SEN 201 - Summary

Xirius-SoftwareMetrics6-SEN201.pdf Xirius AI

This document, "Software Metrics 6 - SEN 201," provides a comprehensive introduction to the fundamental concepts and applications of software metrics within the context of the SEN 201 course. It systematically explores why measuring software is crucial, what aspects of software can be measured, and various methodologies for performing these measurements. The document emphasizes the importance of quantitative analysis in software engineering to improve product quality, process efficiency, and project management.

The core of the document delves into specific categories of software metrics, ranging from size and complexity to quality attributes like reliability, maintainability, usability, efficiency, and security. It introduces key frameworks such as the Goal Question Metric (GQM) approach for structured measurement and provides detailed explanations of widely used metrics like Function Point Analysis (FPA) for size estimation, Cyclomatic Complexity for control flow complexity, and Halstead's Software Science for program characteristics. The document aims to equip students with a foundational understanding of how to apply metrics to make informed decisions throughout the software development lifecycle.

Ultimately, the document serves as a guide for understanding the theoretical underpinnings and practical applications of software metrics. It highlights how these metrics contribute to better planning, monitoring, and control of software projects, leading to higher quality software products and more predictable development processes. By covering a broad spectrum of metrics and measurement techniques, it underscores the indispensable role of quantitative data in modern software engineering practices.

MAIN TOPICS AND CONCEPTS

Software Measurement Fundamentals

Definition of Software Metrics: Software metrics are quantifiable measures used to characterize software products, processes, and projects. They provide a quantitative basis for understanding, evaluating, predicting, and controlling software development.
Why Measure Software?:

- Improve Quality: Identify defects, assess reliability, and enhance product attributes.

- Increase Productivity: Optimize development processes and resource allocation.

- Estimate Costs and Schedules: Provide data for more accurate project planning.

- Monitor and Control Projects: Track progress, identify deviations, and manage risks.

- Evaluate Tools and Methods: Assess the effectiveness of new technologies and practices.

What to Measure?:

- Product Metrics: Characteristics of the software itself (e.g., size, complexity, quality attributes).

- Process Metrics: Characteristics of the software development process (e.g., defect detection rate, effort distribution).

- Project Metrics: Characteristics of the project management aspects (e.g., cost, schedule, resources).

How to Measure?:

- Direct Measurement: Directly observable and quantifiable attributes (e.g., lines of code, number of defects, execution time).

- Indirect Measurement: Attributes that cannot be directly measured but are derived from direct measures (e.g., complexity, reliability, maintainability).

Software Measurement Process

The document outlines a systematic process for software measurement:

1. Formulate Goals: Define what needs to be achieved through measurement.

2. Identify Questions: Break down goals into specific, measurable questions.

3. Select Metrics: Choose appropriate metrics to answer the questions.

4. Collect Data: Gather the necessary data for the selected metrics.

5. Analyze Data: Process and interpret the collected data.

6. Interpret Results: Draw conclusions and make decisions based on the analysis.

7. Provide Feedback: Use the insights to improve processes, products, or projects.

Software Measurement Scales

Measurement scales define the nature of the data and the types of statistical analyses that can be applied.

Nominal Scale: Categorical data without any order or numerical significance.

- Example: Types of defects (e.g., logic error, syntax error, interface error).

Ordinal Scale: Categorical data with a meaningful order but unequal intervals between categories.

- Example: Severity of defects (e.g., critical, major, minor).

Interval Scale: Numerical data with meaningful order and equal intervals, but no true zero point.

- Example: Temperature (Celsius or Fahrenheit), dates.

Ratio Scale: Numerical data with meaningful order, equal intervals, and a true zero point, allowing for ratio comparisons.

- Example: Lines of code, number of defects, effort in person-hours.

Goal Question Metric (GQM) Approach

The GQM approach is a structured methodology for defining and implementing a measurement program. It links specific goals to the data needed to achieve them.

Steps:

1. Goal Definition: Define the purpose of the measurement, the object being measured, the perspective, and the environment.

2. Question Derivation: Formulate a set of quantifiable questions that characterize the object of measurement in terms of the defined goal.

3. Metric Specification: Specify the data (metrics) needed to answer the questions.

Example:

- Goal: Analyze the effectiveness of the testing process for the current release to improve defect detection.

- Questions:

- What is the defect detection rate?

- What is the average time to fix a defect?

- What is the distribution of defect types?

- Metrics:

- Number of defects found during testing, total number of defects.

- Time from defect report to fix completion.

- Categorization of defects (e.g., by module, by severity).

Software Size MetricsLines of Code (LOC)

Definition: A direct measure of software size, typically counting non-commentary, non-blank lines of source code.
Advantages: Easy to collect, widely understood.
Disadvantages: Language-dependent, does not account for complexity, can be manipulated, difficult to estimate early in the lifecycle.

Function Point Analysis (FPA)

Definition: An indirect measure of software size based on the functionality delivered to the user, independent of the programming language or technology.
Steps:

1. Identify and Count Data Function Types:

- Internal Logical Files (ILF): User-identifiable groups of logically related data or control information maintained within the application's boundary.

- External Interface Files (EIF): User-identifiable groups of logically related data or control information referenced by the application but maintained by another application.

2. Identify and Count Transaction Function Types:

- External Inputs (EI): Processes that process data or control information coming from outside the application boundary.

- External Outputs (EO): Processes that send data or control information outside the application boundary.

- External Inquiries (EQ): Processes that retrieve data or control information from an ILF or EIF and present it to the user, without altering the data.

3. Assign Complexity Levels: Each identified function type (ILF, EIF, EI, EO, EQ) is assigned a complexity level (low, average, high) based on its data element types (DETs) and file types referenced (FTRs).

4. Calculate Unadjusted Function Points (UFP): Sum the weighted counts of all function types using predefined weighting factors.

- Weighting Factors (Example):

| :------------ | :-- | :------ | :--- |

| ILF | 7 | 10 | 15 |

| EIF | 5 | 7 | 10 |

| EI | 3 | 4 | 6 |

| EO | 4 | 5 | 7 |

| EQ | 3 | 4 | 6 |

- $UFP = \sum (\text{count of function type} \times \text{weighting factor})$

5. Determine Value Adjustment Factor (VAF): Assess 14 General System Characteristics (GSCs) on a scale of 0 (no influence) to 5 (strong influence). The sum of these ratings is the Degree of Influence (DI).

- $VAF = 0.65 + (0.01 \times DI)$

6. Calculate Adjusted Function Points (AFP):

- $AFP = UFP \times VAF$

Advantages: Language-independent, can be estimated early, user-oriented.
Disadvantages: Subjectivity in counting and complexity assessment, requires trained personnel.

Cyclomatic Complexity

Definition: A software metric used to indicate the complexity of a program. It measures the number of linearly independent paths through a program's source code. It is a quantitative measure of testability and maintainability.
Calculation: Based on the control flow graph (CFG) of a program.

- $V(G) = E - N + 2P$

- $E$: Number of edges in the CFG

- $N$: Number of nodes in the CFG

- $P$: Number of connected components (usually 1 for a single program)

- Alternatively, $V(G) = \text{number of regions}$ in the CFG.

- Alternatively, $V(G) = \text{number of predicate nodes} + 1$.

Interpretation: A higher value indicates more complex code, which is harder to test and maintain.

- 1-10: Simple program, high testability.

- 11-20: Moderately complex, average testability.

- 21-50: Complex, low testability.

- >50: Untestable.

Halstead's Software Science

Definition: A set of metrics that measure the complexity of a program based on the number of unique operators and operands, and their total occurrences.
Basic Metrics:

- $n_1$: Number of unique operators

- $n_2$: Number of unique operands

- $N_1$: Total number of operator occurrences

- $N_2$: Total number of operand occurrences

Derived Metrics:

- Program Length ($N$) : $N = N_1 + N_2$

- Program Vocabulary ($n$) : $n = n_1 + n_2$

- Program Volume ($V$): $V = N \times \log_2 n$

- Program Difficulty ($D$): $D = \frac{n_1}{2} \times \frac{N_2}{n_2}$

- Program Effort ($E$): $E = V \times D$

- Time to Implement ($T$): $T = \frac{E}{18}$ (in seconds)

- Number of Delivered Bugs ($B$): $B = \frac{V}{3000}$

Advantages: Language-independent (to some extent), provides insights into cognitive effort.
Disadvantages: Does not consider control flow, sensitive to coding style, empirical constants may not be universally applicable.

Software Quality Metrics

Quality metrics assess various attributes that define the "goodness" of a software product.

Reliability Metrics

Definition: The probability that software will operate without failure for a specified period under specified conditions.
Metrics:

- Mean Time Between Failures (MTBF): The average time between consecutive failures.

- $MTBF = MTTF + MTTR$

- Mean Time To Failure (MTTF): The average time until the first failure or between successive failures for repairable systems.

- Mean Time To Repair (MTTR): The average time required to repair a failed system.

- Availability ($A$) : The probability that the system is operational at a given time.

- $A = \frac{MTTF}{MTTF + MTTR}$ or $A = \frac{MTBF}{MTBF + MTTR}$

Maintainability Metrics

Definition: The ease with which a software system can be modified, corrected, or enhanced.
Metrics:

- Mean Time To Change (MTTC): The average time required to implement a change in the software.

- Maintainability Index (MI): A composite metric derived from Cyclomatic Complexity, Halstead Volume, and LOC. A higher MI indicates better maintainability.

Usability Metrics

Definition: The ease with which users can learn, operate, and be satisfied with a software product.
Metrics:

- Learnability: Time to learn specific tasks, number of errors during learning.

- Efficiency: Time to complete tasks, number of tasks completed per unit time.

- Memorability: Time to re-learn tasks after a period of non-use.

- Errors: Number of errors made, error rate, severity of errors.

- Satisfaction: User satisfaction ratings (e.g., from surveys).

Efficiency Metrics

Definition: The degree to which a system performs its functions with minimal consumption of resources.
Metrics:

- Response Time: Time taken for the system to respond to a user input.

- Throughput: Number of transactions or operations processed per unit time.

- Resource Utilization: Percentage of CPU, memory, disk I/O, or network bandwidth used.

Security Metrics

Definition: Measures related to the protection of information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Metrics:

- Number of Vulnerabilities: Count of identified security flaws.

- Attack Surface: The sum of the different points where an unauthorized user can try to enter data to or extract data from an environment.

- Incident Response Time: Time taken to detect, analyze, and contain a security incident.

Test Metrics

Definition: Measures related to the effectiveness and efficiency of the testing process.
Metrics:

- Test Coverage: Percentage of code (e.g., statement, branch, path) exercised by tests.

- Defect Density: Number of defects per unit of size (e.g., defects per KLOC or per Function Point).

- Test Execution Rate: Number of test cases executed per unit time.

- Defect Removal Efficiency (DRE): Measures the effectiveness of defect removal activities.

- $DRE = \frac{\text{Number of defects found before release}}{\text{Number of defects found before release} + \text{Number of defects found after release}}$

KEY DEFINITIONS AND TERMS

* Software Metrics: Quantifiable measures used to characterize software products, processes, and projects, providing a quantitative basis for understanding, evaluating, predicting, and controlling software development.

* Direct Measurement: The process of obtaining a value for an attribute by directly observing and quantifying it (e.g., LOC, number of defects).

* Indirect Measurement: The process of obtaining a value for an attribute by measuring other attributes and combining them using a mathematical model (e.g., complexity, reliability).

* Goal Question Metric (GQM) Approach: A systematic methodology for defining and implementing a measurement program by linking specific goals to the questions that characterize them and the metrics needed to answer those questions.

* Function Point Analysis (FPA): A method for measuring the functional size of a software system based on the functionality delivered to the user, independent of the technology used.

* Unadjusted Function Points (UFP): The raw count of function points derived from summing the weighted counts of identified data and transaction function types, before any adjustment for general system characteristics.

* Value Adjustment Factor (VAF): A multiplier derived from assessing 14 General System Characteristics (GSCs) that adjusts the UFP to account for the overall complexity and environmental factors of the system.

* Adjusted Function Points (AFP): The final function point count obtained by multiplying the UFP by the VAF, representing the functional size of the software.

* Cyclomatic Complexity: A software metric that quantifies the number of linearly independent paths through a program's source code, indicating its structural complexity and testability.

* Halstead's Software Science: A set of metrics that measure program complexity based on the number of unique operators and operands, and their total occurrences, providing insights into cognitive effort.

* Reliability: The probability that a software system will perform its intended functions without failure for a specified period under specified conditions.

* Maintainability: The ease with which a software system can be modified, corrected, or enhanced after deployment.

* Usability: The extent to which a product can be used by specified users to achieve specified goals with effectiveness, efficiency, and satisfaction in a specified context of use.

* Defect Density: A quality metric that measures the number of defects found per unit of software size (e.g., per KLOC or per Function Point).

IMPORTANT EXAMPLES AND APPLICATIONS

Function Point Analysis (FPA) for Project Estimation: If a new e-commerce system needs to be developed, FPA can be applied early in the requirements phase. By identifying and counting the number of external inputs (e.g., user login, product search), external outputs (e.g., order confirmation, invoice), internal logical files (e.g., customer database, product catalog), etc., and adjusting for system characteristics like data communication and performance, an Adjusted Function Point (AFP) count can be derived. This AFP can then be used to estimate development effort, cost, and schedule, independent of the programming language chosen. For instance, if historical data shows an average of 10 person-hours per AFP, a project with 500 AFP would be estimated at 5000 person-hours.

Cyclomatic Complexity for Test Case Design: Consider a function that processes user input with several `if-else` statements and a `switch` case. By drawing its control flow graph, we can calculate its Cyclomatic Complexity. If $V(G)$ is 15, it indicates a moderately complex function. This metric guides testers to ensure at least 15 independent paths are tested to achieve thorough code coverage, thereby improving the quality of testing and reducing the likelihood of hidden defects. A high $V(G)$ might also signal a need for refactoring to simplify the code.

Halstead's Software Science for Code Review: When reviewing a module, Halstead's metrics can provide an objective measure of its complexity. For example, if a module has a very high Program Effort ($E$) compared to other modules of similar functionality, it suggests that the module is cognitively difficult to understand and maintain. This could prompt a deeper review to identify why it's so complex (e.g., too many unique operators or operands, indicating dense logic) and consider refactoring it into simpler components.

Reliability Metrics for System Uptime: For a critical online service, reliability metrics like MTBF and Availability are crucial. If a system experiences a failure, the time it takes to restore service (MTTR) is recorded. Over time, the average MTBF and MTTR are calculated. If the MTBF is 1000 hours and MTTR is 10 hours, the Availability is $A = \frac{1000}{1000 + 10} \approx 0.9901$ or 99.01%. This quantitative measure helps stakeholders understand the system's uptime and make decisions about investing in more robust infrastructure or faster recovery mechanisms to meet service level agreements (SLAs).

Defect Density for Quality Control: In a large software project, tracking defect density (defects per KLOC or per Function Point) for different modules or development teams can highlight areas of concern. If Module A has a defect density of 5 defects/KLOC while Module B has 15 defects/KLOC, it indicates that Module B might have quality issues, requiring more rigorous testing, code reviews, or process improvements for its development team. This metric helps in allocating testing resources effectively and identifying problematic areas early.

DETAILED SUMMARY

The "Software Metrics 6 - SEN 201" document provides a foundational and comprehensive overview of software metrics, emphasizing their critical role in modern software engineering. It begins by establishing the fundamental rationale for measuring software, highlighting its importance in improving product quality, enhancing development productivity, enabling accurate cost and schedule estimation, and facilitating effective project monitoring and control. The document categorizes software attributes into product, process, and project metrics, explaining that measurement can be direct (e.g., Lines of Code) or indirect (e.g., complexity, reliability).

A significant portion of the document is dedicated to the systematic approach to software measurement, particularly the Goal Question Metric (GQM) approach. This methodology provides a structured framework for defining measurement goals, deriving specific questions that characterize these goals, and then identifying the precise metrics needed to answer those questions. This ensures that measurement efforts are purposeful and aligned with organizational objectives, moving beyond arbitrary data collection. The document also details different measurement scales—nominal, ordinal, interval, and ratio—explaining how the nature of data dictates the appropriate statistical analysis, which is crucial for valid interpretation of metrics.

The document then delves into specific categories of metrics, starting with Software Size Metrics. It introduces Lines of Code (LOC) as a simple, direct measure, acknowledging its ease of collection but also its limitations, such as language dependency and insensitivity to complexity. A more sophisticated and widely used size metric, Function Point Analysis (FPA), is explained in detail. FPA measures functional size based on user-delivered functionality, making it language-independent and valuable for early-stage estimation. The document meticulously outlines the steps of FPA, including identifying and counting data (Internal Logical Files, External Interface Files) and transaction (External Inputs, External Outputs, External Inquiries) function types, assigning complexity levels, calculating Unadjusted Function Points (UFP), determining the Value Adjustment Factor (VAF) based on 14 General System Characteristics, and finally computing the Adjusted Function Points (AFP). This detailed explanation, complete with weighting factors and formulas, provides a practical guide for applying FPA.

Beyond size, the document explores Software Complexity Metrics. Cyclomatic Complexity is presented as a key metric for quantifying the structural complexity of code by measuring the number of linearly independent paths through a program's control flow graph. It provides multiple formulas for calculation ($V(G) = E - N + 2P$, $V(G) = \text{number of regions}$, $V(G) = \text{number of predicate nodes} + 1$) and offers clear interpretations of its values in terms of testability and maintainability. Another complexity metric, Halstead's Software Science, is introduced, which measures complexity based on the unique and total occurrences of operators and operands. The document defines its basic metrics ($n_1, n_2, N_1, N_2$) and derives several important metrics like Program Length, Vocabulary, Volume, Difficulty, Effort, Time to Implement, and Number of Delivered Bugs, providing the corresponding LaTeX formulas for each.

The latter part of the document shifts focus to Software Quality Metrics, covering various critical quality attributes:

* Reliability Metrics: Defined as the probability of failure-free operation, with key metrics including Mean Time Between Failures (MTBF), Mean Time To Failure (MTTF), Mean Time To Repair (MTTR), and Availability, all accompanied by their respective formulas.

* Maintainability Metrics: Focus on the ease of modification, correction, or enhancement, introducing Mean Time To Change (MTTC) and the composite Maintainability Index (MI).

* Usability Metrics: Address the ease of use and user satisfaction, covering aspects like learnability, efficiency, memorability, error rates, and user satisfaction.

* Efficiency Metrics: Measure resource consumption, including response time, throughput, and resource utilization.

* Security Metrics: Pertain to protection against threats, with examples like the number of vulnerabilities, attack surface, and incident response time.

* Test Metrics: Evaluate the effectiveness of the testing process, including test coverage, defect density (defects per KLOC or Function Point), test execution rate, and Defect Removal Efficiency (DRE).

In conclusion, the document provides a robust educational resource for SEN 201, meticulously detailing the theoretical underpinnings and practical applications of a wide array of software metrics. It underscores that effective software measurement is not merely about collecting data but about using quantitative insights to make informed decisions, improve processes, enhance product quality, and ultimately achieve project success in the complex landscape of software development. The structured presentation, clear definitions, specific formulas, and illustrative examples make it an invaluable guide for understanding and applying software metrics.

• Xirius AI