Notes - Chapters 1-8 060724

advertisement
CSE 8315
Software Acquisition Practices, Legal and Economic Issues
Class Notes
Fall 2006
John Pfister, Adjunct Professor
OFFICE: (972) 344-2094
E-MAIL: j-pfister@prodigy.net
Web Site: http://engr.smu.edu/cse/8315/
FAX: (972) 596-1484 (Home)
FAX: (214) 768-3085 (SMU CS Dept)
NOTE: These class notes are subject to
change during any lecture
 Fall 2006 – John Pfister
Last Updated: July 24,
1 2006
Texts
Software Acquisition Management: Managing
the Acquisition of Custom Software Systems by
John Marcinak and Don Reifer
Alpha-Graphics
3032 Mockingbird
Dallas, TX 75205
(214) 363-1101
US054@alphagraphics.com
 Fall 2006 – John Pfister
2
References
• Copyright Your Software by Stephen Fishman
• Legal Battles That Shaped the Computer Industry
by Lawrence Graham
• Managing the Software Process by Watts
Humphrey
• Software Development – A Legal Guide by Stephen
Fishman
• Software Engineering Economics by Barry Boehm
• The Software Developer's and Marketer's Legal
Companion by Gene Landy
• Managing Software Acquisition by B. Craig Meyers
and Patricia Oberndorf
 Fall 2006 – John Pfister
3
Course Objectives
Understand software acquisition process and
issues from both the buyer's and seller's
perspective.
1. Awareness of legal issues associated with intellectual
property, data rights, and contracts
2. Specifying software requirements
3. Preparing a software proposal
4. Managing software subcontractors
5. Understanding the use of capability maturity models
in an acquisition
6. Evaluating proposals
 Fall 2006 – John Pfister
4
Course Outline
1. Course Overview
• Assignments and Grading
• Text - Chapter 1, Introduction
• Text - Chapter 2, The Software Acquisition Environment
2. Acquisition Management Overview
• Text - Chapter 3, Acquisition Management
• Text - Chapter 4, Software SOW Issues
• Text - Chapter 5, Contracts and Contract Law
3. Protection of Intellectual Property
• Software Copyright Law
• Software-Related Patents
• Software Trade Secrets and Confidentiality Agreements
• Software Product Liability
4. Software Management
• Text - Chapter 6, Software Management--The Buyer's Model
• Text - Chapter 7, Software Management--The Seller's Model
• Text - Chapter 8, Software Management--The Team Approach
5. Economic Issues
• Text - Chapter 9, Cost Issues and Answers
Course Outline
6. Quality Assurance
•
Text - Chapter 10, Quality Management
•
ISO 9000-Series Standards
7. Acquisition Management Topics
•
Text - Chapter 11, Special Topics in Acquisition Management
•
Text - Chapter 12, Future Directions in Acquisition Management
8. Best Practices
•
Capability Maturity Model Integration (CMMI)
•
Acquisition Capability Maturity Model
•
•
9.
Project Management Body of Knowledge
The Program Manager’s Guide to Software Acquisition Best
Practices
Case Study
•
Request for Proposal (RFP)
•
Statement of Work (SOW)
Assignment 1
Begin Research. The student will select a OR b, below, for a
research project that will be delivered in Assignment 3:
a) Analyze a Request for Proposal (RFP). Perform an analysis of an
actual software acquisition project. Deliverables:
1) A synopsis of the RFP.
2) Either a copy of the RFP and its Statement of Work (SOW) or
the URL pointing to where the RFP and SOW can be found on the
Internet.
b) Research a Software Legal Issue. Examples of topics are:
Software licensing, software patents, software copyrights, software
data rights, software product liability, etc. Deliverables:
1) A paragraph that describes the legal issue to be addressed in the
research paper. The topic must be sufficiently narrow that it can
be addressed in detail. This is not to be a high level survey of a
topic.
2) An annotated bibliography with at least 5 sources for the
selected topic (see Appendix A of Syllabus for format).
 Fall 2006 – John Pfister
7
Assignment 2
Task: Prepare Questions. Using the case study RFP (on the class web
site), develop questions that you would want to get resolved during a
pre-proposal Q&A meeting with the customer. Assume that all
bidders must submit questions in writing and that there will be no
opportunity for follow-up questions
Deliverable: Ten (10) questions with references to relevant paragraphs.
For each question, summarize the issue that the question addresses
(e.g., why that question is relevant and how the answer could change
your approach to the proposal). There must be at least four
independent questions on the RFP and SOW. Provide the questions
in the following format:
Question
Issue
1.
2.
 Fall 2006 – John Pfister
8
Reference
Assignment 3
Task: Write paper selected in Assignment 1.
Deliverable: One type written document in the
format described in Appendix B of the Syllabus.
Return of Papers: Papers are not returned to the
student.
Grading: The paper turned in for assignment 3 will
be graded as follows:
Substanc Degree to which topic is covered in depth
e
80%
Format
Degree to which the format prescribed in
Appendix B is followed
10%
Writing
Grammatical correctness
10%
 Fall 2006 – John Pfister
9
Grades and Due Dates




Per Cent
In-Class
Distant
Assignment 1
3%
16 Oct
23 Oct
Assignment 2
6%
20 Nov
27 Nov
Assignment 3
25%
27 Nov
4 Dec
Mid-Term
33%
16 Oct
23 Oct
Final Exam
33%
4 Dec
11 Dec
A = 90 – 100 %
B = 80 – 89 %
C = 70 – 79 %
All due dates are as of midnight CST on date shown.
Late assignments are penalized at the rate of 10% per week (or any part of a week).
Due date for Distant students will be adjusted if tapes are consistently
delivered more than one week after in-class date. Negotiate a due date with
instructor BEFORE an assignment is due.
Graduating students may have to complete Final Exam earlier.
 Fall 2006 – John Pfister
10
Chapter 1 – Introduction
• Acquisition Management is the process of managing the
acquisition of custom software often involves:
* Complex, diverse requirements
* Large software development team
* Users who may be involved in specifying requirements and in
accepting the system, but not in the development process
* Software that is not commercial off-the-shelf, but may include
some
* Developer is not the acquirer
* Legal issues involving contracts, copyrights, trade secrets,
patents, warranties, and product liability
 Fall 2006 – John Pfister
11
Introduction (Continued)
• Software acquisition process includes the
following activities:
*
*
*
*
*
*
*
*
Planning
Budgeting
Specifying requirements
Soliciting bids/responses
Evaluating bids/responses
Contracting/negotiating
Monitoring development progress
Evaluating/accepting system
 Fall 2006 – John Pfister
12
Software Development Environment
• Software Development Process Models; e.g.,
•
•
Waterfall, Incremental Development, Spiral
Software Engineering Environment
Overlapping Management Responsibilities
* Software Acquisition Management - process of
assembling the requirements, planning the project,
acquiring the resources, and monitoring and
controlling the implementation
* Software Project Management - process of
managing the technical process.
* Software Engineering Management - process of
building the software product
 Fall 2006 – John Pfister
13
Buyer / Seller Model
Organizational Environment
Buyer
Seller
Corporate
Finance,
Organizational
Management
Director of
Programs
Planning, etc.
Div is ion
Staff
Personnel
Finance
Staff
Finance, Planning
Human Resouces
Other
Programs
Systems
Engineering
Manufacturing
Contracting,
Technical Svcs
Program X
Project X
Staff
Plans
Data, etc.
Test
Subsystem
Management
 Fall 2006 – John Pfister
Etc.
14
Hardware
Software
Buyer/Seller Activities Before the Acquisition
The Buyer plans for the
acquisition by:
• Detailing the requirements
• Allocating the resources
• Arranging for the selection
of a seller
• Contracting with the
selected seller
• Building an in-house team
• Addressing the support
requirements
 Fall 2006 – John Pfister
15
The Seller prepares for the
acquisition by:
• Deciding whether the
resources and capability to
bid on the contract are
available
• Deciding whether to bid
• Developing a team to
respond to the proposal
• Estimating the resources
required to accomplish the
work
Software Acquisition Management Problems
The challenge on most projects is to align:
Cost
Schedule
Performance
Ideally, the Buyer should specify performance, and the
Seller should bid cost and schedule
 Fall 2006 – John Pfister
16
Chapter 2
The Software Acquisition Environment
•
•
•
•
The System Life Cycle
The Software Life Cycle
Management Processes
The Role of Standards
 Fall 2006 – John Pfister
17
Systems Life Cycle
• Concept Exploration Phase
• Demonstration and Validation Phase
•
•
(Program Development Risk Reduction)
Full Scale Development
Production and Development
 Fall 2006 – John Pfister
18
Systems Life Cycle
Concept
E x p l o r a ti o n
o R e q u ire m e n t
D e fi n i ti o n
o P la n n in g
o T r a d e -o f f s
o P r o to ty p e s
D e m o n s tr a ti o n
a n d V a l i d a ti o n
o Ad v a n ce d
P r o to ty p e s
E n g in e e rin g
o R is k
Id e n ti fi c a ti o n
F u l l -S c a l e
D e v e lo p m e n t
o S y s te m
D e v e lo p m e n t
(H a r d w a r e a n d
S o ftw a r e )
D e p lo y m e n t
P r o d u c ti o n
o M u l ti p l e C o p i e s
P ro d u ce d
o T ra in in g
o O p e r a ti o n s
o M a i n te n a n c e
a n d S u p p o rt
 Fall 2006 – John Pfister
19
Software Life Cycle
•
•
•
•
•
Software Requirements Analysis
Software Design
Code and Unit Testing
Subsystem Test and Integration
Test and Integration
 Fall 2006 – John Pfister
20
Software Life Cycle Examples
• Waterfall - each stage of development is
•
•
executed with the system being delivered
at the end.
Incremental Development - each stage of
development is executed with a major
component of the system being delivered
at the end.
Spiral - each stage of development is
executed in relatively short cycles with a
subset (or even a prototype) of the total
system being developed each time.
 Fall 2006 – John Pfister
21
Management Processes
•
•
•
•
•
Documentation
Management and Engineering Reviews
Configuration Management
Quality Assurance
Assessment
 Fall 2006 – John Pfister
22
Documentation & Reviews
System
Reqmts
Design
Software
Reqmts
Analysis
Preliminary
Design
o SRS
Detailed
Design
Code and
o SDP
o Software
Design
Specifications
o Software Test
Plan
Functional
Baseline
Reviews:
Unit Test
o Source
Code
o Test
Descrip.
Subsystem
Test & Int
o Detailed
Test Proc
o User Doc
Test &
Integration
o Prod Spec
o Test Rpts
Allocated
Baseline
SRR
 Fall 2006 – John Pfister
Product
Baseline
PDR
CDR
23
TRR
Configuration Management
•
•
•
•
Configuration
Configuration
Configuration
Configuration
 Fall 2006 – John Pfister
Identification
Control
Audit
Status Accounting
24
Configuration Management
Baselines:
• Functional – System Requirements
• Allocated – Software Requirements
• Product – Fully designed, developed, and tested
product
Control Structure:
• Configuration Control Board (CCB) – Controls changes
•
to formal baselines
Software Fault or Discrepancy Review Board (DRB) –
controls software changes that do NOT affect
formal baselines
 Fall 2006 – John Pfister
25
Quality Assurance
Assure quality of:
• Deliverable software and its documentation
• The processes used to produce deliverable
software
• Non-deliverable software
[DOD, 1988]
Quality means conformance to requirements
 Fall 2006 – John Pfister
26
Assessment (Metrics)
Management indicators that provide feedback
on:
*
*
*
*
Process
Product
Project
Productivity
Standards facilitate communication between the buyer and the seller
 Fall 2006 – John Pfister
27
•
Standards
IEEE – Maps standard processes to:
*
*
*
*
*
Project Management
Predevelopment
Development
Post-development
Integral
• Military – Structured processes that follow
•
•
•
the waterfall model
NASA – Software Management and Assurance
Program (SMAP)
ISO – International Standards Organization
Others – Automobile industry for example.
 Fall 2006 – John Pfister
28
Chapter 3 – Acquisition Management
The Buyer
• Determines:
The Seller
• Determines:
* What the system
requires
* When it will be
needed
* How it will be
accepted
* How the software
will be developed
* What resources are
required
• Directs strategy at
getting system at
lowest cost and ontime
 Fall 2006 – John Pfister
29
• Directs strategy at
getting the buyer
to share risk while
making a profit
Procurement Life-Cycle
• Concept exploration
• Source acquisition
• Performance management
 Fall 2006 – John Pfister
30
Acquisition Management (Continued)
•
•
•
•
•
•
Acquisition Management Strategy
Buyer Activities
Seller Activities
Request for Proposal
Proposal
Contract Negotiations
 Fall 2006 – John Pfister
31
Acquisition Management Strategies
• Competitive Acquisition
* Contractors compete thru a bidding process
* Contract awarded on basis of proposal evaluation
* Requirements are generally understood
• Multi-Phase Acquisition
* Contractors compete thru a bidding process for the first
phase of the acquisition
* Multiple contracts may be awarded for first phase
* Subsequent phases awarded on basis of proposal and
performance in first phase
* Often used when requirements are not well understood
• Sole-Source Acquisition
* Contract awarded without competition
* Requirements should be very well understood
 Fall 2006 – John Pfister
32
Strategy Selection Factors
Risk
Those technical factors with the potential to
adversely impact cost, schedule, or performance.
Complexity
A relative gauge of the difficulty of the software
product development
Uniqueness
The degree to which competition can be used during
source selection.
Cost
A measure of the dollar resource available to do the
job.
Schedule
A measure of the amount of time available to get the
job done.
Size
A measure of the amount of effort required to get
the job done; e.g., lines of code.
Requirements
Volatility
A measure of the definition and stability of the
requirements for the system.
 Fall 2006 – John Pfister
33
Strategy Selection Factors
Factor
Sole-Source
Competitive
Two-Phase
Risk
low
low-medium
high
Complexity
low
medium
high
Uniqueness
yes
no
no
moderate
high
high
Schedule
tight
flexible
flexible
Size
small
large
large
Req. Volatility
stable
volatile
volatile
Cost
 Fall 2006 – John Pfister
34
Buyer Activities
• Writes Project Management Plan
* Work Breakdown Structure
* Schedule
* Cost Estimate
• Writes Request for Proposal (RFP)
*
*
*
*
*
*
*
Operational Concept Document
System Specification
Statement of Work
Terms and conditions
Deliverables
Evaluation criteria
Proposal preparation instructions
 Fall 2006 – John Pfister
35
•
•
•
•
•
Prepares bidders list
Distributes RFP
Evaluates proposals
Selects contractor
Negotiates contract
Seller Activities
• Tracks potential procurements
• Responds to requests for information and
•
•
•
•
•
•
•
comments on draft RFPs
Identifies internal risk reduction activities
Performs market analysis
Justifies bid and proposal funding
Identifies necessary resources
Develops proposal
Negotiates technical and cost terms and conditions
Submits a best and final offer (BAFO)
 Fall 2006 – John Pfister
36
Request for Proposal
• Initiates source selection phase
• Scopes the technical requirements
• Provides a statement of the work to be
•
performed
Details the administrative terms and
conditions
 Fall 2006 – John Pfister
37
Legal and Administration Actions
•
•
•
•
•
•
•
•
•
Equal opportunity requirements and reporting
Compliance with labor law legislation
Patent claims and rights to computer software
Invoicing and payment terms and conditions
Use of toxic chemicals in the workplace
Termination for convenience and/or default
Rights to inspect accounting records and
claims
Conflict of interest
Use and replacement of key personnel
 Fall 2006 – John Pfister
38
Competitive Source Process
Source selection process
1.
2.
3.
4.
5.
6.
7.
8.
Complete selection package
Prepare source list
Issue solicitation
Score and rank responses
Issue questions
Rescore based on responses
Negotiate
Award contract
Source selection organization
1. Source selection authority
2. Source selection advisors
3. Source selection evaluators
 Fall 2006 – John Pfister
39
Writing a Winning Proposal
•
•
•
•
•
•
•
•
Complete Solicitation Package
Prepare Source List
Issue RFP
Score and Rank Responses
Issue Questions
Rescore Based on Responses
Negotiate
Award
 Fall 2006 – John Pfister
40
Negotiations and Appeasements
1. Technical terms and conditions
2. Financial terms and conditions
3. Contract terms and conditions
 Fall 2006 – John Pfister
41
Potential Problems
Administrative
workload
Administrative burden of contract detracts
from monitoring the technical issues.
Creeping
functionality
Customer keeps trying to add scope to the
project after it has started.
Fragmentation
Buyer/seller team members split time on other
projects
Gold plating
Developers impose costly elegant solutions
rather than simple ones
“I’ paid to engineer” Buyer dictates the solution rather than the
requirements
Missing indicators
Poor selection of metrics to measure progress
Who’s in charge
Too many bosses
 Fall 2006 – John Pfister
42
Contract Management and Close-out
• Finalize overhead rates and make final
•
•
•
payment
Dispose of excess property
Release any claims and determine status of
excess funds
Document seller's performance
 Fall 2006 – John Pfister
43
Offshore Software Development
•
•
•
•
Benefits
Characteristics of offshore projects
Characteristics of offshore companies
CMM profile of offshore companies
Reference: WWW. SWDEVELOPER.COM
 Fall 2006 – John Pfister
44
Offshore Software Development Benefits
• Lower cost
* Offshore companies can develop custom software at an
affordable price
* Professional labor offshore can be as much as 50% less
* Savings in recruiting and training new staff
* Savings in hardware and software investment needed to
support the development stages
• Availability of Technical Talent
* Large pool of professional talent
* Avoid immigration problems
* Because of the lower cost, possible for time-critical projects
to hire larger staff
• Free up staff to work on higher priority tasks
• Most offshore companies will sign non-disclosure
agreements
 Fall 2006 – John Pfister
45
Characteristics of an Offshore Project
• Labor intensive project
• Series of short-term projects are better
•
•
•
candidates than a single long-term project
Requirements should be well defined
Deliverables can be independently tested and
verified
If software must be integrated into a system not
developed by the offshore company:
* Interfaces must be well defined
* Responsibilities for integration and testing must be
defined
 Fall 2006 – John Pfister
46
Characteristics of an Offshore Company
• Highly skilled professional staff
• Cost per professional staff/hour is significantly
•
•
•
•
lower than locally available professionals
Technical staff is conversant in English
Good, high-speed data transmissions and easy
access to Internet and e-mail
Availability of advanced technology and
technical training and support
Experience with advanced technology
 Fall 2006 – John Pfister
47
Characteristics of an Offshore Company
• Good infrastructure facilities; e.g.,
•
•
•
workstations, servers, LANs, etc.
Good configuration management and quality
assurance practices
Stable political environment with strong legal
and legislative framework
Incentives given by the government for these
ventures
 Fall 2006 – John Pfister
48
USA and Offshore Organization Maturity Profiles
45.0%
42.7%
40.0%
% of Organizations
35.4%
35.0%
30.0%
29.3%
27.3%
25.0%
20.0%
21.7%
17.6%
15.0%
11.5%
10.0%
8.3%
4.5%
5.0%
1.8%
0.0%
Initial
Repeatable
Defined
USA
Managed
Optimizing
Offshore
Based on 714 U. S. organizations and 444 offshore organizations – March 2002
 2002 by Carnegie Mellon University
 Fall 2006 – John Pfister
49
Number of Assessments and Maturity Levels Reported
Country
Argentina
Australia
Austria
Barbados
Belgium
Brazil
Canada
Chile
China
Colombia
Denmark
Egypt
Finland
France
Germany
Greece
Hong Kong
Hungary
India
Ireland
Israel
Italy
 Fall 2006 – John Pfister
Number of
Maturity Maturity Maturity Maturity
Assessments Level 1 Level 2 Level 3 Level 4
Reported
Reported Reported Reported Reported
Less than 10
27
Yes
Yes
Yes
No
Less than 10
Less than 10
Less than 10
15
Yes
Yes
Yes
No
47
Yes
Yes
Yes
No
Less than 10
18
No
Yes
Yes
No
Less than 10
Less than 10
Less than 10
Less than 10
103
Yes
Yes
Yes
Yes
21
Yes
Yes
Yes
No
Less than 10
Less than 10
Less than 10
153
Yes
Yes
Yes
Yes
Less than 10
27
Yes
Yes
Yes
No
21
Yes
Yes
Yes
No
 2002 by Carnegie
50
Maturity
Level 5
Reported
No
No
Yes
Yes
No
No
Yes
No
No
Mellon University
Number of Assessments and Maturity Levels Reported
Country
Japan
Korea, Republic of
Malaysia
Mexico
Netherlands
New Zealand
Phillipines
Poland
Portugal
Puerto Rico
Russia
Saudi Arabia
Singapore
South Africa
Spain
Sweden
Switzerland
Taiwan
Thailand
Turkey
United Kingdom
United States
Venezuela
 Fall 2006 – John Pfister
Number of
Maturity Maturity Maturity Maturity Maturity
Assessments Level 1 Level 2 Level 3 Level 4 Level 5
Reported
Reported Reported Reported Reported Reported
46
Yes
Yes
Yes
No
Yes
Less than 10
Less than 10
Less than 10
12
Yes
Yes
Yes
No
No
Less than 10
Less than 10
Less than 10
Less than 10
Less than 10
Less than 10
Less than 10
15
Yes
Yes
Yes
No
Yes
Less than 10
Less than 10
Less than 10
Less than 10
Less than 10
Less than 10
Less than 10
103
Yes
Yes
Yes
No
No
1496
Yes
Yes
Yes
Yes
Yes
Less than 10
51
 2002 by Carnegie Mellon University
Federal Government Using Offshore Contractors
Now that companies are taking a harder look at offshore outsourcing, does it
make sense for the federal government to weigh the cost benefits with the
security concerns (and potential political blow-back)? Outsourcing IT work
overseas doesn’t bother Bush administration IT czar Mark Forman. “We
don’t care if its built overseas or in the U.S., as long as it’s built to the same
high standards,” says Forman, chief enforcer of the fed’s IT policy as
associate director for IT and E-government a the Office of Management and
Budget. But Forman doesn’t see much need to outsource overseas.
Rep Tom Davis, R-Va., who chairs the House Subcommittee on IT and
Procurement Policy, says that using overseas programmers to write
nonsensitive, nonstrategic government software could be a way to save
taxpayers’ money. “I don’t have a problem if work for the government – if it’s
done cheaper, same quality, talking about best values – is going offshore.”
Davis says most overseas work would likely be part of outsourcing contracts
awarded to American firms. “I see my job as trying to be an honest broker
here to get the best value for the country.”
“IT Confidential: The Politics of Offshore Outsourcing,” by John Soat, Information
Week, December 16, 2002
 Fall 2006 – John Pfister
52
Chapter 4 – Statement of Work (SOW)
• Purpose: Conveys management
•
requirements for tasks to be performed.
Subject areas addressed include:
*Reliability
*Quality Assurance
*Maintainability
*Configuration Management
*Logistics
*Training
*Supportability
 Fall 2006 – John Pfister
53
*Safety
*Security
*Metrics
*Documentation
*Acceptance
*Test and Evaluation
Request for Proposal (RFP) Outline
Part I - The Schedule
Section
Section
Section
Section
Section
Section
Section
Section
A
B
C
D
E
F
G
H
Solicitation/contract form
Supplies or services and price/cost
Description/specs/work statement
Packaging and marking
Inspection and acceptance
Deliveries or performance
Contract administration data
Special contract requirements
Part II - Contract Clauses
Section I
 Fall 2006 – John Pfister
Contract clauses
54
RFP Outline (Continued)
Part III - List of documents, exhibits and
other attachments
Section J List of attachments
Part IV - Representations and instructions
Section K
other
Representations, certifications and
statements of offerors
Section L Instructions, conditions, and notices
to offerors
Section M Evaluation factors for award
 Fall 2006 – John Pfister
55
Planning
• Identify Organizational functions and
•
•
•
•
•
•
personnel to participate in SOW preparations
Initial organizational meeting
Review of pertinent materials by SOW team
SOW team meeting set work assignments
Review of draft SOW
Review of SOW by blue team
Review and coordination of SOW prior to
release
 Fall 2006 – John Pfister
56
System/Software Engineering Issues
• Requirements management
• Selection/definition of software
•
•
subsystem/components
Tools and environment
Methods and methodologies
 Fall 2006 – John Pfister
57
Engineering Methods
System
Reqmts
Design
Code and peer reviews
Structured analysis
Code audits
Data flow testing
Software
Reqmts
Analysis
Preliminary
Design
Detailed
Design
Code and
Unit Test
Subsystem
Requirements
Modeling
Test & Int
Test &
Integration
Functional
decomposition
Data flow
Path analysis
System I&T
Structured analysis/design
Program design language
Random testing
Functional testing
Real-time testing
ENGINEERING METHODS
 Fall 2006 – John Pfister
58
Management Methods
Baseline control - Configuration Control Board
Functional Baseline
Allocated Baseline
System
Reqmts
Design
Software
Reqmts
Analysis
Preliminary
Design
Detailed
Design
Risk
analysis
Code and
Unit Test
Subsystem
Test & Int
Requirements
review
Design
reviews
Test reviews
Testing
Documentation review
Specifications, manuals, training materials, etc.
Project review and
Technical interchange meetings
MANAGEMENT METHODS
 Fall 2006 – John Pfister
59
Test &
Integration
System I&T
Management Issues
•
•
•
•
•
Software Documentation
Engineering Data Management
Configuration Management
Quality Assurance
Assessment
 Fall 2006 – John Pfister
60
Software Documentation
• Formal description of the products of the
•
•
engineering process
Costs may range from 20-40% of overall
development
Should be tailored to needs of development
effort
 Fall 2006 – John Pfister
61
Software Documentation
• Requirements - the buyer should:
* Require seller to describe methods to be used to
generate, record, store, and control documentation
* Require seller to describe management of
documentation in the SDP
* Specify the types and formats of documents
required
* Specify the detail expected
* Specify how tailoring will be handled
* Specify use of a standards and conventions
document
* Specify documentation, review, and approval process
 Fall 2006 – John Pfister
62
Software Documentation
• Evaluation Criteria:
* Does the seller have an overall plan for
documentation preparation?
* Does the seller have a standards and conventions
document that includes procedures for preparing
documentation?
* Does the seller understand the use of
documentation to support development?
* Are seller tailoring and scaling recommendations
consistent with the requirements of the
development?
* Does the seller demonstrate experience with
documentation preparation?
 Fall 2006 – John Pfister
63
Engineering Data Management
• All individual bits of information that hold
•
•
together the engineering process
Must be properly recorded
Includes the information in engineering
notebooks and software development
folders
 Fall 2006 – John Pfister
64
Engineering Data Management
• Requirements - The buyer should require
the seller to describe:
* The methods that will be used to record, store,
and control engineering data
* The management of engineering data in the SDP
* How data generated will be used to support the
processes of development from analysis
through document preparation
 Fall 2006 – John Pfister
65
Engineering Data Management
• Evaluation Criteria:
* Does the seller understand the importance of
engineering data to the development process?
* Does the seller have a plan to mange
engineering data?
* Does the seller understand the use of software
development folders to house engineering data
throughout the project?
* Does the seller provide for the integration of
engineering data with the documentation
products of the development effort?
 Fall 2006 – John Pfister
66
Configuration Management (CM)
•
•
•
•
CM Plan
Organization
Tools
Personnel
 Fall 2006 – John Pfister
67
Configuration Management
• Requirements - the buyer should require
the seller to:
* Have a CM plan or develop one for the project.
If the CM plan will not be delivered with the
proposal, require the seller to address CM
capabilities in the proposal.
* Assign experienced personnel to perform CM on
the project.
* Use a modern library management system.
* Have CM procedures that will support control of
the products of development throughout the
life cycle and not only the formal baselines
invoked by the buyer.
 Fall 2006 – John Pfister
68
Configuration Management
• Evaluation Criteria:
* Does the seller have an in-place function for CM?
Does it have the capability to ensure sound CM
practice?
* Does the seller have a company-wide CM plan and CM
procedures? Are they used across the board?
* Does the seller have experienced CM personnel?
* Does the seller intend to use an automated tool for
CM? Do CM personnel have experience with the
tool?
* Do the seller's internal procedures for CM include
provisions for generating status accounting reports
for managing changes?
 Fall 2006 – John Pfister
69
Quality Assurance
IEEE: "To provide adequate confidence that
the item or product conforms to
established technical requirements"
• Organization
• Procedures
• Personnel
 Fall 2006 – John Pfister
70
Quality Assurance
• Requirement - The buyer should require
the seller to:
* Have an independent organization perform QA
for the development project.
* Have existing procedures for the conduct of
QA.
* Prepare a software quality assurance plan for
the project.
 Fall 2006 – John Pfister
71
Quality Assurance
• Evaluation Criteria:
* Does the seller management actively support the
QA function?
* Does the QA function report independent of the
project management team and is it integrated into
the oversight management process?
* Does the QA manager assigned to the project
enjoy independent reporting within the seller
organization?
* Does the seller have internal procedures that
address the conduct of reviews, audits, and
inspections?
* Does the seller have qualified personnel?
* Does the seller have an existing QA plan? Has it
been
72
 Fall 2006 – John
Pfister used on prior projects?
Assessment (Metrics)
•
•
•
•
•
•
Oversight Management
Test and Evaluation
Reviews and Audits
Management Indicators
Schedule
Clean Room Activity
 Fall 2006 – John Pfister
73
Oversight Management
• Requirements - the seller should describe
how:
1. The organization provides oversight
management of the development project.
2. It provides the buyer visibility into and control
over the project.
• Evaluation Criteria:
1. Does the project manager have the
responsibility and commensurate authority to
report on the development project?
2. Does the organization display an interest in the
project? Will high-level managers be
interested and involved?
 Fall 2006 – John Pfister
74
Test and Evaluation
System
Reqmts
Static analysis testing
Design
Software
Reqmts
Analysis
Preliminary
Design
Dynamic testing
Detailed
Design
Qualification
requirements
stated
Code and
Unit Test
Informal
testing
Test
reviews
Testing
Detailed
test procedures
75
Test &
Integration
System I&T
Formal
testing
Software
test plan
 Fall 2006 – John Pfister
Test & Int
Test requirements
incorporated into
design specifications
Test concept
in software
development
plan
Subsystem
Test
results
Test and Evaluation
• Requirements - the buyer should require the
seller to:
* Describe the testing process that will be
employed in the project.
* Relate the testing process to the overall
development process by:
•
•
•
•
Addressing test requirements and design specifications,
Addressing testing processes and methods in the SDP,
Preparing adequate software test documentation, and
Explaining the relationship between the testing process
and the other processes of the development (such as
QA).
 Fall 2006 – John Pfister
76
Test and Evaluation
• Requirements - the buyer should require
the seller to:
* Describe the internal testing function and how
it will be employed in development testing.
* Explain the relationship of the testing function
to testing conducted by the development team.
* Explain the function for formal testing and its
independence from the development team.
* Specify the testing environment that will be
employed.
* Identify testing personnel and experience
levels.
 Fall 2006 – John Pfister
77
Test and Evaluation
• Evaluation Criteria:
* Does the seller have an identifiable test
function? Does the test environment contain
the necessary tools and procedures? Do test
personnel have experience with these tools and
procedures?
* Does the location of the testing function in the
seller organization ensure independence of
testing?
* Does the seller demonstrate an understanding
of the importance of test documentation and
the integration of test requirements into the
project requirements and design specifications?
 Fall 2006 – John Pfister
78
Reviews and Audits
• Requirements - the seller must:
* Perform internal reviews of the products and
processes of the development project. These
should include formal and informal reviews and
inspections of the products and audits of
functional processes such as QA and CM.
* Describe procedures for conducting reviews in
the SDP.
 Fall 2006 – John Pfister
79
Reviews and Audits
• Evaluation Criteria:
* Does the seller have an existing methodology
for software development? Does that
methodology include detailed procedures for
conducting both formal and informal reviews,
audits, and inspections?
* Do seller personnel have experience in the
conduct of reviews, audits, and inspections?
 Fall 2006 – John Pfister
80
Management Indicators
• Requirements - the buyer should require
the seller to:
* Select a set of appropriate management
indicators for use on the project, or
alternatively, impose a selected set of
indicators on the seller.
* Evaluate the selected set and recommend
changes.
 Fall 2006 – John Pfister
81
Management Indicators
• Evaluation Criteria:
* Does the seller understand the indicators
selected and have experience in their
application?
* Is the selected set appropriate for the effort?
* Does the seller display the expertise required
to use the management indicators?
* Has the seller demonstrated the ability to
collect data to support the indicators and to
effectively apply the results to the
management assessment process?
 Fall 2006 – John Pfister
82
Schedules
• Requirements - the buyer should require
the seller to:
* Provide a detailed schedule using a suitable
scheduling technique such as milestone or Gantt
charts to provide timely visibility into
development progress.
* Show how this schedule is integrated into the
scheduling methods used on the project.
 Fall 2006 – John Pfister
83
Schedules
• Evaluation Criteria:
* Does the seller understand the need for
presenting detailed schedule information and is
that information tied to detailed project tasks?
* Does seller oversight management employ these
types of schedules as a normal part of
management responsibility?
* Are schedule needs and types described in the
SDP?
 Fall 2006 – John Pfister
84
Clean Room Activity
• Requirements - the buyer should require
the seller to:
* Provide a central location to track events in a
project
• Evaluation Criteria:
* Does the seller employ a clean room for the
management of projects?
* Has the clean room been used on previous
projects?
* Is the clean room used by all project personnel
in an effective and honest manner?
 Fall 2006 – John Pfister
85
Seller Organization Types
• Matrix (Functional) Organization
• Project Management Organization
• Hybrid
 Fall 2006 – John Pfister
86
Matrix (Functional) Organization
NEW SYSTEMS
ENGINEERING
PROGRAM A
PROGRAM B
Sys Eng
Sys Eng
Sys Eng
Elec Eng
Elec Eng
Elec Eng
Mech Eng
Mech Eng
Mech Eng
S/W Eng
S/W Eng
S/W Eng
 Fall 2006 – John Pfister
87
Seller Organization
• Requirements - the buyer should require
the seller to:
* Describe the project organization and its
relationship to all supporting functional
activities; e.g., CM.
* Explain the degree of authority and
responsibility of the project manager.
* Explain internal reporting on the project.
* Explain how supporting functions (QA, CM) will
support the project.
 Fall 2006 – John Pfister
88
Seller Organization
• Evaluation Criteria:
* Does the project manager have direct control
over personnel needed to implement the
project?
* Does the project manager have reporting
responsibility to a high enough level to ensure
control of the project?
* Is this reporting level commensurate with the
importance of the project?
* Does the reporting level suggest that the
project will receive adequate review by seniorlevel managers within the seller organization?
 Fall 2006 – John Pfister
89
Chapter 5 - Contracts and Contract Law
• Contract: A set of promises, the breach of which is
•
•
provided a remedy by law.
Agreement: Encompasses promises the law will
enforce as well as those the law will not enforce.
Essential elements of a contract:
*
*
*
*
*
At least 2 parties, each with legal capacity to act
By offer and acceptance, the parties agree to terms
Consideration of value exchanged
Provisions for redress
Enforceable by law
 Fall 2006 – John Pfister
90
Contracting Terms
• Contracting Authority
* Contracting officer - authorized to enter into, administer, and
make changes to or modify the contract
* Contracting officer's representative - authorized representative
of the contracting officer to provide technical direction,
approval, and/or surveillance of the technical requirements of a
contract
• Contract Changes
* Contract order - unilateral action in accordance with a contract
provision
* Contract modification - an alteration in the specification, delivery
point, rate of delivery, contract period, price, quantity or other
contract provision
 Fall 2006 – John Pfister
91
Basic Principles
• Contract terms and conditions - qualifies the
promises to perform.
• Divisibility - parties to a contract may divide their
respective performances into installments or
separate units.
• Substantial performance - if the seller only partially,
but the performance is substantial, the buyer can
seek remedies only for partial damages, not the full
contract price.
• Discharge of contracts - the obligations incurred by
buyer and seller when they entered into agreement no
longer exist to bind performance.
 Fall 2006 – John Pfister
92
Fixed-Price Contracts
• Firm fixed-price
• Fixed-price with economic price
•
•
adjustment
Fixed-price incentive
Fixed-price redetermination
 Fall 2006 – John Pfister
93
Firm-Fixed Price
• Fixed price upon delivery of specified
•
•
goods or services
Requirements must be well understood
All risk assumed by the seller
 Fall 2006 – John Pfister
94
Fixed Price with Economic Price Adjustment
• Same as the firm fixed-price contract, but
•
•
•
with an additional clause
Adjustment in the price may be adjusted
up or down depending upon some specified
economic factor
For example: If heavy travel required over
multiple years, cost of airfare may be
factored in to the price
Most risk assumed by the seller, but some
shared risk
 Fall 2006 – John Pfister
95
Fixed-Price Incentive
• Same as the firm fixed-price contract, but with an
•
•
additional clause
A factor is specified to motivate the seller to
reduce overall cost, deliver early, or improve
overall performance
For example: Instead of a fixed-price, a not-toexceed-cost plus fee is agreed to
* Any savings or are split between the Seller and Buyer
according to an agreed upon ratio; i.e., the Seller’s fee
can be increased by some percentage of the cost savings
* Cost overruns are not allowed
 Fall 2006 – John Pfister
96
Fixed-Price Redetermination
• Provides a means for shifting some
•
•
indeterminable risks from the seller to the
buyer after the initial price is negotiated
Factors to be used in adjusting the price
must be negotiated up front
For example: This could be used when the
requirements are not firm; firm price to
develop the requirements with a tentative
price for the project; renegotiate final
price as the uncertainty is cleared up
 Fall 2006 – John Pfister
97
Fixed-Price Contracts
FFP
FPEPA
FPI
FPR
Applicability
• Firm design &
•
•
• Possibility of cost
Market & labor
requirements
conditions are
unstable for
Adequate
competition exists extended time
period
Reasonable price
& cost
comparisons exist
reduction
• Performance
improvements
possible
• Firm target price
& profit can be
negotiated
• Realistic price
cannot be
estimated at start
• Realistic price for
later time periods
cannot be
estimated
Essential Elements
• Buyer/Seller must
agree to fixed
price at inception
• Fair and
reasonable price
can be estimated
at inception
 Fall 2006 – John Pfister
• Established price
• Ceiling on upward
•
adjustment
Downward
adjustment
reasonable
• Target cost
• Target profit
• Price ceiling
• Profit adjustment
formula
• OK accounting
system
98
• Ceiling price or
initial price fixed
• Agreement to
renegotiate &
redetermine price
• OK accounting
system
Fixed-Price Contracts
FFP
FPEPA
FPI
FPR
Variable fee
employed to control
cost
Reduced cost risk in
the renegotiated
areas
Cost Risk
All of the cost risk
assumed by seller
Reduced cost risk in
the adjustment
areas
Approvals
Contracting officer
If adjustments
more than 10%,
higher-level
approval may be
needed
Contracting officer
Contracting officer
Strengths/Weaknesses
• Minimum
management
burden
• Minimum
administrative
burden
 Fall 2006 – John Pfister
• Minimum
Increased
administrative
burden
management
burden
• Minimum
administrative
burden
99
Even more
administrative and
management burden
Cost-Reimbursable Contracts
•
•
•
•
Cost
Cost
Cost
Cost
and cost sharing (CS)
plus incentive fee (CPIF)
plus award fee (CPAF)
plus fixed fee (CPFF)
 Fall 2006 – John Pfister
100
Cost and Cost-Sharing
• Seller receives no fee
• If a cost contract, seller is reimbursed for
•
all allowable costs
If a cost-sharing contract, seller and buyer
split the allowable costs in some redefined
ratio
 Fall 2006 – John Pfister
101
Cost Plus Incentive Fee
• Incentive fee is structured to motivate the
•
•
seller to control costs
Negotiations set a target cost, a ceiling
price, and an adjustment formula
Minimum and maximum fees are
established and related to performance
goals
 Fall 2006 – John Pfister
102
Cost Plus Award Fee
• Buyer establishes a number of
•
•
•
•
performance criteria that are difficult to
measure quantitatively
Incentives are structured based on
subjective evaluation of these factors
There is a base fee and the incentives
Maximum profit is typically structured
higher than in CPIF contracts
Award fees typically follow a periodic
evaluation
 Fall 2006 – John Pfister
103
Cost Plus Fixed Fee
•
•
•
•
•
Seller reimbursed for all allowable costs
Profit is the fixed fee on top of the costs
Normally used on R&D projects
A cost ceiling may be specified
Risk is assumed by the buyer
 Fall 2006 – John Pfister
104
Cost-Reimbursable Contracts
CS
• Uncertainties in
•
•
performance and
estimates
Research and
development
jointly sponsored
Research and
development done
with a nonprofit
organization
CPIF
Applicability
• Uncertainties in
 Fall 2006 – John Pfister
• Uncertainties in
performance and
estimates
• Performance
improvements
possible
• Cost/schedule
improvement
possible
• Variable fee can
provide incentives
• Predetermined cost •
for both
•
buyer/seller
•
• No fee
•
• OK accounting
•
system
CPAF
performance and
estimates
• Performance
improvements
possible
• Measurements of
improvements
subjective
• Variable fee can
provide incentives
Essential Elements
Target cost
Target fee
Min/maximum fee
Fee adjust formula
OK accounting
system
105
• Estimated cost
• Base fee
• Maximum fee
• Award fee criteria
• OK accounting
system
CPFF
• Uncertainties in
performance and
estimates
• Research and
development where
the job cannot be
defined and the
level of effort is
not known initially
• Estimated cost
• Fixed fee
• OK accounting
system
Cost-Reimbursable Contracts
CS
CPIF
CPAF
CPFF
Variable fee
employed to control
cost and
performance
Seller responsibility
for managing cost
Cost Risk
Self-motivated to
control cost and
performance
Variable fee
employed to control
cost and
performance
Approvals
Head of contracting
Contacting officer
Contracting officer
Contracting officer
Strengths/Weaknesses
Hard to get parties
to agree
 Fall 2006 – John Pfister
• Management
• Most difficult to
burden high
• Administrative
burden high
administer
• Difficult to derive
award fee and to
manage
106
• No incentives
provided to control
cost
• Administrative
burden high
Other Contractual Devices
•
•
•
•
Time and materials contract (T-M)
Letter contract (LC)
Indefinite-delivery contract (IDC)
Basic ordering agreement (BOA)
 Fall 2006 – John Pfister
107
Time and Materials
• Buyer pays seller a fixed rate per hour plus
•
•
all allowable costs; e.g., material, travel,
etc.
Suitable when cost of work cannot be
estimated
Typically used for engineering services,
repair, maintenance, and overhaul work
 Fall 2006 – John Pfister
108
Letter Contract
• Preliminary contractual instrument
• Permits the seller to begin work while
•
details of the contract are worked out
Used only when a definitive contract
cannot be negotiated in time to satisfy the
buyer’s requirement
 Fall 2006 – John Pfister
109
Indefinite-Delivery Contract
• Used when the exact delivery date is
•
•
unknown
Provides for delivery of a known quantity
within a contract period
Price is known
 Fall 2006 – John Pfister
110
Basic Ordering Agreement
• A BOA is not a contract
• Provisional agreement whereby buyer and
•
•
seller agree on the services or supplies to
be ordered in the future and prices to be
paid or how the prices will be determined
Terms and conditions for the future
contract are known
Used to minimize paperwork when a buyer
anticipates a large number of orders with
the same seller
 Fall 2006 – John Pfister
111
Other Contractual Devices
T-M
• Initially not
•
possible to
estimate the
extent or duration
of the job
Applicable to
design or eng.
services and
maintenance and
repair
• Direct labor rate
fixed
• Burden and fee
negotiated
• Ceiling price
established
• OK accounting
system
 Fall 2006 – John Pfister
LC
IDC
BOA
• Schedule for
• Multiple jobs
Applicability
• Requirements are
such that
commitment is
needed for work to
start immediately
• Cost/schedule
estimates can be
derived in the
future
delivery may be
unknown
• Quantity may be
unknown
• Requirements may
need to be defined
during start-up
Essential Elements
• Maximum liability
•
•
spelled out
As many contract
provisions defined
as possible
OK accounting
system
112
• Provisions for
specifying time,
amount, and req
identified
• Min and max order
quantities
• OK accounting
system
contemplated,
which can be
combined for ease
of overall
administration
under a single
agreement
• Economies of scale
exist
• Estimated cost
• Estimated fee
• OK accounting
system
Cost-Reimbursable Contracts
T-M
LC
IDC
BOA
Cost Risk
Task orders used as
minicontracts to
control cost
Cost could grow
during negotiations
Variable fee
employed to control
cost and
performance
None – not a
contract
Approvals
Contracting officer
Head of contracting
Contracting officer
Head of contracting
Strengths/Weaknesses
• Constant
surveillance
needed
• Management
burden high
 Fall 2006 – John Pfister
Need to get under
contract as soon as
possible
113
• Easy to administer • Do not have to
if fixed-price
• Management
burden high
compete jobs
• Still have to make
contract
Contract Selection Considerations
• The degree of competition present
• The availability of comparative data for
•
•
•
•
use in evaluating the contractor's offer
The volatility and difficulty of the
requirements
The urgency of the requirements
The degree of risk involved in meeting the
requirements
The difficulty in measuring performance
during the contract
 Fall 2006 – John Pfister
114
Contract Selection Considerations
• The extent and nature of subcontracting
•
•
contemplated
The size of the contract
The seller's experience
 Fall 2006 – John Pfister
115
Contract Clauses
• Labor clauses
• Socioeconomic clauses
• Patent right, copyright, and trade secret
•
•
clauses
Rights in technical data and computer
software clauses
Other clauses
*
*
*
*
*
Conflict of interest
Key personnel replacement
Use of facilities and/or equipment
Cost accounting standards
Warranty
 Fall 2006 – John Pfister
116
Other Related Contracting Topics
• Federal Acquisition Regulations (FARs)
• Contract Administration and Termination
* Performance Measurement
* Contract Modifications
* Contract Termination/Close-out
 Fall 2006 – John Pfister
117
Performance Measurement
• Seller is primarily responsible for the timely and
satisfactory performance of the contract requirements
• Buyer must relate technical performance to schedule
and cost status
• Key buyer activities are:
* Maintaining visibility into, communications with, and control over
the seller’s work
* Handling disagreements with the seller in a professional
manner, calling in specialists, when warranted, to mediate
problems
* Analyzing cost, schedule, and technical performance
quantitatively and determining if variances are within
acceptable bounds
* Monitoring costs, both direct and indirect,and taking action
when they seem to be getting out of hand
* Learning about the seller’s systems and procedures and using
them to supply necessary management information
 Fall 2006 – John Pfister
118
Contract Modifications
• Contract changes should be expected
• Contract changes should be processed and
•
implemented in a timely manner
Change proposals can be made by either the
buyer or the seller
* Sometimes a change control board is established
to handle them
* Changes that are within the scope of the original
contract don’t require a new contract
• Some contracts permit the buyer to make
certain types of changes unilaterally
 Fall 2006 – John Pfister
119
Contract Termination
• Termination for convenience
* May occur at any time during the contract even when the
seller is performing satisfactorily
* Buyer obliged to compensate seller for work completed
to date as well as the costs of termination
* Seller is entitled to reasonable profit
• Termination for default
* Occurs when the seller fails to perform satisfactorily
* Buyer obliged to put the seller on notice of default
* If a fixed price contract, seller may be liable for cost of
purchasing replacement goods and services
* If a cost-reimbursement contract, seller may be entitled
to all allowable costs incurred up to termination and not
liable for the repurchase costs
 Fall 2006 – John Pfister
120
Contract Closeout
Independent of how the contract was terminated:
• Overhead rates may need to be finalized
• Incentive and award fees may need to be
computed
• Excess property needs to be disposed of
• Patent disclosures need to be made
• Claims need to be released
• Equipment needs to be returned
• Excess funds need to be de-obligated
• Seller performance needs to be documented
 Fall 2006 – John Pfister
121
Other Legal Issues
• Copyrights
• Software Patents
• Trade Secrets and Confidentiality
•
•
Agreements
Employee Non-Competition Agreements
Software Liability Issues
 Fall 2006 – John Pfister
122
Software Copyright Law
• U. S. Constitution, Article I, Section 8: “The
•
Congress shall have Power … To promote the
Progress of Science and useful Arts, by
securing for limited times to Authors … the
exclusive Right to their Writings.”
Copyright Act provides the legal right to
control:
*
*
*
*
*
Reproduction
Distribution
Creation of adaptations
Public display
Public performance
 Fall 2006 – John Pfister
123
Software Copyright Law (Continued)
• The purpose of copyright law is to
•
encourage creation and expression by
granting a legal monopoly for a new "work";
e.g., a book, song, or computer program.
References:
* Software Development – A Legal Guide,
Stephen Fishman, 1998.
* Copyright Your Software, Stephen Fishman,
1998
 Fall 2006 – John Pfister
124
Software Copyright Law (Continued)
• 1980 Amendment extended coverage to
computer programs.
* "Computer program" - a set of statements or
instructions to be used directly or indirectly in a
computer in order to bring about a certain result.”
(17 U.S.C. 101)
* Grants exclusive rights to the particular
expression that constitutes the work.
* Does not extend to "any idea, procedure, system,
method of operation, concept, principle, or
discovery" underlying the program.
 Fall 2006 – John Pfister
125
Software Copyright Law (Continued)
• Requirement of originality
* Level of originality "very slight" or "minimal"
* Independent creation
• Copyright not only protects all forms of
computer code, but may extend to:
* Program design documents
* Supporting materials such as users’ manuals,
documentation, etc.
* The way a program itself is structured,
sequenced, and organized
* A program’s user interface; i.e., the look and
feel
 Fall 2006 – John Pfister
126
Software Copyright Law (Continued)
• Major limitation on copyrights:
* Only protects the particular form that a
program, book, manual, record, screen, script,
etc. takes.
* It does NOT protect the ideas or concepts
contained within it.
 Fall 2006 – John Pfister
127
Software Copyright Law (Continued)
• For works published after 1 January
•
1978 and before 1 March 1989, the
author was permitted up to 5 years to
register the copyright and a reasonable
effort had to be made to add a valid notice
to all copies
For works published on or after March 1,
1989, a copyright notice is NOT required
* Software is "published" when it is first put into
general distribution or public sale
* Private showings to friends, investors, or
publishers is not publication
 Fall 2006 – John Pfister
128
Software Copyright Law (Continued)
• Must you register your software copyright?
* Registration NOT required, but recommended
* Copyright is secured automatically when program
is recorded in some solid form (e.g., printout,
diskette, or ROM chip) for the first time
* All works published before 1978 had to contain a
valid copyright notice
• Failure to provide the notice resulted in automatic loss
of copyright protection
• Exception was where the copyright was omitted on a
very few copies
 Fall 2006 – John Pfister
129
Software Copyright Law (Continued)
• A copyright notice must contain three parts:
* The word “Copyright,” the abbreviation “Copr.,” or a

* The year the work was first published
* The name of the copyright owner
• Why register?
* Registration with the U. S. Copyright Office is
required to bring a lawsuit to enforce your copyright
* Registration protects your copyright by making it
public record
* Timely registration makes it easier to win money in
court
 Fall 2006 – John Pfister
130
Software Copyright Law (Continued)
• When to register
* Must register within prescribed time periods
to receive benefit of statutory damages and
attorney fees in infringement suits
* Prescribed time for published works is:
• Within 3 months of the date of the first publication
or
• Before the date the copyright infringement began
* Prescribed time for unpublished works is:
• Before the infringement occurred
 Fall 2006 – John Pfister
131
Software Copyright Law (Continued)
• How long is your software protected by a
copyright?
* AFTER 1977:
• Software developed as "work for hire" is protected for 75
years from date of publication or 100 years from creation,
whichever is shorter
• Software developed by an individual is for life of author
plus 50 years
• Software developed jointly by several authors is, for life of
the last surviving author plus 50 years
* BEFORE 1978, BUT AFTER 1964:
• 75 years from date of publication
* BEFORE 1964:
• Initially, a 28-year term
• Additional 47-year term IF a renewal application filed
during the 28th year 132
 Fall 2006 – John Pfister
Software Copyright Law (Continued)
• Most computer programs or code can be
•
described using general descriptive terms
like, “entire text of computer program with
accompanying documentation.”
Other acceptable terms include:
Computer software
Text of program
Routine
Program instructions
Entire program
Wrote program
Subroutine
Entire program code
Entire work
Program listing
Software
Computer program code
Entire text
Program text and screen displays
Text of computer game
Program text
Module
Reference: Software Development, A Legal Guide, Stephen Fishman, Jan 1998.
 Fall 2006 – John Pfister
133
Software Copyright Law (Continued)
Some unacceptable terms are:
Algorithm
Analysis
Cassette
Chip
Computer game
Disk
Encrypting
Eprom
Firmware
Format
Formatting
Functions
Language
Lay-out
Logic
Menu screen
Mnemonics
Printout
Programmer
Prom
Rom
Software methodology
Structure
Sequence
Organization
System
System design
Text of algorithm
Reference: Software Development, A Legal Guide, Stephen Fishman, Jan 1998.
 Fall 2006 – John Pfister
134
Software Copyright Law (Continued)
• Ownership rights may be transferred by
way of either licenses or assignments:
* Licensing means that one person or company is
granting someone else permission or license to
use the software under specified conditions.
• Exclusive Licenses
• Nonexclusive Licenses
* Assignment means a transfer of all the rights a
person owns in a piece of property.
 Fall 2006 – John Pfister
135
Software Copyright Law (Continued)
• Examples of contractual arrangements to
exploit your copyrights:
* Software Assignments - Copyright owner
transfers all ownership rights to a new owner.
* Software Development Agreements Developer agrees to create software to
specifications and then to transfer or license
the copyright to another party.
* Software Publishing Agreements - Developer
grants to a publisher a license to duplicate and
market the copyrighted software. The
publisher makes royalty payments to the
developer.
 Fall 2006 – John Pfister
136
Software Copyright Law (Continued)
• Examples of contractual arrangements to
exploit your copyrights:
* Software Distribution Arrangements - Owner
of copyrighted software makes an arrangement
with a distributor to sell the software. The
distributor gets the right to grant licenses to
users.
* End-User Agreements - End-user is granted a
license to use, but not to sell the software
product.
 Fall 2006 – John Pfister
137
Software Copyright Law (Continued)
• Some important principles:
* Principal of First Sale - Once you sell a copy of
a copyrighted work, you cannot forbid or
control the resale of the copy.
* Sale of a copy does not transfer copyright
ownership.
* The author, or the author’s heirs, may
terminate a copyright transfer made after
1977, after 35 years without paying anything.
 Fall 2006 – John Pfister
138
Software Copyright Law (Continued)
• Rights of ownership of software copies:
*
*
*
*
*
*
Unlimited use rights
Right to copy the program into computer RAM
Right to make archival copies
Right to sell or give away the program
Adaptation right
Reverse engineering
 Fall 2006 – John Pfister
139
Software Copyright Law (Continued)
• Things owners of software copies can’t do:
* No copies other than back-up and RAM copy
* Copy can only be used on a single computer at a
time
* No running the software on computer networks
* No software rentals or lending
* No derivative works
 Fall 2006 – John Pfister
140
Software Copyright Law (Continued)
• Scope of Protection Under Copyright Law
* Software is fundamentally different than other
copyrighted items; e.g., object code, source code,
structure, not all visible to user
* Object and source code are clearly protected by
the law -- even parts of the code are protected
* Criminal prosecution is possible, but unlikely
* Copy protection locks in code seldom used any more
-- "salting" program with non-functional code is used
* External characteristics of program (screens,
keystrokes, etc.) are also protected by copyrights sometimes called the "non-literal elements" - Lotus
Versus Quattro
 Fall 2006 – John Pfister
141
Software Copyright Law (Continued)
• Copyright Act forbids extending copyright
protection to any "idea" or "concept."
* Test is one of "substantial similarity"
* Author had access
* Can't consider elements copied from public
domain
• "Derivative work" - based on another work
• "Thin" copyright protection for databases
 Fall 2006 – John Pfister
142
Software Copyright Law (Continued)
• Limits on Software Copyright Protection
* No protection for functional elements inherent
in the idea of the application
* No protection for commonly used software
elements
* No protection for use of interfaces and file
formats needed for compatibility
* Duplicating without copying - "Clean Rooms"
* No protection for some intellectual property
• Inventions [Patent Law]
• Product Names [Trademark Law]
• Secret technology and techniques [State Trade
Secret Laws]
 Fall 2006 – John Pfister
143
Software Copyright Law (Continued)
• The Gray Areas
* Uncertain protection for the internal structure
of a program
* Unresolved question of reverse engineering
* Doctrine of "fair use"
* Creating "near clones"
 Fall 2006 – John Pfister
144
Software Copyright Law (Continued)
• Examples of fair use include:
* Library’s Special Rights
• Archiving lost, stolen, damaged or deteriorating works
• Making copies for library patrons
• Making copies for other libraries’ patrons
(interlibrary loan)
* Performances and Displays in Face-to-Face
Teaching and Broadcasts
• Educational institutions
• Governmental agencies
 Fall 2006 – John Pfister
145
Software Copyright Law (Continued)
• Other examples of fair use include:
* Quotations or excerpts in a review or criticism
for purposes of illustration or comment.
* Quotation of a short passage in a scholarly or
technical work for illustration or clarification
of the author’s observation.
* Use in a parody of some of the content of the
work parodied.
* Summary of an address or article, with brief
quotations, in a news report.
 Fall 2006 – John Pfister
146
Software Copyright Law (Continued)
• Other examples of fair use include:
* Reproduction by a library of a portion of a work
to replace part of a damaged copy.
* Reproduction by a teacher or student of a small
part of a work to illustrate a lesson.
* Reproduction of a work in legislative or judicial
proceedings or reports.
* Incidental and fortuitous reproduction, in a
newsreel or broadcast, or a work located at the
scene of an event being recorded.
Reference: Software Development, A Legal Guide, Stephen Fishman, Jan 1998.
 Fall 2006 – John Pfister
147
Software Copyright Law (Continued)
• Fair Use Tests
*
*
*
*
What is the character of the use?
What is the nature of the work to be used?
How much of the work will you use?
What effect would this use have on the market
for the original or for permission if the use were
widespread?
Reference: Software Development, A Legal Guide, Stephen Fishman, Jan 1998.
 Fall 2006 – John Pfister
148
Software Copyright Law (Continued)
• Congress specifically authorized two fair
uses that relate to computer programs:
* “An essential step in the utilization of the
computer program in conjunction with a machine
and that it is used in not other manner.”
* The copy of adaptation is for archival purposes
only (a single back-up copy) and is made and kept
only by the person who owns the legally purchased
copy. (17 U.S.C. 117)
 Fall 2006 – John Pfister
149
Software Copyright Law (Continued)
• The Federal appeals court held that
disassembly of object code (reverse
engineering) is fair use if:
* It is the only means available to obtain access to
the unprotected elements of a computer program
(ideas, functional principles, etc.) and,
* The copier has a legitimate reason for seeking
such access.
Sega Enterprises, Ltd. V. Accolade, Inc., 977 F.2d 1510 (9th Cir.
1992)
 Fall 2006 – John Pfister
150
Software Copyright Law (Continued)
• Criminal liability for infringement (a Federal
crime):
* Willful infringement not for financial gain:
• If retail value greater than $1000 and less than $2500 – up
to one year of imprisonment and up to $100,000 fine
• If ten or more copies with retail value equal to or greater
than $2500 – up to three years of imprisonment and up to
$250,000 fine
* Willful infringement for financial gain:
• If less than ten copies with retail value less than $2500 –
up to one year of imprisonment and up to $100,000 fine
• If ten or more copies and over $2500 – up to five years
imprisonment and up to $250,000 fine
• Jail time can be increased to 10 years for second offense
 Fall 2006 – John Pfister
151
Software Copyright Law (Continued)
• Collecting damages from infringement law suits:
* Actual damages – lost profits and/or other losses
sustained as a result of the copyright infringement
* Statutory damages – requires no proof of any actual
loss
• If infringer did not act willfully or innocently, between
$500 and $20,000 for all infringements by a single
infringer for a single work
• If infringer acted willfully, the penalty can be up to
$100,000
• If infringer acted innocently, the judge has discretion to
award as little as $200 – can’t claim this if work had a valid
copyright notice
• Statute of limitations is generally 3 years
 Fall 2006 – John Pfister
152
Software Patents
• Generally, at least a 14-year exclusive right
•
•
granted by the federal government to
exploit an invention
Patents can cover "any process, machine,
manufacture or composition of matter"
Patent law treats software as a "process" or
a "machine"
 Fall 2006 – John Pfister
153
Software Patents (Continued)
• United States Patent and Trademark
Office (PTO) grants a patent after
determining that the "process" or "device"
is:
* Useful
* Novel
* Not obvious to a skilled practitioner
• Supreme Court ruling opened up software•
related patents in 1981
IBM has the most software-related
patents - adding about 200 new software
patents each year
 Fall 2006 – John Pfister
154
Software Patents (Continued)
• Patents give the holder the right to
•
exclude others from making, using, or
selling devices that contain the invention.
Right of exclusion potentially serves three
purposes:
* Royalty income
* Exclusion of competition
* As a bargaining chip
 Fall 2006 – John Pfister
155
Software Patents (Continued)
• Software-related patents are a concern in
the intellectual property field because:
* The breath of patented software technology
* Independent creation is not a defense
* The difficulty of patent infringement
determinations
* Applications for patents are kept secret
* The expense of resisting claims
* The difficulty of determining "prior art"
 Fall 2006 – John Pfister
156
Software Patents (Continued)
• Large successful companies and companies
•
•
on leading edge of technology are most
likely to be targets of patent infringement
claims
Small, start-up companies and companies
with more mundane technologies are less
likely to be targets of patent infringement
suits
Patent litigation is very expensive - $1520K per month for about two years
 Fall 2006 – John Pfister
157
Software Patents (Continued)
• When the court finds patent infringement, it
can:
* Award damages (triple for intentional infringement)
* Issue court order to prevent further infringement
* Award attorney fees if intentional infringement
• The following factors should be considered in
deciding whether or not to seek a patent:
*
*
*
*
*
Originality
Marketability
Advancement over prior solutions
Will the technology stand the test of time
Are you willing to disclose the technology
 Fall 2006 – John Pfister
158
Software Patents (Continued)
• Types of Patents:
* Utility Patents are patents that have some
type of usefulness.
* Design Patents protect a device’s ornamental
characteristics.
* Plant Patents protect certain types of plants.
 Fall 2006 – John Pfister
159
Software Patents (Continued)
• Examples of Utility Patents:
* A process or method of getting something useful
done; e.g., genetic engineering procedure, a
manufacturing technique, or computer software.
* A machine (usually something with moving parts or
circuitry); e.g., cigarette lighter, sewage treatment
system, laser or photocopier.
* An article of manufacture; e.g., an eraser, tire,
transistor, or hand tool)
* A composition of matter; e.g., a chemical
composition, drug, soap, or genetically altered life
form.
* An improvement of an invention that fits within one
of the first four categories.
 Fall 2006 – John Pfister
160
Software Patents (Continued)
• Patent Duration and Expiration
* Utility Patents – 20 years after the date of
regular patent application.
* Design Patents:
• 14 years if filed on or after June 8, 1995
• If filed before June 8, 1995:
– 20 years from date of filing, or
– 17 years from date of issuance, whichever is longer
* A patent may expire if its owner fails to pay
required maintenance fees.
* Once a patent has expired for any reason, the
invention described by the patent falls into the
public domain.
 Fall 2006 – John Pfister
161
Software Trade Secrets
• Trade Secret - Information used in a
business that is held in confidence and
gives the business an advantage over its
competitors.
* Protected by state laws
* Generally two kinds of trade secrets:
• Technology - Legal protection for the secret in all its
various forms.
• Customer and other confidential commercial
information - sometimes considered like "confidential
information," but protection is the same in either
case.
 Fall 2006 – John Pfister
162
Software Trade Secrets (Continued)
• Trade secret protection not automatic -•
•
•
•
must be protected by reasonable security
measures
Trade secrets last as long as the
information remains secret and valuable
If trade secret disclosure is limited, the
trade secret may not be lost
If trade secret is published, trade secret
could be lost
Criminal prosecution is possible for theft
of scientific and technical data
 Fall 2006 – John Pfister
163
Software Trade Secrets (Continued)
• Examples of Reasonable Security Measures:
*
*
*
*
One person in charge of confidential measures
Controls on access to confidential data
Entry control and badges
Confidentiality legends on documents, code, and other
data
* Confidentiality agreements for employees
* Posted policy on confidentiality
* New employee orientation
* Exit interviews
* Restrictions on code and other data kept out of the
office
* Measures for confidential disclosure to other
companies
164
 Fall 2006 – John
Pfister
Employee Noncompetition Agreements
• Two categories of employees who may need to
be restricted:
* Employees who have access to trade secrets or
confidential information usually technical employees
* Sales employees who have gained customer loyalty
• Requirements of reasonable scope and duration
* Duration of non-competition agreements
* Geographic scope for employees holding trade
secret information
* Geographic scope for sales employees
• Governed by state laws
 Fall 2006 – John Pfister
165
Employment Agreements
• New employees should be asked to review
•
•
and sign employment agreement at time job
offer is made
Current employees must be given
something of value in return
Employee agreements for technical people
are more specific and complex than for
non-technical people
 Fall 2006 – John Pfister
166
Software Product Liability
• Increasing uses of software opens new areas of
risk:
*
*
*
*
*
*
*
Telecommunications
Bank and brokerage transactions
International currency transactions
"Program trading"
Air traffic control
Monitoring nuclear reactors
Designing buildings, bridges, etc.
• Exposure is greatest when software is used to
control sophisticated operations in safetycritical situations
Reference: CMU/SEI-93-TR-013, Software Product Liability, August 1993.
 Fall 2006 – John Pfister
167
Software Liability Strategies
• Investing in improved product quality - It is
•
•
•
•
•
far safer and less expensive to avoid the
problem than to attempt to limit damages
after the fact
Replacing defective software without delay
Using User documentation to limit liability
Using contract provisions to reduce liability
Liability insurance
Incorporate the business
 Fall 2006 – John Pfister
168
Types of Recovery
• Strict liability - that part of tort law that
•
•
covers damage caused by or threatened by
unreasonably dangerous products
Negligence - conduct that falls below the
standard established by law to protect persons
against unreasonable risk or harm
Warranty - contractually assure customers
that the products they buy will perform as
stated
 Fall 2006 – John Pfister
169
Strict Liability
• Courts have held that software can be a
•
•
•
product subject to the doctrine of strict
liability
Injured party does not have to prove
negligence
Injured party only has to prove that the
product was defective and that it caused
the loss
Contractual disclaimers, limitations of
remedies, and limited warranties are no
protection
 Fall 2006 – John Pfister
170
Negligence
• Area of greatest risk for organizations
•
•
•
•
•
with software-intensive products
Proof obligations for negligence can be
difficult
No need for actual or imminent physical
damage
Courts permit 3rd party suits
Large awards for physical damages;
enormous awards for economic losses
Contracts between corporations and
individuals may be judged to be
unconscionable; i.e., unequal parties
 Fall 2006 – John Pfister
171
Warranties
• Explicit limited warranties
• Implied warranties - Uniform Commercial
Code (UCC)
* Fitness for a specific purpose; i.e., software will
do what your customer said was wanted
* Merchantability; software must be of the
general kind described and reasonable fit for
the general purpose for which it was sold
 Fall 2006 – John Pfister
172
Software Product Liability
Personal
injury?
Property
damage?
Caused by a
product?
Was there a
contract?
Yes
No
Yes No
Prove
negligence?
Court uphold
contract?
Yes
Yes No
Failure to
perform?
No
Recover under
strict liability
Recover under
negligence
Yes
Recover under
warranty
No recourse
Reference: CMU/SEI-93-TR-013, Software Product Liability, August 1993.
 Fall 2006 – John Pfister
173
Can You Go to Jail?
• Copying Software for Fun and Profit?
* Copyright Act has criminal penalties
* Revised on December 16, 1997 to include cases
where there was no profit
• Viruses and Hacking?
* Computer Fraud Abuse Act of 1986 has criminal
penalties
* State laws
 Fall 2006 – John Pfister
174
Can You Go to Jail?
• Trade Secret Theft?
* Economic Espionage Act of 1986 provides
criminal penalties of up to $250,000 fine and
ten years in jail
* Trademark Counterfeiting Act of 1984 provides
penalties of $2 million fine and ten years in
prison for individuals, and $5 million fine for
corporations.
 Fall 2006 – John Pfister
175
Chapter 6 - Software Management Buyer’s Model
• Project Planning
• Important Considerations
• Project Management Office Roles and
•
•
•
Responsibilities
Performance Management and Assessment
Techniques
Engineering Support Contractors
IV&V Contractors
 Fall 2006 – John Pfister
176
Project Planning
•
•
•
•
•
•
•
•
•
Project Organizational Structure
Key Personnel Responsibilities
Standards and Methodologies
Documentation
Development Tools
Budget
Schedules
Staffing
Assessment, Customer Approval and
Certification
 Fall 2006 – John Pfister
177
Important Considerations
• Establishing Requirements
• Estimating Resources
• Risk Management Strategies
 Fall 2006 – John Pfister
178
Establishing Requirements
• Outline Example
• Requirements Characteristics
• Requirements Risks
• Requirements Risk Mitigation
The purpose of Requirements Management is to manage the
requirements of the project's products and product
components and to identify inconsistencies between those
requirements and the project's plans and work products.
Reference: CMMI-SW, V1.1
 Fall 2006 – John Pfister
179
Requirements Outline Example
Note: This outline is intended for use with the Rational Unified Process. The Software
Requirements Specification (SRS) captures the complete software requirements for the
system, or a portion of the system. This is a typical SRS outline for a project using only
traditional natural-language style requirements – with no use-case modeling.
1. Introduction
1.1
1.2
1.3
1.4
1.5
Purpose
Scope
Definitions, Acronyms and Abbreviations
References
Overview
2. Overall Description
3. Specific Requirements
3.1 Functionality
3.1.1
<Functional Requirement One>
3.2.1
<Usability Requirement One>
3.3.1
<Reliability Requirement One>
3.2 Usability
3.3 Reliability
 Fall 2006 – John Pfister
180
Requirements Outline Example
3.4 Performance
3.4.1
<Performance Requirement One>
3.5.1
<Supportability Requirement One>
3.6.1
<Design Constraint One>
3.9.1
3.9.2
3.9.3
3.9.4
User Interfaces
Hardware Interfaces
Software Interfaces
Communications Interfaces
3.5 Supportability
3.6 Design Constraints
3.7 Online User Documentation and Help System Requirements
3.8 Purchased Components
3.9 Interfaces
3.10Licensing Requirements
3.11 Legal, Copyright and Other Notices
3.12Applicable Standards
4. Supporting Information
 Fall 2006 – John Pfister
181
Requirements Characteristics
• The DoD says that
• Another author says:
they should be:
* Correct
* Complete
* Compete
* Traceable
* Consistent
* Testable
* Unambiguous
* Consistent
* Verifiable
* Feasible
* Understandable
* Uniquely Identified
* Traceable
* Design Free
* Modifiable
In specifications, using the word “shall” indicates a binding provision;
i.e., one that must be implemented by the specification users. To
state non-binding provisions, use “should” or “may.” Use “will” to
express a declaration of purpose or to express future tense.
Military Standard Specification Practices, MIL-STD-490A, U.S. Department of Defense, 4 June 1985
 Fall 2006 – John Pfister
182
Requirements Risks
• But we gave you exactly what you asked for
• I know that I think I know what your requirements
•
•
•
•
•
•
•
are
Overboard assumptions
The expectations cloud
The never-ending requirements story
I don’t know what I want, but I’ll know it when I
see it
Rapid development requirements risks
Failure to recognize that faulty requirements
represent a risk
Can’t you read my mind?
“Requirements Risks Can Drown Software Projects,” CrossTalk, April 2002
 Fall 2006 – John Pfister
183
1995 DoD Software Study
 Fall 2006 – John Pfister
184
Requirements Risk Mitigation Strategies
• Develop and follow sound processes and
procedures
*
*
*
*
*
*
Requirements elicitation
Requirements analysis
Documentation of requirements
Requirements verification, review, and approval
Configuration control of requirements
Requirements traceability
• Incorporate requirements into all software
life cycles
 Fall 2006 – John Pfister
185
Requirements Risk Mitigation Strategies
• Provide training to those responsible for
•
•
•
•
•
requirements management
Require user involvement
Always document requirements
Validate software requirements
Hold formal requirements reviews
Strictly manage requirements changes
 Fall 2006 – John Pfister
186
Estimating Resources
• Accurate cost estimates very difficult
• Best estimate follows completion of design
• If cost risk too high, use prototyping or
risk-reduction phase to better understand
requirements and design
 Fall 2006 – John Pfister
187
Risk Management Strategies
• Different views of risk:
* To the end user -- risk involves suability and
performance
* To the buyer - risk involves budget and
schedule to meet contractual requirements
* To the seller -- risk involves meeting
contractual requirements while making a profit
* To the maintainer -- risk involves system
maintainability
 Fall 2006 – John Pfister
188
Risk Management Strategies
• Basic Risk Management Process:
*
*
*
*
Assessment
Analysis
Evaluation
Management
• Risk Management Plan Should:
* Identify risk
* Attempt to quantify impact
* Identify mitigation plans
 Fall 2006 – John Pfister
189
Program Management Office Roles and Responsibilities
•
•
•
•
•
•
•
•
•
•
Project Management
Engineering
Test
Training
Quality Assurance
Contract Administration
Program Control
Data Management
Interface Management
Logistics Support
 Fall 2006 – John Pfister
190
Performance Management & Assessment
•
•
•
•
•
•
•
Reviews
Schedules
Problem Reporting
Test
Independent Testing
Management Indicators
Documentation
 Fall 2006 – John Pfister
191
Reviews
• Generally two kinds of reviews:
* Formal -- should be structured around welldefined procedures and objectives and occur at
major project milestones; e.g., PDR, CDR, etc.
* Informal - generally not monitored by buyer
unless SQA is participating; e.g., code walkthroughs
 Fall 2006 – John Pfister
192
Schedules
• Generally two kinds of schedules:
* Gantt charts - top-level milestone chart
* PERT/CPM - detailed precedent-related event
chart
 Fall 2006 – John Pfister
193
Problem Management
• Management procedures should provide
for:
*
*
*
*
*
Review of the problem
Reporting
Status
Management
Correction
 Fall 2006 – John Pfister
194
Test
• To establish a test program, ensure that:
* The qualification requirements are incorporated
into early specifications
* The early planning documents cover the testing
program
* The development contractor has and will employ a
test environment that maintains the necessary tools
to support the testing program
* Long lead actions are identified and the seller has a
plan for implementing these actions
* A viable test organization with responsibility and
authority for conducting the program is in place
* There are appropriate checks on the testing
process
 Fall 2006 – John Pfister
195
Management Indicators
•
•
•
•
•
•
•
Memory utilization
Problem reports
Software size
Personnel stability
Development progress
Incremental release
Test progress
 Fall 2006 – John Pfister
196
Management Indicators
•
•
•
Goal-Question-Metric Paradigm
Define the goals that against which you
want to measure progress/performance
Define questions that have quantifiable
answers relate directly to the goals
Select metrics that provide quantitative
answers to the questions
Basili, V. R., and D. M. Weiss. "A Methodology for Collecting
Valid Software Engineering Data, " IEEE Transactions on
Software Engineering, Vol. SE-10, No. 3, pp. 728-738, Nov.
1984.
 Fall 2006 – John Pfister
197
Engineering Support Contractors
• Types
* Services Contractors
* System Engineering and Technical Assistance
(SETA) Contractors
* Independent Verification and Validation (IV&V)
Contractors
• Considerations
*
*
*
*
Technical Risk
Independent Testing
Management Support
Integration
 Fall 2006 – John Pfister
198
IV&V Contract
• Definition: An in-depth independent
assessment of the software development
process and an independent determination
of whether the developed system performs
all intended mission functions.
* Verification - ensures that the development
process in sound
* Validation - ensures that the products of
development meet operational requirements
 Fall 2006 – John Pfister
199
IV&V Contract
• The SOW should include:
* The buyer's intent to use an IV&V function to
monitor the development effort and assess the
utility of the operational product
* The specific objectives of the IV&V effort,
including, for example, identification of the
specific portions of the system to which IV&V
will be applied
* The authority of the IV&V contractor, for
example, in participation in reviews, access to
documentation, participation in testing, and
conduct of activities
 Fall 2006 – John Pfister
200
IV&V Contract
Use IV&V Contractors if:
System Characteristic
Development
Characteristics
High Risk
Low Cost
Med Risk
Med Cost
Low Risk
High Cost
Manned Systems
Yes
Yes
Maybe
Unmanned Remote
Systems
Yes
Yes
Maybe
Critical to Development
Yes
Maybe
No
Complex System
Maybe
Maybe
N/A
Data-Sensitivity
(privacy)
Yes
Yes
No
Commercial
(e.g., banking)
Maybe
No
No
 Fall 2006 – John Pfister
201
IV&V Contracts
• IV&V Cost Considerations:
* Two objections to use of IV&V contractors:
• Cost too much
• Unnecessary because the development contractor is
highly reputable and maintains an excellent
development environment
* Typical cost ranges from 10 - 30 % of
development cost
* Life cycle cost benefit based on cost avoidance
can make it a good investment
 Fall 2006 – John Pfister
202
Chapter 7 - Software Management
The Seller’s Model
• Project Management Office Roles and
Responsibilities:
*
*
*
*
Single point of contact
Achieve contract requirements
Control budget
Negotiate allocation of resources
• Organizational Approaches:
* Matrix
* Project
* Hybrid
 Fall 2006 – John Pfister
203
Project Manager Tasks
1. Interface Management
* Interface between internal and external organizations
* Coordinate activities
* Tap internal resources
2. Project Management
*
*
*
*
*
Plan and control work
Ensure all contractual requirements are addressed
Scope management controls
Provide leadership and direction
Encourage communications and teamwork
 Fall 2006 – John Pfister
204
Project Manager Tasks (Continued)
3. Resource Management
* Manage people, time, money, equipment, materials, information,
and technology
* Perform make/buy analysis
* Coordinate procurements
* Maintain a management reserve
* Monitors cost-to-complete and schedule-to-complete
4. Change Management
* Uses CCB to manage changes
* Negotiates changes with buyer
5. Risk Management
* Builds options into plans
* Identifies and prioritizes risks
 Fall 2006 – John Pfister
205
Planning and Control
• Before Contract is Let, Proposal Manager
Develops
*
*
*
*
*
*
*
Proposal Win Strategy
Technical Approach
Top-Level Management Plan
Work Breakdown Structure
After Contract Award, Software Manager
Updates Software Development Plan
Negotiates Schedules, Budgets, Deliverables,
and Management Controls
 Fall 2006 – John Pfister
206
Project Plan Objectives
1. Communicate work and expectations
2. Establish baseline for control over work-inprocess by establishing intermediate goals
and milestones
3. Focus efforts toward accomplishment of
project-related objectives
4. Integrate budget and schedule
5. Exercise control
 Fall 2006 – John Pfister
207
Software Project Plan Outline (IEEE)
Title Page
Revision Sheet
Table of Contents
List of Figures
List of Tables
1. Introduction
1.1 Project Overview
1.2 Project Deliverables
1.3 Evolution of the Plan
1.4 Reference Materials
1.5 Definitions and Acronyms
 Fall 2006 – John Pfister
208
Software Project Plan Outline (IEEE)
2. Project Organization
2.1 Process Model
2.2Organizational Structure
2.3Organizational Boundaries and Interfaces
2.4Project Responsibilities
3. Managerial Process
3.1 Management Objectives and Priorities
3.2Assumptions, Dependencies, and Constraints
3.3Risk Management
3.4Monitoring and Controlling Mechanisms
3.5Staging Plan
 Fall 2006 – John Pfister
209
Software Project Plan Outline (IEEE)
4. Technical Process
4.1 Methods, Tools, and Techniques
4.2Software Documentation
4.3Project Support Functions
5. Work Packages, Schedule, and Budget
5.1 Work Packages
5.2Dependencies
5.3Resource Requirements
5.4Budget and Resource Allocation
5.5Schedule
 Fall 2006 – John Pfister
210
Software Project Plan Outline (IEEE)
Additional Components
Index
Appendices
 Fall 2006 – John Pfister
211
Software Development Plan (DoD)
Title Page
Table of Contents
1. Scope
1.1 Identification
1.2 System Overview
1.3 Document Overview
1.4 Relationship to Other Plans
2. Referenced Documents
 Fall 2006 – John Pfister
212
Software Development Plan (DoD)
3. Software Development Management
3.1 Project Organization and Resources
3.1.1
Contractor Facilities
3.1.2 Government Furnished Equipment, Software, and
Services
3.1.3 Organizational Structure
3.1.4 Personnel
3.2 Schedule and Milestones
3.2.1
3.2.2
3.2.3
 Fall 2006 – John Pfister
Activities
Activity Network
Source Identification
213
Software Development Plan (DoD)
3.3
3.4
3.5
3.6
3.7
3.8
3.9
3.10
3.11
 Fall 2006 – John Pfister
Risk Management
Security
Interface with Associate Contractors
Interface with Software IV&V Agent(s)
Subcontractor Management
Formal Reviews
Software Development Library
Corrective Action Process
Problem/Change Report
214
Software Development Plan (DoD)
4. Software Engineering
4.1 Organization and Resources - Software Engineering
4.1.1
4.1.2
4.1.3
Organizational Structure - Software Engineering
Personnel - Software Engineering
Software Engineering Environment
4.1.3.1
4.1.3.2
4.1.3.3
4.1.3.4
Software Items
Hardware and Firmware Items
Proprietary Nature of Government Rights
Installation, Control, and Maintenance
4.2 Software Standards and Procedures
4.2.1
4.2.2
4.2.3
4.2.4
Software Development Techniques and Methodologies
Software Development Files
Design Standards
Coding Standards
4.3 Non-Developmental Software
 Fall 2006 – John Pfister
215
Software Development Plan (DoD)
5. Formal Qualification Testing
5.1 Organization and Resources - Formal
Qualification Testing
5.1.1
Organizational Structure - Formal Qualification
Testing
5.1.2 Personnel - Formal Qualification Testing
5.2Test Approach/Philosophy
5.3Test Planning Assumptions and Constraints
 Fall 2006 – John Pfister
216
Software Development Plan (DoD)
6. Software Product Evaluations
6.1 Organization and Resources - Software Product
Evaluations
6.1.1
Organizational Structure - Software Product
Evaluations
6.1.2
Personnel - Software Product Evaluations
6.2 Software Product Evaluations Procedures and Tools
6.2.1
6.2.2
Procedures
Tools
6.3 Subcontractor Products
6.4 Software Product Evaluation Records
6.5 Activity-Dependent Product Evaluations
 Fall 2006 – John Pfister
217
Software Development Plan (DoD)
7. Software Configuration Management
7.1 Organization and Structure - Configuration Management
7.1.1
7.1.2
Organizational Structure - Configuration Management
Personnel - Configuration Management
7.2 Configuration Identification
7.2.1
7.2.2
Developmental Configuration Identification
Identification Methods
7.3 Configuration Control
7.3.1
7.3.2
7.3.3
7.3.4
7.3.5
 Fall 2006 – John Pfister
Flow of Configuration Control
Reporting Documentation
Review Procedures
Storage, Handling, and Delivery of Project Media
Additional Control
218
Software Development Plan (DoD)
7.4Configuration Accounting
7.5Configuration Audits
7.6Preparation for Specification Authentication
7.7Configuration Management Milestones
8. Other Software Development Functions
9. Notes
10. Appendixes
 Fall 2006 – John Pfister
219
Work Breakdown Structure (WBS)
• Primary planning tool
• Decomposes work hierarchically into
•
component parts
Schedule and resources allocated to each task
1.0 Project Name
1.1 Management
1.2 Requirements &
Design
1.3 Construction &
Implementation
1.4 Deployment &
Support
1.1.1 Planning
1.2.1 Requirements
1.3.1 Construction
1.4.1 Deployment
1.1.2 Reviews
1.2.2 Design
1.3.2 Implementation
1.4.2 Training
1.1.3 Travel
1.4.3 Verification
1.4.4 Support
 Fall 2006 – John Pfister
220
Organization & Staffing Realities
•
•
•
•
•
•
•
Recruiting Key Personnel
Competition with other projects
Good technical skills
Good non-technical skills
Keeping Good People
Buffer outside distractions
Facilitate open communications
 Fall 2006 – John Pfister
221
Providing Leadership and Direction
• Foster Teamwork
• Building Synergistic Teams
• Coaching and Motivating
*
*
*
*
*
*
*
Interesting work
Growth
Recognition
Achievement
Responsibility
Advancement
Interpersonal relations
 Fall 2006 – John Pfister
222
Performance Measurement
• Allow visibility into project
• Use management indicators to pinpoint
•
•
•
problems early
Isolate causes of problems
Provide insight into quality and progress
Reassure customer and upper management
on progress and status
 Fall 2006 – John Pfister
223
Reviews and Audits
• Customer Reviews and Audits
*
*
*
*
*
*
*
Requirements Review
Preliminary Design Review
Critical Design Review
Test Readiness Review
End-Product Acceptance Review
Functional Configuration Audit
Physical Configuration Audit
• Quality Reviews and Audits
* Quality reviews (circles)
* Quality audits (evaluation)
* Quality inspection
 Fall 2006 – John Pfister
224
Reviews and Audits (Continued)
• Project Reviews
*
*
*
*
Management Reviews
Upper management reviews
Steering committee reviews
Peer management reviews
*
*
*
*
Walk-throughs
Inspections
Round-robin reviews
Walkbacks
• Peer Reviews
 Fall 2006 – John Pfister
225
Configuration Management and
Library Controls
•
•
•
•
•
Required for all large projects
Generally already in place
Problem reporting system
May have multiple CM systems
Need to adapt
 Fall 2006 – John Pfister
226
Quality Assurance and Metrics Analysis
• Independent quality assurance organization
•
•
required by some contracts
Tools and techniques tailored to needs of
project
Typical criticisms:
* Upper management paid only lip service to quality
* The quality organizations were staffed with
junior people
* The quality organizations were undertooled and
undercapitalized
* The quality organizations relied on inspections
 Fall 2006 – John Pfister
227
Risk Management and Control
• Top-Ten List
*
*
*
*
Identify top ten risks each month
Analyze
Prioritize
Minimize
*
*
*
*
*
Use on large, complicated jobs
Meet monthly
Chaired by software manager
Invite customer
Identify and prioritize top ten risks
• Risk Advisory Council
 Fall 2006 – John Pfister
228
Common Software Risks
People
1. Personnel shortfalls
2. Fragmentation
Resources
3. Unrealistic schedule (not enough time)
4. Inadequate budget (not enough money)
Requirements
5. Developing the wrong functions
6. Poorly defined requirements
7. Gold plating
8. Continuing change (feature creep)
9. Too little user involvement
 Fall 2006 – John Pfister
229
Common Software Risks
Receivables
10. Other projects don't deliver as promised
11. Legacy does not live up to expectations
Technology
12. Technology shortfalls
 Fall 2006 – John Pfister
230
Chapter 8 - Software Management
The Team Approach
• Communication and mutual trust between buyer and seller
are essential ingredients for the success of large
complex software projects
• Degree of interaction between buyer and seller will be a
function of the contract type used
• Buyer and seller managers have the same objective: meet
all requirements within the allocated resources
• Problems arise because of different motivations:
* Buyer wants to reduce risk (and therefore cost) by imposing
additional requirements - reviews, documentation, controls, etc.
* Seller wants to reduce risk (and costs) by paring down those
requirements -- providing more flexibility
 Fall 2006 – John Pfister
231
Key Player Roles & Responsibilities
•
•
•
•
•
•
•
Planning
Engineering
Documentation
Configuration Management
Quality Assurance
Software Tools
Testing
 Fall 2006 – John Pfister
232
Planning
• Before contract award:
* Buyer must deal with internal "politics" while
"selling" the project -- results in shortchanging
engineering and management decisions
* Seller concerned with contract award -assesses technical capability available staff,
competition, and available B&P funds
• After contract award Seller must assemble
•
staff -- danger that proposal staff may not
be available to execute contract
Buyer can minimize problems by sticking to
tight procurement schedule
 Fall 2006 – John Pfister
233
Engineering
• Staffing difficulties are not uncommon
• Engineers tend to add functionality -- make
•
more complex
Requirements management essential
 Fall 2006 – John Pfister
234
Documentation
• Inadequately addressed by Buyer during
planning
* Not equipped to make decisions
* End users unable to specify need for
documentation
• Seller recognizes the overall requirement,
but:
* Reluctant to recommend because of costs
* Not wise to tell customer he or she is wrong
* May want to de-emphasize documentation to
pull up schedule
 Fall 2006 – John Pfister
235
Documentation (Continued)
• Documentation most important aspect of
•
software development because it is
primary indicator of progress
Informal documentation must also be
managed
 Fall 2006 – John Pfister
236
Configuration Management
• CM essential to software development
•
•
•
process
Buyer may not appreciate importance
Seller may not have an effective CM
process in place
CM resources often cut during proposal to
be more competitive
 Fall 2006 – John Pfister
237
Quality Assurance
• Frequently misunderstood function
• QA resources often underscoped
• Often de-emphasized or eliminated on
•
small contracts
Necessary part of engineering process
 Fall 2006 – John Pfister
238
Software Tools
• Modern tools improve quality and
•
•
productivity
Buyer often not interested unless tools
being delivered with system
Cost of tools usually come out of Seller's
overhead
 Fall 2006 – John Pfister
239
Testing
• Frequently misunderstood and poorly
•
•
•
practiced
Testing begins with requirements
Buyer views testing as demonstration that it
meets requirements
Seller views testing as the means for sellingoff the product
 Fall 2006 – John Pfister
240
Building Synergistic Buyer/Seller Teams
• The Contract - In selecting a contractor,
the Buyer should consider:
* Ability of the seller to perform
* Organization
* Experience
• The Development
*
*
*
*
*
Project leaders
Personality conflicts
Crowd control
Personnel stability
Key personnel stability
 Fall 2006 – John Pfister
241
Communication and Trust
•
•
•
•
•
Informal Networking
Electronic Communications
Project and Telephone Lists
Minutes and Reports
Newsletters
 Fall 2006 – John Pfister
242
Reward and Punishment
• Organizational Awards
* Cost
* Award Fee
• Personal Awards
 Fall 2006 – John Pfister
243
Download