Quality Management in Saas Model

The SAAs model is undoubtedly a new challenge to software quality management. We need to find corresponding countermeasures to ensure high-quality software services.

With the rapid development of the Internet, especially the rise of web, the demand for providing software as a service has gradually increased, and the software industry is changing, among them, the most prominent is the formation of software as a service (SAAS) model.

The SAAs model is based on software deployment, providing services to customers through the Internet, and customers can also customize their own specific services as needed.

The emergence of this new model conforms to this demand. Using software services instead of traditional software products can not only protect the software from piracy, in addition, it can reduce the costs and difficulties for software consumer enterprises to purchase, build and maintain their infrastructure and applications. The SAAs model has already put a lot of pressure on traditional software vendors, and its own development is getting faster and faster. The data provided by many famous research or consulting companies further shows this trend.

Among them, well-known representatives include Salesforce, WebEx, odesk, openair, and eproject. Software giants such as Oracle, IBM, Microsoft, and SAP are paying attention to this model, and invested heavily in migrating traditional software product sales models to software services,

For example, Oracle has successively acquired J. d. edwards, PeopleSoft, and Siebel CRM OnDemand, while IBM began to claim that it had been a on-demand service company, Microsoft began to push its live.com strategy, consumer-centric services such as Baidu, Google, eBay, and Amazon also prove that the SAAs model can be further expanded.

These are undoubtedly new challenges to software quality management. We need to find corresponding countermeasures to ensure high-quality software services.

The SAAs model has many specific requirements, including higher requirements for software development methods and processes, system architecture flexibility, compatibility and scalability, and system deployment, operations, technical support and maintenance. and so on. These are undoubtedly new challenges to software quality management. We need to find corresponding countermeasures to ensure high-quality software services.

Focus of SAAS Quality Requirements

High-quality software should meet the needs of users and the needs of software enterprises. To meet your needs, you must meet your requirements in terms of functions, interface usability, availability, reliability, and security.

To meet the needs of software enterprises, we need to reduce the complexity, scalability, portability, and so on of the software system to make the system easier to maintain. For SaaS, software quality requirements focus on the effectiveness, reliability, security, and maintainability of the system.

Whether the product or service is valid for the customer, that is, the percentage of the real available and full running time of the system during the specified start time, the system validity can be calculated by dividing the average system time (MTTF, mean time to failure) by the total running time (the sum of MTTF and troubleshooting time.

For example, the online banking system must be highly effective (for example,> 99.99%) to meet the quality requirements.

A Validity requirement can be described as follows: "during working days, the system is valid for at least 99.5% between four o'clock P.M. AM and midnight local time, from AM to AM, the system must be at least 99.95% effective ".

The robustness and effectiveness of the system can sometimes be seen as part of reliability.

Methods To measure software reliability include the proportion of correctly executed operations, the length of time the system was running before a new defect was discovered, and the density of defects. The reliability and performance of software systems are interrelated, more specifically, they affect each other. High reliability may reduce performance, for example, data replication and backup, repeated computing, and so on can improve the reliability of the software system, but reduce the system performance to a certain extent.

For example, some key processes for collaborative work require fast processing to achieve high performance. These key processes may be spof design, and their reliability is not enough.

Security, scalability, and maintainability must be carefully considered for SaaS. Security: In addition to data storage, backup, and other requirements, you also need to set reasonable and reliable system and data access permissions to prevent intrusion and hacker attacks by unexpected customers, to avoid data leaks and system paralysis.

The security and reliability of software systems are generally the same. Software with high security also requires relatively high reliability, because any failure may result in data insecurity.

A key security-related component must be reliable. Even if an error or fault occurs, the code and data must be stored in a safe place, it cannot be used or analyzed improperly.

However, the security of the software may conflict with its performance and applicability. For example, the more complicated the encryption algorithm is, the lower its performance may be. Alternatively, various protection measures can be set for data access, including user logon, password protection, authentication, and full-process tracking of all operations, which will inevitably reduce the applicability of the system to a certain extent.

Software development process to meet SaaS Quality Requirements

SAAS provides services to users over the Internet, and the foundation is the deployment of software systems. This requires that the requirements for system deployment should be fully considered during software requirement analysis, design, and verification, including Server Clusters, distributed networks, failover, online system expansion, data backup, and recovery. Therefore, the system architecture design is very important and requires sufficient time and resources.

On the other hand, because the software deployment is controlled by the software service provider and does not take as long as the channel sells software packages and manufacturing costs, the release cycle of SAAS software can be greatly shortened, we strive to achieve the simplest and most effective software development process. The highest priority is to ensure customer satisfaction through early and continuous delivery of valuable software.

For SaaS software development, agile methods can be combined with the RUP process methods to maintain fast and stable development speed, the RUP process can ensure the flexible architecture, good scalability and portability of the system, and promote the development process to reach an optimal balance to achieve high satisfaction.

Product release programs in the software service model are much more complex than the release of general software products. They involve pre-and post-activities of software product deployment and implementation, the "deployment planning, deployment design, Verification and Implementation of deployment design, and monitoring" activities were added.

During development, the compatibility of data/system should be fully discussed and analyzed considering the requirements of website or data migration, multiple upgrade methods, and multi-version Running Environments, ensure that the services obtained during the upgrade process are not affected, data is protected, and all services are properly used.

In addition, to deal with the relationship between customers, the upgrade of new versions with major functional changes usually requires prior approval or consent from the user.

For the software service model, when the product is released to the running environment (server), further verification is required before the user starts to use it. Therefore, in the final implementation phase of software service model product release, the time is very strong, generally on weekends or at night (PM ~ Am ). If you provide uninterrupted software services, you need to use DNS, servers, directories, and other fast switching methods to achieve seamless upgrade.

Deployment planning, design, and verification

Software deployment is an essential and key part of SAAS. Software deployment provides technical and environmental support for programs to run through integrated, virtualized, or logical management of resources and processes, this ensures the optimal and most reliable performance of the software system deployed in the appropriate operating environment, it can effectively store, back up, and restore user and system data.

In the technical analysis of software deployment, the requirements are transformed into technical specifications used to design and deploy the architecture based on the business objectives. In deployment design, multiple quality factors must be considered.

The logical architecture determines the optimal method of service allocation, system expansion, and maintainability.

The service quality requirements must meet the service quality (QOS) requirements and be established in the ing relationship between the logical architecture and QoS requirements to achieve the quality objectives of software services such as performance, availability, scalability, and maintainability.

Consumption analysis helps isolate performance bottlenecks through the use mode of system load and develop policies that meet QoS requirements for deployment design.

Usage Analysis factors include the number and type of users, active and inactive users, management users, usage modes, user growth, user transactions, and user/historical data.

Although use cases are included in the usage analysis, when evaluating the deployment design, use cases should be referenced to ensure that the problems identified in any case are addressed or resolved in the design.

Based on performance indicators, conduct research on some key use cases to determine how to ensure that the requirements are implemented at the system level.

The service level agreement specifies the minimum performance requirement and the level and level of customer support that must be provided when the requirement is not met, which is equivalent to the bottom line of the design ).

It is necessary to design two or three software deployment solutions for cost. Through analysis and comparison, we can optimize resources and adopt a balance strategy to meet business requirements within the scope of business constraints and achieve cost optimization.

Business goals are the final goals of software deployment, including the business requirements or constraints for achieving these goals. The quality of software deployment design depends on the ability to meet business objectives.

In addition, the following also focuses on the availability, scalability and security factors and planning policies to ensure the successful deployment and design. It is also crucial to verify availability, scalability, and security.

Availability planning policy

When the availability requirement is 99.99% or 99.999%, the system is usually required to be a fault-tolerant system. Fault-tolerant systems must be able to continue to run when hardware or software fails. The implementation means are to configure redundant components for hardware (such as CPU, memory, and network devices) that provide key services and software.

Availability design will take into account the situation that occurs when availability is reduced or components are lost, consider whether the connected user must restart the session and the impact of faults in one region on other regions of the system. QoS requirements should consider these schemes and specify how the deployment responds to these situations.

A single-point failure is a hardware or software component that does not have spare redundant components. These components are part of an important path, that is, if this component fails, the system will not be able to continue providing services. When designing a fault-tolerant system, you must identify and eliminate potential single point of failure.

　　Its common availability policies include:

Server Load balancer uses redundant hardware (such as server cluster-server cluster) and software components to distribute and process loads.

A Load balancer (such as NetScaler loadbalance) directs any requests to a service to a server with the smallest load in the server cluster of the service. If any instance fails, other instances can bear more load.

Failover involves managing redundant hardware and software. When any component fails, it provides uninterrupted access to the service and ensures the security of key data. For example, Sun Cluster provides a Failover solution for key data managed by backend components.

The replication or backup service provides multiple sources for access to the same data. For example, the Directory Server provides multiple replication and synchronization policies for access to the LDAP directory.

Scalable System Planning

Scalability refers to the ability to increase system capacity, and requires that the architecture of the deployment be not changed when system resources are added.

In the system requirement analysis and design phase, the prediction of system capacity is usually only an estimate, which may be significantly different from the actual situation of the system to be deployed. Therefore, when deploying a specific design, considering the inevitable deviation, the system deployment scalability policy should be introduced to make the deployed system flexible enough to handle the problem within a reasonable period of time (such as 6 ~ 12 months) increase the potential capacity of the load, so that you can easily cope with abnormal peak load.

A scalable system generally has the following three policies, from which one or more policies can be combined.

High-performance design policies add potential capacity at the final stage of performance requirements to handle load that may grow over time and maximize system availability within budget control. This strategy allows the system to have a certain amount of buffer time to cope with the increasing load, so it is relatively easy to develop a larger system expansion scheme.

Incremental deployment is based on load requirements and evaluation, and the conditions for system expansion and the time when the conditions may be met are clarified in advance. There is an estimation and arrangement for a specific date/time for each major system expansion, to create the entire deployment calendar.

Large-scale performance monitoring helps you determine the time to add resources to deployment. The performance monitoring requirements provide guidance to operators and administrators responsible for maintenance and upgrade.

Security Planning

Security is a complex topic that involves various levels of system deployment, including the following:

Physical security physical security refers to physical access to routers, servers, server rooms, data centers, and other parts of the infrastructure. If unauthorized users can access the server room and unplug the router, other security measures will be meaningless.

Network security network security refers to network access through firewalls, secure access zones, access control lists, and ports. Policies for unauthorized access, tampering, and denial of service attacks should be developed.

Application and application data security includes access to user accounts, company data, and enterprise applications through verification and authorization processes and policies, including passwords, encryption, authentication, access permissions, and control policies.

Personal security practices security policies within the Organization define the work environment and the practices that all users must follow to ensure that other security measures are implemented as designed.

 

The common practice is to compile and train the Security Manual. To achieve effective overall security policies, reliable security practices must be part of the corporate culture.

Maintenance Quality of SAAS Software System

First, ensure the maintainability of the system, and then develop a series of system maintenance operation rules and change control procedures to ensure timely and effective system maintenance.

Maintainability refers to the ease of maintenance for the deployment system, including system monitoring, repair of system faults, enhancement of system functions, updates and backups of system data, and upgrades of system software and hardware, factors also include the usage model, downtime plan, and corresponding processes. There is a certain degree of dependence on maintainability and availability. good maintainability can ensure the high availability of system operation.

Software deployment and maintenance must first be composed of a professional and independent maintenance team. The technical structure of its members should be complete, including hardware engineers, network design engineers, security certification engineers, and (Operations) system Engineers, database administrators (DBAs), and Application System Technicians.

Second, complete operation procedures and specifications should be established to inform each maintenance personnel of how to perform operations, which operations are permitted, and which operations are not allowed. Formulate emergency plans for emergencies. In addition, the following measures are taken to further improve the quality of software deployment and maintenance.

Install a monitoring program with a running environment to monitor the running environment at any time. Inform maintenance personnel of any symptoms in time to form an alert mechanism; ensure that someone is on duty or in the on-call status within 7 × 24. There is a set of systems (such as remedy Ticket System) to report system problems, timely response and handling; in addition to the Failover mechanism, redundant equipment or redundant system operation capabilities; well-recorded maintenance of software deployment.

Specific requirements of the SAAs Model

(1) software development methods and processes should be agile, and their implementation should be simple.

(2) allow customers to customize themselves and have higher requirements on system architecture flexibility, compatibility, and scalability.

(3) software services are implemented through system deployment, which requires high system deployment, operation, technical support and maintenance.

(4) high availability (uninterrupted operation) and stable performance and reliability, including system failover.

(5) The core of SAAS is data, allowing customers to easily access data through the network, while ensuring data security, including data encryption, isolation, backup and recovery.