Hardware Reference
In-Depth Information
service”. The risk-driven quality management process is inter-related with the
normal software development processes. After defining quality objectives, po-
tential quality risks can be identified. The impact of each potential risk can be
analysed and ranked according to its probability of occurrence and severity of
damage. The amount of effort to monitor, eliminate or prevent specific risks can
be determined by the level of risks.
Based on the studies that discusses software risk management processes
[26,25,15], QATs have been grouped into two main categories: Quality Assess-
ment and Quality Control (see Fig. 1). Below, safety techniques are used as case
examples in the description of these categories.
Fig. 1.
Categorisation of QATs: Quality Assessment and Quality Control
Quality Assessment Techniques
1. Risk Identification - Involve QATs which produce lists of the project-specific
quality risk items may compromise a project's satisfactory outcome. Typical
QATs for safety include hazard identification techniques such as Hazard and
Operability Study (HAZOP), “What if” Checklist.
2. Risk Analysis - Involve QATs which produce assessments of the probability
and magnitude of losses associated with each of the identified quality risk
items, and assessments of compound risks involved in risk-item interactions.
Typical QATs for safety include hazard analysis techniques such as Failure
Mode and Effect Analysis (FMEA), Fault Tree Analysis (FTA).
3. Risk Prioritisation - Involve QATs which produce a prioritised ordering of the
quality risk items identified and analysed. Typical QATs for safety include
techniques used to rank the impact of identified hazards such as Consequence
Analysis, Criticality Analysis.
Quality Control Techniques
1. Risk Treatment - Involve QATs which resolve, reduce or eliminate risk items
and take corrective action when appropriate. Typical QATs for safety include
hazard reduction design such as simplification and decoupling or corrective
actions such as improve error recovery (e.g. feedback, checking procedures,
treating system failures and supervision).
