ch 7 Flashcards

1
Q

acceptance

A

When an organization decides to accept a risk because the cost of avoiding the risk outweighs the potential loss of the risk. A decision to accept a risk can be extremely difficult and controversial when dealing with safety-critical systems because making that determination involves forming personal judgments about the value of human life, assessing potential liability in case of an accident, evaluating the potential impact on the surrounding natural environment, and estimating the system’s costs and benefits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

agile development

A

A software development methodology in which a system is developed in iterations lasting from one to four weeks. Unlike the waterfall system development model, agile development accepts the fact that system requirements are evolving and cannot be fully understood or defined at the start of the project.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

annualized loss expectancy (ALE)

A

The estimated loss from a potential risk event over the course of a year. The following equation is used to calculate the annual loss expectancy: A× SLE = ALE. Where ARO is the annualized rate of occurrence, an estimate of the probability that this event will occur over the course of a year and SLE is the single loss expectancy, the estimated loss that would be incurred if the event happens.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

annualized rate of occurrence (ARO)

A

An estimate of the probability that a risk event will occur over the course of a year.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

avoidance

A

The elimination of a vulnerability that gives rise to a particular risk in order to avoid the risk altogether. This is the most effective solution but often not possible due to organizational requirements and factors beyond an organization’s control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

best practice

A

A method or technique that has consistently shown results superior to those achieved with other means and that is used as a benchmark within a particular industry.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

black-box testing

A

A type of dynamic testing that involves viewing the software unit as a device that has expected input and output behaviors but whose internal workings are unknown (a black box).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

breach of warranty

A

When a product fails to meet the terms of its warranty.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

business information system

A

A set of interrelated components—including hardware, software, databases, networks, people, and procedures—that collects and processes data and disseminates the output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Capability Maturity Model Integration (CMMI) models

A

Collection of best practices that help organizations improve their processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CMMI-Development (CMMI-DEV)

A

A specific application of CMMI frequently used to assess and improve software development practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

decision support system (DSS)

A

A type of business information system used to improve decision making in a variety of industries.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

dynamic testing

A

A QA process that tests the code for a completed unit of software by actually entering test data and comparing the results to the expected results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

failure mode

A

A description of how a product or process could fail to perform the desired functions described by the customer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

failure mode and effects analysis (FMEA)

A

An important technique used to develop ISO 9000-compliant quality systems by both evaluating reliability and determining the effects of system and equipment failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

hazard log

A

A logging and monitoring system used by safety engineers to track hazards from a project’s start to its finish.

17
Q

high-quality software system

A

Systems that are easy to learn and use because they perform quickly and efficiently; they meet their users’ needs; and they operate safely and reliably so that system downtime is kept to a minimum.

18
Q

integration testing

A

Software testing done after successful unit testing, where the software units are combined into an integrated subsystem that undergoes rigorous testing to ensure that the linkages among the various subsystems work successfully.

19
Q

ISO 9001 family of standards

A

A set of standards written to serve as a guide to quality products, services, and management. It provides a set of standardized requirements for a quality management system.

20
Q

N-version programming

A

An approach to minimizing the impact of software errors by independently implementing the same set of user requirements N times (where N could be 2, 3, 4 or more); the N-versions of software are run in parallel; and, if a difference is found, a “voting algorithm” is executed to determine which result to use.

21
Q

product liability

A

The liability of manufacturers, sellers, lessors, and others for injuries caused by defective products.

22
Q

quality assurance (QA)

A

Methods within the development process that are designed to guarantee reliable operation of a product.

23
Q

quality management

A

The defining, measuring, and refining of the quality of the development process and the products developed during its various stages. The objective of quality management is to help developers deliver high-quality systems that meet the needs of their users.

24
Q

redundancy

A

The provision of multiple interchangeable components to perform a single function in order to cope with failures and errors.

25
Q

reliability

A

A measure of the rate of failure in a system that would render it unusable over its expected lifetime

26
Q

single loss expectancy (SLE)

A

The estimated loss that would be incurred if a risk event occurs.

27
Q

software defect

A

Any error that, if not removed, could cause a software system to fail to meet its users’ needs.

28
Q

software development methodology

A

A standard, proven work process that enables systems analysts, programmers, project managers, and others to make controlled and orderly progress in developing high-quality software.

29
Q

static testing

A

A software-testing technique in which software is tested without actually executing the code. It consists of two steps—review and static analysis.

30
Q

strict liability

A

A situation in which the defendant is held responsible for injuring another person, regardless of negligence or intent.

31
Q

system safety engineer

A

Someone who has explicit responsibility for ensuring that a system will operate in a safe and reliable manner while meeting its users’ needs.

32
Q

system testing

A

Software testing done after successful integration testing, where the various subsystems are combined to test the entire system as a complete entity.

33
Q

transference

A

A risk management strategy in which the risk, should it happen, does not rest solely on one individual or organization. For example, a common way to accomplish risk transference is for an individual or an organization to purchase insurance, such as auto or business liability insurance. Another way to transfer risk is to outsource the risk by contracting with a third party to manage the risk.

34
Q

unit testing

A

A software-testing technique that involves testing individual components of code (subroutines, modules, and programs) to verify that each unit performs as intended.

35
Q

user acceptance testing

A

Software testing done independently by trained end users to ensure the system operates as expected.

36
Q

waterfall system development model

A

A software development methodology that involves a sequential, multistage system development process in which development of the next stage of the system cannot begin until the results of the current stage are approved or modified as necessary.

37
Q

white-box testing

A

A type of dynamic testing that treats the software unit as a device that has expected input and output behaviors but whose internal workings, unlike the unit in black-box testing, are known.