Verification and Validation (V&V) can improve quality for the computer software system and the software development life cycle process. Verification activities provide management assurance that the products of each software development stage comply with the pre-defined specifications and standards applicable for that stage. The products occur throughout the software development life cycle. Validation activities provide management assurance that the end product meets the customers’ original specification and standards. Validation occurs predominantly at the end of the software development life cycle (SDLC). Independence of the V&V organization from the software development organization is not mandatory but recommended. The independence assures objectivity of the verification and validation process and results. In practice various degrees of independence are employed. The highest independence is achieved when the V&V organization is contractually obligated to the highest authority responsible for producing the system. Limited independence is achieved when the V&V organization reports to the procuring agent or even the development organization above the level of the project management.
V&V should be employed for high-assurance systems where an extreme level of integrity is required. High-assurance systems are safety-critical systems, real-time systems, aerospace systems, traffic control systems, etc. V&V provides an added assurance that potential risk areas are considered and risk mitigation is performed. Although the recommendation for high-assurance systems is a full life cycle V&V (with an emphasis is on the early phases of the development life cycle), not all systems warrant the same level or type of V&V.
The fundamental goals of V&V are twofold. One goal is to continuously improve the quality of the development process, products and resources. The other goal is to improve the quality of V&V’s own process and products. Improvements are achieved by measuring quality, setting progressive goals for improvement, and monitoring progress. To do this effectively, V&V must be a formalized, repeatable, and optimized process that employs proven methods and standards. The V&V process must also be tailorable to match the needs of any development model (waterfall, evolutionary, incremental, spiral, rapid-prototype, etc.), for any type of system (management information systems, safety systems, real-time systems, knowledge-base systems, simulation and modeling, etc.), and any development methodology (Object Oriented, top-down structured, etc.). This presents a unique challenge for conducting V&V.
Refer back to lesson 2 and the kernel Validation Test Kernel shown in the animation Example Software Development Process.
Click here to view the Example Software Development Process in PDF
The V&V Life Cycle methodology is based on a pre-defined set of kernels from which the V&V life cycle for a given project can be defined. The kernels were defined in lesson 2 for function such as Requirements Analysis, Document Review, Code Analysis, etc. In review each kernel contains entry and exit criteria, inputs and outputs, activities, process controls, and metrics for a given activity. These kernels can be mapped to the V&V development model as determined by the needs of the project. The following paragraphs will provide an overview of the V&V Life Cycle methodology. The next section will contrast the full "V&V Life Cycle for Waterfall Software Development Life Cycle" against "V&V Life Cycle for Model Verification." The final section discusses how the methodology can be used to optimize the V&V life cycle process.
Overview of the V&V Life Cycle MethodologyThe V&V life cycle methodology provides a formalized repeatable process that is optimized based on the development model, development methodology, application type, and life cycle phase(s) that are applicable to a software project. The methodology is designed to elevate the maturity of the V&V process to ensure improvement of quality of both software development and V&V processes, products and resources. The V&V life cycle methodology includes set V&V process kernels supported by program control and metrics. Some challenges that are presented to V&V are:
- Schedule slips that erode or eliminate the time allocated to V&V activities
- Documentation may be out of date or be non-existent
- Artifacts may be out of date or be non-existent
- V&V is brought in the latter phase of the SDLC
To satisfy the needs of different system development efforts and to remain formalized and repeatable, a modular construction should be used. The modular concept was proposed for software development in IEEE-Std-1074-199, "Standard for Developing Software Life Cycle Processes. The kernel approach to V&V provides a repository of V&V process kernels. A V&V process kernel is a modular, reusable, self-contained building block defining inputs, entry criteria, activities, exit criteria, outputs, process controls, and metrics.
The most advisable methodology is to employ a full life cycle V&V process with emphasis on the early phases of the software development life cycle. However, this is seldom done because of lack of resources and the lack of opportunity because V&V usually is not funded until after coding has been completed. Often V&V is tasked only to perform validation or verification of a particular life cycle phase. Sometimes, V&V may be called to rescue a faltering project that is in the test and integration life cycle phase. The focus of V&V should remain on risk abatement, where discrepancies are identified and ranked, associated risks are identified, and solutions are recommended. This focus is contained in each V&V process kernel and remains intact regardless of the size or type of V&V life cycle being constructed.
V&V Life Cycle ConstructionThe V&V activities are defined as a self-contained V&V process kernel. A particular configuration of kernels can be mapped to the unique software development model for a project. An example of the full life cycle V&V is shown for a simple waterfall development model. In a waterfall model, requirements are presumed to be stable at the beginning of the project and each development phase is consecutively executed until delivery of the final system.
The image above depicts a simple waterfall software development life cycle model with cascading, shaded boxes for each phase: Requirements, Design, Coding, Integration and Test, and Delivery. Behind each development phase are the V&V process kernels relevant for that phase. The implementation of each process kernel is dependent on the requirements and constraints of the project and the specified V&V statement of work. For instance, a V&V change assessment may not be required at all or V&V audits may be needed at each phase along with milestone reviews. V&V document review and audits may also be required for developer management, quality assurance, and/or configuration management products or processes. V&V Project Management (PM), Configuration Management (CM), and Quality Assurance (QA) kernels are shown spanning the entire life cycle. They interact with all V&V process kernels including each other to monitor and control V&V processes. A V&V life cycle such as the one shown above then becomes the basis for the project management plan and supports costing, sizing, and scheduling of all V&V activities.