Waterfall model

The waterfall model is a sequential software development model (a process for the creation of software) in which development is seen as flowing steadily downwards (like a waterfall) through the phases of requirements analysis, design, implementation, testing (validation), integration, and maintenance. The origin of the term "waterfall" is often cited to be an article published in 1970 by Winston W. Royce (1929–1995) although Royce did not use the term "waterfall" in this article. Ironically, Royce was presenting this model as an example of a flawed, non-working model





History
In 1970 Royce proposed what is presently referred to as the waterfall model as an initial concept, a model which he argued was flawed (Royce 1970). His paper explored how the initial model could be developed into an iterative model, with feedback from each phase influencing subsequent phases. It is only the initial model that received notice; his own criticism of this initial model has been largely ignored. The phrase "waterfall model" quickly came to refer not to Royce's final, iterative design, but rather to his purely sequentially ordered model. This article uses the popular meaning of the phrase "waterfall model". For an iterative model similar to Royce's final vision, see the spiral model.
Despite Royce's intentions for the waterfall model to be modified into an iterative model, use of the waterfall model as a purely sequential process is still popular, and, for some, the phrase "waterfall model" has since come to refer to any approach to software creation which is seen as inflexible and non-iterative. Those who use the phrase "waterfall model" pejoratively usually see the waterfall model as naive and unsuitable for an iterative process.





Model


In Royce's original waterfall model, the following phases are followed in order:
1. Requirements specification
2. Design
3. Construction (AKA implementation or coding)
4. Integration
5. Testing and debugging (AKA Validation)
6. Installation
7. Maintenance
To follow the waterfall model, one proceeds from one phase to the next in a purely sequential manner. For example, one first completes requirements specification, which are set in stone. When the requirements are fully completed, one proceeds to design. The software in question is designed and a blueprint is drawn for implementers (coders) to follow — this design should be a plan for implementing the requirements given. When the design is fully completed, an implementation of that design is made by coders. Towards the later stages of this implementation phase, disparate software components produced ined to introduce new functionality and remove bugs.
Thus the waterfall model maintains that one should move to a phase only when its preceding phase is completed and perfected. However, there are various modified waterfall models (including Royce's final model) that may include slight or major variations upon this process.





Usage
The waterfall model is widely used by such large software development houses as those employed by the U.S. Department of Defense and NASA, and for many large government projects (see "the standard waterfall model" on the Internet Archive). Those who use such methods do not always formally distinguish between the pure waterfall model and the various modified waterfall models, so it can be difficult to discern exactly which models are being used and to what extent.

Supporting arguments
Time spent early on in software production can lead to greater economy later on in the software lifecycle; that is, it has been shown many times that a bug found in the early stages of the production lifecycle (such as requirements specification or design) is cheaper, in terms of money, effort and time, to fix than the same bug found later on in the process. ([McConnell 1996], p. 72, estimates that "a requirements defect that is left undetected until construction or maintenance will cost 50 to 200 times as much to fix as it would have cost to fix at requirements time.") To take an extreme example, if a program design turns out to be impossible to implement, it is easier to fix the design at the design stage than to realize months later, when program components are being integrated, that all the work done so far has to be scrapped because of a broken design.
This is the central idea behind Big Design Up Front (BDUF) and the waterfall model - time spent early on making sure that requirements and design are absolutely correct will save you much time and effort later. Thus, the thinking of those who follow the waterfall process goes, one should make sure that each phase is 100% complete and absolutely correct before proceeding to the next phase of program creation. Program requirements should be set in stone before design is started (otherwise work put into a design based on incorrect requirements is wasted); the program's design should be perfect before people begin work on implementing the design (otherwise they are implementing the wrong design and their work is wasted), etc.
A further argument for the waterfall model is that it places emphasis on documentation (such as requirements documents and design documents) as well as source code. In less designed and documented methodologies, should team members leave, much knowledge is lost and may be difficult for a project to recover from. Should a fully working design document be present (as is the intent of Big Design Up Front and the waterfall model) new team members or even entirely new teams should be able to familiarize themselves by reading the documents.
As well as the above, some prefer the waterfall model for its simple and arguably more disciplined approach. Rather than what the waterfall adherent sees as chaos, the waterfall model provides a structured approach; the model itself progresses linearly through discrete, easily understandable and explainable phases and thus is easy to understand; it also provides easily markable milestones in the development process. It is perhaps for this reason that the waterfall model is used as a beginning example of a development model in many software engineering texts and courses.
It is argued that the waterfall model and Big Design Up Front in general can be suited to software projects which are stable (especially those projects with unchanging requirements, such as with shrink wrap software) and where it is possible and likely that designers will be able to fully predict problem areas of the system and produce a correct design before implementation is started. The waterfall model also requires that implementers follow the well made, complete design accurately, ensuring that the integration of the system proceeds smoothly.

Criticism
The waterfall model is argued by many to be a bad idea in practice, mainly because of their belief that it is impossible, for any non-trivial project, to get one phase of a software product's lifecycle perfected before moving on to the next phases and learning from them. For example, clients may not be aware of exactly what requirements they want before they see a working prototype and can comment upon it; they may change their requirements constantly, and program designers and implementers may have little control over this. If clients change their requirements after a design is finished, that design must be modified to accommodate the new requirements, invalidating quite a good deal of effort if overly large amounts of time have been invested into Big Design Up Front. Designers may not be aware of future implementation difficulties when writing a design for an unimplemented software product. That is, it may become clear in the implementation phase that a particular area of program functionality is extraordinarily difficult to implement. If this is the case, it is better to revise the design than to persist in using a design that was made based on faulty predictions and that does not account for the newly discovered problem areas.
Steve McConnell in Code Complete (a book which criticizes the widespread use of the waterfall model) refers to design as a "wicked problem" — a problem whose requirements and limitations cannot be entirely known before completion. The implication of this is that it is impossible to perfect one phase of software development, thus it is impossible if using the waterfall model to move on to the next phase.
David Parnas, in "A Rational Design Process: How and Why to Fake It", writes:
“Many of the [system's] details only become known to us as we progress in the [system's] implementation. Some of the things that we learn invalidate our design and we must backtrack.”
The idea behind the waterfall model may be "measure twice; cut once", and those opposed to the waterfall model argue that this idea tends to fall apart when the problem being measured is constantly changing due to requirement modifications and new realizations about the problem itself.
Additional criticisms of a non-iterative development approach (such as the waterfall model) include:

• 
  Unless those who specify requirements and those who design the software system in question are highly competent, it is difficult to know exactly what is needed in each phase of the software process before some time is spent in the phase following it. That is, feedback from following phases is needed to complete preceding phases satisfactorily. For example, the design phase may need feedback from the implementation phase to identify problem design areas. The counter-argument for the waterfall model is that experienced designers may have worked on similar systems before, and so may be able to accurately predict problem areas without time spent prototyping and implementing.
• 
  Constant testing from the design, implementation and verification phases is required to validate the phases preceding them. Constant prototype design work is needed to ensure that requirements are non-contradictory and possible to fulfill; constant implementation is needed to find problem areas and inform the design process; constant integration and verification of the implemented code is necessary to ensure that implementation remains on track. The counter-argument for the waterfall model here is that constant implementation and testing to validate the design and requirements is only needed if the introduction of bugs is likely to be a problem. Users of the waterfall model may argue that if designers (et cetera) follow a disciplined process and do not make mistakes that there is no need for constant work in subsequent phases to validate the preceding phases.
• 
  Frequent incremental builds (following the "release early, release often" philosophy) are often needed to build confidence for a software production team and their client.
• 
  It is difficult to estimate time and cost for each phase of the development process without doing some "recon" work in that phase, unless those estimating time and cost are highly experienced with the type of software product in question.
• 
  The waterfall model brings no formal means of exercising management control over a project and planning control and risk management are not covered within the model itself.
• 
  Very specific skill sets are required for each phase, thus there is a requirement for multiple projects to run in sequence to optimize resource use if all members stay through the course of a given project, or to suffer skill levels by using "jack of all trades" resources throughout each stage.

Modified models

In response to the perceived problems with the pure waterfall model, many modified waterfall models have been introduced. These models may address some or all of the criticisms of the pure waterfall model. Many different models are covered by Steve McConnell in the "lifecycle planning" chapter of his book Rapid Development: Taming Wild Software Schedules.
While all software development models will bear some similarity to the waterfall model, as all software development models will incorporate at least some phases similar to those used within the waterfall model, this section will deal with those closest to the waterfall model. For models which apply further differences to the waterfall model, or for radically different models seek general information on the software development process.

SQA Techniques and Tools

SQA should evaluate its needs for assurance tools versusthose available off-the-shelf for applicability to thespecific project, and must develop the others it requires.Useful tools might include audit and inspection checklistsand automatic code standards analyzers.

Software Quality Assurance During the Software

In addition to the general activities described insubsections C and D, there are phase-specific SQA activitiesthat should be conducted during the Software AcquisitionLife Cycle. At the conclusion of each phase, SQAconcurrence is a key element in the management decision toinitiate the following life cycle phase. Suggestedactivities for each phase are described below.

1. Software Concept and Initiation Phase
SQA should be involved in both writing and reviewing theManagement Plan in order to assure that the processes,procedures, and standards identified in the plan areappropriate, clear, specific, and auditable. During thisphase, SQA also provides the QA section of the ManagementPlan.

2. Software Requirements Phase
During the software requirements phase, SQA assures thatsoftware requirements are complete, testable, and properlyexpressed as functional, performance, and interfacerequirements.

3. Software Architectural (Preliminary) Design Phase
SQA activities during the architectural (preliminary) designphase include: Assuring adherence to approved design standards as designated in the Management Plan. Assuring all software requirements are allocated to software components. Assuring that a testing verification matrix exists and is kept up to date. Assuring the Interface Control Documents are in agreement with the standard in form and content. Reviewing PDR documentation and assuring that all action items are resolved. Assuring the approved design is placed under configuration management.

4. Software Detailed Design Phase
SQA activities during the detailed design phase include: Assuring that approved design standards are followed. Assuring that allocated modules are included in the detailed design. Assuring that results of design inspections are included in the design. Reviewing CDR documentation and assuring that all action items are resolved.

5. Software Implementation Phase
SQA activities during the implementation phase include theaudit of: Results of coding and design activities including the schedule contained in the Software Development Plan. Status of all deliverable items. Configuration management activities and the software development library. Nonconformance reporting and corrective action system.

6. Software Integration and Test Phase
SQA activities during the integration and test phaseinclude: Assuring readiness for testing of all deliverable items. Assuring that all tests are run according to test plans and procedures and that any nonconformances are reported and resolved. Assuring that test reports are complete and correct. Certifying that testing is complete and software and documentation are ready for delivery. Participating in the Test Readiness Review and assuring all action items are completed.

7. Software Acceptance and Delivery Phase
As a minimum, SQA activities during the software acceptanceand delivery phase include assuring the performance of afinal configuration audit to demonstrate that alldeliverable items are ready for delivery.

8. Software Sustaining Engineering and Operations Phase
During this phase, there will be mini-development cycles toenhance or correct the software. During these developmentcycles, SQA conducts the appropriate phase-specificactivities described above.

SQA Relationships to Other Assurance Activities

Some of the more important relationships of SQA to othermanagement and assurance activities are described below.

1. Configuration Management Monitoring
SQA assures that software Configuration Management (CM)activities are performed in accordance with the CM plans,standards, and procedures. SQA reviews the CM plans forcompliance with software CM policies and requirements andprovides follow-up for nonconformances. SQA audits the CMfunctions for adherence to standards and procedures andprepares reports of its findings.

The CM activities monitored and audited by SQA includebaseline control, configuration identification,configuration control, configuration status accounting, andconfiguration authentication. SQA also monitors and auditsthe software library. SQA assures that:
Baselines are established and consistently maintained for use in subsequent baseline development and control.

Software configuration identification is consistent and accurate with respect to the numbering or naming of computer programs, software modules, software units, and associated software documents.

Configuration control is maintained such that the software configuration used in critical phases of testing, acceptance, and delivery is compatible with the associated documentation.

Configuration status accounting is performed accurately including the recording and reporting of data reflecting the software's configuration identification, proposed changes to the configuration identification, and the implementation status of approved changes.

Software configuration authentication is established by a series of configuration reviews and audits that exhibit the performance required by the software requirements specification and the configuration of the software is accurately reflected in the software design documents.

Software development libraries provide for proper handling of software code, documentation, media, and related data in their various forms and versions from the time of their initial approval or acceptance until they have been incorporated into the final media.

Approved changes to baselined software are made properly and consistently in all products, and no unauthorized changes are made.

2. Verification and Validation Monitoring
SQA assures Verification and Validation (V&V) activities bymonitoring technical reviews, inspections, and walkthroughs.The SQA role in formal testing is described in the nextsection. The SQA role in reviews, inspections, andwalkthroughs is to observe, participate as needed, andverify that they were properly conducted and documented.SQA also ensures that any actions required are assigned,documented, scheduled, and updated.
Formal software reviews should be conducted at the end ofeach phase of the life cycle to identify problems anddetermine whether the interim product meets all applicablerequirements. Examples of formal reviews are thePreliminary Design Review (PDR), Critical Design Review(CDR), and Test Readiness Review (TRR). A review looks atthe overall picture of the product being developed to see ifit satisfies its requirements. Reviews are part of thedevelopment process, designed to provide a ready/not-readydecision to begin the next phase. In formal reviews, actualwork done is compared with established standards. SQA'smain objective in reviews is to assure that the Managementand Development Plans have been followed, and that theproduct is ready to proceed with the next phase ofdevelopment. Although the decision to proceed is amanagement decision, SQA is responsible for advisingmanagement and participating in the decision.
An inspection or walkthrough is a detailed examination of aproduct on a step-by-step or line-of-code by line-of-codebasis to find errors. For inspections and walkthroughs, SQAassures, at a minimum, that the process is properlycompleted and that needed follow-up is done. The inspectionprocess may be used to measure compliance to standards.

3. Formal Test Monitoring
SQA assures that formal software testing, such as acceptancetesting, is done in accordance with plans and procedures.SQA reviews testing documentation for completeness andadherence to standards. The documentation review includestest plans, test specifications, test procedures, and testreports. SQA monitors testing and provides follow-up onnonconformances. By test monitoring, SQA assures softwarecompleteness and readiness for delivery.
The objectives of SQA in monitoring formal software testingare to assure that:
The test procedures are testing the software requirements in accordance with test plans.
The test procedures are verifiable.
The correct or "advertised" version of the software is being tested (by SQA monitoring of the CM activity).
The test procedures are followed.
Nonconformances occurring during testing (that is, any incident not expected in the test procedures) are noted and recorded.
Test reports are accurate and complete.
Regression testing is conducted to assure nonconformances have been corrected.
Resolution of all nonconformances takes place prior to delivery.

Software testing verifies that the software meets itsrequirements. The quality of testing is assured byverifying that project requirements are satisfied and thatthe testing process is in accordance with the test plans andprocedures.

Software Quality Assurance Activities

Product evaluation and process monitoring are the SQAactivities that assure the software development and controlprocesses described in the project's Management Plan arecorrectly carried out and that the project's procedures andstandards are followed. Products are monitored forconformance to standards and processes are monitored forconformance to procedures. Audits are a key technique usedto perform product evaluation and process monitoring.Review of the Management Plan should ensure that appropriateSQA approval points are built into these processes.

Product evaluation is an SQA activity that assures standardsare being followed. Ideally, the first products monitoredby SQA should be the project's standards and procedures. SQAassures that clear and achievable standards exist and thenevaluates compliance of the software product to theestablished standards. Product evaluation assures that thesoftware product reflects the requirements of the applicablestandard(s) as identified in the Management Plan.

Process monitoring is an SQA activity that ensures thatappropriate steps to carry out the process are beingfollowed. SQA monitors processes by comparing the actualsteps carried out with those in the documented procedures.The Assurance section of the Management Plan specifies themethods to be used by the SQA process monitoring activity.

A fundamental SQA technique is the audit, which looks at aprocess and/or a product in depth, comparing them toestablished procedures and standards. Audits are used toreview management, technical, and assurance processes toprovide an indication of the quality and status of thesoftware product.

The purpose of an SQA audit is to assure that proper controlprocedures are being followed, that required documentationis maintained, and that the developer's status reportsaccurately reflect the status of the activity. The SQAproduct is an audit report to management consisting offindings and recommendations to bring the development intoconformance with standards and/or procedures.

SOFTWARE QUALITY ASSURANCE

Standards and Procedures

Establishing standards and procedures for softwaredevelopment is critical, since these provide the frameworkfrom which the software evolves. Standards are theestablished criteria to which the software products arecompared. Procedures are the established criteria to whichthe development and control processes are compared.Standards and procedures establish the prescribed methodsfor developing software; the SQA role is to ensure theirexistence and adequacy. Proper documentation of standardsand procedures is necessary since the SQA activities ofprocess monitoring, product evaluation, and auditing relyupon unequivocal definitions to measure project compliance.

Types of standards include:

Documentation Standards specify form and content for planning, control, and product documentation and provide consistency throughout a project. The NASA Data Item Descriptions (DIDs) are documentation standards (see Appendix B).
Design Standards specify the form and content of the design product. They provide rules and methods for translating the software requirements into the software design and for representing it in the design documentation.
Code Standards specify the language in which the code is to be written and define any restrictions on use of language features. They define legal language structures, style conventions, rules for data structures and interfaces, and internal code documentation.

Procedures are explicit steps to be followed in carrying outa process. All processes should have documented procedures.Examples of processes for which procedures are needed areconfiguration management, nonconformance reporting andcorrective action, testing, and formal inspections.
If developed according to the NASA DID, the Management Plandescribes the software development control processes, suchas configuration management, for which there have to beprocedures, and contains a list of the product standards.Standards are to be documented according to the Standardsand Guidelines DID in the Product Specification. Theplanning activities required to assure that both productsand processes comply with designated standards andprocedures are described in the QA portion of the ManagementPlan.

SOFTWARE QUALITY ASSURANCE

Concepts and Definitions

Software Quality Assurance (SQA) is defined as a planned andsystematic approach to the evaluation of the quality of andadherence to software product standards, processes, andprocedures. SQA includes the process of assuring thatstandards and procedures are established and are followedthroughout the software acquisition life cycle. Compliancewith agreed-upon standards and procedures is evaluatedthrough process monitoring, product evaluation, and audits.Software development and control processes should includequality assurance approval points, where an SQA evaluationof the product may be done in relation to the applicablestandards.

Methodology of Software Quality Assurance

Software testing is as much an art as a science. In large, complex applications, such as operating systems, it is practically impossible to iron out every single bug before releasing it both from a difficulty point of view and due to time constraints. Different software applications require different approaches when it comes to testing, but some of the most common tasks in software QA include:

PPQA audits
Process and Product Qualty Assurance is the activity of ensuring that the process and work product conform to the agreed upon process.
The following quality control activities are often confused as quality assurance activities:

Peer Reviews
Peer reviews of a project's work products are the most efficient defect removal (quality control) activity.

Validation testing
Validation testing is the act of entering data that the tester knows to be erroneous into an application. For instance, typing "Hello" into an edit box that is expecting to receive a numeric entry.

Data comparison
Comparing the output of an application with specific parameters to a previously created set of data with the same parameters that is known to be accurate.

Stress testing
A stress test is when the software is used as heavily as possible for a period of time to see whether it copes with high levels of load. Often used for server software that will have multiple users connected to it simultaneously. Also known as Destruction testing.

Usability testing
Sometimes getting users who are unfamiliar with the software to try it for a while and offer feedback to the developers about what they found difficult to do is the best way of making improvements to a user interface.

Advantages of Software Quality Assurance

An SQA plan can take a number of paths, testing for different capabilities and performing different analysis, depending on the demands of project, the users, and the software itself. But any rigorous SQA plan carried out scrupulously by seasoned QA professionals will confer certain benefits:
Improved customer satisfaction Improved customer satisfaction means longer, more profitable customer relationships, positive customer testimonials, and waves of referral business generated from positive word of mouth.
If customers are dissatisfied with a product they have purchased from a particular software vendor, they're likely never to recommend that product nor buy from that software vendor again. Bugs and defects, in addition to seriously hampering an application's functionality, look sloppy and unprofessional, and reflect poorly on a company's reputation.
What's more, without proper testing, it is virtually impossible to know how new users will respond to an application's functions, options, and usability features. Unbiased software quality assurance specialists come to a project fresh, with a clear outlook, and so serve as the first line of defense against unintuitive user interfaces and broken application functionality. A quality application is guaranteed to result in enhanced customer satisfaction.
Reduced cost of development Because the process of software quality assurance is designed to prevent software defects and inefficiencies, projects that incorporate rigorous, objective testing will find that development costs are significantly reduced since all later stages of the development life cycle become streamlined and simplified. With SQA, all further testing and development including user testing and customer deployments will go more smoothly, and of course more quickly -- which means your software development project will consistently reach completion on time and within budget, release after release.
Reduced cost of maintenance Bug-infested applications are troublesome to support. The combined cost of unnecessary recalls, returns, and patches can be frightful. And that says nothing of what will have to be spent on ongoing customer support, be it by telephone, email, or in person. All these costs and more can be dramatically reduced by releasing only rigorously quality-assured products. Software vendors that invest in quality now can avoid big losses in the future.

Software quality assurance

Software quality assurance (SQA) consists of a means of monitoring the software engineering processes and methods used to ensure quality. It does this by means of audits of the quality management system under which the software system is created. These audits are backed by one or more standards, usually ISO 9000 or CMMI.
It is distinct from software quality control which includes reviewing requirements documents, and software testing. SQA encompasses the entire software development process, which includes processes such as software design, coding, source code control, code reviews, change management, configuration management, and release management. Whereas software quality control is a control of products, software quality assurance is a control of processes.
Software quality assurance is related to the practice of quality assurance in product manufacturing. There are, however, some notable differences between software and a manufactured product. These differences stem from the fact that the manufactured product is physical and can be seen whereas the software product is not visible. Therefore its function, benefit and costs are not as easily measured. What's more, when a manufactured product rolls off the assembly line, it is essentially a complete, finished product, whereas software is never finished.[citation needed] Software lives, grows, evolves, and metamorphoses, unlike its tangible counterparts. Therefore, the processes and methods to manage, monitor, and measure its ongoing quality are as fluid and sometimes elusive as are the defects that they are meant to keep in check.