In statistics, the Greek letter sigma (s) is used to represent the standard deviation of a dataset. The dataset is just a set of measurements, for example the sizes of a set of software modules. Sigma characterizes the variability of the data relative to its average value. The larger the value of sigma, the larger the spread in data values about the dataset average.
Under some very general conditions, sigma is related to the probability that a data point is close to the data set average. About 60% - 75% of the data values will fall within one sigma of the average, i.e. their values will be between the average value minus sigma and the average value plus sigma. Similarly, about 90% fall within two sigma, and 99% fall within three sigma.
In Statistical Process Control, the value of sigma plays a key role in data driven decision making. For example, suppose we adopt a software quality management strategy where we want to identify modules that are likely to have an excessive number of defects so that we can re-do them. We can characterize each module by its defect density, the number of defects per thousand lines of new and modified code. Under this strategy, we scrap a module that has too high a defect density because it is likely to have many latent defects even after completion of test and because it is likely to be much more expensive to debug than a typical module. This strategy make sense when the time to fix the remaining bugs is likely to be more than the time to have an experienced engineer do a re-write - another statistically based decision!
But what is "too many"? Virtually all modules will have some defects and their defect densities will all exhibit some variation about the average value. How do we recognize a module that has an abnormally high defect density? This is were sigma comes in. Suppose a module's defect density is more than three sigma above average. There is only a 1% chance that this is due to normal statistical variation. It is more likely that there is something special about the way this module was developed that resulted in a very unlikely high defect density. A module like this would be a good candidate for a re-write, or at least for an independent review. It would also be a good candidate for a root cause analysis to determine why it had so many defects. This knowledge in turn could be used to prevent a re-occurrence of similar problems. This illustrates the mechanism for continuous improvement
If the threshold for corrective action were set too low, say anything above the average, then management would frequently over-react, needlessly re-working normal modules. Management could also believe that ineffective process changes were worthwhile simply because one or two modules with below average defect densities happened to be produced after the change. So the value of sigma becomes the key to recognizing significant deviations from typical behavior.
In manufacturing, six sigma refers to a process where there is statistically only 3.4 chances in a million of a product being out of specification, i.e. of being defective. While the tolerancing arguments involved in manufacturing don't apply to software development, we can still characterize a software process in terms of its sigma. For software, a six sigma process would result in 3 - 4 defects per million lines of delivered code.
Most software process are not nearly this good, so six sigma quality is typically treated as a process improvement goal. However, six sigma has taken on a broader meaning at companies like Motorola, AlliedSignal, and General Electric. In this context, six sigma refers to a broad management framework for the application of statistical techniques to project management, development engineering, and Total Quality Management.
The standard Six Sigma Toolkit is a collection of techniques and statistical tools that include
It supports a cyclic continuous improvement model called DMAIC consisting of the following steps
Application of the six sigma toolkit to software development involves a different emphasis from manufacturing. Some techniques are relatively less important, for example DOE and MSE. Others like process mapping need to applied slightly differently. And others, like SPC, selectively emphasize some specific techniques at the expense of others.
The CMMI is a conceptual framework developed by the Software Engineering Institute (SEI) that helps software organizations to:
The CMMI's staged respresentation classifies organizations as level 1 - level 5 based on the relatively maturity of their software processes. Higher levels indicate more mature processes.
From a narrow point of view, CMMI levels 4 and 5 involve the systematic application Statistical Process Control (SPC) to process management, product quality management, and change management. Since SPC is one of the core elements of the Six Sigma toolkit there is a strong correlation between the application of six sigma and a high maturity process.
However, from a broader point of view, software six sigma can be viewed as a mechanism for data driven continuous improvement. It provides a rigorous approach to implementing software process improvements that move an organization up the CMMI maturity scale at any level. The emphasis on measurable improvements in Six Sigma provides a way for an organization to assess the return on its CMMI investment. Without this level of rigor organizations typically take longer to move up the maturity scale and have a higher probability of failure. It is extremely difficult to sustain an improvement activity without statistically measurable benefits.
No. PSP and TSP can provide substantial benefits to organizations at any CMMI maturity level. In fact most of our PSP clients have been level 1 organizations.
No, in fact PSP and TSP work poorly with a waterfall life cycle. They are most effective when used with an evolutionary model of software development.
Contact PS&J Software Six Sigma at: Phone: 201-947-0150; 201-358-8828 E-mail: Quality@SoftwareSixSigma.com
Copyright © 2001-2006 PS&J Software Six Sigma, All rights reserved. Revised: July 14, 2011 .
PSPSM, TSPSM and CMMISM are service marks of Carnegie Mellon University. CMM® and IDEAL® are registered in the U.S. Patent and Trademark Office.
PMBOK® and PMP® are registered trademarks of the Project Management Institute.