Business-oriented Software Process Improvement based on CMM and CMMI using QFD

Software Process Improvement (SPI) has become the key to the survival of many software development organizations. Many international SPI models/standards are developed for SPI. The Capability Maturity Model (CMM) and Capability Maturity Model Integrated (CMMI)) from the Software Engineering Institute are two SPI models. In this study, several existing SPI models and approaches are reviewed, their advantages are identified, and their drawbacks are discussed. A set of new SPI frameworks integrating Quality Function Deployment (QFD) with both CMM and CMMI are developed by combining the best features of previous approaches and addressing their limitations --Abstract, page iii

Development of SecureMet: A Tool for Aligning Security Metrics and Organizations Security Objectives

The purpose of this project is to develop a tool henceforth called SecureMet to help an organization to determine the security metrics aligned with its security objectives based on the organization’s capabilities. The majority of organizations face a common problem in determining their security metrics aligned with their security objectives. SecureMet will be able to assist the organization in choosing the suitable security metrics and helping it to enhance its capabilities to achieve its security objectives. The tool is developed based on the Quality Function Development (QFD) approach, while existing frameworks such as the SSE-CMM and COBIT are used as guides in the determination and choice of the security capabilities and security objectives. The methodology employed for this project is based on the Rapid Application Develoment (RAD) model and is divided into four parts, namely, the requirement analysis phase, the design phase, the development phase and the verification phase

An Integrated Six-Sigma and CMMI framework for software process improvement

A process improvement framework such as Capability Maturity Model (CMM) can help develop the maturity of a software development organization over time to achieve predictable and repeatable process performance. However, in the absence of a methodology for process performance measurement, ongoing data-oriented process improvement is hard to institutionalize. For organizations following CMMI, this makes navigating their way through higher-level process management and optimization activities called forth in CMMI Level 4 and Level 5 especially challenging. Altogether, this constitutes a major stumbling block for software organizations striving for higher process maturity as Level 4 and Level 5 Process Areas are essential to institutionalizing process improvement in an organization. Six-Sigma introduces tremendous process measurability through its statistical error-control focus and offers compelling tools and techniques that have strong applicability to software development. Six-Sigma focus on data and metrics married with the CMMI coverage of all aspects of software development through its Process Areas can together provide a powerful process control and improvement framework. A CMMI and Six-Sigma hybrid framework has been presented as a means of achieving software development performance and productivity improvements through statistical error control. Such a hybrid CMMI and Six Sigma framework provides not just greater guidance and rigor in certain areas than CMMI alone but also an inherent flexibility by making an extensive toolset available for use in a wide variety of scenarios. This integrated framework demonstrates that CMMI and Six Sigma are highly complementary and are capable of adding greater value when used in conjunction with each other. This is partly because together they address the weaknesses that may become apparent when either framework is used alone. Six Sigma answers the \u27how\u27 for areas where CMMI only provides the \u27what\u27. Conversely, CMMI provides the overall vision and roadmap that is lacking from individual Six Sigma improvements. It is hoped that this will serve as a blueprint for an implementation of CMMI that makes use of relevant Six Sigma tools and techniques

Critical sucess factors in software process improvement

The aim of the thesis project was to identify Software Process Improvement (SPI) success factors through a deeply literature review. Objectives: • Identify the models of SPI • To identify SPI success factors through literature review. • To identify the most important SPI success factors based on the frequency of occurrence in published research. • To identify the variety of definitions or explanations of the most important SPI success factors in published research

Critical sucess factors in software process improvement

The aim of the thesis project was to identify Software Process Improvement (SPI) success factors through a deeply literature review. Objectives: • Identify the models of SPI • To identify SPI success factors through literature review. • To identify the most important SPI success factors based on the frequency of occurrence in published research. • To identify the variety of definitions or explanations of the most important SPI success factors in published research

A Quality Framework for Software Development (QFSD)

INTRODUCTION. This research delivers a new complete and prescriptive software development framework, known as the Quality Framework for Software Development (QFSD) for immediate use by software development practitioners. Whilst there are a number of existing methodologies available, and many software development standards they fail to address the complete development lifecycle. A review of current literature supports this assertion. AIMS AND OBJECTIVES. The overall aim of the research is to create a new software development framework, applying it to a substantial number of real-world software projects in two different industrial software development environments and thereby demonstrating its effectiveness. METHODS. Based on a review of the available research approaches and strategies, the researcher selected 'pragmatism' as the most suitable for this research. This selection was driven by two contributory factors. The first was that in order to conduct the research the researcher would have active participation in the majority of the research activities. The second was that the deliverables from the research should be immediately useable for the benefit of software practitioners and hence not be regarded as a theoretical framework. The approach was further refined by adopting Action Research and Case Study strategies. The research was divided in to stages each of which was executed within separate companies. The companies were very different in terms of their business areas, culture and views on quality and specifically quality of software deliverables. RESULTS. The research findings provided a strong indication that a holistic software development framework does provide an improvement in software project deliverables quality and repeatability in terms of schedules and quality. In the case of Fisher–Rosemount it enabled them to attain ISO 9000/Ticket accreditation. In addition, by providing all processes and tools in a single web based environment the adoption by software developers, project managers and senior management was very high

A process based approach software certification model for agile and secure environment

In today’s business environment, Agile and secure software processes are essential since they bring high quality and secured software to market faster and more cost effectively. Unfortunately, some software practitioners are not following the proper practices of both processes when developing software. There exist various studies which assess the quality of software process; nevertheless, their focus is on the conventional software process. Furthermore, they do not consider weight values in the assessment although each evaluation criterion might have different importance. Consequently, software certification is needed to give conformance on the quality of Agile and secure software processes. Therefore, the objective of this thesis is to propose Extended Software Process Assessment and Certification Model (ESPAC) which addresses both software processes and considers the weight values during the assessment. The study is conducted in four phases: 1) theoretical study to examine the factors and practices that influence the quality of Agile and secure software processes and weight value allocation techniques, 2) an exploratory study which was participated by 114 software practitioners to investigate their current practices, 3) development of an enhanced software process certification model which considers process, people, technology, project constraint and environment, provides certification guideline and utilizes the Analytic Hierarchy Process (AHP) for weight values allocation and 4) verification of Agile and secure software processes and AHP through expert reviews followed by validation on satisfaction and practicality of the proposed model through focus group discussion. The validation result shows that ESPAC Model gained software practitioners’ satisfaction and practical to be executed in the real environment. The contributions of this study straddle research perspectives of Software Process Assessment and Certification and Multiple Criteria Decision Making, and practical perspectives by providing software practitioners and assessors a mechanism to reveal the quality of software process and helps investors and customers in making investment decisions

Standardization of processes applying CMMI best practices

Capability Maturity Model Integration (CMMI) is a set of practices that can be applied in companies in order to improve processes. The goal of this work was to understand the barriers in implementing CMMI and improve processes following the model. The study was conducted in a company in the North of Portugal, following three steps: (1) diagnosing the company (2) opinion gathering through questionnaires and (3) reimplementation of CMMI. The analysis of the questionnaires indicated that implementing CMMI is problematical due to bureaucracy and lack of detailed protocols. Based on the difficulties encountered we developed a detailed documentation with standard processes where the employer has a more prominent role in controlling the processes. The adapted CMMI was then re-introduced in the same company. Finally, linking perceptions and results from the reimplementation, we consider fundamental a good use of CMMI to ensure efficient production

The experience factory: Can it make you a 5? or what is its relationship to other quality and improvement concepts?

The concepts of quality improvements have permeated many businesses. It is clear that the nineties will be the quality era for software and there is a growing need to develop or adapt quality improvement approaches to the software business. Thus we must understand software as an artifact and software as a business. Since the business we are dealing with is software, we must understand the nature of software and software development. The software discipline is evolutionary and experimental; it is a laboratory science. Software is development not production. The technologies of the discipline are human based. There is a lack of models that allow us to reason about the process and the product. All software is not the same; process is a variable, goals are variable, etc. Packaged, reusable, experiences require additional resources in the form of organization, processes, people, etc. There have been a variety of organizational frameworks proposed to improve quality for various businesses. The ones discussed in this presentation include: Plan-Do-Check-Act, a quality improvement process based upon a feedback cycle for optimizing a single process model/production line; the Experience Factory/Quality Improvement Paradigm, continuous improvements through the experimentation, packaging, and reuse of experiences based upon a business's needs; Total Quality Management, a management approach to long term success through customer satisfaction based on the participation of all members of an organization; the SEI capability maturity model, a staged process improvement based upon assessment with regard to a set of key process areas until you reach a level 5 which represents a continuous process improvement; and Lean (software) Development, a principle supporting the concentration of the production on 'value added' activities and the elimination of reduction of 'not value added' activities