1 / 19

High Integrity Software Development

High Integrity Software Development. Chapter 1. Introduction. S oftware is pervasive G rowth in embedded software. High Integrity Software. We refer to software that has a higher than normal expectation of correctness as high integrity software .

llanos
Download Presentation

High Integrity Software Development

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. High Integrity SoftwareDevelopment Chapter 1

  2. Introduction • Software is pervasive • Growth in embedded software

  3. High Integrity Software • We refer to software that has a higher than normal expectation of correctness as high integrity software. • A concept closely related to that of high integrity software is that of critical software. • The term critical software applies to software that poses dangers should it fail.

  4. Business Critical Software • Failure of business critical software could adversely affect the economic success of an enterprise. • examples include the software used to control a bank’s ATM transactions and software aimed at providing security for sensitive information.

  5. Mission Critical Software • Failure in mission critical software, on the other hand, could impair the goal of the given mission. • Examples here include such applications as satellites

  6. Mission Critical Software • Nuclear power plants and rocket launching systems

  7. Safety Critical Software • Failure of safety critical software could result in harm to people, property or the environment. Examples include medical control software and air traffic control software.

  8. Importance of the Specification • When we say that a piece of software contains an ‘error’ we mean it does not behave as expected. There could be two reasons for this: • either the software does not conform to its specification • or there are errors or omissions in the original specification.

  9. Limitations to Testing • Testing cannot take place until some implementation is available. • Testing can only help to uncover errors – it cannot guarantee the absence of them. • Testing is always carried out with respect to requirements as laid down in the specification.

  10. Ambiguities in Specification

  11. UML Diagram

  12. Ambiguities in Specification • withdraw: receives a requested amount to withdraw from the bank account and, if there are sufficient funds in the account, meets the request. Returns a Boolean value indicating success or failure of the attempt to withdraw money from the account.

  13. Formal Methods • A formal method provides a formal language in which to express the initial specification and all future design steps towards the final program. These design steps are often referred to as transformations.

  14. Advantages of Formal Methods • Formal specifications can help considerably in generating suitable test cases. • The discipline required in producing a formal specification of user requirements and allows for feedback on system specifications at early development stages. • Important properties (such as internal consistency) of the initial specification can be checked mathematically and incorporated as run-time checks in the final program. • Proofs can help uncover design errors as soon as they are made, rather than having to wait for testing of the final implementation. • A proof of program correctness can be constructed that is a much more robust method of achieving program correctness than is testing alone.

  15. Lightweight Formal Methods

  16. Exercise 1. Identify five examples of safety critical software and try and rank them in terms of their levels of integrity. 2. Give an example of software that is both mission and safety critical. 3. Explain why testing cannot guarantee that a program is correct. 4. Why is natural language a poor choice for expressing specifications?

  17. Exercise 5. Identify any weaknesses in the following requirements definition: ‘Software is required to monitor a collection of documents kept in a library. There may be multiple copies of each document. Some of the documents are deemed to be of high importance. Documents can be borrowed from the library by certain members of staff. There must always be at least one copy of any document deemed to be of high importance left in the library. All other documents may be removed. The software needs to record each document’s identity code (consisting of letters and numbers), and whether or not it is of high importance, as well as the number of copies. Documents can be removed from the library only by providing the correct document code.’

  18. Any Questions?

More Related