Effective Thread Audits

DO-178B does not explicitly mention this but I am not aware of any better auditing technique. I am, of course, talking of Thread Audits.

Just to explain the concept of thread audits to those who are probably unaware of the term: you need to take a few critical requirements at the system level and follow the trail down the Software Development Life Cycle processes to determine if the requirements are correctly and completely designed, coded and verified.

This seems to be a no-brainer. But consider the associated problems:

1) Thread Audits are generally carried out towards the end of the project, and any error discovered at the fag end of a project means escalating costs and slipped milestones.

On the other hand,

2) Following a thread from the beginning of the project might mean that the development team focuses too much on the threads being audited with a consequent low(ish) quality on rest of the product. The purpose of audit is lost when randomness is sacrificed.

So the best auditing strategy is a mix of randomly picked requirements and thread audits and here's is how to do it.

Let's assume you pick some 10 system requirements for audit. The list needs to contain critical requirements too.

SO,

a) Follow the thread of critical requirements as the project moves from one phase to another to the very end.

b) Do not reveal rest of the requirements that are in the list to the development team. Carry out a sort of truncated thread audits for these requirements at different phases.

Your thread audit chart should look something like this ...

Requirements                Requirements Phase      Design Phase         Verification Phase

Critical Req#1                            X                             X                               X

Critical Req#2                            X                             X                               X

Non-Critical Req#1 & 2               X                                    

Non-Critical Req#3 & 4               X                             X

Non-Critical Req#5 & 6               X                              X                              X

Here, the non-critical requirements #5 and #6 are done when all the phases are complete - equivalent to an acceptance audit. Critical Requirements are audited as part of phase transition checks - continuously. And the other requirements are audited randomly (or even abandoned after the first phase).

Comments

You can follow this conversation by subscribing to the comment feed for this post.

neat.

P.S:
best
dancer

Posted by: sFunn.com | September 17, 2009 at 10:50 PM

neat.

P.S:
http://www.sfunn.com/forums/smf/index.php?topic=31.0

Posted by: sFunn.com | September 17, 2009 at 10:51 PM

Your posts on DO-178B are really nice to read. DO-178B is one of the most stringent standards in use in the software development industry. It offers a strict certification requirement for software where anomalous behavior could cause a catastrophic failure condition.

With regard to DO-178B compliance, companies use Static Analysis and Build Analysis capabilities to measure and ensure the integrity of software systems by enforcing architectural design and intent, and identifying and eliminating defects related to coding standards as well as those that can result in system slowdowns or failures.

Posted by: James Smith | October 30, 2009 at 01:00 PM