Software Quality Assurance (SQA).md

Software Quality Assurance (SQA)

[TOC]

Res

Related Topics

↗ ICT System Reliability (Correctness) & Verification ↗ Hardware Quality Assurance (HQA)

↗ SDLC (Software Development Life Circle) & SDLC Models ↗ SDL (Secure Development Lifecycle) ↗ SRLC (Software Release Life Circle) & Versioning

↗ Vulnerabilities /Vulnerabilities 🆚 Bugs (Incorrectness) 🆚 Feature ? ↗ Software Testing / Error, Faults and Failures

↗ Software (Program) Techniques & Binary Engineering ↗ Program Analysis Basics

↗ Formal Methods & Formal Verification (FV) ↗ Formal Verifications & Constraint Solvers (Proof Assistants)

Intro

🔗 https://en.wikipedia.org/wiki/Software_quality_assurance

Software quality assurance (SQA) is a means and practice of monitoring all software engineering processes, methods, and work products to ensure compliance against defined standards.[1] It may include ensuring conformance to standards or models, such as ISO/IEC 9126 (now superseded by ISO 25010), SPICE or CMMI.

It includes standards and procedures that managers, administrators or developers may use to review and audit software products and activities to verify that the software meets quality criteria which link to standards.

SQA encompasses the entire software development process, including requirements engineering, software design, coding, code reviews, source code control, software configuration management, testing, release management and software integration. It is organized into goals, commitments, abilities, activities, measurements, verification and validation.

🔗 https://en.wikipedia.org/wiki/Software_testing#Measures

Quality measures include such topics as correctness, completeness, security and ISO/IEC 9126 requirements such as capability, reliability, efficiency, portability, maintainability, compatibility, and usability.

1️⃣ Software Correctness and Completeness & Verification and Validation

This is about finding "bugs" ↗ Vulnerabilities /Vulnerabilities 🆚 Bugs (Incorrectness) 🆚 Feature ? ↗ Software Testing / Error, Faults and Failures

↗ ICT System Reliability (Correctness) & Verification

• ↗ ICT System Reliability (Correctness) & Verification /Verification 🆚 Validation

↗ Security Audit & Security Audit Trail

• ↗ Code Review ↗ Formal Methods & Formal Verification (FV)
• ↗ (Formal) Model Checking

↗ Software Testing

2️⃣ Software Security & Vulnerabilities

This is about finding "vulnerabilities" ↗ Vulnerabilities /Vulnerabilities 🆚 Bugs (Incorrectness) 🆚 Feature ? ↗ Software Testing / Error, Faults and Failures

Risk management & Cyversecurity

↗ Vulnerabilities

• ↗ Vulnerability Disclosure（漏洞挖掘） ↗ Software Security
• ↗ Software Vulnerability & Weakness
• ↗ Software (Program) Techniques & Binary Engineering
  • ↗ Techniques - Vulnerability Disclosure & Discovery
    • ↗ Fuzzing (Concrete Execution)
    • ↗ Data Flow Analysis
    • ↗ Symbolic Execution & Concolic Execution (SSE & DSE)
    • etc.
  • ↗ Formal Methods & Formal Verification (FV)

↗ Software Testing

3️⃣ Software Capability, Compatibility, Maintainability, and More...

↗ Software Development Norms & Patterns ↗ Cloud Computing & Cloud Native

↗ Software Testing

Ref