Çevik yazılım test süreçlerinde risk analizi çalışması = Risk analysis study in agile software test processes

Abstract

Gününümüzde gelişen teknoloji ile yeni rekabet ortamları oluşmuştur. Şirketlerin bu rekabet ortamında müşteri isteklerine hızlı geri dönüş yapması önem kazanmıştır. Şirketlerin müşteri isteklerini karşılayabilmek için yazılım uygulamaları kullanımı ihtiyacı ortaya çıkmıştır. Yazılım uygulamaları, yazılım geliştirme yaşam döngüleri (Software Development Life Cycle-SDLC) boyunca insan faaliyetleri ile geliştirildikleri için risklerin oluşması sıklıkla yaşanabilmektedir. Bir yazılımın güvenilir ve kaliteli olması, o yazılım ürünün hatasız veya en az hata ile çalışmasıyla mümkün kılınmaktadır. Bu nedenle, risklerin önüne geçilebilmesi için yazılım testi büyük rol oynamaktadır. Bu çalışmada, Ankara'da yer alan yazılım sektöründe faaliyet gösteren bir savunma sanayi şirketinin haberleşme projesindeki yazılım test süreçlerinde ortaya çıkan riskler için risk analizi gerçekleştirilmiştir. Şirket, müşteri isteklerini karşılayan, en az hata ile yüksek kalitede çalışan bir uygulama geliştirmeyi amaçlamaktadır. Yürütülen çevik (agile) yazılım projesinde, tekrarlanan hatalar nedeniyle yazılım testleri için uzun süren zamanlar ve insan gücü olarak büyük bir efor harcanmaktadır. Projenin zamanında ve belirlenen bütçe çerçevesinde tamamlanabilmesi için yazılım test süreçlerinde ortaya çıkan risk faktörlerinin önceliklendirilmesi gerekmektedir. Yazılım testinde ortaya çıkan her hatanın projeye olan etkileri birbirinden farkı olacağı için etki alt bileşenlerinin belirlenmesi amaçlanmıştır. Bu kapsamda proje rol almakta olan uzman kişiler ile görüşülmüştür. Yapılan görüşmeler neticesinde belirlenen etki alt bileşenlerinin ağırlıklarının belirlenmesinde Çok Kriterli Karar Verme tekniklerinden çalışmaya uygun olan bulanık SWARA tekniği kullanılmıştır. Yazılım testinde ortaya çıkan risk faktörleri arasındaki ilişkinin önceliklendirilmesi için risk yönetimi tekniklerinden FMEA kullanılmıştır. İlk olarak klasik FMEA'daki "olasılık, farkedilebilirlik, etki" olarak ifade edilen üç bileşenin çarpımı ile risk öncelik numara değeri bulunmuştur. Bu çalışmada, Klasik FMEA'nın üç bileşenin (olasılık, etki, farkedilebilirlik) çarpımı ile bulunun risk öncelik numarası değeri, Bulanık SWARA yöntemi ile bulunan etki alt bileşenlerinin ağırlıklarının entegre edilmesi ile literatürde rastlanmayan özgün bir "Ağırlıklandırılmış FMEA" modeliyle hesaplanmıştır. Alt etki bileşenlerinin ağırlıkları kullanılarak hesaplanan risk öncelik numaralarına göre önceliklendirilen yazılım test süreçlerinde ortaya çıkan riskler için hafifletici ve önleyici planlar sunulmuştur.

Nowadays, the software sector, which is one of the important sectors with the advancing technology, is trying to take place in the ecosystem where competition is intense because it operates in a wide area. In the rapidly changing world with the development of technology, companies try to respond quickly to the requests of their customers. Software applications play an important role in responding to customer requests. Regardless of the sector, many companies use software applications both in their internal processes ve in their interactions with their customers. In this context, many projects are being prepared. Software Development Life Cycle (SDLC) stveards should be applied in order to develop the project with minimum bug. Throughout SDLC, bugs can often occur as all phases are developed by human activities. The reliability ve quality of a software is made possible by the fact that that software product works regular or with the least amount of bugs. Therefore, software testing plays a major role in avoiding risks. SDLC is a development approach used in agile software development processes Software development lifecycle (SDLC) is a cost-effective and time-efficient process used to design high-quality software. The purpose of SDLC is to minimize project risks with forward planning to meet customer expectations during and after production. This lifecycle consists of small plans that allow the software development process to be tracked and measured. Managing software development can be challenging due to changing requirements, technology upgrades and cross-functional collaboration. The software development lifecycle (SDLC) methodology provides a systematic management framework with specific outputs at each stage of the software development process. All stakeholders ensure that plans are made on software development goals and requirements, and that communication is strong with people at all levels during the development phase. Software development life cycle (SDLC) is a cycle which being of planning, analysis, design, implementation, testing and maintenance. It is aimed to produce software that works in line with changing requirements by communicating with the customer at every stage throughout this cycle. Software development lifecycle models can be showned as spiral model, agile software development, waterfall model, rapid application development model, incremental model, V-Process model. In the study, the agile software development model, which is one of the most widely used models today, is discussed. In agile software projects, software testing is usually carried out in parallel with software development activities. When planning software development steps, it is planned as a 3-week development program. The requirements that will be developed within 3 weeks are opened to the software team as a feature in the digital environment. Usually at the end of each sprint, a major release is received and testing of this improved minor software system is performed. In addition, test activities are carried out by obtaining an intermediate version without waiting for the end of the sprint. Before starting the software test, test scenarios containing the requirements are written, test plans are made and the test environment is prepared. Test procedures including test scenarios and test planning for test tools are made. Testing activities are performed when this test planning is ready when the main release arrives at the end of the sprint. In the test activities, the features or bugs opened to the software developers in the digital environment are assigned to the test team by the software developers if they are finished. The testing team tests validation of these finished requirements. Bugs that occur as a result of all tests are opened as bugs in the same digital environment and assigned to the relevant software developer. Every found bug or improvement is tracked through this digital environment every time a new version is released. In this way, features such as which bug was opened when, when it was closed, how long it was resolved, and how many times the same situation was repeated can be reported through these digital tools. Software testing activities play an important role in the quality and reliable operation of a software product. Along with software testing activities, a software system/product is developed with high performance that meets customer expectations, has been verified, and conforms to user behaviors. Many bugs that are not noticed at the code stage are detected at an early stage with the intermediate version tests conducted within the sprint. Detecting the bug at an early stage eliminates irreversible problems. The software testing process is the testing activities carried out to ensure that a software works with quality, reliability and minimum bugs. During the software testing process, the testing techniques/levels to be applied and the software/hardware tools required for testing are determined. Verification methods are determined. It is determined at which level the test scenarios should be written. Test procedures template and test scripts are prepared. The test environment is set up. It is verified whether the software works correctly. The results realized during the test phase are compared with the expected results. Observed bugs are recorded and the test result is reported. Software tests are carried out automatically and manually depending on the structure of the software. Automation; It is a test done by writing mini code scripts and automated tools. Manual testing; means that each test step is run one by one with human power. Therefore, manual tests take longer than automation. Running all tests from scratch is costly and time-consuming activities. In order to produce a reliable and high-quality software product, the application and testing phases of the software development lifecycle are required to be carried forward in parallel. In this way, it is verified whether the new features included in the resilient software affect the working parts. At this point, project managers will be able to recognize the relevant risks earlier and take the necessary measures. Testing is an important stage in the software development lifecycle and plays a decisive role in ensuring the reliability and quality of the software. Therefore, in order to improve test efficiency, it is important to determine and eliminate the risk parameters that will affect the test phase in advance. In this study, a risk analysis was carried out for the risks that arise in the software testing processes in the communication project of a defense industry company operating in the software sector. The company aims to develop a high-quality application that meets customer requests ve runs with minimal bugs. In the agile software project carried out, long time ve great effort are spent for software tests due to repeated bugs. In order for the project to be completed on time ve within the determined budget, the risk factors that arise during the software testing processes should be prioritized. It is aimed to determine the sub-components of the impact, since the effects of each bugs that occurs in the software test will be different from each other. In this context, experts who were involved in the project were interviewed. The Fuzzy SWARA technique, which is one of the Multi-Criteria Decision Making techniques, was used to determine the weights of the impact sub-components determined as a result of the interviews. FMEA, one of the risk management techniques, was used to prioritize the relationship between the risk factors that emerged in the software test. First, the ris priority number value was found by multiplying the three components expressed as "probability, detectability, ve severity" in classical FMEA. In this study, the risk priority number value, which is found by multiplying the three components of Classic FMEA (probability, severity, detectability), was calculated with a unique "Weighted FMEA" model, which is not found in the literature, by integrating the weights of the severity sub-components found with the Fuzzy SWARA method. While doing this calculation, the severity of risks on the project were identified as five sub-severity components. The weights of five subcomponents were found with Fuzzy SWARA. Then, the formula of classical FMEA is used. However, here, the severity value was determined for each identified risk and the weights of sub-severity components with this severity value was multiplied. In the study, after the risks were determined, classical FMEA calculation was made for the risk prioritization study. Due to the deficiencies of the classical FMEA technique, such as having the same RPN values and the weights of the FMEA components, the weighted FMEA model was created. RPN value was calculated with the new model using the same risk items. Weighted FMEA results with classical FMEA were compared. According to the results of the comparison, it was observed that the risk priority rankings of the other items, except for the first two items, were different from each other. Mitigating ve preventive plans are presented for the risks that arise in software testing processes that are prioritized according to the risk priority numbers calculated using the weights of the sub-impact components.