1
CISQ Introduction CISQ Introduction and Objectivesand Objectives
Dr Bill Curtis S i lDr. Bill CurtisDirector, CISQwww.it-cisq.org
1
Specialthanks to
CISQ Executive Forum AgendaCISQ Executive Forum Agenda
9:00- 9:30 Welcome & Introductions Mr. Ganesh Natarajan, NASSCOM
9:30-10:15 Introduction to CISQ Dr. Bill Curtis, CISQ
10:15-10:30 break10:15-10:30 break
10:30-11:15 Introduction to the SEI Dr. Paul Nielsen, SEI
11:15-12:00 Introduction to OMG Dr. Richard Soley, OMG
12:00- 1:00 lunch
1:00- 2:30 Forum−Quality Issues Moderator: Bill Curtis
2:30 2:45 break2:30- 2:45 break
2:45- 4:00 Forum−CISQ Objectives Moderator: Bill Curtis
4:00- 4:30 Summary and Adjourn Nielsen, Soley, & Natarajan
2
2
The Software Quality DilemmaThe Software Quality Dilemma
National Research CouncilNational Research CouncilSoftware for Dependable SystemsSoftware for Dependable Systems
“As higher levels of assurance areAs higher levels of assurance are demanded…testing cannot deliver the level of confidence required at
a reasonable cost.”
“The cost of preventing all failures will usually be prohibitively
expensive, so a dependable system will not offer uniform levels of
“The correctness of the code is rarely the weakest link.”
will not offer uniform levels of confidence across all functions.”
Jackson, D. (2009). Communications of the ACM, 52 (4)
Software Engineering’s Software Engineering’s 44thth Wave Wave
What: Architecture, Quality characteristics, ReuseWhen: 2002Why: Ensure software is constructed to standards
that meet the lifetime demands placed on itProductProduct
44
What: Design methods, CASE toolsWhen: 1980-1990Why: Give developers better tools and aids for constructing
22
What: CMM/CMMI, ITIL, PMBOK, AgileWhen: 1990-2002Why: Provide a more disciplined environment for
professional work incorporating best practicesProcessProcess
33
What: 3rd & 4th generation languages, structured programmingWhen: 1965-1980Why: Give developers greater power for expressing their
programsLanguagesLanguages
11
Why: Give developers better tools and aids for constructing software systemsMethodsMethods
3
Why CISQ?Why CISQ?
• Industry needs software quality measures:– Visibility into business critical applications– Control of outsourced work– Control of outsourced work– Benchmarks
• Current limitations:– Manual, expensive infrequent use– Subjective not repeatable or comparablej p p– Inconsistent definitions burdens usage
5
Partnership
What Is CISQ?What Is CISQ?
CISQIT organizations,
Outsourcers,Government
p
IT Executives
Technical experts
Government, Experts
Define industry issuesDrive standards adoptionCreate assessment
infrastructure
Application quality standardOther standards, methodsTechnical certification
6
4
CISQ MembersCISQ Members
Initial CISQ ObjectivesInitial CISQ Objectives
Raise international awareness of the critical challenge of IT software quality1
Develop standard, automatable measures and anti-patterns for evaluating IT software quality2
Promote global acceptance of the standard in acquiring IT software and services3 acquiring IT software and services
Develop an infrastructure of authorized assessors and products using the standard4
5
CISQ OperationsCISQ Operations
• CISQ Executive Meetings– Annual Executive Forums– Quarterly Webinars on progress and special topics
• Quarterly CISQ Technical Meetings– Initiated Q1 2010– Virtual to the extent possible– Distributed work on prioritized quality attributes
9
• Member Involvement– Executives – 1 day per year– Delegates – 2-4 weeks per year
CISQ StatusCISQ Status
• Executive Forums in Frankfurt, Germany; Arlington, Virginia; & Bangalore, India
• Five Technical Work Groups established⎯ Based on Executive Forum priorities⎯ Member assignment of delegates underway
• Standards targeted for 2011, first draft for some Work Groups expected in December 2010Work Groups expected in December 2010
6
CISQ Standards ProcessCISQ Standards Process
Function Points
Technical Work Groups
Defined Measures
Knowledge Discovery Meta-modelStructured Metrics Meta-model
ISO2500014143
CISQExec
Forum
Maintainability
Reliability & Performance OMG Best
Practices
Measures 27000
ISO15939
Security
Methods for Metrics Use
Weaknesses& Violations
Pattern MetamodelKnowledge Discovery Meta-model
ISO17799CVSS
Size Technical Work GroupSize Technical Work Group
Team Lead
David
ObjectiveCreate a definition of Function Points that is as close to IFPUG ti l
David Herron
DCG
IFPUG counting rules as possible, while resolving the issues necessary to enable fully automated counting at the source code level
7
Security Technical Work GroupSecurity Technical Work Group
Team Lead
Robert
ObjectiveDevelop automated source code measures that predict the
Robert Martin
MITRE
code measures that predict the vulnerability of source code to external attack. Coordinate work products with work in the software assurance community
Future CISQ DirectionsFuture CISQ Directions
• CISQ will pursue member-driven objectives– Determined by CISQ Executive Forum– Consensus among CISQ members of problem to be addressed
• Early requests for additional objectives:– Defect and failure-related definitions– Business value measures related to application quality– Size measures
• Use of Executive Forum for addressing industry issues– Quality-based SLAs in outsourcing contracts– Benchmarking– Industry response to regulatory challenges
14
Top Related