify critical processes as part of root cause analysis • Set goals for improving critical process (shift mean and narrow variation) • Reduce most frequent type of defects such as “ not following coding guidelines” • Analyze opportunities for improvement by conducting escape analysis. • Use defect distribution data to drive process improvement activities • Spread lessons learnt - Team Meetings, SEPG, Process Database

Page 5

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Responsibility Project team is responsible for the DP activities pertaining to the project life cycle activities & Project Manager (at project level) Project Quality Manager (at project level) P&Q (at Org level) SEPG (at Org level)

Page 6

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Defects and Bugs

Page 7

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Defects and Bugs - Example The Atlas-Agena spacecraft, destined for Venus, had to be blown up during launch because it became unstable about 90 miles up. (Malfunctioning rockets have to be destroyed to avoid crashes in populated areas). A missing hyphen in the flight plan resulted in the loss of the $18.5 million US spacecraft.

Page 8

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Defects and Bugs - Example On January 15, 1990, 114 switching computers in the AT&T telephone network crashed because of a software flaw. 65 million subscribers were unable to use their phones. The problem arose when a switching computer in New York crashed, sending out a digital “out of service” message to nearby computers. Normally, other switches would route traffic around the disabled computer. However, a misplaced “break” in a C statement caused the nearby computers to go down as well. For the next 9 hours, the switches went down, rebooted themselves, and came back up, only to go back down immediately.

Page 9

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Effect of Software Error •unreasonable added cost •lost time and effort •inconvenience and annoyance •death

Page 10

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Could these incidences of software errors been prevented?

YES!

Page 11

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Product and Process Defects

Definition

Types of Defects

PRODUCT Artifacts created during the life cycle of the project.

PROCESS Complete set of activities needed to transform user requirements to a product.

Product Defect are related to requirements : Functional and Non-Functional

Process Defects are related to tasks/activities: Non-adherence to standards

Strategy for Handling Defect Removal/ Elimination Defect

Poor Documentation Schedule overrun Defect Prevention Training related

Product defect is always a result of Process Defect Process defect is like a potential carrier of disease Page 12

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Stages of a Software Cycle

Proposal Requirements

Design

Coding

Testing

Maintenance

Reviews White Box Black Box Stress/Load Problem Reports/CRs

Defect Prevention - Feedback and Process adjustments Defect Analysis and Process Improvement

Page 13

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Origin of Defects

Page 14

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Human Errors Types of Errors Omission

More than 80% of software errors are human

Ignorance Commission Typography Knowledge Information External Page 15

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Translation Errors

NEEDED

URS

TOLD

DESIGN

BUILD Detected Bugs

TRANSLATION ERRORS

Hidden Bugs

A requirement is often stated in terms of a solution Focus on solution may hide the real requirement The mismatch between the solution desired and the real requirement leads to translation errors Page 16

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Design Errors Types of Errors Mitigation of design errors

Errors that affect data integrity Errors that alter correctly stored data Incorrect algorithm used to compute a value

Checklist

Some examples: •Does each module in the system design exist in detailed design? •Are all assumptions explicitly stated? Are they acceptable? •Have the exceptional conditions been handled? •Are all data formats consistent with the system design? •Are the loop termination conditions properly specified? Page 17

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Coding Errors Exception handling Incorrect Algorithm Missing Functionality Language pitfalls Memory release Omitted program sections

Page 18

Sep-07

P&Q

A programming error alters a program’s ability, in a negative sense, to completely and effectively meet the user’s requirement.

Protection notice / Copyright notice For Internal Use Only

Testing Errors Failure to notice a problem Misreading the screen Failure to execute a planned test Failure to use the most ‘promising’ test cases. Ignoring programmers suggestions Corrupt data file used Incorrect test cases Concentration on trivial Failure to report Page 19

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Objectives of Defect Prevention 140 120 100 80

Ideal Acceptable Costly Disaster

60

rt R ep o

g Pr ob

le m

Te st in

R ev e

C od

R ev ie w

w ev ie

D es ig n

R

FS

R S

R ev ie w

40 20 0

Defect Detection as early as possible ❑ High proportion defect reported by customer - Unacceptable ❑ More defect detected in testing – Quality at High cost ❑ Maximize defect detection during reviews- Quality at right Protection notice / Copyright notice Page 20

Sep-07 cost

P&Q

For Internal Use Only

So where should the focus be? On Proactive Defect Prevention On Early Defect Detection On Usage of Past Experience

Page 21

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Defect Prevention

Page 22

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Defect Management Rules Barry Boehm Victor Basili

•Fixing downstream is costly… •Rework eats away resources... •Pareto Rule - About 80% of the available rework comes from 20% of the defects

•Another Pareto Rule - About 80% of the defects come from 20% of the modules (and about half the modules are defect free) •Peer Reviews catch 60% of the defects •Perspective-based reviews catch 35% more defects than nondirected reviews (use of checklists) •Disciplined personal practices can reduce defect introduction rates by up to 75% •About 40-50% of user programs enter with trivial defects

Page 23

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Activities Performed during DP – Organization Level • Defect Prevention Plan is prepared at SBU-level (by TC/Business Partner) – contains lessons learnt and improvement actions • SPI (Software Process Improvement) Plan is an overall Plan for the Organization and bears reference to DP Plan as well • DP Plan is shared with SEPG members and PQMs • Lesson’s Learnt from SBU is disseminated through SEPG • Improvement Action are tracked and DP Plan is updated accordingly Page 24

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Activities Performed during DP – Project Level •Kick-off/Start PES meeting – •Goal setting, • Identification of critical processes • Incorporation of Lessons Learnt from previous projects as preventive measures • Phase-wise Defect Distribution goal setting • Defect reporting – Reviews & Testing • Root Cause Analysis • Action Implementation • Information Dissemination Page 25

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Root Cause Analysis • • • •

• • • • • •

Causal Analysis should be conducted as early as possible after a defect is found Evaluate all errors (team effort) - from LOD and test results. All team members learn from the errors of other team members Prepare Pareto Chart for common causes and identify special causes  Special causes of defects are focused on defects, which cause high impact to the project.  Common causes of defects are focused on high frequency defects that occur often in the project or across projects. Perform Fishbone Analysis & escape analysis Create an action list against root causes Compare the results of the tasks performed with the goals set in the kickoff meeting Record Corrective and Preventive Actions (in PPR/PQR, RCA report) Disseminate information to team - Project Meetings Disseminate information across projects - SEPG

Page 26

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Causal Analysis Cycle Reviews/ Testing

Test Logs LODs

Classify Defects (Type, Injected & Detected Phase) Identify Top 80% Defects for RCA

Application

And select all high impact defects

Preventive Feedback

Prj RCA Report

Page 27

Sep-07

Arrive at Root Cause And Action List

P&Q

Perform Fishbone Analysis Using Potential Causes

Protection notice / Copyright notice For Internal Use Only

Pareto Chart What is a Pareto Chart Bar chart arranged in descending order Bars on the left are more important than those on the right Separates the “vital few” from the “trivial many” Uses of Pareto Chart Breaks a big problem into smaller pieces Identifies most significant factors (80-20 rule) Shows where to focus efforts Allows better use of limited resources

Page 28

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Pareto Chart - Exercise Participants to discuss possible Code Review Defects Classify the defects under different categories/types and assign a number of defects against each Prepare a Pareto Chart using Excel to focus on the most significant defects (80-20 rule)

Page 29

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Page 30 Sep-07 P&Q Naming convention not followed

Wrong parameters passed

Header incomplete

Code readability

Functionality missing

Implementation error

Comments not exhaustive

Remove debugging comments

Redundant code

Logical error

Number of Defects 8

7

6

5

4

3

2 40

1 20

0

% of Defects

Pareto Chart (contd.) Pareto Chart - Code Review 120

100

80

60

0

No. of defects

Percentage

Protection notice / Copyright notice For Internal Use Only

Cause & Effect Diagram - Fishbone What is a Cause & Effect Diagram? A graphic tool that helps identify, sort and display possible causes of a problem or quality characteristic Benefits of CED Determination of root causes Encourages group participation Indicates possible causes of variation Uses a orderly, easy-to-read format Identifies areas for collecting data Page 31

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Cause & Effect Diagram • Decide the “Effect” to examine • Identify the main categories • Identify as many causes or factors as possible and attach them as sub branches of the major branches • Identify increasingly more detailed levels of causes by asking a series of why questions • Look for causes that appear repeatedly. These may be root causes • Identify and circle the causes that we can take action on

Page 32

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Cause & Effect Diagram Method

Machinery Wrong gears used

Driven too fast

Carburetor needs adjustment

Under inflated tires

Poor Maintenance

Wrong Octane gas used Poor Driving habits

Sep-07

Improper Lubrication

Materials

Man Page 33

Poor Mileage

P&Q

Protection notice / Copyright notice For Internal Use Only

Exercise on RCA

Make Groups Assign a PM to each group Brainstorm and prepare a cause and effect/fishbone analysis Present the result (20 mins)

Page 34

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Defect Estimation

Phases Requirement Design Coding & UT IT/ST AT

AT 3%

IT/ST 27%

Requirement 7%

Coding & UT 49%

Page 35

Proposed Goal 9% 16% 44% 29% 2%

Defect Distribution 7% 14% 49% 27% 3%

Sep-07

P&Q

Design 14%

- Use Historical Data - Focus on Business Objectives and Process Improvement - Set more Challenging Goals Protection notice / Copyright notice For Internal Use Only

Applicability of RCA •Defects •Customer Feedback •Non-conformance (NC) •Process Capability Baselines •Major Issues (that impact cost, quality, schedule)

Page 36

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Example DEFECTS AT END OF CODING & UT Process/ Standards

People Not Trained/ Inadequate resources Guidelines not followed

Guidelines not updated

Measurement Assets not available

Data not adequate

Coding & UT Not aware

Hardware/Software/ Tools

Support/ Guidance Page 37

Sep-07

Not adequate Tool not inspected

Not Communicated Long Overdue Not Available

P&Q

Protection notice / Copyright notice For Internal Use Only

Common Defect Types Defect Types

Examples

Function/Class/Object error is one that affects significant capability, end-user interfaces, product interfaces, interface with hardware architecture, or global data structure(s) and should require a formal design change. Assignment error indicates a few lines of code, such as the initialization of control blocks or data structure. Interface/Messages corresponds to errors in interacting with other components, modules or device drivers via macros, call statements, control blocks or parameter lists. Checking addresses program logic, which has failed to properly validate data and values before they are used. Timing/serialization errors are those, which are corrected by improved management of shared and real-time resources. Build/package/merge describe errors that occur due to mistakes in library systems, management of changes, or version control. Page 38

Sep-07

P&Q

Database design/modeling error, functionality not working, etc

Oversight during coding, initialization of parameters/variables, incorrect setting of variables, java script validation, etc

Incorrect validation, missing validation, error handling, return value not checked

Incorrect packaging, Setup problem, etc

Protection notice / Copyright notice For Internal Use Only

Common Defect Types (contd.) Defect Types

Examples

Documentation errors can affect both publications and maintenance notes. Algorithm errors include efficiency or correctness problems that affect the task and can be fixed by (re)implementing an algorithm or local data-structure without the need for requesting a design change. External Environment errors that occur due to factors that are outside the application scope. Performance errors affect the performance of the system. Database errors are related to errors in database or scripts. Trivial/Minor

Unclear specifications, standards not followed, redundant code, GUI errors, incorrect description, ambiguous description, etc

Hard coded values used, data type mismatch, etc Test data, test drivers, other tool defects, support system, concurrent work, inherited from previous release, third party software dependency, etc. Memory not released, Web session timeout not handled properly, browser cache related problems, etc Integrity constraint violated, SQL statements not tuned, Error in SQL statement, etc Typo/minor errors in documentation, rephrasing, extra information in document, etc

Page 39

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Common Root Causes Major Defect Categories (from Fishbone)

Root Cause

Support/Guidance (e.g. Management Support, Training, etc) Handover (Change Coordination) Inadequate training (QMS, Defect Prevention, technical) Process/Standards Guidelines/Standards/Procedures not updated Inadequate Process for Handling Requirements/Design Change in Requirements/Design People Breakdown of communications Lack of knowledge (domain/system/tool) Oversight Hardware/Software/Tools Configuration related problem Inadequate tools Measurements Incorrect analysis of data

Page 40

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Escape Analysis (Requirements defects getting slipped to next phases of Life cycle) Phase Detected Requirements Design Phase Injected Requirements 10 9 Design 16 Code review UT IT ST AT Total 10 25

Defects Found during Code Review Defects slipped from Coding (not considering those injected in IT & ST) Defects slipped into Coding Phase TOTAL (Coding + subsequent Phases) Page 41

Sep-07

Code Review

UT 1 3 24

IT 1 1 20

ST 2 1 16

AT

Total

3 2 6

2 3 28

28

52 4 80 P&Q

22

21

Slippage (from Requirements to Design = 9/19) DRE of Requirements Phase (10/19) Slippage (from Coding Phase to subsequent phases = 52/80) DRE of Code Review = 28/80)

14

0

26 23 66 0 2 3 0 120

47% 53%

65% 35%

Protection notice / Copyright notice For Internal Use Only

Root Cause & Action Planning Root Causes of Defects for

<Month_1>,

<Month_n>,

Special Causes: (Root causes of high impact defects) Common Causes: (Root causes of high occurrence defects) Implementation Action Plan Technique

Team to be given training on Domain Knowledge

Workshop every Friday by each team member in turn

Page 42

Sep-07

Monitoring technique

Expected Actual Associated Impact Person Priority Date of Status Date of Risk on PCB * Responsible Closure Closure

PM to ensure that training High is held

P&Q

Defects in software

Schedule 20th June PM Slippage 2004

Open

Protection notice / Copyright notice For Internal Use Only

Some Lessons Learnt

1

Integration Testing should be scheduled so that the core modules are initially tested.

2 Client should be given overview for SISL's P&Q processes 3 4 5 6 7

Client responsibilities should be clearly communicated in the beginning of the project. Design documents should contain all the necessary validations to avoid validation error Checklist should be used to avoid GUI errors Rigorous unit testing to be done to avoid logical errors. Basic level review and testing should be done at developer's level before handing over the code to the testers and reviewers.

8 Test cases should be formed with test data.

Page 43

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Recap… Defects and Bugs (Examples) Origin of Defects Classification of Defects Defect Management Defect Detection Defect Prevention Cycle

Page 44

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Any Questions?

Page 45

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Thank You

Page 46

Sep-07

P&Q

Protection notice / Copyright notice For Internal Use Only

Related Documents

Defect Prevention Training
November 2019 10
Prevention
July 2020 18
Crystallographic Defect
October 2019 30
Defect Density
November 2019 37
Prevention
June 2020 19
Defect November.xlsx
June 2020 10