Verification and Validation
|
|
- Alan Richards
- 5 years ago
- Views:
Transcription
1 Verification and Validation Minsoo Ryu Hanyang University
2 Topics Covered 1. Verification and Validation 2. Software Inspections 3. Automated Static Analysis 4. Verification and Formal Methods 2 2
3 1. Verification vs. Validation (Boehm) Verification "Are we building the product right The software should conform to its specification Validation "Are we building the right product. The software should do what the user really requires Validation is a more general process and goes beyond the verification 3 3
4 V & V goals Verification and validation should establish confidence that the software is fit for purpose This does NOT mean completely free of defects Rather, it must be good enough for its intended use and the type of use will determine the degree of confidence that is needed 4 4
5 Two Complementary Approaches in V & V Software inspections Analyze and check work products such as the requirements document, design diagrams, and the program source code Concerned with analysis of the static system representation to discover problems (static verification) Software testing Run an implementation of the software with test data Concerned with exercising and observing product behaviour (dynamic verification) 5 5
6 Topics Covered 1. Verification and Validation 2. Software Inspections 3. Automated Static Analysis 4. Verification and Formal Methods 6 6
7 2. Software inspections Software inspections generally focus on source code The purpose is to find errors, omissions, and anomalies Three major advantages over testing During testing, errors can mask (hide) other errors Incomplete versions of a system can be inspected without additional cost As well as searching for program defects, an inspection can also consider broader quality attributes of a program such as compliance with standards, portability, and maintainability 7 7
8 Success of Inspections Fagan (1986) reported that more than 60% of the errors in a program can be detected using informal program inspections Mills et al. (1987) suggest that a more formal approach to inspection can detect more than 90% of the errors in a program Selby and Basili (1987) empirically compared the effectiveness of inspections and testing They found that static code reviewing was more effective and less expensive than defect testing in discovering program faults 8 8
9 Failure of Inspections It has proven to be difficult to introduce formal inspections into many software development organizations Software engineers with program testing experience are sometimes reluctant to accept that inspections can be more effective for defect detection than testing Managers may be suspicious because inspections require additional costs during design and development It is difficult to convince a hard-pressed manager that this time can be made up later because less time will be spent on program debugging 9 9
10 The Program Inspection Process The notion of a formalized inspection process was first developed at IBM in the 1970s (Fagan) Four roles: author, reader, tester, and moderator The reader reads the code aloud to the inspection team, the tester inspects the code from the testing perspective, and the moderator organizes the process A number of alternative approaches (Gilb and Graham, 1993) have been developed These are all based on a team with members from different backgrounds making a careful, line-by-line review of the program source code 10 10
11 The Program Inspection Process Grady and Van Slack (1994) suggested six roles They do not think that reading the program aloud is necessary The same person can take more than one role 11 11
12 Inspection roles Author or owner Inspector Reader Scribe Chairman or moderator Chief moderator The programmer or designer responsible for producing the program or document. Responsible for fixing defects discovered during the inspection process. Finds errors, omissions and inconsistencies in programs and documents. May also identify broader issues that are outside the scope of the inspection team. Presents the code or document at an inspection meeting. Records the results of the inspection meeting. Manages the process and facilitates the inspection. Reports process results to the Chief moderator. Responsible for inspection process improvements, checklist updating, standards development etc
13 Inspection Pre-conditions A precise specification must be available Team members must be familiar with the organisation standards Syntactically correct (compilable) code or other system representations must be available 13 13
14 The Inspection Process (by Michael Fagan in the mid-1970s) 14 14
15 Planning The Inspection Process The moderator selects an inspection team, organizing a meeting room, and ensure that the material to be inspected and its specifications are complete Overview The program to be inspected is presented to the inspection team The author describes what the program is intended to do Individual preparation Each inspection team member studies the specification and the program and looks for defects in the code 15 15
16 Inspection meeting The Inspection Process Focus on defect detection, standards conformance, and poor quality programming Suggest how these defects should be corrected This meeting should be fairly short (no more than two hours) Rework The program s author should make changes to correct the identified problems Follow-up The moderator should decide whether a reinspection is required and that defects have been successfully fixed The program is then approved by the moderator for release 16 16
17 Inspection Checklists During an inspection, a checklist of common programmer errors is often used to focus the discussion The checklist varies according to programming language Glib and Graham emphasize that each organization should develop its own inspection checklist based on local standards and practices 17 17
18 Inspection Checks 1 Data faults Control faults Input/output faults Are all program variables initialised before their values are used? Have all constants been named? Should the upper bound of arrays be equal to the size of the array or Size -1? If character strings are used, is a de limiter explicitly assigned? Is there any possibility of buffer overflow? For each conditional statement, is the condition correct? Is each loop certain to terminate? Are compound statements correctly bracketed? In case statements, are all possible cases accounted for? If a break is required after each case in case statements, has it been included? Are all input variables used? Are all output variables assigned a value before they are output? Can unexpected inputs cause corruption? 18 18
19 Inspection Checks 2 Interface faults Storage management faults Exception management faults Do all function and method calls have the correct number of parameters? Do formal and actual parameter types match? Are the parameters in the right order? If components access shared memory, do they have the same model of the shared memory structure? If a linked structure is modified, have all links been correctly reassigned? If dynamic storage is used, has space been allocated correctly? Is space explicitly de-allocated after it is no longer required? Have all possible error conditions been taken into account? 19 19
20 Inspection time Inspection Rates 500 statements/hour during overview 125 source statement/hour during individual preparation statements/hour can be inspected Inspection is therefore an expensive process The cost of inspecting 100 lines of code is roughly equivalent to one person-day effort However, the effort required for the program inspection is probably less than half the effort that would be required for equivalent defect testing 20 20
21 Lightweight Code Review Over-the-Shoulder: The reviewer physically looks over the author's shoulder and is walked through the code Pros: Easy to implement, no tools required Cons: Interrupts reviewers, hard to know which code is reviewed, impossible to measure Pass-Around: Code differences are ed automatically by the version control system. Reviewers respond to changes when they have time Pros: Easy to set up, nothing to purchase, works remotely Cons: No tracking -- don't know if found defects were fixed, often reviews never happen because everyone assumes someone else looked at it, no metrics; reviews "fizzle out instead of finishing. Hard to follow conversations as s get replied to and forwarded among several people 21 21
22 Lightweight Code Review Tool-Based Review: Use a development tool specifically designed to assist in code review. A variety of open-source and commercial tools exist Pros: Removes most of the busywork associated with filecollection, discussion/defect management, and metrics/reporting. Tracks reviews and defects. Cons: Have to learn and integrate another tool, can cost money. Pair-Programming: Two developers at the same keyboard and monitor working on the code together Pros: Deep level of review; teams know review is happening but it's difficult to track. Cons: Large time investment, some developers dislike it. Requires coordinating with someone else's schedule
23 Social Aspects of Code Review The Ego Effect Personal Growth Negative Emotions 23 23
24 The Ego Effect Peer review invokes the ego Jerry always forgets to check for NULL. Immediate improvement in code quality Senior developers stop being lazy Still works with 33% review coverage 24 24
25 Personal Growth if ( integrate.equals( s ) ) Surprising Effects Learning not related to the goal of the review Reviewer learns too Fun! 25 25
26 The Big Brother Effect Negative Emotions Hurt feelings 26 26
27 Topics Covered 1. Verification and Validation 2. Software Inspections 3. Automated Static Analysis 4. Verification and Formal Methods 27 27
28 3. Automated Static Analysis Static analyzers are software tools for source text processing They parse the program text and try to discover potentially erroneous conditions and bring these to the attention of the V & V team They are very effective as an aid to inspections - they are a supplement to but not a replacement for inspections 28 28
29 Static Analysis Checks Fault class Data faults Control faults Input/output faults Interface faults Storage management faults Static analysis check Variables used before initialisation Variables declared but never used Variables assigned twice but never used between assignments Possible array bound violations Undeclared variables Unreachable code Unconditional branches into loops Variables output twice with no intervening assignment Parameter type mismatches Parameter number mismatches Non-usage of the results of functions Uncalled functions and procedures Unassigned pointers Pointer arithmetic 29 29
30 Stages of Static Analysis Control flow analysis Checks for loops with multiple exit or entry points, finds unreachable code, etc. Data use analysis Detects uninitialized variables, variables written twice without an intervening assignment, variables which are declared but never used, etc. Interface analysis Checks the consistency of routine and procedure declarations and their use 30 30
31 Stages of Static Analysis Information flow analysis Identifies the dependencies of output variables Does not detect anomalies itself but highlights information for code inspection or review Path analysis Identifies paths through the program and sets out the statements executed in that path Again, potentially useful in the review process Both these stages generate vast amounts of information They must be used with care 31 31
32 Static Analyzers for C Static analyzers are particularly valuable when C is used C does not have strict type rules and error-prone features such as pointers C, C++, and Java are weakly typed language since they provide a number of ways to get around the type system such as casts and implicit conversion But Java has removed some error-prone features All variables must be initialized No goto statements, so unreachable code is less likely to be created Storage management is automatic 32 32
33 Static Analyzers for C Coverity (originated from Stanford Checker) Uses model checking to verify source correctness Its most notable use was under a Department of Homeland Security contract, in which it was used to examine 32 Free and open source applications for bugs (many of which have since been fixed) CCured (UC Berkeley) Is a source-to-source translator for C It analyzes the C program to determine the smallest number of runtime checks that must be inserted in the program to prevent all memory safety violations The resulting program is memory safe, meaning that it will stop rather than overrun a buffer or scribble over memory that it shouldn't touch
34 Introspector (GCC) Static Analyzers for C Is a software tool to explore the structure of programs that can be compiled with the GNU Compiler Collection The project was started in early 2002, and made a release in November 2003 It has been restarted in November 2004 and is gaining new form Others HP Code Advisor MS Visual Studio (VS2005) 34 34
35 Lint Lint was the original name given to a particular tool that flagged suspicious and non-portable constructs (i.e., likely to be bugs) in C language source code The term is now applied generically to tools that flag suspicious usage in software written in any computer language The term lint-like behavior is sometimes applied to the process of flagging suspicious language usage Lint-like tools generally perform static analysis of source code Lint first appeared (outside of Bell Labs) in the seventh version (V7) of the UNIX operating system in 1979 It was a part of PCC, the Portable C Compiler, which was a second compiler included with that system (aside from the principal PDP-11 compiler) 35 35
36 Lint Static Analysis 138% more lint_ex.c #include <stdio.h> printarray (Anarray) int Anarray; { printf( %d?anarray); } main () { int Anarray[5]; int i; char c; printarray (Anarray, i, c); printarray (Anarray) ; } 139% cc lint_ex.c 140% lint lint_ex.c lint_ex.c(10): warning: c may be used before set lint_ex.c(10): warning: i may be used before set printarray: variable # of args. lint_ex.c(4) :: lint_ex.c(10) printarray, arg. 1 used inconsistently lint_ex.c(4) :: lint_ex.c(10) printarray, arg. 1 used inconsistently lint_ex.c(4) :: lint_ex.c(11) printf returns value which is always ignored 36 36
37 Topics Covered 1. Verification and Validation 2. Software Inspections 3. Automated Static Analysis 4. Verification and Formal Methods 37 37
38 4. Verification and Formal Methods Formal methods are based on mathematical representations of the software, usually a formal specification Formal methods are mainly concerned with mathematical analysis of the specification They transform the specification to a more detailed, semantically equivalent representation and/or formally verify that one representation of the system is semantically equivalent to another representation They are the ultimate static verification technique 38 38
39 Cost of Formal Methods Verifying a nontrivial software takes a great deal of time and requires specialized tools such as theorem provers and mathematical expertise It is therefore an extremely expensive process and, as the system size increases, the costs of formal verification increase disproportionately Many people think that formal verification is not costeffective The same level of confidence can be achieved more cheaply by using other validation techniques such as inspection and system testing 39 39
40 Reliability and Formal Methods It is sometimes claimed that the use of formal methods for system development leads to more reliable and safer systems However, formal specification and proof do not guarantee that the software will be reliable in practical use The specification may not reflect the real requirements of system users The proof may contain errors The proof may assume a usage pattern which is incorrect 40 40
Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 22 Slide 1
Verification and Validation Slide 1 Objectives To introduce software verification and validation and to discuss the distinction between them To describe the program inspection process and its role in V
More informationObjectives. Chapter 19. Verification vs. validation. Topics covered. Static and dynamic verification. The V&V process
Objectives Chapter 19 Verification and Validation Assuring that a software system meets a user s need are to introduce software verification and validation (V&V) and to discuss the distinction between
More informationVerification and Validation
Verification and Validation Assuring that a software system meets a user's needs Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 19 Slide 1 Objectives To introduce software verification
More informationΗΜΥ 317 Τεχνολογία Υπολογισμού
ΗΜΥ 317 Τεχνολογία Υπολογισμού Εαρινό Εξάμηνο 2008 ΙΑΛΕΞΕΙΣ 18-19: Έλεγχος και Πιστοποίηση Λειτουργίας ΧΑΡΗΣ ΘΕΟΧΑΡΙ ΗΣ Λέκτορας ΗΜΜΥ (ttheocharides@ucy.ac.cy) [Προσαρμογή από Ian Sommerville, Software
More informationIngegneria del Software II academic year: Course Web-site: [www.di.univaq.it/ingegneria2/]
Course: Ingegneria del Software II academic year: 2004-2005 Course Web-site: [www.di.univaq.it/ingegneria2/] Verification and Validation Lecturer: Henry Muccini and Vittorio Cortellessa Computer Science
More informationPart 5. Verification and Validation
Software Engineering Part 5. Verification and Validation - Verification and Validation - Software Testing Ver. 1.7 This lecture note is based on materials from Ian Sommerville 2006. Anyone can use this
More informationStatic and dynamic Testing
Static and dynamic Testing Static testing Requirements specification High-level design Formal specification Detailed design Program Prototype Dynamic testing Ian Sommerville 1995 Software Engineering,
More informationVerification and Validation
Steven Zeil February 13, 2013 Contents 1 The Process 3 1 2 Non-Testing V&V 7 2.1 Code Review....... 8 2.2 Mathematically-based verification......................... 19 2.3 Static analysis tools... 23 2.4
More informationVerification and Validation
Steven Zeil February 13, 2013 Contents 1 The Process 2 2 Non-Testing V&V 3 2.1 Code Review........... 4 2.2 Mathematically-based verification.................................. 8 2.3 Static analysis tools.......
More informationVerification Using Static Analysis
Verification Using Static Analysis Outline Today we will discuss static analysis and how it differs from dynamic analysis We will also look at the different types of static analysis including: Control
More informationVerification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1
Verification and Validation 1 Objectives To introduce software verification and validation and to discuss the distinction between them To describe the program inspection process and its role in V & V To
More informationVerification and Validation. Assuring that a software system meets a user s needs. Verification vs Validation. The V & V Process
Verification and Validation Assuring that a software system meets a user s needs Ian Sommerville 1995/2000 (Modified by Spiros Mancoridis 1999) Software Engineering, 6th edition. Chapters 19,20 Slide 1
More informationVerification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1
Verification and Validation Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1 Verification vs validation Verification: "Are we building the product right?. The software should
More informationLecture 9. Verification and Validation. Assuring that a software system meets a user's needs. Tutorial Questions. Verification and Validation
ICT 381 SOFTWARE ENGINEERING Lance Fung School of Information Technology Lecture 9 Verification and Validation Ref: Sommerville I., Software Engineering, 6th Edition, Chapter 19 Slide 1 Slide 2 Tutorial
More informationLearning outcomes. Systems Engineering. Debugging Process. Debugging Process. Review
Systems Engineering Lecture 9 System Verification II Dr. Joanna Bryson Dr. Leon Watts University of Bath Department of Computer Science 1 Learning outcomes After both lectures and doing the reading, you
More informationSoftware Testing. Software Testing
Software Testing Software Testing Error: mistake made by the programmer/ developer Fault: a incorrect piece of code/document (i.e., bug) Failure: result of a fault Goal of software testing: Cause failures
More informationCS314 Software Engineering Peer Reviews
CS314 Software Engineering Peer Reviews Dave Matthews 1 Peer Reviews Informal Over the shoulder Tool assisted (like GitHub pull request reviews) Email pass around Pair Programming Formal Inspections Inspections
More informationVerification and Validation
Lecturer: Sebastian Coope Ashton Building, Room G.18 E-mail: coopes@liverpool.ac.uk COMP 201 web-page: http://www.csc.liv.ac.uk/~coopes/comp201 Verification and Validation 1 Verification and Validation
More informationEXAMINING THE CODE. 1. Examining the Design and Code 2. Formal Review: 3. Coding Standards and Guidelines: 4. Generic Code Review Checklist:
EXAMINING THE CODE CONTENTS I. Static White Box Testing II. 1. Examining the Design and Code 2. Formal Review: 3. Coding Standards and Guidelines: 4. Generic Code Review Checklist: Dynamic White Box Testing
More informationLecture 15 Software Testing
Lecture 15 Software Testing Includes slides from the companion website for Sommerville, Software Engineering, 10/e. Pearson Higher Education, 2016. All rights reserved. Used with permission. Topics covered
More informationExamining the Code. [Reading assignment: Chapter 6, pp ]
Examining the Code [Reading assignment: Chapter 6, pp. 91-104] Static white-box testing Static white-box testing is the process of carefully and methodically reviewing the software design, architecture,
More informationStatic Analysis in C/C++ code with Polyspace
1 Static Analysis in C/C++ code with Polyspace Yongchool Ryu Application Engineer gary.ryu@mathworks.com 2016 The MathWorks, Inc. 2 Agenda Efficient way to find problems in Software Category of Static
More informationVerification, Testing, and Bugs
Verification, Testing, and Bugs Ariane 5 Rocket First Launch Failure https://www.youtube.com/watch?v=gp_d8r- 2hwk So What Happened? The sequence of events that led to the destruction of the Ariane 5 was
More informationChapter 8 Software Testing. Chapter 8 Software testing
Chapter 8 Software Testing 1 Topics covered Introduction to testing Stages for testing software system are: Development testing Release testing User testing Test-driven development as interleave approach.
More informationThree General Principles of QA. COMP 4004 Fall Notes Adapted from Dr. A. Williams
Three General Principles of QA COMP 4004 Fall 2008 Notes Adapted from Dr. A. Williams Software Quality Assurance Lec2 1 Three General Principles of QA Know what you are doing. Know what you should be doing.
More informationStatic Analysis of C++ Projects with CodeSonar
Static Analysis of C++ Projects with CodeSonar John Plaice, Senior Scientist, GrammaTech jplaice@grammatech.com 25 July 2017, Meetup C++ de Montréal Abstract Static program analysis consists of the analysis
More informationOracle Developer Studio Code Analyzer
Oracle Developer Studio Code Analyzer The Oracle Developer Studio Code Analyzer ensures application reliability and security by detecting application vulnerabilities, including memory leaks and memory
More informationChapter 11, Testing. Using UML, Patterns, and Java. Object-Oriented Software Engineering
Chapter 11, Testing Using UML, Patterns, and Java Object-Oriented Software Engineering Outline Terminology Types of errors Dealing with errors Quality assurance vs Testing Component Testing! Unit testing!
More informationUsing Static Code Analysis to Find Bugs Before They Become Failures
Using Static Code Analysis to Find Bugs Before They Become Failures Presented by Brian Walker Senior Software Engineer, Video Product Line, Tektronix, Inc. Pacific Northwest Software Quality Conference,
More informationTopic: Software Verification, Validation and Testing Software Engineering. Faculty of Computing Universiti Teknologi Malaysia
Topic: Software Verification, Validation and Testing Software Engineering Faculty of Computing Universiti Teknologi Malaysia 2016 Software Engineering 2 Recap on SDLC Phases & Artefacts Domain Analysis
More informationObject-Oriented and Classical Software Engineering
Slide 6.1 Object-Oriented and Classical Software Engineering Seventh Edition, WCB/McGraw-Hill, 2007 Stephen R. Schach srs@vuse.vanderbilt.edu CHAPTER 6 Slide 6.2 TESTING 1 Overview Slide 6.3 Quality issues
More informationObject-Oriented and Classical Software Engineering
Slide 6.1 Object-Oriented and Classical Software Engineering Seventh Edition, WCB/McGraw-Hill, 2007 Stephen R. Schach srs@vuse.vanderbilt.edu CHAPTER 6 Slide 6.2 TESTING Overview Slide 6.3 Quality issues
More informationTechniques for the unambiguous specification of software
Formal Techniques for the unambiguous of software Objectives To explain why formal techniques help discover problems in system requirements To describe the use of algebraic techniques for interface To
More informationChapter 8. Achmad Benny Mutiara
Chapter 8 SOFTWARE-TESTING STRATEGIES Achmad Benny Mutiara amutiara@staff.gunadarma.ac.id 8.1 STATIC-TESTING STRATEGIES Static testing is the systematic examination of a program structure for the purpose
More informationMotivation was to facilitate development of systems software, especially OS development.
A History Lesson C Basics 1 Development of language by Dennis Ritchie at Bell Labs culminated in the C language in 1972. Motivation was to facilitate development of systems software, especially OS development.
More information1 Visible deviation from the specification or expected behavior for end-user is called: a) an error b) a fault c) a failure d) a defect e) a mistake
Sample ISTQB examination 1 Visible deviation from the specification or expected behavior for end-user is called: a) an error b) a fault c) a failure d) a defect e) a mistake 2 Regression testing should
More informationSoftware Design Models, Tools & Processes. Lecture 6: Transition Phase Cecilia Mascolo
Software Design Models, Tools & Processes Lecture 6: Transition Phase Cecilia Mascolo UML Component diagram Component documentation Your own classes should be documented the same way library classes are.
More informationSOFTWARE ENGINEERING SOFTWARE VERIFICATION AND VALIDATION. Saulius Ragaišis.
SOFTWARE ENGINEERING SOFTWARE VERIFICATION AND VALIDATION Saulius Ragaišis saulius.ragaisis@mif.vu.lt CSC2008 SE Software Verification and Validation Learning Objectives: Distinguish between program validation
More informationTerminology. There are many different types of errors and different ways how we can deal with them.
Testing Terminology Reliability: The measure of success with which the observed behavior of a system confirms to some specification of its behavior. Failure: Any deviation of the observed behavior from
More informationStatic Program Analysis Part 1 the TIP language
Static Program Analysis Part 1 the TIP language http://cs.au.dk/~amoeller/spa/ Anders Møller & Michael I. Schwartzbach Computer Science, Aarhus University Questions about programs Does the program terminate
More informationTESTING. Overview Slide 6.2. Testing (contd) Slide 6.4. Testing Slide 6.3. Quality issues Non-execution-based testing
Slide 6.1 Overview Slide 6.2 Quality issues Non-execution-based testing TESTING Execution-based testing What should be tested? Testing versus correctness proofs Who should perform execution-based testing?
More informationBy V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.
By V-cubed Solutions, Inc. Page1 Purpose of Document This document will demonstrate the efficacy of CODESCROLL CODE INSPECTOR, CONTROLLER TESTER, and QUALITYSCROLL COVER, which has been developed by V-cubed
More informationStatic Analysis methods and tools An industrial study. Pär Emanuelsson Ericsson AB and LiU Prof Ulf Nilsson LiU
Static Analysis methods and tools An industrial study Pär Emanuelsson Ericsson AB and LiU Prof Ulf Nilsson LiU Outline Why static analysis What is it Underlying technology Some tools (Coverity, KlocWork,
More informationMC: Meta-level Compilation
MC: Meta-level Compilation Extending the Process of Code Compilation with Application-Specific Information for the layman developer (code monkey) Gaurav S. Kc 8 th October, 2003 1 Outline Dawson Engler
More informationInformation Flow Analysis and Type Systems for Secure C Language (VITC Project) Jun FURUSE. The University of Tokyo
Information Flow Analysis and Type Systems for Secure C Language (VITC Project) Jun FURUSE The University of Tokyo furuse@yl.is.s.u-tokyo.ac.jp e-society MEXT project toward secure and reliable software
More informationLanguage Translation. Compilation vs. interpretation. Compilation diagram. Step 1: compile. Step 2: run. compiler. Compiled program. program.
Language Translation Compilation vs. interpretation Compilation diagram Step 1: compile program compiler Compiled program Step 2: run input Compiled program output Language Translation compilation is translation
More informationPrinciples of Software Construction: Objects, Design, and Concurrency (Part 2: Designing (Sub )Systems)
Principles of Software Construction: Objects, Design, and Concurrency (Part 2: Designing (Sub )Systems) More Analysis for Functional Correctness Jonathan Aldrich Charlie Garrod School of Computer Science
More informationChapter 8 Software Testing
Chapter 8 Software Testing Chapter 8 Software Testing Slide 1 Topics covered Validation vs. defect testing Inspections and testing Development testing Unit testing Component testing System testing Test-driven
More informationVariables and literals
Demo lecture slides Although I will not usually give slides for demo lectures, the first two demo lectures involve practice with things which you should really know from G51PRG Since I covered much of
More informationTopics in Software Testing
Dependable Software Systems Topics in Software Testing Material drawn from [Beizer, Sommerville] Software Testing Software testing is a critical element of software quality assurance and represents the
More informationWHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development
WHITE PAPER 10 Reasons to Use Static Analysis for Embedded Software Development Overview Software is in everything. And in many embedded systems like flight control, medical devices, and powertrains, quality
More informationTesting! Prof. Leon Osterweil! CS 520/620! Spring 2013!
Testing Prof. Leon Osterweil CS 520/620 Spring 2013 Relations and Analysis A software product consists of A collection of (types of) artifacts Related to each other by myriad Relations The relations are
More informationAgenda. Peer Instruction Question 1. Peer Instruction Answer 1. Peer Instruction Question 2 6/22/2011
CS 61C: Great Ideas in Computer Architecture (Machine Structures) Introduction to C (Part II) Instructors: Randy H. Katz David A. Patterson http://inst.eecs.berkeley.edu/~cs61c/sp11 Spring 2011 -- Lecture
More informationTesting, code coverage and static analysis. COSC345 Software Engineering
Testing, code coverage and static analysis COSC345 Software Engineering Outline Various testing processes ad hoc / formal / automatic Unit tests and test driven development Code coverage metrics Integration
More informationMotivation was to facilitate development of systems software, especially OS development.
A History Lesson C Basics 1 Development of language by Dennis Ritchie at Bell Labs culminated in the C language in 1972. Motivation was to facilitate development of systems software, especially OS development.
More informationVerification and Test with Model-Based Design
Verification and Test with Model-Based Design Flight Software Workshop 2015 Jay Abraham 2015 The MathWorks, Inc. 1 The software development process Develop, iterate and specify requirements Create high
More informationTesting. Prof. Clarkson Fall Today s music: Wrecking Ball by Miley Cyrus
Testing Prof. Clarkson Fall 2017 Today s music: Wrecking Ball by Miley Cyrus Review Previously in 3110: Modules Specification (functions, modules) Today: Validation Testing Black box Glass box Randomized
More informationAll the subjective part of 2011 papers solved complete reference numbers
1 All current papers 2011 Solved papers (eagle_eye) CS504 Current data final term paper 15 FEB All the subjective part of 2011 papers solved complete reference numbers 1) Describe the the concept of cyclomatic
More informationChapter 8 Software Testing. Chapter 8 So-ware tes0ng
Chapter 8 Software Testing 1 Topics covered ² Introduction to testing ² Stages for testing software system are: Development testing Release testing User testing ² Test-driven development as interleave
More informationChapter 2 Basic Elements of C++
C++ Programming: From Problem Analysis to Program Design, Fifth Edition 2-1 Chapter 2 Basic Elements of C++ At a Glance Instructor s Manual Table of Contents Overview Objectives s Quick Quizzes Class Discussion
More informationMTAT : Software Testing
MTAT.03.159: Software Testing Lecture 04: Static Analysis (Inspection) and Defect Estimation, Mutation Testing (Textbook Ch. 10 & 12) Spring 2015 Dietmar Pfahl email: dietmar.pfahl@ut.ee Structure of Lecture
More informationCS 2505 Computer Organization I Test 1. Do not start the test until instructed to do so!
Instructions: Print your name in the space provided below. This examination is closed book and closed notes, aside from the permitted one-page formula sheet. No calculators or other electronic devices
More informationLaboratory Assignment #4 Debugging in Eclipse CDT 1
Lab 4 (10 points) November 20, 2013 CS-2301, System Programming for Non-majors, B-term 2013 Objective Laboratory Assignment #4 Debugging in Eclipse CDT 1 Due: at 11:59 pm on the day of your lab session
More informationVerification by Static Analysis
Verification by Static Analysis Intelligent Testing Conference Bristol, 17 th March 2014 Verification overview Software Verification is The process of evaluating software during or at the end of the development
More informationLecture 3 Notes Arrays
Lecture 3 Notes Arrays 15-122: Principles of Imperative Computation (Summer 1 2015) Frank Pfenning, André Platzer 1 Introduction So far we have seen how to process primitive data like integers in imperative
More informationLecture Notes on Arrays
Lecture Notes on Arrays 15-122: Principles of Imperative Computation July 2, 2013 1 Introduction So far we have seen how to process primitive data like integers in imperative programs. That is useful,
More informationVerification & Validation of Open Source
Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open
More informationHigh Performance Computing MPI and C-Language Seminars 2009
High Performance Computing - Seminar Plan Welcome to the High Performance Computing seminars for 2009. Aims: Introduce the C Programming Language. Basic coverage of C and programming techniques needed
More informationTesting. ECE/CS 5780/6780: Embedded System Design. Why is testing so hard? Why do testing?
Testing ECE/CS 5780/6780: Embedded System Design Scott R. Little Lecture 24: Introduction to Software Testing and Verification What is software testing? Running a program in order to find bugs (faults,
More informationIn this Lecture you will Learn: Testing in Software Development Process. What is Software Testing. Static Testing vs.
In this Lecture you will Learn: Testing in Software Development Process Examine the verification and validation activities in software development process stage by stage Introduce some basic concepts of
More informationCERT C++ COMPLIANCE ENFORCEMENT
CERT C++ COMPLIANCE ENFORCEMENT AUTOMATED SOURCE CODE ANALYSIS TO MAINTAIN COMPLIANCE SIMPLIFY AND STREAMLINE CERT C++ COMPLIANCE The CERT C++ compliance module reports on dataflow problems, software defects,
More informationChapter 10. Testing and Quality Assurance
Chapter 10 Testing and Quality Assurance Different styles of doing code review Human Reviewer Code Inspection with continuous integration infrastructure Pinger s testing set up Testing Related topics 1.
More informationCSCI0330 Intro Computer Systems Doeppner. Lab 02 - Tools Lab. Due: Sunday, September 23, 2018 at 6:00 PM. 1 Introduction 0.
CSCI0330 Intro Computer Systems Doeppner Lab 02 - Tools Lab Due: Sunday, September 23, 2018 at 6:00 PM 1 Introduction 0 2 Assignment 0 3 gdb 1 3.1 Setting a Breakpoint 2 3.2 Setting a Watchpoint on Local
More informationProgram Correctness and Efficiency. Chapter 2
Program Correctness and Efficiency Chapter 2 Chapter Objectives To understand the differences between the three categories of program errors To understand the effect of an uncaught exception and why you
More informationLeveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance
Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance Prashant Mathapati Senior Application Engineer MATLAB EXPO 2013 The MathWorks, Inc. 1 The problem
More informationSoftware Engineering (CSC 4350/6350) Rao Casturi
Software Engineering (CSC 4350/6350) Rao Casturi Testing Software Engineering -CSC4350/6350 - Rao Casturi 2 Testing What is testing? Process of finding the divergence between the expected behavior of the
More informationCS 424 Software Quality Assurance & Testing LECTURE 3 BASIC CONCEPTS OF SOFTWARE TESTING - I
LECTURE 3 BASIC CONCEPTS OF SOFTWARE TESTING - I WHAT IS SOFTWARE TESTING? Testing can find faults in the software but cannot prove that the software is error-free. OBJECTIVES OF SOFTWARE TESTING To test
More informationProgramming Languages Third Edition. Chapter 7 Basic Semantics
Programming Languages Third Edition Chapter 7 Basic Semantics Objectives Understand attributes, binding, and semantic functions Understand declarations, blocks, and scope Learn how to construct a symbol
More informationC How to Program, 6/e by Pearson Education, Inc. All Rights Reserved.
C How to Program, 6/e 1992-2010 by Pearson Education, Inc. 1992-2010 by Pearson Education, Inc. 1992-2010 by Pearson Education, Inc. This chapter serves as an introduction to the important topic of data
More informationUndefined Behaviour in C
Undefined Behaviour in C Report Field of work: Scientific Computing Field: Computer Science Faculty for Mathematics, Computer Science and Natural Sciences University of Hamburg Presented by: Dennis Sobczak
More informationA Practical Approach to Programming With Assertions
A Practical Approach to Programming With Assertions Ken Bell Christian-Albrechts Universität Kiel Department of Computer Science and Applied Mathematics Real-Time Systems and Embedded Systems Group July
More informationMemory Analysis tools
Memory Analysis tools PURIFY The Necessity TOOL Application behaviour: Crashes intermittently Uses too much memory Runs too slowly Isn t well tested Is about to ship You need something See what your code
More informationHacking in C. Pointers. Radboud University, Nijmegen, The Netherlands. Spring 2019
Hacking in C Pointers Radboud University, Nijmegen, The Netherlands Spring 2019 Allocation of multiple variables Consider the program main(){ char x; int i; short s; char y;... } What will the layout of
More informationVerification and Validation. Verification and validation
Verification and Validation Verification and validation Verification and Validation (V&V) is a whole life-cycle process. V&V has two objectives: Discovery of defects, Assessment of whether or not the system
More informationIn Java we have the keyword null, which is the value of an uninitialized reference type
+ More on Pointers + Null pointers In Java we have the keyword null, which is the value of an uninitialized reference type In C we sometimes use NULL, but its just a macro for the integer 0 Pointers are
More informationCS61C : Machine Structures
inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture 3 Introduction to C (pt 2) 2010-06-23! C help session: Tonight 7:00-9:00pm @ 306 Soda!!!Instructor Paul Pearce! The typical! development
More informationReview! * follows a pointer to its value! & gets the address of a variable! Pearce, Summer 2010 UCB! ! int x = 1000; Pearce, Summer 2010 UCB!
CS61C L03 Introduction to C (pt 2) (1)! inst.eecs.berkeley.edu/~cs61c CS61C : Machine Structures Lecture 3 Introduction to C (pt 2) 2010-06-23!!!Instructor Paul Pearce! The typical! development cycle!
More informationPrinciple of Complier Design Prof. Y. N. Srikant Department of Computer Science and Automation Indian Institute of Science, Bangalore
Principle of Complier Design Prof. Y. N. Srikant Department of Computer Science and Automation Indian Institute of Science, Bangalore Lecture - 20 Intermediate code generation Part-4 Run-time environments
More informationSimple Overflow. #include <stdio.h> int main(void){ unsigned int num = 0xffffffff;
Simple Overflow 1 #include int main(void){ unsigned int num = 0xffffffff; printf("num is %d bits long\n", sizeof(num) * 8); printf("num = 0x%x\n", num); printf("num + 1 = 0x%x\n", num + 1); }
More informationState-Based Testing Part B Error Identification. Generating test cases for complex behaviour
State-Based Testing Part B Error Identification Generating test cases for complex behaviour Reference: Robert V. Binder Testing Object-Oriented Systems: Models, Patterns, and Tools Addison-Wesley, 2000,
More informationPage 1. Stuff. Last Time. Today. Safety-Critical Systems MISRA-C. Terminology. Interrupts Inline assembly Intrinsics
Stuff Last Time Homework due next week Lab due two weeks from today Questions? Interrupts Inline assembly Intrinsics Today Safety-Critical Systems MISRA-C Subset of C language for critical systems System
More informationC Program Development and Debugging under Unix SEEM 3460
C Program Development and Debugging under Unix SEEM 3460 1 C Basic Elements SEEM 3460 2 C - Basic Types Type (32 bit) Smallest Value Largest Value short int -32,768(-2 15 ) 32,767(2 15-1) unsigned short
More informationEL2310 Scientific Programming
Lecture 11: Structures and Memory (yaseminb@kth.se) Overview Overview Lecture 11: Structures and Memory Structures Continued Memory Allocation Lecture 11: Structures and Memory Structures Continued Memory
More informationLecture 4 September Required reading materials for this class
EECS 261: Computer Security Fall 2007 Lecture 4 September 6 Lecturer: David Wagner Scribe: DK Moon 4.1 Required reading materials for this class Beyond Stack Smashing: Recent Advances in Exploiting Buffer
More informationDarshan Institute of Engineering & Technology for Diploma Studies
CODING Good software development organizations normally require their programmers to follow some welldefined and standard style of coding called coding standards. Most software development organizations
More informationCS 6371: Advanced Programming Languages
CS 6371: Advanced Programming Languages Dr. Kevin Hamlen Spring 2017 Fill out, sign, and return prereq forms: Course number: CS 6371 Section: 1 Prerequisites: CS 5343: Algorithm Analysis & Data Structures
More informationComputer Science and Software Engineering University of Wisconsin - Platteville 9-Software Testing, Verification and Validation
Computer Science and Software Engineering University of Wisconsin - Platteville 9-Software Testing, Verification and Validation Yan Shi SE 2730 Lecture Notes Verification and Validation Verification: Are
More informationWho are we? Andre Platzer Out of town the first week GHC TAs Alex Crichton, senior in CS and ECE Ian Gillis, senior in CS
15-411 Compilers Who are we? Andre Platzer Out of town the first week GHC 9103 TAs Alex Crichton, senior in CS and ECE Ian Gillis, senior in CS Logistics symbolaris.com/course/compiler12.html symbolaris.com
More informationStatic Analysis Techniques
oftware Design (F28SD2): Static Analysis Techniques 1 Software Design (F28SD2) Static Analysis Techniques Andrew Ireland School of Mathematical and Computer Science Heriot-Watt University Edinburgh oftware
More informationInspection Overview Massood Towhidnejad Computer & Software Engineering Dept. Embry-Riddle University
Inspection Overview Massood Towhidnejad Computer & Software Engineering Dept. Embry-Riddle University Inspection Is used to verify intellectual products by manually examining the developed product, a piece
More information