CSCI-6961/ECSE-6780:Software Engineering II
• Class: Mondays and Thursdays 4-5:20 pm, Carnegie 201• Instructor: Ana Milanova• Email: [email protected]• Office: Lally Hall 314• Phone: 518-276-6887• Office hours: Wednesdays 12-2pm, or by appointment
• Web: www.cs.rpi.edu/~milanova/csci6961/• Syllabus: www.cs.rpi.edu/~milanova/csci6961/syllabus.html
What is Software Engineering II?
• Catalog: Current techniques in software engineering with topics selected from economics, reusability, reliable software, program analysis, reverse engineering, CASE tools, automatic code generation, and project management techniques.
• Our focus: Program analysis and its applications to software engineering, especially towards techniques and tools for improving software quality and reliability
Program Analysis
• Program analysis is a technique that reasons about the run-time behavior of the program– Static program analysis – reasoning is done statically,
before program execution– Dynamic program analysis – reasoning is done
dynamically, during program execution
• We will focus on static program analysis– Traditional application – compiler optimization– New application – software engineering tools, especially
tools for improving software quality and reliability
Software Quality and Reliability • Development
– Requirements Analysis– Domain Analysis– Design– Implementation
– Testing/Validation
• Maintenance– Enhancements– Bug fixes– Etc.
Only about 5 to 10% of cost!
90 to 95% of cost!
DEPLOYMENT/RELEASE
Economic Impact
• National Institute of Standards and Technology study– On CNN.com – April 27th, 2003
– “Last year, a study commissioned by the National Institute of Standards and Technology found that software errors cost the U.S. economy $59.5 billion annually, or about 0.6 percent of the gross domestic product. More than half the costs are borne by software users, the rest by developers and vendors.”
Beyond Dollar Costs• “Software Engineering: Report on a Conference
Sponsored by the NATO Science Committee, Brussels, NATO Scientific Affairs Division,” 1968, p. 121– An error in an aircraft design program contributed to
several serious air crashes
• “Software and its Impact: A Quantitative Assessment,” by B.W. Boehm, Datamation, 19(5), 48-59 (1973)– Errors in medical software have caused deaths
Expectations
• Can’t we expect software to execute correctly?
• Carefully made programs– 5 faults/1000 LOC– 5000 faults/1M LOC
• Windows XP has about 45M LOC– 45 x 5000 = 225,000
Goals of the Course
• Learn about techniques for testing and validation– Software testing --- systematic execution of the
software• Learn/review fundamentals of testing
– Static program analysis --- track flow of control and data without execution of the software
• Learn some theory of program analysis, learn about applications of program analysis towards testing and validation
• Traditional static program analysis (data-flow analysis)
– Dynamic program analysis --- track flow of control and data during execution of the software
Syllabus• Course Material
– Static Program Analysis– Fundamentals of Software Testing– Dynamic Program Analysis
• Expected Work– Project (50%)– Midterm (20%)– Homework (15%)– Presentation of a research paper (15%)
• Textbooks
Prerequisites• SD&D/Software Engineering I
• Java – Helpful to know, but other OO programming
will work too
• You will need a UNIX account on the CS system for the class project– Let me know if you don’t have one
Testing: Decades of Experience
Test Case
Software Under Test
Output
Good Coverage?
Test case Generation(can be automated)
Validation(can be automated)
Yes
No
Executes the software.
Limitations of Testing• Not enough!
• Kinds of bugs difficult to reveal with testing– Resource leakage bugs
• Buffer overflows• Memory leaks
– Concurrency related bugs• Data races• Atomicity violations• Deadlocks
Static Program Analysis: Recently
StaticAnalysis Tool
Warnings
Specification --- what bugs to look for?
(optional)
Examine warningsand fix bugs
Software Under Check
Examines the source code,without execution.
A Growing Area…
• Microsoft – investment in static analysis tools for C/C++ with good results
• IBM – less, mostly in the J2EE area (some tools are available through the Eclipse project).
• NASA, US Navy
• Successful companies with hundreds, even thousands of clients
Our class, once again: techniques for improving software quality and
reliability• Static program analysis (data-flow analysis)
– Theory, applications and tools
• Fundamentals of software testing– Review testing techniques, apply data-flow
analysis in testing
• Dynamic analysis– Applications and tools.
Some Notable Software Bugs…
• A collection of notable software bugs– Thanks to Atif Memon, University of Maryland
Mars Climate Orbiter
• Purpose: to relay signals from the Mars Polar Lander once it reached the surface
• Disaster: smashed into the planet instead of reaching a safe orbit
• Why: Software bug – failure to convert English measures to metric values
• $165M
Shooting Down of Airbus 300
• 1988
• USS Vincennes shot down an Airbus 300
• Mistook the Airbus 300 for an F-14
• 290 people dead
• Why: Software bug --- cryptic and misleading output displayed by the tracking software
THERAC-25 Radiation Therapy
• THERAC-25, a computer controlled radiation-therapy machine
• 1986: two cancer patients at the East Texas Cancer Center in Tyler received fatal radiation overdoses
• Why: Software bug --- a race condition (i.e., miscoordination between concurrent tasks)
London Ambulance Service
• London Ambulance Service Computer Aided Dispatch (LASCAD)
• Purpose: automate many of the human-intensive processes of manual dispatch associated with ambulance service– Functions: Call tracking
• Failure of the London Ambulance Service on 26 and 27 November 1992
“Nice of You to Turn Up”
• Load increased• Emergencies accumulated• System made incorrect allocations
– More than one ambulance being sent to the same incident
– The closest vehicle was not chosen for the emergency
• At 23:00 on November 28 the LAS eventually went to a back-up procedure after at least 20 patients die
More…• “The development of software for ballistic-missile
defense,” by H. Lin, Scientific American, vol. 253, no. 6 (Dec. 1995), p. 48
– An Air New Zealand airliner crashed into an Antarctic mountain
– North American Aerospace Defense Command reported that the US was under missile attack; traced to faulty computer software that generated incorrect signals
– Manned space capsule Gemini V missed its landing point by 100 miles
More• “Ghost in the Machine,” Time Magazine, Jan. 29,
1990. p. 58– Dallas/Fort Worth air-traffic system began spitting out
gibberish in the Fall of 1989 and controllers had to track planes on paper
• Software Reliability: Principles and Practice, p. 25, by G. J. Myers– Apollo 8 spacecraft erased part of the compute
r’s memory– Eighteen errors were detected during the 10-
day flight of Apollo 14
More…
– An error in a single FORTRAN statement resulted in the loss of the first American probe to Venus
– An Airbus 320 crashes at an air show– A China Airlines Airbus A300 crashes on April
26, 1994 killing 264– Ariane 5 satellite launcher malfunction was
caused by a faulty software exception routine
More…
• CNN.com– A poorly programmed ground-based warning
system was partly responsible for the 1997 Korean Air crash in Guam that killed 228 people
– Faulty software in anti-lock brakes forced the recall of 39,000 trucks and tractors and 6,000 school buses in 2000
• AND MANY MORE OF COURSE…
Top Related