Validation - Engineering Software - Slides | CS 2220, Study notes of Software Engineering

Material Type: Notes; Class: Engineering Software; Subject: Computer Science; University: University of Virginia; Term: Fall 2006;

Typology: Study notes

Pre 2010

Uploaded on 03/09/2009

koofers-user-mg4-1
koofers-user-mg4-1 🇺🇸

5

(1)

10 documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
cs205: engineering software
university of virginia fall 2006
Validation
David Evans
www.cs.virginia.edu/cs205
2
cs205: engineering software
Dictionary Definition
val·i·date
1. To declare or make legally valid.
2. To mark with an indication of
official sanction.
3. To establish the soundness of;
corroborate.
Can we do any of these with software?
3
cs205: engineering software
Java’s License
READ THE TERMS OF THIS AGREEMENT AND ANY PROVI DED
SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT")
CAREFULLY BEFORE OPENING THE SOFTWARE ME DIA
PACKAGE. BY OPENING THE SOFTWARE MEDIA PACKAGE, YOU
AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU ARE
ACCESSING THE SOFTWARE ELECTRONICALLY, IN DICATE YOUR
ACCEPTANCE OF THESE TERMS BY SELECTING TH E "ACCEPT"
BUTTON AT THE END OF THIS AGREEMENT. IF YOU DO NOT
AGREE TO ALL THESE TERMS, PROMPTLY RETURN T HE UNUSED
SOFTWARE TO YOUR PLACE OF PURCHASE FOR A REFUND OR,
IF THE SOFTWARE IS ACCESSED ELECTRONICALL Y, SELECT THE
"DECLINE" BUTTON AT THE END OF THIS AGREEM ENT.
4
cs205: engineering software
Java’s License
5. LIMITATION OF LIABILITY. TO THE
EXTENT NOT PROHIBITED BY LAW, IN NO
EVENT WILL SUN OR ITS LICENSORS BE
LIABLE FOR ANY LOST REVENUE, PROFIT OR
DATA, OR FOR SPECIAL, INDIRECT,
CONSEQUENTIAL, INCIDENTAL OR PUNITIVE
DAMAGES, HOWEVER CAUSED REGARDLESS
OF THE THEORY OF LIABILITY, ARISING OUT
OF OR RELATED TO THE USE OF OR
INABILITY TO USE SOFTWARE, EVEN IF SUN
HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
5
cs205: engineering software
Java’s License
2. RESTRICTIONS. Unless
enforcement is prohibited by applicable
law, you may not modify, decompile, or
reverse engineer Software. You
acknowledge that Software is not
designed, licensed or intended for use
in the design, construction, operation or
maintenance of any nuclear
facility. Sun disclaims any express or
implied warranty of fitness for such
uses.
6
cs205: engineering software
Software Validation
Process designed to increase our
confidence that a program works as
intended
For complex programs, cannot often
make guarantees
This is why typical software licenses
don’t make any claims about their
program working
pf3
pf4

Partial preview of the text

Download Validation - Engineering Software - Slides | CS 2220 and more Study notes Software Engineering in PDF only on Docsity!

cs205: engineering software university of virginia fall 2006

Validation

David Evans www.cs.virginia.edu/cs205 (^) cs205: engineering software 2

Dictionary Definition

val·i·date

  1. To declare or make legally valid.
  2. To mark with an indication of official sanction.
  3. To establish the soundness of; corroborate.

Can we do any of these with software?

cs205: engineering software 3

Java’s License

READ THE TERMS OF THIS AGREEMENT AND ANY PROVIDED SUPPLEMENTAL LICENSE TERMS (COLLECTIVELY "AGREEMENT") CAREFULLY BEFORE OPENING THE SOFTWARE MEDIA PACKAGE. BY OPENING THE SOFTWARE MEDIA PACKAGE, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU ARE ACCESSING THE SOFTWARE ELECTRONICALLY, INDICATE YOUR ACCEPTANCE OF THESE TERMS BY SELECTING THE "ACCEPT" BUTTON AT THE END OF THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL THESE TERMS, PROMPTLY RETURN THE UNUSED SOFTWARE TO YOUR PLACE OF PURCHASE FOR A REFUND OR, IF THE SOFTWARE IS ACCESSED ELECTRONICALLY, SELECT THE "DECLINE" BUTTON AT THE END OF THIS AGREEMENT.

cs205: engineering software 4

Java’s License

  1. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF OR RELATED TO THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. …

cs205: engineering software 5

Java’s License

  1. RESTRICTIONS. … Unless enforcement is prohibited by applicable law, you may not modify, decompile, or reverse engineer Software. You acknowledge that Software is not designed, licensed or intended for use in the design, construction, operation or maintenance of any nuclear facility. Sun disclaims any express or implied warranty of fitness for such uses. cs205: engineering software 6

Software Validation

  • Process designed to increase our confidence that a program works as intended
  • For complex programs, cannot often make guarantees
  • This is why typical software licenses don’t make any claims about their program working

cs205: engineering software 7

Increasing Confidence

  • Testing
    • Run the program on set of inputs and check the results
  • Verification
    • Argue formally or informally that the program always works as intended
  • Analysis
    • Poor programmer’s verification: examine the source code to increase confidence that it works as intended cs205: engineering software 8

Testing and Fishing

Using some successful tests to conclude that a program has no bugs, is like concluding there are no fish in the lake because you didn’t catch one!

cs205: engineering software 9

Exhaustive Testing

  • Test all possible inputs
  • PS1: 50x50 grid, all cells can be either dead or alive before starting 22500 = (^3758280234548012036833624189723865048677365517592586770565238397822316814983377085357327257526588443337024577495260577603092278913516177656519073109687802364646940433162365621467244164785911318325) (^9372911122158018053174923277751557996989907514221396911799487734380204942162495440221452939078164756333953502477258490160766686298256791862284963616020887736583495016379018852302624744050739038203) (^2188892386109905869706753143243921198482212075444022433366554786856559389689585638126582377224037721702239991441466026185752651502936472280911018500320375496336749951569521541850441747925844066295) (^279671872605285792552660130702047998218334749356321677469529682551765858267502715894007887727250070780350262952377214028842297486263597879792176338220932619489509376) But that’s not all: all possible start stop step clicks, different platforms, how long to you need to run it, etc. cs205: engineering software 10

Selective Testing

  • We can’t test everything, pick test cases with high probability of finding flaws
  • Black-Box Testing: design tests looking only at specification
  • Glass-Box Testing: design tests looking at code - Path-complete: at least one test to exercise each path through code

cs205: engineering software 11

Black-Box Testing

Test all paths through the specification

public CellState getNextState () // MODIFIES: this // EFFECTS: Returns the next state for this cell. If a cell is currently // dead cell and has three live neighbors, then it becomes a live cell. // If a cell is currently alive and has two or three live neighbors it // remains alive. Otherwise, the cell dies.

cs205: engineering software 12

Test all paths through the specification:

  1. currently dead, three live neighbors
  2. currently alive, two live neighbors
  3. currently alive, three live neighbors
  4. currently dead, < 3 live neighbors
  5. currently dead, > 3 live neighbors
  6. currently alive, < 2 live neighbors
  7. currently alive, > 3 live neighbors

public CellState getNextState () // MODIFIES: this // EFFECTS: Returns the next state for this cell. If a cell is currently // dead cell and has three live neighbors, then it becomes a live cell. // If a cell is currently alive and has two or three live neighbors it // remains alive. Otherwise, the cell dies.

cs205: engineering software 19

Testing Recap

  • Testing can find problems, but can’t prove your program works - Since exhaustive testing is impossible, select test cases with maximum probability of finding bugs - A successful test case is one that reveals a bug in your program!
  • If we can’t test all possible paths through a program, how can we increase our confidence that it works? cs205: engineering software 20

Analysis

  • Make claims about all possible paths by examining the program code directly, not executing it
  • Use formal semantics of programming language to know what things mean
  • Use formal specifications of procedures to know that they do

cs205: engineering software 21

Hopelessness of Analysis

It is impossible to correctly determine if any interesting property is true for an arbitrary program!

The Halting Problem: it is impossible to write a program that determines if an arbitrary program halts.

cs205: engineering software 22

Compromises

  • Use imperfect automated tools:
    • Accept unsoundness and incompleteness
    • False positives: sometimes an analysis tool will report warnings for a program, when the program is actually okay (unsoundness)
    • False negatives: sometimes an analysis tool will report no warnings for a program, even when the program violates properties it checks (incompleteness)
  • Use informal reasoning
  • Design programs to modularize reasoning

cs205: engineering software 23

Charge

  • Next class:
    • ps2 hints
    • Exceptions, programming defensively