| Software is the most treacherous component of any information system. The other two components, hardware and communications networks by themselves, have attained a far higher level of performance and reliability over the last 50 years. Microprocessor performance, for example, has increased by a factor of some 200 million times over software during this period. Modern communications networks provide means to move and access colossal volumes of data, images, and voice across an organization and globally. However, modern communications networks and especially the Internet have also created the potential for malicious and accidental accesses and other security vulnerabilities. But it is the design weaknesses in software that for the most part make information systems vulnerable and unreliable. Even while hardware performance has attained amazing performance levels, the ultimate promise of any information system depends on the dependability of its softwarewhich is the subject of this book. Table 2.2 describes some common software quality definitions and attributes. Software metrics are discussed in some detail in Chapter 3, but it will be helpful to identify a few basic concepts here. The most fundamental concept is the notion of quality itself. We define software quality as the degree to which a system, component, or process meets customer or user needs or expectations. This may have several components. of which software dependability is the most commonly cited deficiency. It encompasses various user requirements, including reliability, safety, security, and availability.[14] This is close to our concept of trustworthy software, except that for trustworthy software, we add and emphasize the capability of meeting customer trust and developing the capability to meet their stated, unstated, and even unanticipated needs. The five major challenges of trustworthy software are as follows: Reliability is the ability of software to perform its required functions under specified conditions for a specified time. It is essentially a software design quality and has to do with detecting errors rather than correcting errors. Safety refers to freedom from conditions that can cause death, injury, illness, damage to, loss of access to, or control over data, privacy, equipment, or property or environmental harm. Security pertains to the software's resilience to attack, thus providing protection of confidentiality, data integrity, and system availability. Maintainability refers to the ease with which a software system or component can be modified after delivery to correct faults, improve performance or other attributes, or adapt to a changed environment. Customer responsiveness is the ability of the software vendor to solicit, interpret, and respond to the preceding customer requirements. It also implies the possession of corresponding robust software design capabilities, the ability to train and transfer knowledge, the ability to help integrate existing systems, providing postimplementation support, the ability to provide upgradeable software and systems, and meeting the customers' cost and delivery schedule requirements. In particular, we emphasize the ability to meet customer trust and meeting their stated, unstated, and even unanticipated needs.
Table 2.2. Selected Software Quality AttributesQuality and Quality Attributes and Systems | Description |
|---|
Quality | The degree to which a system, component, or process meets (1) the customer's or user's stated, unstated, and unanticipated needs or expectations and (2) specified and implied requirements of other stakeholders. | Design for Six Sigma | A system to design and develop (new) products, processes, and services that meet customer requirements while being defect-free at the same time. | Design for Trustworthy Software (DFTS) | A system to design and develop software that is dependable (inclusive but not limited to reliability, safety, security, availability, and maintainability) and customer-responsive at various stages of the software life cycle. | Robust architecture (also called the Robust Software Development Model [RSDM]) | A software development model for developing trustworthy software (see Figure 2.6). | Robust Design | A methodology developed by Genichi Taguchi to develop products and processes that perform on target as per customer requirements despite the presence of factors that cause variability in user and manufacturing environment at the lowest possible cost. | Six Sigma | A philosophy, system of management, and methodology deployed to improve (existing) product, process, and service performance that are defect-free and that meet customer requirements in a cost-effective manner. | Software | Computer programs, procedures, and (possibly) associated documentation and data pertaining to the operation of a computer system. | Software availability | The ability of the software to provide functions of a type when the user needs them. Often expressed as uptime/(uptime + downtime). | Software capability | The degree to which a software vendor's systems, components, or processes can meet specified requirements and user needs and expectations. | Software dependability | Encompasses, among other attributes, reliability, safety, security, and availability. | Software design | Architecture and code of a software program to perform the required function. | Software maintainability | The ease with which the software system or component can be modified after delivery to correct faults, improve performance or other attributes, or adapt to a changed environment. Often expressed as MTBF/(MTBF + MTTR). | Software quality | The fitness of use of a software product. The degree to which a software product possesses a specified set of attributes necessary to fulfill stated or implied customer needs and satisfaction. (Program correctness is essential but insufficient if the software fails to satisfy the customer.) | Software quality attributes | Various requirements in software, such as reliability, safety, security, and availability, to fulfill stated or implied needs. | Software reliability | Essentially concerned with software design quality. Has to do with detecting errors rather than correcting errors. It is the ability of a software system or component to perform its required functions under specified conditions for a specified time. | Software safety | Freedom from conditions that can cause death, injury, illness, damage to or loss of access to and control over data, privacy, equipment, or property, or environmental harm. | Software scalability | The ability of a computer application to run on a larger machine or a parallel processor to handle a larger transaction volume or throughput in such a way that performance scales linearly or nearly linearly with volume. That is, if an application can handle a certain transaction volume on a given size of server, it should scale to handle four times that volume on a server that is four times larger. | Software security | The software's attributes pertaining to its resilience to attack, and providing protection of confidentiality, data integrity, and system availability. | Software transaction speed | The rate at which an application handles transactions on a given computer, usually measured in thousands of completed transactions per minute. | Software upgradeability | The ability of software to be easily reconfigured to handle more, larger, or more complex transactions. | Trustworthy computing | A hardware-software-network system that is dependable (inclusive but not limited to reliability, safety, security, availability, and maintainability) and customer-responsive at various stages of the system life cycle. | Trustworthy software | Software that is dependable (inclusive but not limited to reliability, safety, security, availability, and maintainability) and customer-responsive at various stages of its life cycle. |
Figure 2.6. A Robust Software Development Model 
These are the primary aspects of trustworthy software, but they are required to varying degrees depending on the software category and its application. For example, customer responsiveness is a particularly critical element in enterprise software. The important point here is that the software maker knows and listens to the voice of the customer (VOC), interprets it correctly, and can develop trustworthy software accordingly. An observation on the use of the word trustworthy may be in order. In a quality management context, the word trustworthy was first used by Deming. He used it to mean a determining factor in supplier selection, in the context of "driving out fear" from employees. We found Deming's use of the word and its context profoundly meaningful for the message we ourselves wanted to convey: Trustworthy and dependable software, or, for that matter, any product and service, can be provided consistently only by people who are trustworthy. This word also was used in Microsoft's "Trustworthy Computing" (TWC) initiative launched in 2002. In his landmark memos of January and July 2002,[15] addressed to the company's 50,000 employees worldwide, Microsoft Chairman Bill Gates wrote, "In the past, we've made our software and services more compelling for users by adding new features and functionality, and by making our platform richly extensible ... we've done a terrific job at that, but all those great features won't matter unless customers trust our software. So now, when we face a choice between adding features and resolving security issues, we need to choose security." Gates further stated that he believed that TWC was "the highest priority for the company and for our industry over the next decade: building a Trustworthy Computing environment for customers that is as reliable as the electricity that powers our homes and businesses today." Making software as reliable as electricity is an enormous challenge to the software industry. There is a clear need for collaboration between the software industry, software professionals, software users, regulatory agencies, and research institutions worldwide. DFTS, proposed in this book, provides a coherent structure and technology for addressing these software quality issues. |
