Abstract
Proposed method is applied to Software Engineering for security software quality management. DMAIC framework applies stochastic techniques to risk management. Hypothetical software project is considered with specified delivery target date and quality goal. Testing project is analysed uncompleted with weeks of testing remaining. Simulation considers testing defects and predicts the number defects at the end of test. If simulation confirms that the quality goal will be met, testing continues as is. Simulation regularly checks quality goal as testing progresses. If the predicted quality is missing targets, simulation predicts when the target will be achieved. There are two options, either more resources should be allocated to the project to rectify the problem, or the project should be delayed. An improvement project is defined to rectify the problem. Control is shown by using a very similar scenario with data for Quality Control, which applies slightly different models.