Quality Strategy with a side of Swiss Cheese

What can aerospace safety teach us about software quality? Learn how stacking imperfect layers of defense creates a powerful strategy to stop bugs.

#1about 3 minutes

Defining software quality through a cheese analogy

Software quality is defined as informed confidence in building the right product, combining the manufacturer's need for reliability with the consumer's need for appealing characteristics.

#2about 3 minutes

Understanding the Swiss Cheese model for risk avoidance

The Swiss Cheese model is a multi-layer risk avoidance strategy where multiple imperfect layers combine to significantly reduce overall losses.

#3about 2 minutes

Applying the model to a real-world software case study

A series of production incidents related to database performance revealed underlying systemic issues, prompting a strategic quality review using the Swiss Cheese model.

#4about 2 minutes

Workshop Part 1 - Identifying personas and their concerns

The first step in the quality strategy workshop is to identify all relevant personas, including direct, indirect, and even malicious users, to understand what they care about.

#5about 2 minutes

Workshop Part 2 - Mapping architecture and integrations

The second workshop step involves diagramming the system architecture and characterizing each integration to identify dependencies, risks, and testing considerations.

#6about 4 minutes

Workshop Part 3 - Mapping concerns to quality layers

The final workshop step is to brainstorm concerns, map them to existing quality layers, and identify where layers need to be changed or added to be effective.

#7about 4 minutes

Evaluating the cost and purpose of each quality layer

Each quality layer has maintenance and cognitive costs, so it's crucial to ensure they serve their intended purpose cost-effectively, like scoping end-to-end tests to critical flows.

#8about 3 minutes

How the Swiss Cheese model complements the test pyramid

The Swiss Cheese model defines the "what" of a quality strategy, while the test pyramid defines the "how" by guiding implementation towards fast and reliable tests.

#9about 2 minutes

Q&A: Implementing contract testing and tracking quality

The Q&A covers the model's origin, using Pact for contract testing across GraphQL and REST APIs, and tracking the "bucket" of unplanned work through team time allocation and customer feedback.

#10about 4 minutes

Q&A: Workshop participation and QA-to-developer ratio

The Q&A highlights the need for cross-functional participation in quality workshops and suggests an ideal ratio of one quality professional to four to six developers.