0 Software process improvement encompasses a set of
activities that will lead to a better software process and, as a
consequence, higher quality software delivered in a more timely
manner. Some software organizations have little more than an ad
hoc software process. As they work to improve their software
engineering practices, they must address weaknesses in their
existing process and work to improve their approach to software
0 The approach to SPI is iterative and continuous, but it can be
viewed in five steps: (1) assessment of the current software
process, (2) education and training of practitioners and managers,
(3) selection and justification of process elements, software
engineering methods, and tools, (4) implementation of the SPI plan,
and (5) evaluation and tuning based on the results of the plan.
3. 0 Today, virtually every major software engineering
organization has attempted to “make software engineering
happen.” Some have implemented individual practices that
have helped to improve the quality of the product they build
and the timeliness of their delivery. Others have established
a “mature” software process that guides their technical and
project management activities. But others continue to
struggle. Their practices are hit-and-miss, and their process
is ad hoc. Occasionally, their work is spectacular, but in the
main, each project is an adventure, and no one knows
whether it will end badly or well.
4. 37.1 WHAT IS SPI?
0 The term software process improvement (SPI) implies many
things. First, it implies that elements of an effective software
process can be defined in an effective manner; second, that an
existing organizational approach to software development can
be assessed against those elements; and third, that a
meaningful strategy for improvement can be defined.
0 The SPI strategy transforms the existing approach to software
development into something that is more focused, more
repeatable, and more reliable (in terms of the quality of the
product produced and the timeliness of delivery).
5. 37.1.1 Approaches to
0 Although an organization can choose a relatively informal
approach to SPI, the vast majority choose one of a number of
SPI frameworks. An SPI framework defines (1) a set of
characteristics that must be present if an effective software
process is to be achieved, (2) a method for assessing whether
those characteristics are present, (3) a mechanism for
summarizing the results of any assessment, and (4) a strategy
for assisting a software organization in implementing those
process characteristics that have been found to be weak or
7. 0 Figure 37.1 provides an overview of a typical SPI framework.
The key elements of the framework and their relationship to
one another are shown. You should note that there is no
universal SPI framework. In fact, the SPI framework that is
chosen by an organization reflects the constituency that is
championing the SPI effort.
0 Conradi [Con96] defines six different SPI support
0 Quality certifiers. Process improvement efforts
championed by this group focus on the following
0 Quality ( Process ) ⇒ Quality ( Product )
8. 0 Their approach is to emphasize assessment methods and to
examine a well-defined set of characteristics that allows them to
determine whether the process exhibits quality. They are most
likely to adopt a process framework such as the CMMI, SPICE,
TickIT, or Bootstrap. 1
0 Tool advocates
0 As an SPI framework is applied, the sponsoring constituency
(regardless of its overall focus) must establish mechanisms to: (1)
support technology transition, (2) determine the degree to which
an organization is ready to absorb process changes that are
proposed, and (3) measure the degree to which changes have been
9. 37.1.2 Maturity Models
0 A maturity model is applied within the context of an SPI
framework. The intent of the maturity model is to provide an
overall indication of the “process maturity” exhibited by a
0 For example, the Software Engineering Institute’s original
Capability Maturity Model (Section 37.3) suggests fi ve levels
of maturity ranging from initial (rudimentary software
process) to optimized (a process that leads to best practices. 2
Unfortunately, some software organizations exhibit levels of
“process immaturity” that undermine any rational attempt at
improving software engineering practices. Schorsch [Sch06]
suggests four levels of organizational immaturity that are
often encountered in the real world of software development:
10. 0 Level 0, Negligent —Failure to allow successful development
process to succeed. All problems are perceived to be technical
problems. Managerial and quality assurance activities are
deemed to be overhead and superfluous to the task of
software development process. Reliance on silver pellets.
0 Level 1, Obstructive —Counterproductive processes are
imposed. Processes are rigidly defined and adherence to the
form is stressed. Ritualistic ceremonies abound. Collective
management precludes assigning responsibility. Status quo
0 Level 2, Contemptuous —Disregard for good software
engineering institutionalized. Complete schism between
software development activities and software process
improvement activities. Complete lack of a training program.
11. 0Level 3, Undermining —Total neglect of own charter,
conscious discrediting of peer organizations software
process improvement efforts. Rewarding failure and
037.1.3 Is SPI for Everyone?
0For many years, SPI was viewed as a “corporate”
activity—a euphemism for something that only large
companies perform. But today, a significant
percentage of all software development is being
performed by companies that employ fewer than 100
12. 37.2 THE SPI PROCESS
0 The hard part of SPI isn’t the definition of characteristics
that define a high quality software process or the creation
of a process maturity model. Those things are relatively
easy. Rather, the hard part is establishing a consensus for
initiating SPI and defining an ongoing strategy for
implementing it across a software organization.
0 The Software Engineering Institute has developed IDEAL—
“an organizational improvement model that serves as a
road map for initiating, planning, and implementing
improvement actions” [SEI08]. IDEAL is representative of
many process models for SPI, defining five distinct
activities— initiating, diagnosing, establishing, acting, and
learning—that guide an organization through SPI
13. 37.2.1 Assessment and
0 Any attempt to improve your current software process without
first assessing the efficacy of current framework activities and
associated software engineering practices would be like starting
on a long journey to a new location with no idea where you are
0 Each is considered within the context of the framework activities
(Chapter 3) that have been established, and is each assessed to
determine whether all of the following questions have been
14. Is the objective of the activity clearly defined?
• Are work products required as input and produced as
• Are the work tasks to be performed clearly described?
• Are the people who must perform the activity identifi ed by
• Have entry and exit criteria been established?
• Have metrics for the activity been established?
• Are tools available to support the activity?
• Is there an explicit training program that addresses the
• Is the activity performed uniformly for all projects?
15. 0 As the process assessment is conducted, you (or those who
have been hired to perform the assessment) should also focus
on the following issues:
0 Consistency. Are important activities, actions, and tasks
applied consistently across all software projects and by all
0 Sophistication. Are management and technical actions
performed with a level of sophistication that implies a
thorough understanding of best practice?
0 Acceptance. Is the software process and software engineering
0 widely accepted by management and technical staff?
0 Commitment. Has management committed the resources
required to achieve consistency, sophistication, and
16. 37.2.2 Education and
0 Although few software people question the benefit of an agile,
organized software process or solid software engineering
practices, many practitioners and managers do not know enough
about either subject.
0 37.2.3 Selection and Justification
0 Once the initial assessment activity 5 has been completed and
begun, a software organization should begin to make choices.
These choice occur during a selection and justification activity in
which process characteristics and specific software engineering
methods and tools are chosen to populatethe software process.
17. 0 First, you should choose the process model (Chapters 3–5)
that best fits your organization, its stakeholders, and the
software that you build. You should decide which of the set
of framework activities will be applied, the major work
products that will be produced, and the quality assurance
checkpoints that will enable your team to assess progress.
0 Next, develop an adaptable work breakdown for each
framework activity (e.g., modeling), defining the task set
that would be applied for a typical project.
0 Installation is the first point at which a software organization
feels the effects of changes implemented as a consequence of
the SPI road map. In some cases, an entirely new process is
recommended for an organization. Framework activities,
software engineering actions, and individual work tasks must
be defined and installed as part of a new software engineering
0 Installation and migration are actually software process
redesign (SPR) activities. Scacchi [Sca00] states that “SPR is
concerned with identification, application, and refinement of
new ways to dramatically improve and transform
0 software processes.”
19. 37.2.5 Evaluation
0 Although it is listed as the last activity in the SPI road
map, evaluation occurs throughout SPI. The evaluation
activity assesses the degree to which changes have
been instantiated and adopted, the degree to which
such changes result in better software quality or other
tangible process benefits, and the overall status of
the process and the organizational culture as SPI
20. 371. 2.6 Risk Management for
SPI Management for SPI
0 SPI is a risky undertaking. In fact, more than half of all SPI
efforts end in failure. The reasons for failure vary greatly and
are organizationally specific. Among the most common risks
are: a lack of management support, cultural resistance by
technical staff, a poorly planned SPI strategy, an overly
formal approach to SPI, selection of an inappropriate
process, a lack of buy-in by key stakeholders, an inadequate
budget, a lack of staff training, organizational instability, and
a myriad of other factors.
21. 37.3 THE CMMI
0 The original CMM was developed and upgraded by the Software
Engineering Institute throughout the 1990s as a complete SPI
framework. Today, it has evolved into the Capability Maturity
Model Integration (CMMI) [CMM07], a comprehensive process
meta-model that is predicated on a set of system and software
engineering capabilities that should be present as organizations
reach different levels of process capability and maturity.
23. 0 The CMMI represents a process meta-model in two different ways: (1) as
a “continuous” model and (2) as a “staged” model. The continuous CMMI
meta-model describes a process in two dimensions as illustrated in
Figure 37.2 . Each process area (e.g., project planning or requirements
management) is formally assessed against specific goals and practices
and is rated according to the following capability levels:
0 Level 0: Incomplete — The process area (e.g., requirements
management) is either not performed or does not achieve all goals and
objectives defined by the CMMI for level 1 capability for the process area.
0 Level 1: Performed — All of the specific goals of the process area (as
0 defined by the CMMI) have been satisfied. Work tasks required to
produce defined work products are being conducted.
0 Level 2: Managed — All capability level 1 criteria have been satisfied. In
addition, all work associated with the process area conforms to an
organizationally defined policy; all people doing the work have access to
adequate resources to get the job done; stakeholders are actively
involved in the process area as required; all work tasks and work
products are “monitored, controlled, and reviewed; and are evaluated for
adherence to the process description” [CMM07].
24. 0 Level 3: Defined — All capability level 2 criteria have been
achieved. In addition, the process is “tailored from the
organization’s set of standard processes according to the
organization’s tailoring guidelines, and contributes work
products, measures, and other process-improvement
information to the organizational process assets” [CMM07].
0 Level 4: Quantitatively managed — All capability level 3
criteria have been achieved. In addition, the process area is
controlled and improved using measurement and
quantitative assessment. “Quantitative objectives for quality
and process performance are established and used as
criteria in managing the process” [CMM07].
0 Level 5: Optimized — All capability level 4 criteria have been
achieved. In addition, the process area is adapted and
optimized using quantitative(statistical) means to meet
changing customer needs and to continue all improve the
efficacy of the process area under consideration