cleanroom method cs 415, software engineering ii mark ardis, rose-hulman institute march 20, 2003
Post on 23-Jan-2016
229 views
TRANSCRIPT
![Page 1: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/1.jpg)
Cleanroom Method
CS 415, Software Engineering II
Mark Ardis, Rose-Hulman Institute
March 20, 2003
![Page 2: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/2.jpg)
2
Outline
1. Harlan Mills2. Cleanroom method3. Industrial use of cleanroom
![Page 3: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/3.jpg)
3
Harlan Mills
1919 - 1996
![Page 4: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/4.jpg)
4
Mathematics and Programming
Roman accounting"to go from programming as an instinctive, intuitive process to a more systematic, constructive process"
![Page 5: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/5.jpg)
5
Cleanroom Method
Incremental (spiral)
Box structure specification and design
Design verification
No debugging
Statistical testing
![Page 6: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/6.jpg)
6
Box Structures
Black boxes: behavior only
State Boxes: behavior + state
Clear boxes: procedures
![Page 7: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/7.jpg)
7
Black Boxes
S1S2...Sn R
stimulus history response
![Page 8: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/8.jpg)
8
State Boxes
S R
stimulus, old state response, new state
State Data
![Page 9: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/9.jpg)
9
Clear Boxes
S R
stimulus, old state response, new state
State Data
Procedures
![Page 10: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/10.jpg)
10
Box Description Language (BDL)
Invocation: use <type> <name> <args>
Sequence: do B1; B2 od
Alternation: if <cond> then B1 else B2 fi
Iteration: while <cond> do B od
![Page 11: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/11.jpg)
11
Box Structure Hierarchy
BB
SB
CB
BB BB BB
SB SB SB
CB CB CB
![Page 12: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/12.jpg)
12
Cartoon of the Day (1/3)
![Page 13: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/13.jpg)
13
Cartoon of the Day (2/3)
![Page 14: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/14.jpg)
14
Cartoon of the Day (3/3)
![Page 15: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/15.jpg)
15
Design Verification
Procedures in BDL are checked for correctness with their higher-level descriptionsAll boxes (and all procedures) describe functionsFormal proofs of correctness can be performed (but often informal proofs are done, instead)
![Page 16: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/16.jpg)
16
Verification of Sequence
Given a high-level function [f] for statement: do [g]; [h] od
Does [g] followed by [h] compute the same function as [f]?
Example:[f](x) = 2 * x + 7[g](x) = 2 * x[h](x) = x + 7
![Page 17: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/17.jpg)
17
Verification of Selection
Given a high-level function [f] for statement:
if <cond> then[g]else[h]fi
1. Whenever <cond> is true, does [g] compute the same function as [f]?
2. Whenever <cond> is false, does [h] compute the same function as [f]?
![Page 18: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/18.jpg)
18
Verification of Iteration
Given a high-level function [f] for statement:
while <cond> do[g]od
1. Whenever <cond> is true, does [g] followed by [f] compute the same function as [f]?
2. Does the loop always terminate?3. Whenever <cond> is false, does the empty
function compute the same function as [f]?
![Page 19: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/19.jpg)
19
Usage Testing
Develop an operational profile of use
Generate random tests that fit the probabilities
![Page 20: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/20.jpg)
20
Example
FunctionUsage Probability
Distribution Interval
Update 32% 0-31
Delete 14% 32-45
Query 46% 46-91
Print 8% 92-99
![Page 21: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/21.jpg)
21
Test Generation
TestRandom Numbers Test Cases
1 29, 11, 47, 52, 26, 94
U, U, Q,Q, U, P
2 62, 98, 39, 78, 82, 65
Q, P, D,Q, Q, Q
3 83, 32, 58, 41, 36, 17
Q, D, Q,D, D, U
4 36, 49, 96, 82, 20, 77
D, Q, P,Q, U, Q
![Page 22: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/22.jpg)
22
Industrial Use
Used in a few areas of IBM
Used by some military contractors
Tried at NASA
![Page 23: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/23.jpg)
23
Software Engineering Laboratory (SEL)
Joint program of NASA Goddard Space Center, Computer Sciences Corporation, and the University of Maryland
Conduct experiments and case studies on new software technology
![Page 24: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/24.jpg)
24
SEL Experience
First trial at University of Maryland controlled experiment (10 experiment teams,
5 control teams FORTRAN 1.5 KLOC
3 case studies at Goddard flight-dynamics ground support systems FORTRAN 40 KLOC, 22 KLOC, 160 KLOC
![Page 25: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/25.jpg)
25
SEL Results – University Experiment
Cleanroom teams use fewer computer resources satisfy requirements more successfully make higher percentage of scheduled
deliveries
![Page 26: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/26.jpg)
26
SEL Results – Goddard
More effort spent in design
Better reliability of final product
Smaller projects achieve higher productivity, but large project just average
![Page 27: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/27.jpg)
27
Summary
Cleanroom may be an effective method for achieving higher reliability
Requires some culture change (no debugging)
Still being investigated by researchers and practitioners
![Page 28: Cleanroom Method CS 415, Software Engineering II Mark Ardis, Rose-Hulman Institute March 20, 2003](https://reader036.vdocuments.mx/reader036/viewer/2022062309/56649d545503460f94a314e3/html5/thumbnails/28.jpg)
28
References
Victor Basili and Scott Green, "Software process evolution at the SEL", IEEE Software 11(4), 58-66, July 1994.