Software Engineering 2025

Section II (Short Answer)

Q.2. i. What does the V-Model emphasize in software development? The V-Model (Validation and Verification Model) emphasizes that every phase in the software development lifecycle must have a corresponding, strictly planned testing phase. Instead of moving downward in a linear way, the process steps bend upwards after the coding phase to form a typical 'V' shape. It highlights that test planning and test case creation should happen early, right alongside the requirement and design phases, rather than waiting until coding is finished.

Q.2. ii. Which model is best suited for well-understood requirements? The Waterfall Model is best suited for projects with well-understood, clearly defined, and fixed requirements. Because it is a linear sequential model, it assumes that all requirements can be gathered completely at the very beginning of the project, making it ideal for straightforward, predictable projects where changes are unlikely.

Q.2. iii. Define cyclomatic complexity Cyclomatic complexity is a software metric used to indicate the logical complexity of a program. It quantitatively measures the number of linearly independent paths through a program's source code. Developers use it to determine how difficult a piece of code will be to test and maintain. It is calculated using the formula: $V(G) = E - N + 2$ (Where $E$ represents the number of edges and $N$ represents the number of nodes in the control flow graph).

Q.2. iv. How is software reliability measured? Software reliability is measured in terms of the probability of failure-free operation of a computer program in a specified environment for a specified amount of time. It is typically measured using time-based metrics such as:

• MTTF (Mean Time To Failure)
• MTTR (Mean Time To Repair)
• MTBF (Mean Time Between Failures), calculated as $MTBF = MTTF + MTTR$.

Q.2. v. What is the difference between black-box and white-box testing? Black-box testing focuses solely on the external behavior, inputs, and expected outputs of the software without looking at the internal source code (testing functionality). White-box testing (or structural testing) requires the tester to have deep knowledge of the internal code structure, allowing them to test logical paths, loops, and conditional statements to ensure the internal mechanisms work correctly.

Q.2. vi. Define integration testing. Integration testing is a phase in software testing where individual, isolated software modules are combined and tested as a group. The primary purpose is to expose faults in the interaction and data exchange between these integrated units. Common strategies include Top-Down integration, Bottom-Up integration, and Sandwich (hybrid) integration.

Q.2. vii. What is coupling in software design? Coupling is a measure of the degree of interdependence or connection between different software modules. In good software design, low coupling is highly desirable. If modules are loosely coupled, a change in one module is less likely to cause unintended errors or require massive rewrites in other connected modules, making the system easier to maintain.

Q.2. viii. What is risk mitigation? Risk mitigation is a proactive project management strategy aimed at reducing the probability of a risk occurring, or minimizing its negative impact if it does happen. For example, if a high turnover of key developers is a identified risk, a mitigation strategy would be enforcing rigorous code documentation and cross-training team members so the project does not halt if someone leaves.

Q.2. ix. What is the difference between proactive and reactive risk strategies? A proactive risk strategy involves identifying potential risks before the project begins and creating plans to avoid them or minimize their impact (a "preventive" approach). A reactive risk strategy acts only after a risk has materialized into an actual problem, relying on "firefighting" or crisis management to fix the issue, which is generally more costly and stressful.

Q.2. x. Differentiate between coupling and cohesion. Coupling refers to the relationship and dependencies between different modules (good design requires low coupling). Cohesion refers to the internal strength and focus of a single module; it measures how closely related the internal operations of a module are to one another (good design requires high cohesion, meaning the module does exactly one well-defined job).

Q.2. xi. Define the term Metrics? Discuss Size Oriented Metrics. Software Metrics are quantifiable measures used to assess the quality, cost, or efficiency of a software product or its development process. Size Oriented Metrics measure the physical volume of the software, almost always using Lines of Code (LOC) or Thousands of Lines of Code (KLOC). These metrics are used to calculate productivity (e.g., pages of documentation per KLOC) and quality (e.g., errors per KLOC).

---

Section III (Essay Type)

Q. #.3. Compare and contrast the Agile Model with the Spiral Model. When should each be used?

Introduction Both Agile and Spiral models are iterative approaches to software development, meaning they build software in repeated cycles rather than one massive push. However, their core philosophies and ideal use cases are vastly different.

The Agile Model Agile is an umbrella term for methodologies (like Scrum or Kanban) focused on continuous iteration, rapid delivery, and extreme flexibility. It breaks the project down into tiny increments (sprints) lasting 1-4 weeks. It relies heavily on constant communication, cross-functional teams, and incorporating user feedback at every step.

The Spiral Model The Spiral Model, proposed by Barry Boehm, is highly risk-driven. It visualizes the process as a spiral with multiple loops. Each loop represents a phase (like planning, risk analysis, engineering, and evaluation). Its defining characteristic is the intense Risk Analysis phase in every single iteration, utilizing prototyping to resolve major risks before heavy coding begins.

Comparison Table

Feature	Agile Model	Spiral Model
Primary Focus	Flexibility, speed, and continuous user feedback.	Rigorous risk assessment and risk resolution.
Process Style	Lightweight, highly adaptable, minimal documentation.	Heavyweight, structured, formal documentation.
Customer Involvement	Customer is involved continuously throughout the daily/weekly process.	Customer evaluates the prototypes at the end of each spiral iteration.
Cost & Budget	Generally budget-friendly, changes are expected.	Highly expensive due to extensive risk analysis and planning.

When to Use Each Model

• When to use Agile: Agile is best suited for dynamic projects where requirements are expected to change frequently, such as web applications, mobile apps, or startups exploring new markets. It is ideal when rapid deployment is necessary and a working product needs to reach the user quickly.
• When to use Spiral: The Spiral model is reserved for massive, highly complex, and high-budget projects where a failure would be catastrophic. It is best used for mission-critical systems like aerospace software, military defense systems, or large-scale enterprise architectures where neutralizing risk is the absolute top priority.

---

Q. #.4. Discuss the Incremental Model. How does it improve upon the Waterfall Model in terms of flexibility and risk?

The Incremental Model Explained The Incremental process model combines elements of linear and iterative development. Instead of building the entire software system at once, the project is broken down into smaller, more manageable pieces called "increments."

• The first increment delivers the "core product" containing the most essential features.
• Subsequent increments add new features or expand the functionality of previous releases.
• Each increment passes through its own mini-lifecycle (Requirements, Design, Code, Test) and results in a working, deliverable piece of software.

Improvements Over the Waterfall Model

1. Improvement in Flexibility

• Waterfall: The Waterfall model is notoriously rigid. Once the requirement phase is signed off, it is incredibly difficult, expensive, and disruptive to change the scope.
• Incremental: It offers significant flexibility. Because the system is built in parts, developers can easily adjust the requirements for Increment 3 based on the user's feedback after they interact with Increment 1 and 2. It accommodates the natural evolution of user needs.

2. Improvement in Risk Management

• Waterfall: It carries massive risk because the customer does not see the working software until the very end of the project (the "Big Bang" delivery). If the initial requirements were misunderstood, the entire project fails, wasting immense time and money.
• Incremental: It drastically reduces overall project risk. By delivering core functionality early (in the first increment), the most critical parts of the system are tested by users immediately. If an error in logic or requirement occurs, it only affects a specific increment rather than the entire system, making it much cheaper and faster to correct.

---

Q. #.5. Define the term Software Quality, discuss tasks of SQA.

(Note: This is a high-frequency exam question, appearing similarly in multiple past papers).

Defining Software Quality Software Quality is the degree to which a software product meets the exact needs and expectations of its users. Specifically, it involves three pillars:

1. Functional Conformance: Meeting explicitly stated functional and performance requirements.
2. Standard Adherence: Following explicitly documented development standards and coding practices.
3. Implicit Characteristics: Exhibiting standard professional characteristics such as reliability, ease of use, security, and maintainability, even if not explicitly written in a contract.

Tasks of Software Quality Assurance (SQA) SQA is an umbrella activity applied throughout the software process. Its key tasks include:

• Preparing an SQA Plan: Defining the quality evaluations to be performed, the standards to be applied, and the procedures for reporting errors before development begins.
• Participating in the Process Description: Ensuring the software process chosen by the development team aligns with organizational policies.
• Conducting Formal Technical Reviews (FTR): Reviewing software engineering artifacts (like design models and code) with peers to uncover and remove errors early.
• Auditing Software Processes: Independently verifying that the developers are actually following the defined software processes and quality standards.
• Testing Oversight: SQA ensures that the testing strategy is properly planned, test cases are thorough, and testing is executed according to plan.
• Defect Tracking and Management: Documenting all bugs and deviations from standards, tracking them meticulously, and ensuring they are resolved by the development team.
• Reporting to Management: Providing objective project health metrics and risk assessments to senior management so they can make informed decisions.

---

Q. #.6. What is risk in software engineering? Differentiate between project risks, product risks, and business risks.

What is Risk in Software Engineering? In software engineering, a risk is a potential future problem or event that may or may not occur. If it does occur, it will have a negative impact on the project's schedule, budget, or the quality of the final software. Every risk is characterized by two factors: Uncertainty (the risk might happen, but it's not a 100% guarantee) and Loss (if the risk becomes a reality, unwanted consequences or losses will occur).

Differentiation of Risk Types

1. Project Risks

• Definition: These are risks that threaten the project plan itself. If they occur, the project schedule will slip, and the costs will increase.
• Focus: Budgets, schedules, personnel, and resources.
• Examples: High staff turnover (key developers leaving), lack of funding, poor estimations of time, or sudden changes in management directives.

2. Product Risks (Technical Risks)

• Definition: These are risks that threaten the quality, performance, or timeline of the software being built. If they occur, the software might become too difficult to implement or might fail to meet user expectations.
• Focus: Design, architecture, technology, and complexity.
• Examples: Choosing a brand-new, unproven framework that the team doesn't know; encountering unforeseen technical complexity; or dealing with hardware/software integration failures.

3. Business Risks

• Definition: These are risks that threaten the commercial viability of the software. A project could be completed perfectly on time and under budget (zero project or product risk), but still fail commercially due to a business risk.
• Focus: Market demand, strategy, and corporate alignment.
• Examples:
• Market Risk: Building an excellent product that nobody actually wants to buy.
• Strategic Risk: Building a product that no longer fits into the company's overall business strategy.
• Sales Risk: The sales force does not know how to sell the software.