Quality assurance in agile safety-critical systems development

© 2016 IEEE. In this position paper we examine how safety could be assured when increasingly complex systems are developed using agile software development methods. We first discuss the source and nature of complexity in software systems and how a probe - sense - learn approach recommended by the Cynefin Framework is appropriate for designing complex systems and a sense - analyse - learn approach is appropriate for developing a complicated system whose design has been determined. We then examine how quality assurance is incorporated into agile software development before pointing out that those characteristics of a self-managed team that produce so many benefits for software development of complex systems whose solution evolves with problem understanding, are also vulnerable to confirmation bias. This suggests that for safety critical system development, software systems developed by agile teams will need verification and validation by independent parties. We review current quality management practices for medical device software development before discussing how our earlier findings could be adopted into safety critical software quality management

Towards safer medical device software systems: Industry-wide learning from failures and the use of safety-cases to support process compliance

© 2016 IEEE. Software safety is checked today in regulatory audits, which verify software development process compliance to regulatory requirements. Ensuring safety is a critical task in complex life-supporting systems and despite many existing ways of assuring it, unanticipated failure will always be possible. Checking process compliance to required standards ensures the quality of the processes by which software is developed but does not necessarily indicate the quality of the resultant software. Since medical device domain is facing an increasing amount of device recalls due to software failures, our goal is to explore the underlying reasons for this and suggest two improvements within this paper. First, we will introduce complicated and complex systems to illustrate why there will always be unforeseeable and unanticipated situations that could cause the failure of the entire system. We will then describe how medical device software systems are reviewed for compliance and safety today, highlighting the shortcomings in the current methods adopted in the medical device domain and suggest the use of systems thinking. We then propose two improvements to medical device software development where process compliance is supported by safety cases and industry-wide learning from experience

Process improvement for the small and agile

In order for process improvement to better respond to industry expectations there needs to be a value-centric thinking about processes so that all processes in the organization are contributing to the creation of value for the customer and for the organization. To achieve this, organization's strategic goals need to be aligned with process goals on operational level so that all work contributes to the strategic goals of the organization. Similarly, the performance measurement system needs to be revised to direct efforts toward reaching the broad goals of the cross-functional processes rather than small tasks and compliance to set rules. In this paper we describe potential problems process improvement has today and discuss possible concepts that might help revising the process improvement thinking. These changes clearly reflect the needs and characteristics of small and very small organizations. © 2012 Springer-Verlag

The many forms of process improvement - Results of an international survey

When discussing process improvement, different authors assign different goals of improvement and describe different methods of improvement. Several process improvement methods and theories of organizational performance are examined to reveal how each might give rise to different concepts and concerns of process improvement. There is little empirical information available to support or refute such expectations about improvements made to software development processes, whether through formal process improvement initiatives or through responses to changes in the development environment. In the absence of such information those involved in process improvement, from standards development through to consultants and those who implement process improvement projects, risk making poor decisions about what changes should be made to the processes. A project to develop and run an international survey was conducted by a number of researchers from different parts of the world to understand various forms of process improvements, their goals and motivations. The result of the study indicates that the motivations for process improvement are not matched by the improvement goals that are themselves not achieved by the implemented improvements. The study also contradicted commonly cited beliefs that process improvement changes are seldom reviewed, are seldom permanent and can make the situation worse. © 2012 Springer-Verlag Berlin Heidelberg

Exploring the impact of IT service management process improvement initiatives: a case study approach

IT companies worldwide have started to improve their service management processes based on best practice frameworks, such as IT Infrastructure Library (ITIL). However, many of these companies face difficulties in demonstrating the positive outcomes of IT service management (ITSM) process improvement. This has led us to investigate the research problem: What positive impacts have resulted from IT service management process improvement? The main contributions of this paper are 1) to identify the ITSM process improvement outcomes in two IT service provider organizations and 2) provide advice as lessons learnt

Goal alignment in process improvement

Process improvement should improve an organisation's ability to achieve its business goals. While mapping an organisation's strategic goals through various layers of management is common, such mapping does not seem to continue through to their processes that create value to the organisation. Despite a number of process improvement methods being available, and almost two decades of experience with those methods, many process improvement projects do not end successfully. We explore the impact process assessment has on process improvement. In particular, we study the alignment of an organisation's process goals to its business goals; and the contribution of process assessment to this goal alignment. This paper illustrates the data gathered through industry survey reflecting the lack of focus on and alignment of organisation's business goals throughout process improvement. The results indicate that there is little knowledge and experience in industry in aligning the process goals and organisation's business goals. This, in turn, could explain the unsuccessful process improvement efforts or perhaps even the skepticism towards process improvement in general. © 2012 Elsevier Inc. All rights reserved

Towards transparent and efficient process assessments for IT service management

IT service organisations recognise the value of conducting regular process assessments for continual service improvement. However lack of transparency and substantial costs deter industry adoption. We propose that the use of the international standard for process assessment ISO/IEC 15504 offers a transparent approach to address this challenge. Moreover, efficiency can be realized by a Decision Support System (DSS) tool to automate data collection and process capability calculations. This paper details a Design Science Research project to develop a software-mediated process assessment (SMPA) approach based on ISO/IEC 15504, ISO/IEC 20000 and the IT Infrastructure Library (ITIL®). We discuss the architecture of the SMPA approach and the role of ISO/IEC 15504 in the approach. This work contributes to practice as it may help IT managers to self-assess their processes using a standard model. The SMPA approach can also support assessors who perform formal assessments