Ayesha Rajbhandari
chapter 7

What Would You Do?

1. Your manager is leading a project to develop new software that is essential to the success of the midsized manufacturing firm where you work. The firm has decided to hire outside contractors to execute the project. One candidate firm boasts that its software development practices are at level 4 of CMMI. Another firm claims that all its software development practices are ISO 9001 compliant. Your manager has come to you and asked for your opinion on how much weight should be given to these certifications when deciding which firm to use. What would you say?

à  I would do a research on the both the software then make sure they perform quickly and efficiently as well as safely and reliably. There is an increased demand for high quality software. I would tell my manager to use the best and highest level of CMMI and ISO.

 

2. You are a programmer for a firm that develops a popular tax preparation software package designed to help individuals prepare their federal tax returns. In the course of testing some small changes that were made to the software, you detect an error in the software that results in roughly a 5 percent underestimation of the amount owed—both for those who indicated that they were single and for those who indicated that they were married but filing separate tax returns. It is now late March, and it is likely that well over 100,000 users who submitted their returns using your firm’s software will be affected by this error. What do you do?

à I would deliver new functionality and begin generating revenue to recover costs. I would also update the software immediately.

 

Cases

Software Errors Lead to Death

1. What additional measures must be taken in the development of software that, if it fails, can cause loss of human life?

à the measures which should be taken in the development of software are black box testing, white box testing, testing all possible logic paths in the software unit, with thorough knowledge of the logic, make each program statement execute at least once.

 

2. What can organizations do to reduce the negative consequences of software development problems in the production of their products and the operation of their business processes and facilities?

à the organization can so system testing, user acceptance testing, process improvement approach, frequently used to assess software development practices.

 

Intersystem Earns ISO 9001-2008 Certification

1. A mission-critical system is one whose failure will result in an organization being unable to continue business operations. A safety-critical system is one whose failure will result in human injury or loss of life. Is the John Hopkins system described above mission critical or safety critical? Why? Can you give an example of a safety-critical system that is not mission critical?

à the system is safety critical because the failure may cause injury or death. For example, Nuclear power plant reactors, airplane navigation, roller coasters, elevators, medical devices.

 

2. Cache and its associated application tools constitute a system that is used to build a wide variety of information systems for customers around the world. Do you think that the Cache software and tools should be considered a safety-critical system and undergo the rigorous development process associated with such systems? If so, what would be the implications for Intersystem and its customers in terms of costs and frequency of software modifications and updates? Would this put Intersystem at a competitive disadvantage to other software development companies?

à yes, the cache software and tools should be considered a safety critical system and undergo the rigorous development process associated with such system. The probability of an undesirable event occurring times the magnitude of the event’s consequences which includes damage of the property, loss of money, injury to people and death.

 

3. Should every organization that builds safety-critical systems be required to have all its system development processes and tools ISO-9000: 2008 certified? Why or why not?

à Yes, every organization that builds safety critical systems be required to have all its system development processes and tools ISO-9000: 2008 certified because it guides to quality products, services and management.