CS 501: Software Engineering
Lecture 21
Reliability I
1
CS 501 Spring 2002
Administration
2
CS 501 Spring 2002
Principles for Dependable Systems
The human mind can encompass only limited complexity:
=> Comprehensibility
=> Simplicity
=> Partitioning of complexity
3
CS 501 Spring 2002
Principles for Dependable Systems
High-quality has to be built-in:
=> Each stage of development must be done well
=> Testing and correction does not lead to quality
=> Changes should be incorporated into the structure
4
CS 501 Spring 2002
Quality Management Processes
Assumption:
Good processes lead to good software
The importance of routine:
Standard terminology (requirements,
specification, design, etc.)
Software standards (naming conventions, etc.)
Internal and external documentation
Reporting procedures
5
CS 501 Spring 2002
Factors for Reliable Software
• Precise, unambiguous specification
•
Organization culture that expects quality
• Approach to software design and implementation that hides
complexity (e.g., structured design, object-oriented
programming)
•
Use of software tools that restrict or detect errors (e.g.,
strongly typed languages, source control systems, debuggers)
• Programming style that emphasizes simplicity, readability,
and avoidance of dangerous constructs
•
6
Incremental validation
CS 501 Spring 2002
Quality Management Processes
Change management:
Source code management and version control
Tracking of change requests and bug reports
Procedures for changing requirements
specifications, designs and other documentation
Release control
7
CS 501 Spring 2002
Process (Plan) Reviews
Objectives:
• To review progress against plan (formal or informal)
• To adjust plan (schedule, team assignments,
functionality, etc.)
Impact on quality:
Good quality systems usually result from plans that are
demanding but realistic
Good people like to be stretched and to work hard, but
must not be pressed beyond their capabilities.
8
CS 501 Spring 2002
Design and Code Reviews
DESIGN AND CODE REVIEWS ARE A FUNDAMENTAL
PART OF GOOD SOFTWARE DEVELOPMENT
Concept
Colleagues review each other's work:
can be applied to any stage of software development
can be formal or informal
Most effective when everybody prepares well.
9
CS 501 Spring 2002
Benefits of Design and Code Reviews
Benefits:
•
•
•
•
•
Extra eyes spot mistakes, suggest improvements
Colleagues share expertise; helps with training
An occasion to tidy loose ends
Incompatibilities between components can be identified
Helps scheduling and management control
Fundamental requirements:
• Senior team members must show leadership
• Must be helpful, not threatening
10
CS 501 Spring 2002
Review Team
Moderator -- ensures that the meeting moves ahead steadily
Scribe -- records discussion in a constructive manner
Developer -- person(s) whose work is being reviewed
Interested parties -- people above and below in the software
process
Outside experts -- knowledgeable people who have are not
working on this project
Client -- representatives of the client who are knowledgeable
about this part of the process
11
CS 501 Spring 2002
Example: Program Design
Moderator
Scribe
Developer -- the design team
Interested parties -- people who created the system design
and/or requirements specification, and the programmers who
will implement the system
Outside experts -- knowledgeable people who have are not
working on this project
Client -- only if the client has a strong technical representative
12
CS 501 Spring 2002
Process
Preparation
The developer provides colleagues with documentation
(e.g., specification or design), or code listing
Participants study the documentation in advance
Meeting
The developer leads the reviewers through the
documentation, describing what each section does and
encouraging questions
Must allow plenty of time and be prepared to continue on
another day.
13
CS 501 Spring 2002
Validation and Verification
Validation: Are we building the right product?
Verification: Are we building the product right?
In practice, it is sometimes difficult to distinguish between
the two.
That's not a bug. That's a feature!
14
CS 501 Spring 2002
Discussion of Pfleeger, Chapter 8
Format:
State a question.
Ask a member of the class to answer.
(Sorry if I pronounce your name wrongly.)
Provide opportunity for others to comment.
When answering:
Stand up.
Give your name or NetID. Make sure the TA hears it.
Speak clearly so that all the class can hear.
15
CS 501 Spring 2002
Q1: Failures and Faults
(a) Define the term failure.
(b) Define the term fault.
(c) What is the usual term for fault?
16
CS 501 Spring 2002
Q2. Types of Fault
What types of fault cause the following failures:
(a) A mathematical function loops for ever from rounding error.
(b) A distributed system hangs because of a concurrency problem.
(c) After a network is hit by lightning, it crashes on restart.
(d) A program dies because the programmer typed: x = 1 instead
of x == 1.
(e) The President is paid $5 a month instead of $10,005 because
the maximum salary allowed by the program is $10,000.
17
(f) An operating system fails because of a page-boundary error in
the firmware.
CS 501 Spring 2002
Q3. Testing
Define the following. Who carries out each
type of test?
(a) unit test
(b) integration test
(c) function test
(d) performance test
(e) acceptance test
(f) installation test
18
CS 501 Spring 2002
Q4. Inspection
(a) Define code inspection.
(b) How does a code inspection differ from a code review.
(c) The book makes some strong claims about the effectiveness
of code inspection. Do you believe the claims?
(d) A code inspection is a great deal of work. When is it
worthwhile?
19
CS 501 Spring 2002
Q5. Methods of Testing
(a) Define the terms:
closed box testing
open box testing
(b) What is the advantage of each approach?
(c) In each case, how do you set about selecting test cases?
20
CS 501 Spring 2002
Q6. Test Strategies
Define
(a) statement analysis.
(b) branch testing
If every statement and every branch is tested is the
program correct?
21
CS 501 Spring 2002
Q7. Static and dynamic analysis
(a) Define static analysis.
(b) Give examples of tools that can be used for static
analysis.
(c) A static tool like lint identifies some errors, but mainly
gives warnings. What is the use of the warnings.
(d) Define dynamic analysis.
(e) Give examples of tools that can be used for dynamic
analysis.
22
CS 501 Spring 2002