• Lecture 1: Introduction to Software Quality
• Lecture 2: Software Process & SQA
• Lecture 3: Agile Methods I – XP
• Lecture 4: Agile Methods II – Scrum
• Lecture 5: Agile Methods III – Kanban
• Lecture 6: Systematic Testing I
• Lecture 7: Systematic Testing II
• Test #1 [Jan. 30, 2025] (Lectures 1-7)
• Lecture 8: Black Box Testing I
• Lecture 9: Black Box Testing II
• Lecture 10: White Box Testing I
• Lecture 11: White Box Testing II
• Lecture 12: White Box Testing III
• Lecture 13: Continuous Testing I
• Test #2 [Mar. 6, 2025] (Lectures 8-13)
• Lecture 14: Continuous Testing II
• Lecture 15: Exploratory Software Testing
• Lecture 16: Security Testing and Analysis
• Lecture 17: Static Analysis
• Lecture 18: Code Reviews
• Lecture 19: Software Quality and AI
• Test #3 [Apr. 3, 2025] (Lectures 14-19)

LECTURE 1: Introduction to Software Quality

• Course info. What Causes Software Errors? What is Quality? McCall’s Factor Model. What is Quality Assurance? Software Quality Assurance. Formal methods, testing, inspection, metrics. Achieving software quality.
• Slides: [PDF]

LECTURE 2: SOFTWARE PROCESS & SQA

• Quality in context. Software process activities. The Waterfall model. The Prototyping model. Evolutionary development. The Spiral model. The Iterative Development Process (IDP).
• Slides: [PDF]

LECTURE 3: AGILE METHODS I – XP

• Principles of the Agile Manifesto. Extreme Programming (XP) values, principles and practices. XP practices include stories, cycles, slack, small releases, pair programming, test first programming, incremental design, continuous integration, ten-minute build, informative workspace.
• Slides: [PDF]
• Resources:
  • The Agile Manifesto
  • Spotify Engineering Culture – Part 1 [YouTube]
  • Spotify Engineering Culture – Part 2 [YouTube]

LECTURE 4: AGILE METHODS II – Scrum

• Foundations of Scrum – empiricism, lean thinking, transparency. Scrum values. Scrum team members including product owner, scrum master, developers. Scrum framework activities including sprint, daily scrum, sprint review and sprint retrospective. Scrum artifacts including product backlog, sprint backlog and incremental releases. The Scrum metric of velocity.
• Slides: [PDF]
• Resources:
  • The Scrum Guide – Required reading!
  • A Brief Guide to the Scrum Framework [YouTube]

LECTURE 5: AGILE METHODS III – Kanban

• Kanban goals – visualize work, limit work-in-progress, maximize flow, continuous improvement, continuous release and collective ownership. Kanban artifacts include cards and Kanban board, done rules. Kanban metrics including lead time, cycle time, work-in-progress (WIP) limits, cumulative flow diagrams (CFDs). Scrum vs. Kanban.
• Slides: [PDF]
• Resources:
  • The Agile Coach – What is Kanban? [YouTube]
  • An Example of Kanban from Microsoft [YouTube]

LECTURE 6: Systematic TESTING I

• Testing vs. Debugging. Validation and Verification. Levels of Testing. Unit, integration, system, acceptance testing.
• Slides: [PDF]

• Testing in the Software Life Cycle. Test design, test strategy, test plans, test case design, test procedures. Black box vs. white box testing.
• Slides: [PDF]

LECTURE 8: BLACK BOX TESTING I

• Black box testing methods including functionality coverage testing and input coverage testing. Different approaches to input coverage testing including exhaustive testing, Input partitioning, shotgun testing, input partition/shotgun hybrid testing, robustness testing (e.g., boundary testing).
• Slides: [PDF]

LECTURE 9: BLACK BOX TESTING II

• Black box methods – output coverage testing. Exhaustive output testing. Output partitioning. Handling multiple input/output streams/files. Black box methods at different levels. Gray box testing. Black box unit testing. Test harnesses and stubs. Assertions in test automation, tools. Black box class testing (interface / object oriented testing). Traces. Implementing assertions. Black box integration testing.
• Slides: [PDF]

LECTURE 10: WHITE BOX TESTING I

• Role and kinds of white box testing. Code injection. Implementation – source, executable and sampling. White box static analysis. Code coverage methods. Statement analysis methods: statement coverage, basic block coverage.
• Slides: [PDF]

LECTURE 11: WHITE BOX TESTING II

• Code coverage methods. Decision analysis methods: decision (branch) coverage, condition coverage, loop coverage, path coverage. Data coverage methods. Data flow coverage.
• Slides: [PDF]
• Whiteboard:

LECTURE 12: WHITE BOX TESTING III

• Mutation testing, definition and role. Mutants: value, decision, statement mutations. Examples and coverage.
• Slides: [PDF]
• Whiteboard:

LECTURE 13: CONTINUOUS TESTING I

• Guest Lecturer: Dr. Michael Miljanovic
• Software maintenance: corrective, adaptive and perfective maintenance. Continuous testing methods: functionality, failure and operational testing.
• Slides: [PDF]

LECTURE 14: CONTINUOUS TESTING II

• Regression testing: purpose, method. Establishing and maintaining a regression test set. Observable artifacts: choosing, maintaining, normalizing, differencing. Version signatures. Regression test harnesses. A regression testing example: the TXL interpreter. Regression test organization, signatures and differencing for the TXL interpreter. Kinds of observations: functionality, performance, and internal diagnostic. Advantages and disadvantages of regression testing.
• Slides: [PDF]

LECTURE 15: Exploratory Software Testing

• Automated vs. manual testing. Scripted manual testing. Exploratory testing in the small and exploratory testing in the large.
• Slides: [PDF]
• Resources:
  • The Three Phases of Exploratory Testing [YouTube]
  • How I Use Exploratory Testing to Improve Mobile Apps [YouTube]

LECTURE 16: Security Testing and Analysis

• Quality vs. Security. Testing (penetration testing, fuzzing) and static analysis for security. A case study on cybersecurity in connected autonomous vehicles (CAVs).
• Slides: [PDF]
• Video: [YouTube]
• Resources:
  • Fuzzing: Hack, Art and Science by Patrice Godefroid
  • CusterFuzz, OneFuzz – open source fuzzing tools
  • SpotBugs, Coverity – static analysis tools that support security assessment
  • Car Hacking Dataset [used in case study]

LECTURE 17: STATIC ANALYSIS

• Using static analysis techniques to assess software quality and detect faults. Static analysis fault detection tools: Lint, FindBugs and CodeSurfer Path Inspector. A case study of the SCRUB tool at NASA JPL.
• Slides: [PDF]

LECTURE 18: CODE REVIEWS

• Reviews, walkthroughs and inspections. Inspection in the software process. Code review techniques: checklists, paraphrasing, walkthroughs. and other lightweight code review practices. A discussion on bias in code review at Google.
• Slides: [PDF]

LECTURE 19: Software Quality and AI

• In this lecture I will discuss recent research conducted by Riddhi More and I on detecting and classifying flaky tests. Flaky tests are tests that may pass or fail without changing the code.
• Slides: [PDF]