Cleanroom Software Engineering: History, Principles, and Process, Papers of Computer Science

An overview of cleanroom software engineering, a software development approach inspired by the cleanroom manufacturing process. The history of cleanroom software engineering, its key characteristics, and the development process. It also includes examples of cleanroom projects and their reliability results.

Typology: Papers

Pre 2010

Uploaded on 08/05/2009

koofers-user-v7s
koofers-user-v7s 🇺🇸

10 documents

1 / 8

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
Mary Jean Harrold 1
Cleanroom Software Engineering
Cleanroom Software Engineering
Mary Jean Harrold 2
Cleanroom Software Engineering
History
Before 1987
yCleanroom (physical) used for manufacturing
integrated circuits to prevent introduction of defects
into the product
yHarlan Mills (IBM) saw success of cleanroom for
integrated circuits at IBM and thought “why not use
the same approach for software?”
pf3
pf4
pf5
pf8

Partial preview of the text

Download Cleanroom Software Engineering: History, Principles, and Process and more Papers Computer Science in PDF only on Docsity!

Cleanroom Software Engineering Mary Jean Harrold 1

Cleanroom Software Engineering

History

Before 1987

y Cleanroom (physical) used for manufacturing integrated circuits to prevent introduction of defects into the product y Harlan Mills (IBM) saw success of cleanroom for integrated circuits at IBM and thought “why not use the same approach for software?”

Cleanroom Software Engineering Mary Jean Harrold 3

History (cont’d)

y Mills, Dyer, Linger: First paper on cleanroom software engineering

1990’s

y Other papers showing results of using cleanroom y Other important contributors to development of cleanroom are Richard Linger, Jesse Poore, Richard Cobb

Cleanroom Software Engineering

Developers (and advocates) of cleanroom

software engineering

y Claim that zero defect development is possible y Use structured design techniques but no unit testing is performed y Testing is done statistically after the system is developed y Development is done in increments, each of which is deliverable

Cleanroom Software Engineering Mary Jean Harrold 7

Characteristics of Cleanroom

Development Process (cont’d)

Static verification

y Statistically verified using mathematically-based correctness arguments y Code components are not executed or tested in any way

Statistical testing

y Integrated software increment is tested statistically to determine reliability y Statistical tests based on operational profile (developed in parallel with the system specification)

Process

y Three teams: specification, development,

certification

y Team size < 14

y Incremental development means that work can

be done in parallel by team members after

specification is done

Cleanroom Software Engineering Mary Jean Harrold 9

Specification

First task: complete the specification document y Recommendation: three parts

  1. External specification—user’s reference manual y Defines look and feel from user’s perspective and all interfaces with software y Includes details on system environment, application environment, system use, etc.
  2. Internal specification—mathematical Completely states the mathematical function of the system
  3. Expected-usage profile—software’s anticipated use

Construction Plan

Next task, determine development and

certification sequence

y Decompose specification into executable increments y Typical system < 100KLOC y Increment: 2 - 15KLOC y Each increment End - to – End y Overlapped development of increments y 12 - 18 weeks from beginning of specification to end of test y (Partitioning is difficult and critical)

Cleanroom Software Engineering Mary Jean Harrold 13

Static Verification

y No program execution allowed (but syntax checking ok) y Prime program decomposition (single entry/exit sequence, conditional, iteration) y Program function: description of prime programs; various degrees of formality; top-down refinement y Correctness conditions: bottom-up verification; things to check for each kind of prime program y No debuggingÆ cheap y Inspection-based: informal presentation of proofs y Results in very small program segments y Example: 3300 LOCÆ 600 control structures, 1000 correctness conditions

Construction Plan

Next task (cont’d)

y For each increment y Design and build increment top down

  • black box Æ state box Æ clear box (more later)
  • Implement each increment by stepwise refinement of clear boxes to executable code
  • Verify that code performs according to its specification using functional verification arguments) y Certify each increment
  • Use expected-usage profile and external spec to create test cases
  • Compile each new increment, integrate with any previous, tests

Cleanroom Software Engineering Mary Jean Harrold 15

Statistical Usage Testing

y Certification of reliability

y Process control

y Cost-effective orientation

y Guidelines for test completion (desired reliability

reached) or redesign (too many failures found)

y Stratification mechanism for dealing with critical

situations

y (But how to feed back the results of testing to

the development team)

Testing Process

y Usage distribution models; other software, earlier versions, analysis y Construct Markov usage chain / probability matrix y Computations of P (proportion of time spent in each state), n (number of states visited before a given state is reached), and s (number of tests needed to reach a state). y Random test generation (some design required here to deal with constraints) y Test execution and test chain generation, including failure states y Calculations of R (reliability), MTBF (mean time between failures), and D (divergence of test chain from usage chain)