Unit6 - Subjective Questions
CSE320 • Practice Questions with Detailed Answers
Explain the concept of ISO 9001 in the context of Software Quality Management. What are its key principles?
ISO 9001 is a set of standards established by the International Organization for Standardization that defines the requirements for a Quality Management System (QMS). In software engineering, it ensures that an organization has structured processes in place to consistently produce high-quality software that meets customer requirements.
Key Principles of ISO 9001:
- Customer Focus: Understanding current and future customer needs to meet requirements and exceed expectations.
- Leadership: Leaders establish unity of purpose and direction, creating an environment where people are engaged.
- Engagement of People: Competent, empowered, and engaged people at all levels are essential.
- Process Approach: Understanding activities as interrelated processes that function as a coherent system.
- Improvement: A successful organization has an ongoing focus on improvement.
- Evidence-based Decision Making: Decisions based on the analysis and evaluation of data and information.
- Relationship Management: Managing relationships with interested parties, such as providers (suppliers).
Describe the SEI CMMI (Capability Maturity Model Integration) framework. List and explain its five maturity levels.
SEI CMMI is a process improvement training and appraisal program and service administered by the CMMI Institute (originally Software Engineering Institute). It guides process improvement across a project, a division, or an entire organization.
The 5 Maturity Levels:
- Initial: Processes are unpredictable, poorly controlled, and reactive. The success depends on individual heroics rather than a stable process.
- Managed: Processes are characterized for projects and is often reactive. Requirements, processes, and results are managed and documented.
- Defined: Processes are characterized for the organization and are proactive. Standard processes are established and improved over time.
- Quantitatively Managed: Processes are measured and controlled. Quantitative data is used to establish predictable processes that align with business needs.
- Optimizing: Focus on continuous process improvement. The organization uses data to identify defects and process variations to improve performance.
What is Six Sigma in software engineering? Explain the DMAIC methodology.
Six Sigma is a set of techniques and tools for process improvement. In software engineering, it aims to eliminate defects (bugs) and minimize variability in development processes. Statistically, it strives for near-perfection, targeting no more than $3.4$ defects per million opportunities (DPMO).
The DMAIC Methodology:
- Define: Define the project goals and customer (internal and external) deliverables.
- Measure: Measure the process to determine current performance and quantify the problem.
- Analyze: Analyze and determine the root cause(s) of the defects.
- Improve: Improve the process by eliminating and preventing root causes of defects.
- Control: Control future process performance to ensure that improvements are sustained.
Write a short note on the Personal Software Process (PSP).
The Personal Software Process (PSP) is a structured software development process that is intended to help software engineers understand and improve their own performance. It was developed by Watts Humphrey at the SEI.
Key Aspects of PSP:
- Self-Measurement: Engineers track their own work, defects, and time spent on tasks.
- Estimation: Using historical data to make better estimates for future projects.
- Quality Management: Encourages developers to find and fix defects early in the development cycle (e.g., during design or code review) rather than in testing.
- Discipline: It provides a disciplined framework for individual engineers, serving as the foundation for the Team Software Process (TSP).
Define CASE tools. Distinguish between Upper CASE and Lower CASE tools.
CASE (Computer-Aided Software Engineering) tools are software applications used to support, accelerate, and smooth the software development lifecycle (SDLC). They automate various activities involved in software development.
Distinction between Upper and Lower CASE:
| Feature | Upper CASE Tools | Lower CASE Tools |
|---|---|---|
| Phase Support | Support the early phases of the SDLC (Planning, Analysis, and Design). | Support the later phases of the SDLC (Implementation, Testing, and Maintenance). |
| Focus | Focus on describing system requirements and properties. | Focus on generating code and system debugging. |
| Examples | Diagramming tools (ER, DFD), Requirement Analysis tools. | Code generators, Debuggers, Testing tools. |
What are the different types of Software Maintenance? Explain each with an example.
Software maintenance is the modification of a software product after delivery to correct faults, improve performance, or adapt to a changed environment.
Types of Maintenance:
- Corrective Maintenance: Reactive modification to fix discovered problems or bugs.
- Example: Fixing a login error that prevents users from accessing the system.
- Adaptive Maintenance: Modification to keep the software usable in a changed or changing environment.
- Example: Updating the software to work with a new version of the Windows or Android operating system.
- Perfective Maintenance: Modification to improve performance or maintainability (enhancements).
- Example: Optimizing a database query to make a report generate faster, or adding a 'Dark Mode' feature.
- Preventive Maintenance: Modification to detect and correct latent faults in the software product before they become effective faults.
- Example: Refactoring code to reduce complexity and improve documentation to prevent future bugs.
Discuss the major challenges in Software Maintenance.
Software maintenance is often considered the most expensive phase of the SDLC. Several challenges contribute to this cost and difficulty:
- Legacy Code: Maintaining old code with obsolete technologies (e.g., COBOL) where expertise is scarce.
- Lack of Documentation: Original developers often fail to document code properly, making it difficult for maintenance engineers to understand the logic.
- Personnel Turnover: The original authors of the code may leave the organization, taking tacit knowledge with them.
- Ripple Effects: Changing one part of a complex system may inadvertently break other parts (regression).
- Lehman’s Laws: As a system evolves, its complexity increases unless work is done to maintain or reduce it.
- Cost: It requires significant budget allocation, often diverted from new development.
Explain the concept of Software Reuse. What are its benefits and barriers?
Software Reuse is the process of creating software systems from existing software assets rather than building them from scratch. Assets can include source code, design patterns, requirements specifications, and test cases.
Benefits:
- Increased Reliability: Reused components have typically been tested and used before, reducing bugs.
- Reduced Development Cost: Less code to write means lower costs.
- Faster Time-to-Market: assembling existing components is faster than creating new ones.
Barriers:
- "Not Invented Here" (NIH) Syndrome: Developers preferring to write their own code.
- Maintenance of Library: Creating and maintaining a repository of reusable components requires effort.
- Lack of Standards: Difficulty in finding components that fit specific architectural requirements.
What is Component-Based Software Development (CBSD)? How does it differ from traditional development?
Component-Based Software Development (CBSD) is a paradigm that emphasizes the design and construction of computer-based systems using reusable software components. It involves shifting from programming software line-by-line to composing software systems by wiring together pre-built components (often Commercial Off-The-Shelf or COTS).
Differences from Traditional Development:
- Granularity: Focuses on loosely coupled 'components' with well-defined interfaces rather than functions or objects.
- Development Cycle: The lifecycle involves finding, selecting, and integrating components rather than requirements-design-code-test in a linear fashion.
- Independence: Components are designed to be independent and deployable contexts, whereas traditional modules might be tightly coupled to the specific application.
Explain Cloud-native software development. What are its core technologies?
Cloud-native software development is an approach to building and running applications that exploits the advantages of the cloud computing delivery model. It focuses on how applications are created and deployed, not just where.
Core Technologies/Pillars:
- Microservices: Breaking applications into small, independent services that communicate via APIs.
- Containers: Packaging software (code + dependencies) into standard units (e.g., Docker) for consistent deployment across environments.
- DevOps & CI/CD: Continuous Integration and Continuous Delivery pipelines to automate testing and deployment.
- Orchestration: Managing the lifecycle of containers (e.g., Kubernetes) to handle scaling and failover dynamically.
Discuss the role of AI in Software Development. How do tools like GitHub Copilot and Amazon CodeWhisperer assist developers?
Artificial Intelligence is transforming the SDLC by automating repetitive tasks, improving code quality, and accelerating development.
Role of AI Tools (Copilot/CodeWhisperer):
- Intelligent Code Completion: These tools use Large Language Models (LLMs) to predict and complete lines or blocks of code based on context and comments.
- Natural Language to Code: Developers can describe a function in plain English (e.g., "Write a function to calculate the Fibonacci sequence"), and the AI generates the syntax.
- Test Case Generation: AI can analyze code and automatically generate unit tests to ensure coverage.
- Refactoring & Explanation: AI can explain complex legacy code snippets or suggest more efficient ways to write existing logic.
- Bug Detection: Identifying potential vulnerabilities or logic errors before the code is even run.
What are Low-code / No-code platforms? How are they changing the software industry?
Low-code / No-code (LCNC) platforms are development environments that allow users to create application software through graphical user interfaces (GUIs) and configuration instead of traditional computer programming.
- Low-Code: Requires some coding skill but reduces the amount of boilerplate code. Targeted at developers to speed up delivery.
- No-Code: Requires zero coding knowledge. Targeted at "Citizen Developers" (business users).
Impact on Industry:
- Democratization: Business analysts and non-technical staff can build internal tools without waiting for IT.
- Speed: Drastically reduces development time for standard CRUD (Create, Read, Update, Delete) applications.
- Resource Management: Allows professional developers to focus on complex, high-value problems while standard apps are handled via LCNC.
Differentiate between Reverse Engineering and Forward Engineering.
Reverse Engineering and Forward Engineering are two opposing directions of the software engineering process, often used together in software re-engineering.
-
Forward Engineering:
- Definition: The traditional process of moving from high-level abstractions and logical designs to the physical implementation of a system.
- Flow: Requirements Design Code.
- Goal: To create a new system from scratch.
-
Reverse Engineering:
- Definition: The process of analyzing a system to identify the system's components and their interrelationships and create representations of the system in another form or at a higher level of abstraction.
- Flow: Code Design Requirements (Mental Model).
- Goal: To understand a legacy system for documentation, maintenance, or re-implementation.
Compare ISO 9001 and SEI CMMI.
While both models aim to improve software quality, they approach it differently.
| Feature | ISO 9001 | SEI CMMI |
|---|---|---|
| Origin | General industrial standard (generic). | Specifically designed for the software industry. |
| Focus | Focuses on the minimal requirements for a Quality Management System (Pass/Fail). | Focuses on continuous process improvement (Levels 1-5). |
| Scope | Certification demonstrates compliance with a standard. | Appraisal indicates a level of process maturity. |
| Structure | Define requirements that must be met. | Defines goals and practices to achieve maturity levels. |
| Relation | ISO certification helps in achieving CMMI levels, but CMMI is more detailed for software processes. | CMMI is often considered more rigorous for software development than generic ISO. |
Define Software Re-engineering. Describe the Re-engineering process cycle.
Software Re-engineering is the examination and alteration of a subject system to reconstitute it in a new form and the subsequent implementation of the new form. It is often done to prevent software from becoming obsolete.
The Re-engineering Cycle:
- Inventory Analysis: Assessing the portfolio of applications to determine which candidates should be re-engineered based on business value and technical quality.
- Document Restructuring: Improving or creating documentation for the legacy system.
- Reverse Engineering: analyzing the code to extract design and requirements.
- Code Restructuring: Modifying the source code to make it structured and understandable (refactoring).
- Data Restructuring: Cleaning and reorganizing the database schema.
- Forward Engineering: Using the recovered design to generate the new system using modern technologies.
What is the Integrated CASE (I-CASE) environment?
Integrated CASE (I-CASE) refers to a set of CASE tools that rely on a common repository and user interface to support the entire software development lifecycle, rather than just specific phases.
Key Features:
- Central Repository: All tools share a central database (repository) where requirements, designs, and code metadata are stored. This ensures consistency.
- Seamless Data Flow: Outputs from an Upper CASE tool (e.g., a DFD diagram) can be directly used by a Lower CASE tool (e.g., code generator) without manual re-entry.
- Consistency: Changes in the design phase automatically reflect in the documentation and potentially the code structure, maintaining synchronization.
Explain the formula for defects in Six Sigma and the statistical meaning of .
Six Sigma is a statistical term used to measure the quality of a process. Sigma () represents the standard deviation or variation in a process.
Statistical Meaning:
- In a normal distribution curve, the area under the curve represents the population of opportunities.
- (Six Sigma): This level of quality means that the process limits are 6 standard deviations away from the mean on both sides.
- This results in an error rate of extremely low probability.
The Metric:
At the Six Sigma level, the process produces only $3.4$ Defects Per Million Opportunities (DPMO). This implies the process is defect-free.
What are the advantages and disadvantages of Cloud-native applications compared to monolithic on-premise applications?
Advantages of Cloud-Native:
- Scalability: Microservices can be scaled independently (horizontal scaling) based on demand.
- Resilience: If one microservice fails, the whole application does not crash.
- Faster Release: CI/CD allows for frequent updates without downtime.
Disadvantages/Challenges:
- Complexity: Managing distributed systems, networking, and data consistency between microservices is significantly harder than a monolith.
- Security: A larger attack surface due to many API endpoints.
- Debugging: Tracing a request through multiple services requires advanced monitoring (observability) tools.
How does AI-driven code generation impact the role of a software engineer?
AI-driven code generation (using tools like GitHub Copilot) is shifting the role of software engineers from "Code Writers" to "Code Reviewers" and "System Architects".
Impacts:
- Productivity Boost: Boilerplate code (e.g., API calls, UI structures) is generated instantly, saving time.
- Focus on Logic: Engineers spend more time on high-level logic, security, and architecture rather than syntax.
- New Skill - Prompt Engineering: Developers must learn how to effectively query the AI to get the best code output.
- Verification: There is a higher need for rigorous code review and security auditing, as AI can hallucinate or produce insecure code.
- Learning Curve: Juniors may rely too heavily on AI, potentially hindering their understanding of underlying principles if they don't study the generated code.
Explain the concept of Software Configuration Management (SCM) in the context of maintenance.
Software Configuration Management (SCM) is the task of tracking and controlling changes in the software. It is critical during the maintenance phase to prevent chaos.
Key Functions in Maintenance:
- Version Control: Keeping track of different versions of the software (e.g., v1.0, v1.1). If a maintenance patch fails, SCM allows rolling back to the previous stable state.
- Change Control: A formal process to approve or reject change requests (CRs) to ensure that maintenance doesn't introduce unnecessary features or risks.
- Auditing: Ensuring that the released software matches the documentation and requirements.
- Baseline Management: Defining a stable state of the software from which future changes are made.