Thu Apr 10 00:55:18 HKT 2008 From /projects
local
(google search) (amazon search)
|
|
download here
Tue Mar 18 01:25:22 HKT 2008 From /projects/MSc/Software+Testing+and+Quality+Assurance Assignment1 Question1The programmer who writes a payroll program decides to add some ‘extra logic’. This is to revenge in case he should ever get fired from the company. The program contains logic that checks for his particular employee identification number before producing paychecks. If he is ever terminated with his employee identification number deleted from the company database, the payroll program will reset all data fields. Discuss this situation in terms of the error, fault, and failure. Suggest ways to detect this kind of problem. ==== Ans In terms of failure, for example, if HR fire this guy, his record will be deleted, and all the system user cannot see correct result of any operation, as all data are reseted. In terms of the fault, the problem is a fault of commission, the program should work like remove(userid); But the program code it as remove(userid); if(userid == xxx) deleteAllRecord() In terms of the error, the problem can be describe as a excpetional case in the system that will cause data loss. We can say this is a design mistake, a human error. In order to prevent this situation, we can have a testing server which try all operation on every user in the system to see if it work ok. However, as that programmer is one of the team, he might know how to found holes in the system anyway. Thus, the company should deploy version control system to log down all the code changes and execute peer review all the time. (google search) (amazon search) Tue Mar 18 01:25:22 HKT 2008 From /projects/MSc/Software+Testing+and+Quality+Assurance Assignment1 Question4A program fails in the field and someone dies. This leads to a trial. The plaintiff’s lawyer states three facts: 1. The failure occurred when the program reached a specific line of code. 2. That line of code had never been tested, and that is the reason that the defect had not been found before the product was released. 3. A code coverage tool was available to the test team. Had the test team used the tool, and tested to 100% statement coverage, this defect would have been found, and the victim would be alive today. Therefore, the lawyer has proved that the software developer was negligent. What is wrong with this argument? If you are the expert witness for the defendant, state 3 arguments against the conclusion. === ans 1) It is Impractical to test every path of the software, the developer should pay attention to the special case. 2) It is not fair to assert only test team fault for defect not found before release, because if it is the case the software developer don't need to responsible to any problem in any case. 3) Even if that line of code being tested, the test may pass for the test data, thus test coverage should only be a reference for the team. (google search) (amazon search) Tue Mar 18 01:25:22 HKT 2008 From /projects/MSc/Software+Testing+and+Quality+Assurance Assignment2 Question4Develop a formula which computes the net return of using both inspection and testing verse just using testing. Assume M=number of defects detected during inspection E=total hour spent on inspection H=average cost of a working hour C1=average cost of correcting a defect found during in-house testing C2=average cost of correcting a customer defect d1=estimated percentage of defects found during in-house testing d2=estimated percentage of defects found by the customer Net return = (Cost of using testing only – Cost of using both inspection and testing) Hint: compare the cost of correcting the defects when testing alone is used against the cost when both inspection and testing are used. (google search) (amazon search) Tue Mar 18 01:25:22 HKT 2008 From /projects/MSc/Software+Engineering+Process+for+High+Quality+Software Assignment2Process Area of Configuration Management(CM) Objective – Establish management of change of resource, A software project produces a number of resources during its execution, including various documents, programs, data, document. Some change rapidly in a short period, while some are more stable. Which adds a lot of complexity in project management because anything can change at anytime. Besides, difference resource have dependence of change, i.e. If the source code change which affect the business logic, the operation have to be updated otherwise causing confusion to the user. Which make the management even more complex. In order to avoid losing control of the project in the face of change, it is essential to set a CM process to maintains the integrity of the products of a project throughout the project life cycle. CM establishes and maintains the integrity of the products of a project throughout the project life cycle Inputs – The heart of the CM is a version control system which store and management the change of source code. Because this system is the heart of the development team and it is recommend to check in and check out frequency (so that other member can review his work quicker). It is better to have a delegate machine to run; Besides, we probably want to manage document in the other way, thus having a document management software is better. Some information also required, like project plans and schedules (e.g., Project Management Plan); reports, and review results; Change requests, authorized waivers and deviations; also specifications, requirements, designs, code, documentation, etc. Entry Criteria – Commitment to perform CM has been made Adequate resources (funding, personnel, tools) are committed to CM activities The CM Manager is trained or obtains training in the CM process There is same senior management responsible for the CM process Task – The first step is to choose and deploy a version control system, there are a lot of system available here is a list of criteria need to think about how the product fit in our environment: Concurrency control approach: two main approach, Lock-Modify-Unlock model and Copy-Modify-Merge model. As the name imply, Lock-Modify-Unlock is to lock the resource if one need to make changes, so that the other member cannot change that resource; while Copy-Modify-Merge model is every team member checkout a copy of the repository, and make change as they like, then commit to the system from time to time, then the system try the best to merge difference change to the central repository. If fail then report conflict to the member and ask the resolve the conflict manually before commit. File type support: Some only support manage difference of text files, while some able to manage difference of binary file also. Some even manage the change of directory. Atomic commit support: Some support atomic commit of multiple resource. So that every commit consist a tag number. While some don't support this so that the manager need to assign tag no. if needed manually. (Tag is a label to the source control to specific an instance of all resource) Choice of network layer: Does the version control support difference network layer? Some company need to support developer to make change to the source control outside office. However due to firewall politic some network layer is not allow to access outside office. Does the source control provide enough flexibility for the company need is a selection criteria also. Choice of storage media: Some just store the resource as file and some store at database. If store at database can provide best ACID support. While store as file provide ease of management. The CM manager should choose difference version control system accordingly. Level of distribution support allowed: Difference source control support difference level support of distribution, some able to work without network connection, some able to make local copy as branch immediately. The more the version control provide in the area, the more flexibility the team get. However, the trade off is the price and management cost. External tools support: Some organization require the version control talk to difference system like issue tracking or project management tools, otherwise the team have to update external system if needed manually. Performance of operation: Difference version control system use difference compare and resource scanning logic. Difference system have difference trade off. For most case this is not matter, but if the repository size is large the CM manager should look into this area. Once the version control system deployed, CM manager need to define the policy of using the source control system. Some example as follow: The commit resource must not make the system not able to compile. The commit resource must not break the unit test. The team member need to update from repository daily, or hourly. The team member should commit to repository daily. If external tools integration are not enabled, need the define what need to update per source control system updated, like mention the issue no. in the commit comment, or change the finish date of specific task from the project management tool. Difference team member have difference access right if it is large team, some only able to read a part of the system, and some only able to write to a part of the system. Some able to add new resource, some are not. Define the when should change the major version no, majar version no and build no Other than policy, CM manager need to responsible for some tasks, like: Design what resource should put at the source code system and what should not. For sure source code should put in version control system, and in the most case, we should put as much resource as possible so that we can maintain the integrity of the system. Define the tag when for unit test , system test and acceptance test. Also if specific test pressed need to assign a tag so that change a traceable. Define the requirement of tag that suitable to release a patch to customer, or define requirement of tag that suitable to release a upgrade version. Design when is the time to branch a branch, like stable branch and development branch. Define a release procedure Provide training session to the team of how to use the version control system and explain the CM process to the team Monitor the version control system to see if any problem of the system and rollback to suitable stable if necessary. If the requirement of the version control system change, CM manager need to schedule the system update or migration Coordination with other project activities, Review Status with Higher-Level Management Auditing the CM prcoess See how can improve the CM process and collect improvement information Some resource are not best to manage using version control system, like document, database schema. May be the team need to use difference tools or procedure to manage the change of these resource. May be we need to deploy a document control system, or define a format / procedure to change the document if needed. May be we need to deploy a tools to manage change of schema, or just store the DDL in version control system. Exit Criteria - The CM Process is a continuous activity that supports the entire span of life cycle of the project product. At the conclusion of the project life cycle, e.g. project closeout, the CM Process may be exited when all steps have been completed, metrics collected and suggestions for improvement have been delivered to the requested group. Or if the project transfer to other party, CM process information should also be transferred. Output - The whole development process are now traced and manageable. Manager can review the development process from the repository Team follow the defined policy to work on the system Provide tag for tester to get the suitable snapshot of the system to test. Baselined and controlled project products Collected, analyzed and archived CM review and audit reports Collected, analyzed and archived measures of CM performance, and audits of CM products Documented periodic process assessments. Measurement – CM manager should monitor the CM process closely, and make change if necessary, like change the various policy or change the available resource. Monitor software configuration status information Generate configuration status report to management Effort and funds expended for CM process (planned vs. actual). Impact of requirements changes on project cost and schedule, may be collected collaboratively with project development personnel. Number of configuration audits completed (planned vs. actual). Problem reported relay to CM Age of high priority Trouble Reports (duration from date submitted to date resolved). Number of CM audit discrepancies identified. (google search) (amazon search) Tue Mar 06 22:50:22 HKT 2007 From /projects/present JUnit Presentation(google search) (amazon search) Thu Jul 06 02:12:58 HKT 2006 From /projects/present jini presentation(google search) (amazon search) Wed May 10 00:10:12 HKT 2006 From /projects/MSc/Advance+Internet+Computing AICWeb(google search) (amazon search) Sat Apr 29 23:26:34 HKT 2006 From /projects/MSc/SCM COMP5226 Project Report(google search) (amazon search) Sat Apr 22 03:07:28 HKT 2006 From /projects/MSc COMP5252 XP - Refactoring(google search) (amazon search) Mon Mar 13 01:50:16 HKT 2006 From /projects/MSc/SCM Assignment11.Briefly describe different phases of a typical software development life cycle (SDLC)? Identify the software configuration items (SCI) of each SDLC phase and propose the control process for each of these SCI(s). (10 marks) Ans: Of a typical software development life cycle (SDLC), there are 4 major phrase: a) Requirement analysis b) System Design c) Implementation d) Testing Amount these phrase, there are following SCI: a) Requirement analysis: Specification document b) System Design: Various design diagrams c) Implementation: Database script, build script, source code, configuration files, library using and possible other resources like image and html pages d)Testing: Unit test case, functional test case, integrational test case, test data and test result All these SCI need to put under control process because all these resources are change frequent, we need to know who make change, why change needed and if the change depend on anything else. ==================================================== 2.Describe the SCM process of your company and identify areas for improvement. Provide rationale for each improvement area. (10 marks) Ans: Basically we put all resource mentioned at 1) at a version control system call CVS. Every 2 weeks we will do a formal build with a specific build no. The issue tracking system will generate a report to show the new build fix which issue (possible bugs or enchancement) from which clients. Then we will deliver the build to those clients wait for these fix. Not every build will be standard upgrade to every clients. Only when the build that process thorough testing will deliver to every clients as standard upgrade. And we actively maintain 3 branch of resources , one is latest production version, one is previous production version and the last one is in development branch. Most client are encourage to use latest production version, this version will add minor enchancement and major change should be bug fix. The previous production version is only keep in case there are still some clients have not upgrade, this branch should not add any enchancement and only major bugs will be fixed at this branch. For latest production branch, all bug fix should apply here and this is the place where active development features added here. For older versions we will still keep in database only for archive and no change will be apply on them. For all these 3 branch, every night the build system will checkout the latest copy and do automatic build, then run unit, integrational and functional testcase to make sure there is no major problems. There is an engineer responsible for in house system and he will take care for the hardware and software of the SCM related systems. As we are a small software house, there is no formal policy of accessing SCM, every can read and write to the system. However, every change should related to some issue at the issue tracking system, include bug fix or enchancement. Also, everyone are suppose to update at least once everyday and he should review the changes from other to see if any major problems exist in others changes. There are following improvement areas I can see: a) We can use better software and hardware for the system, instead of CVS, there are better choice like subversion which support more features like ACID comment and binary versioning. And we can have better hardware so that we can do more frequent contiuous integration testing. b) Other than resource mentioned at 1), there are resource that outsides SDLC also should controlled at the SCM, like the user guides and various FAQ to get the benefit of the systems c) Improve the inter dependence checking of various resource, for example source code should sync with schema otherwise the system must be fail. For now we haven't check if this 2 resources is sync or not. But we can add this dependence checking one version no. tag of different resource to minimize resource out of sync. This especially useful for documentation like user guide. ==================================================== 3.The national stock exchange system fails that leads to frequent outage of stock trading. The regulator has appointed an independent consultant to investigate the incidence. Report highlights that the outage was caused by software configuration problems. Software configuration problem fall into four kinds (i.e. source, build, deployment and version). Give two examples of each kind of software configuration problems. For each example you give, propose a policy to ensure proper management and control to mitigate future failure risk.(10 marks) Ans: [source] a) A programmer overwrite B programmer change of source code. Solution: Set up a version control system and require programmer submit code changes to that version control system. Then the system will detect confilct of changes and ask the programmer to resolve those confilct before submit. b) A programmer find that his code are modified by somebody and likely to have problem, but he don't know who change this and the reason of change. Solution: Require programmer to leave comment and author name when commiting code. [build] a) Different people create release build at difference machine with difference compiler, libraries, environment, which lead to various incompatible issue. Solution: standardized the build process, document the version of library, environment and compiler support / needed. b) Some bugs suppose been fixed at a build but the client found the problem still exist. Eventually we found that someone use the old version of source to create the build / somebody put the wrong bug no. with build no. solution: Automate the build process so that build must create from latest source of specific branch. Also to trigger issue tracking system with source control system so the build no. will sync with bug fixed. [deployment] a) There are many support call once upgrade release, either for bug report or installation question. Solution: release build must pass preliminary testing and usability test. b) Someone stead our software via download our software from our website. Solution: Setup up licencing information and provide licence key to pay client using security channels. [version] a) Often forget apply fix to older supported branch. Solution: Apply fix to all supported branch is a requirement of mark an issue fix. b) Only verify fixed at one branch but not the others. Solution: Make is as a requirement to mark an issue verify fix only if issue verified at supported branch. ==================================================== 4.You are tasked to implement the change control board (CCB) for a software company. Develop a plan for implementing the CCB. Explain your implementation process to top-management in terms of the goals of the CCB, the policies and procedures that should govern the CCB and the roles of the participants for the practice. (20 marks) Ans: The goal of having CCB is to ensure that change commit to the baseline are proper reviewed and eliminate the chance of having invalid baseline. The board should consist of members from: Development, Test, Support, Supply Chain, Network Operations, Program Management/Release Management , Finance and Marketing. Configuration Management shall solicit approvals from required parties. Normal change requests will be queued for review at regularly scheduled CCB meetings. Urgent requests will be immediately hand carried and/or emailed to the appropriate parties for approval. First, Change requests should be submitted through Development or Program Management. A change request must be written and should include, at minimum, the following criteria: Definition of the change: What is the change and why is it needed Areas impacted (including, but not limited to: Device hardware, Client software, Server Team, Network Team, ID, Manufacturing Process) Documentation to be updated (including, but not limited to: Plan of Record document, Engineering Specification(s), UI spec, user guide) Level of Change Emergency �V Requires immediate attention. Must have accompanying disposition plan Normal �V Process normally. Running �V Process as part of next normal change. Dependencies (on other pending changes, on pending decisions, on assumptions) Estimated dollar impact to the organization, as applicable (savings or cost) Requested date of implementation After review, CCB should approval or deny the request with reason, if approval then the change will commit to the baseline (google search) (amazon search) Fri Jan 13 01:49:45 HKT 2006 From /projects/javadict 13-01-20061) don't bring windows foreground if result not found or input don't look like a word 2) crop non-letter characters 3) allow customize library locataion (google search) (amazon search) Sun Dec 11 18:54:38 HKT 2005 From /projects/MSc/E-commerce+Fundamentals+and+Development Assignment 2(google search) (amazon search) Fri Nov 18 02:01:38 HKT 2005 From /projects/MSc/Software+Engineering+Process+for+High+Quality+Software Assignment1Due date: October 30, 2005 Instructions: Using the software life cycle checklist in Unit 2, assume you are in the situation described in the case study (refer to Unit 1). Which software life cycle model -- or combination of life cycle models -- would you choose for the project. Justify your answer. (10 marks) =============================================== I think "2.11 Incremental Model" is the best of this case, and first finish the core, important function then go on to lower priority tasks, in order to justify the answer, may be we first analysis the problem in point form: 1) Management design to shorten the project deadline and increase the project scope too early. They don't know if their team can deliver or not, they just think raise the salary and adding more staff can solve the project. However, turn out it doesn't. If rapid prototyping model used here can help the manager see the result in difference stage of the project and make correct ( or, at least, reasonable ) time estimation and project scope planning. Even the management still making wrong decision base on the early build, they can quicker know what going wrong in the middle of the project and approval corresponding actions. In summary, the management is only planning and communicating with idea without ground; If Incremental Model used, they can plan and communicate base on real build, which they can see the demo to understand the process. 2) Teamwork problem Project manager don't listen to the team and hire a temp. programmer, turn out all the code from that temp. programmer needed to be rewrite. Even worst is the manager hire the other temp. programmer after that and the new temp. programmer even overwrite code from the other. Clearly, this is a management problem which I don't think any software process can help a lot. However separate the project into difference stage of build can help to guarantee the code submitted is workable and prevent wasting the first temp. programmer time to write throw away code. As he have to deliver working builds at every stage. Of course, if the project manager read the book "The Mythical Man-Month", he probably don't assigning more programmers to a project running behind schedule. However, say he still going to do that, there are still a series of builds for the new comer to study. Which can help the second temp. programmer picking up stuff faster. 3) Software cannot adapt changes Once the requirement change, the project get into adaption problem. It first easy to consider cause by using too less time for design and analysis. However, you cannot design your program for the unknown new requirement, right? You may argue that using more time to design can make the architecture more flexible to adapt change. However It rarely work and the flexible come with price, both in development and maintaining ( please refer to http://c2.com/cgi/wiki?YouArentGonnaNeedIt for further argument, ) The team need to have good unit test coverage to the project so that if there are requirements change, so that help programmer to make change safer and prevent a lot of side effect, unit tests can also help to find problems for code modification. In Incremental Model, there are already test for difference build. Obviously it help to prevent problem. Even better is the project occupy test first development ( http://c2.com/cgi/wiki?TestingFirst ) so that test coverage even better. Finally, project delay, quality is low and team break down. As the project develop in a wrong way, these hard to prevent. And it even more hard to correct the problem after it arise. So we should take action before happen. If the team using "Incremental Model" they can deliver the working early build first (if needed) and delay the reminding task into next release. Usually it work fine in most case, because the core function should already there and work nicely. Also the quality should be good as the core function should have tested many time before as every build there are independence testing for the system. Of course, this process come with a drawback that require more planning and the effort used at testing and design possible to have duplication. However, as they already have a team. I think they should hire a QA people to monitor the process rather than hire to temp. programmer. The QA can help the team carry the process to achieve expected result. (google search) (amazon search) Fri Oct 28 02:14:03 HKT 2005 From /projects/MSc/E-commerce+Fundamentals+and+Development Assignment1In the tutorial, we have discussed BEST.com particularly from a B2B perspective. In this question, you need to investigate how to provide a customized banner service. Basically, BEST.com provides banners based on a consumer's profile (e.g., the web sites he/she visited before). You should think about how to integrate this service with the previous B2B banner service. Using a step-by-step approach, explain how the service works technically. In particular, you should explain the technical details with reference to HTTP, HTML and Cookies. (25 marks) ================================================================================== Let the BEST.com partner as A, BEST.com as B and end user as C. And what we only need to track is the page that C visit partner of BEST.com before. 1) C visit A, issue initial request header. Header: GET /index.jsp HTTP/1.0 (If C visit A before, cookie are sent with header, first time visit don't press cookie) Cookie: client=XXX (Sent C previous visit page) Cookie: visited=YYY 2) [Missing step, forward to best.com] 3) A then give the page to C with the banner code, assume the banner is generate using javascript Header: HTTP/1.0 200 OK Set-Cookie: client=XXX (if first visit) HTML: ..... ... .... The banner image source, in fact is a server side program which will generate customized image source and setup the correct MIME type 3) Once C click the banner, the browser will execute the javascript function doSubmit and generate URL with "history" parameter and request best.com to banner target Header:GET /banner.jsp?fromhost=bannerhostingpartnerid&advid=YYY&client=XXX&history=[encoded parameter with URL histories] HTTP/1.0 4) best.com take the parameters and do the following thing a) record the click rate of the banner hosting website using "fromhost" value b) record the "history" parameter in order to calculate suitable adv. for the end user c) forward the end user to adv. target. Thus, best.com response with following response header: HTTP/1.0 302 Move Temporarily Location: http://www.advtarget.com/?from=best.com 5) C get best.com respones, then issue another request to advtarget.com Header: GET /?from=best.com HTTP/1.0 Referer: http://www.best.com 6) Finally, advtarget.com get the request and display the page to the user. Header: HTTP/1.0 200 OK ...... (google search) (amazon search) Mon Oct 10 23:49:07 HKT 2005 From /projects/MSc/Software+Testing+and+Quality+Assurance Assignment1 Question2Describe the test process of your company in detail. Identify 3 areas that can be improved. === ans 1) We gather the require, then figure out how to implement it (design, but don't have format method) then go ahead to coding 2) During coding phrase, we add junit unittest in parallel, those test are not run independence from other part of the system, in fact tests will run automatically everynight for all DBMS supported. 3) And the tester work for function test with tool call maxq after development: http://maxq.tigris.org/docs/edit.html , but this part is very limited 4) Sometime the client service colleague will try out the feature before send a bulit to customer, but sometime (if it urgent or minor), we will setup a test site and let client try it out. 5) If problem arise, we have an issue tracker (we use a software call test tract pro) , then we log down information there and fix bug according. So that is, I've some idea of improving the testing process... but I don't know if my company ok for this, and I also don't know if my colleague like this or not 1) Try to involve customer in test before deliver, one mailing list discussion can refer to (http://groups.yahoo.com/group/agile-testing/message/7196) 2) Having a test plan before implementation, at least we will communicate with difference parties and make sure the other know how the software should work before coding. 3) As we've using issue tracker, we can query which part of the system easy to have problem and we can write more unit/function test about that part of system. 4) Formalize the build process, make everyone know what have been fixed or implemented. (google search) (amazon search) Mon Oct 10 23:32:09 HKT 2005 From /projects/MSc/Software+Testing+and+Quality+Assurance Assignment1 Question3For the following program segment, draw its flow graph, and identify the basis paths. Can you find a set of test data that test each path? Why?
=== Ans Flow graph:
Cyclomatic number is number of binary decision nodes + 1 which is 4 in this case. They are: a: (1)-(2)-(3)-(4)-(5)-(6)-(7)-(8)-(9)-(10)-(11)-(3)-(12) b: (1)-(2)-(3)-(4)-(5)-(7)-(8)-(9)-(10)-(11)-(3)-(12) c: (1)-(2)-(3)-(4)-(5)-(6)-(7)-(9)-(10)-(11)-(3)-(12) d: (1)-(2)-(3)-(12) And we cannot find a set of test data that can test every path, because this method don't accept any parameter, The only variable using will initize from zero, then when it increase to two, it will execute line (6) then break the loop, line (8) will never be executed. (google search) (amazon search) Mon Oct 10 02:18:08 HKT 2005 From /projects/MSc/Software+Testing+and+Quality+Assurance Assignment1 Question5Which of the following are typically inputs to the system-level testing process? I System Performance Requirements II System Functional Requirements III Program Code IV System Design Specifications === Ans I System Performance Requirements II System Functional Requirements (google search) (amazon search) Mon Oct 10 02:16:26 HKT 2005 From /projects/MSc/Software+Testing+and+Quality+Assurance Assignment1 Question6Why does a combination of different testing methods outperforms any single method alone? Give 4 reasons. === Ans 1) Difference test have difference pros and cons, e.g. unit test are simple to create but cannot the full picture, which integration test can see the full picture but easy to miss a special case. 2) The defect discover rate of any single test method is in a narrow range. If you only put small amount of resource you usually can at least found some defect, and even if you spend a lot of cost usually it cannot find a lot more defect. So distribute cost in difference test method is a more effective approach 3) Difference development phrase occupy difference testing methods, like in requirement phrase we can do some validation of the requirements, in design phrase we can have design inspection. it is easy to tell no matter how good you do in either testing methods, if you only test in one development phrase but ignore the other, you will ignore a lot of problems. 4) Some test is not to discover defect, like usability test. However, this is also one important aspect for the user. If you ignore this part can also cause problem: http://discuss.joelonsoftware.com[..]iscussTopicParent=27244&ixDiscussGroup=4 (google search) (amazon search) |