Fred Brooks, The Mythical Man-Month: Essays on Software Engineering, Addison Wesley, 1975, reprinted with corrections, 1982, 20^th Anniversary edition with added material, 1996

Fred Brooks, No Silver Bullet: Essence and Accidents of Software Engineering, IEEE Computer 20,4, Apr. 1987

Nancy Leveson, Safeware, Addison Wesley, 1995

Peter Neumann, Computer-Related Risks, Addison Wesley, 1995

V&V must be an integral part of any software development process, from the very beginning of the process. It is estimated that 40% to 70% of software development costs are spent for error detection and removal. Correctness is in this sense the most fundamental of all the quality attributes software may possess. The other attributes are much less significant as cost centres, and may even provide a net cost benefit if they are well managed. All that can be done with error control is to reduce its cost and impact.

The greatest benefits are derived from early attention to V&V. By some estimates, half of all defects originate in requirements, and another one quarter in design. Defects from these work products become increasingly costly to find and repair as they propagate to later work products – sometimes by a factor of 100. This suggests that the most important V&V activity is to enforce rigourous requirements and design processes. It is also true that many defects are introduced during the transition from one representation to another, so a second major V&V activity is to search for ways to minimize the need for such transitions. In spite of the importance of these factors, we will spend little time in this course on them. Our focus will be on inspection and testing, and to some extent on the use of mathematical techniques.

Assignment 1 is based on the ‘Grades’ system, initially developed by students at the University of Victoria, and modified both at U Vic and at RMC. You will need basic familiarity with simple mathematical logic expressions, Unix, Makefiles, C and shell scripts. There are a number of known faults in the Grades work products, and there are undoubtedly other faults yet to be found. It would be an interesting exercise to classify the faults according to severity. You are encouraged to attempt this as extra work for Assignment 1. You are also encouraged to track your own use of time in completing Assignment 1, and to report this use, again as extra work for Assignment 1.

pgmgen was developed at the University of Victoria. Copies are on line at RMC and at Queen’s. Described in Hoffman and Strooper (above). pgmgen is not useful other than for teaching purposes. The original reference for pgmgen is: Dan Hoffman, "A CASE Study in Module Testing", 1989 Conference on Software Maintenance, October 1989, Miami, Florida

Mark Dowson, "The ARIANE 5 Software Failure", ACM SEN, v. 22 n.2, Mar 97, pp. 84

Ariane 5 Commission of enquiry report (available at www.cnes.fr)

Jean-Marc JJ zJ quel, Bertrand Meyer, "Design by Contract: The Lessons of Ariane", IEEE Computer, v. 30 n.1, Jan 97, pp. 129-130

January 1996 IEEE Software: theme issue on Software Quality

W.Robert Collins, Keith W. Miller, Bethany J. Spielman and Phillip Wherry, "How Good is Good Enough?", Communications of the ACM, Jan. 1994, pp. 81-91

Software Quality Models: McCall (1977), ISO 9126 (1991)

Some IEEE Standards related to quality:

ISO 9000 QA Standards

James Moore, Software Engineering Standards: A User's Road Map, IEEE CS Press, 1998, 304 pp

CANDU Computer Systems Engineering Centre of Excellence, Standard for Software Engineering of Safety Critical Software, CE-1001-STD, Ontario Hydro, Toronto, 1990; rev 1. 1995

Mike Viola, Ontario Hydro’s Experience with New Methods for Engineering Safety Critical Software (SAFECOMP 95)

M.E. Fagan "Design and Code Inspections to Reduce Errors in Program Development", IBM Systems Journal, March 1976, vol.15, no.3, pp.105-211

M.E. Fagan "Advances in Software Inspections", IEEE Transactions on Software Engineering, vol. SE-12,no.7, pp.744-751, 1986

Glen W. Russell, "Experience with Inspection in Ultralarge-Scale Developments", IEEE Software, January 1991, pp. 25-31

Joc Saunders and Eugene Curran, Software Quality, A Framework for Success in Software Development and Support, Addison Wesley/ACM Press, 1994

G. Gordon Schulmeyer and James I. McManus, Eds, Total Quality Management for Software, Van Nostrand Reinhold, 1992

Gilb, Tom, Principles of Software Engineering Management, Addison Wesley, 1988

Videotape: Glen Russell: Code Inspection; BNR, Feb. 1993

Notes from presentation on inspections by John Botsford of IBM to EE 591 in the Fall term of 1993/94 are available (copies made for all students).

David Parnas and David Weiss, Active Design Reviews: Principles and Practices, J. of Systems and Software, n. 7, 1987, pp. 259-265

Edward F. Weller, "Lessons from Three Years of Inspection Data", IEEE Software, v. 10 n.5, Sep 1993, pp. 38-45 [Best article for 93]

A. Porter, H. Siy, C.A. Toman, L.G. Votta, "An Experiment to Assess the Cost-Benefits of Code Inspections in Large Scale Software Development", ACM SEN, v. 20 n.4, Oct 1995, pp. 92-103 [need to bring ref. up to date – experiment is now complete: IEEE TSE June 97 pp. 329-346, v.23 n. 6] (choice in 1999)

Adam A. Porter, Lawrence G. Votta, Victor R. Basili, "Comparing Detection Methods for Software Requirements Inspections: A Replicated Experiment", IEEE TSE, v. 21 n.6, Jun 1995, pp. 563-575 (not done in 1999)

Rational Apex and Testmate are available on RMC and Queen’s Sun workstations. Rational also has other testing tools (such as Pure tools, Visual Test, SQA, …) which are worth investigating.

Pick a book on testing , read it enough to form an opinion, and come to the class prepared to spend 10 minutes giving your opinion.

Ilene Burnstein, Taratip Suwannasort, C.R. Carlson, "Developing a Testing Maturity Model …", STSC Crosstalk, v. 9 Part I: n.8 Aug 96, pp. 21-24, and Part II: n9, Sep 96, pp. 19-26 (available at stsc.hill.af.mil/SWTesting/index.html)

Gregory Daich, "Emphasizing Software Test Process Improvement", STSC Crosstalk, v. 9, n.6, Jun 96 (available at stsc.hill.af.mil/SWTesting/index.html)

Pick a book on testing.

Robert M. Poston, Automating Specification Based Software Testing, IEEE CS Press, 1996

Victor Basili and Richard Selby, Comparing the Effectiveness of Software Testing Strategies, IEEE TSE, Dec. 1987

D. Hamlet and R. Taylor, Partition Testing does not inspire Confidence, IEEE TSE, Dec. 1990, pp. 1402-1411

John B. Goodenough, Susan Gerhart, Toward a Theory of Test Data Selection, IEEE TSE, 1975, pp. 156-173, v. 1

Joseph R. Horgan, Saul London, "Achieving Software Quality with Testing Coverage Measures", IEEE Computer, v. 27 n.9, Sep 1994, pp. 60-69

Hong Zhu, "A Formal Analysis of the Subsume Relation Between Software Test Adequacy Criteria", IEEE TSE, v. 22 n.4, Apr 96, pp. 248-255

Report on ISSTA 98: Professor’s notes. Proceedings are available in RMC library

Hareton K. Leung and Lee White, "Insights into Regression Testing", Conference on Software Maintenance, IEEE, pp. 60-69, 1989

Gregg Rothermel, Mary Jean Harrold, "A Safe, Efficient Regression Test Selection Technique", ACM TOSEM, v. 6 n.2, Apr 97, pp. 173-210

David C. Kung, Pei Hsia, and Jerry Gao, Testing Object-Oriented Software, IEEE CS Press, 1998

Ideas for a testing framework for ObjecTime: Professor’s notes.

Richard J. Linn and M. Ümit Uyar, "Conformance Testing Methodologies and Architectures for OSI Protocols", IEEE CS Press, 1994

Robert L. Probert and Oz Monkewich, TTCN: The International Notation for Specifying Tests of Communications Systems, Computer Networks 23,5; 1992 pp. 417-438

Jesse H. Poore, Harlan D. Mills, David Mutchler, "Planning and Certifying Software System Reliability", IEEE Software, v. 10 n.1, Jan 1993, pp. 88-99 [Runner up for best article of 93]

E.N. Adams, "Optimizing Preventive Service of Software Products", IBM J.R&D, Jan 84, [The original data to support the use of operational profiles]

Denise Woit, "Operational Profile Specification, Test Case Generation, and Reliability Estimation for Modules", Ph.D. Thesis, Queen's University, January 1994.

Praerit Garg, "Investigating Coverage-Reliability Relationship and Sensitivity of Reliability to Errors in the Operational Profile" Cascon 94 (Garg was a Ph.D student at Purdue at the time)

Theme Issue: "System Testing and Reliability", IEEE Computer, v. 29 n.11, Nov 96, pp. 28-86 [SigSoft '96: 4th Symposium on the Foundations of Software Engineering]

Hazard Analysis Techniques: Ch. 14, Nancy Leveson, Safeware, Addison Wesley, 1995

R.W. Butler and G.B. Finelli, The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software, IEEE TSE 19(1) pp. 3-12 (Jan 93)

W.E. Howden, Yudong Huang, "Software Trustability Analysis", ACM TOSEM, v. 4 n.1, Jan 95, pp. 36-64 [use of guided testing to overcome the limitations of random testing]

Jeffrey J.P. Tsai and Steve J.H. Yang, "Monitoring and Debugging of Distributed Real-Time Systems", IEEE CS Press, 1995

Excerpts from: Cleanroom Software Technology Centre, Cleanroom Software Engineering for Zero-Defect Software, IBM, May 31, 1992 (Overheads from a workshop sponsored by the US NSF, held at the Rochester Institute of Technology, May 31-June 4, 1992)

Monica Brockmeyer, Farnam Jahanian, Constance Heitmeyer, Bruce Labaw, "An Approach to Monitoring and Assertion-Checking of Real-Time Specifications", ACM/IEEE Proceedings, 4th Int'l workshop on Parallel and Dist'd Real-Time Systems, Apr 96, pp. 236-243 [Modechart; also paper at RTAS 97, on testing RT specs. pp. 125-135]

S. Wayne Sherer, Ara Kouchakdjian, "Experience Using Cleanroom Software Engineering", IEEE Software, v. 13 n.3, May 96, pp. 69-76 [Picatinny Arsenal]

D.S. Rosenblum, "A Practical Approach to Programming with Assertions", IEEE TSE, v. 21 n.1, Jan 95, pp. 19-31 [Correction: p. 265, Mar 95 IEEE TSE]

Beth A. Schroeder, "On-Line Monitoring: A Tutorial", IEEE Computer, v. 28 n.6, Jun 95, pp. 72-78

Will Tracz, "Test and Analysis of Software Architectures", ACM SEN, v. 21 n.3, May 96, pp. 1-3 [ISSTA 96 Proceedings: Keynote address summary]

J.M. Wing, A Specifier's Introduction to Formal Methods. IEEE Computer, 23(9):8-24, September 1990

James H. Fetzer, Program Verification: The Very Idea, CACM, Sept 1988; comments CACM Apr 89 p. 420

Anya Malton and Terry Shepard, "A Beginner's Manual for Eves", RMC, Jan 93, revised Jan 1994 by Dave Andrews

Constance L. Heitmeyer, Ralph D. Jeffords, Bruce G. Labaw, "Automated Consistency Checking of Requirements Specifications", ACM TOSEM, v. 5 n.3, July 96, pp. 231-261

J.A. Hall, Seven Myths of Formal Methods. IEEE Software, 7(5):11-19, September 1990.

J.P. Bowen and M.G. Hinchey, Seven More Myths of Formal Methods. IEEE Software, 12(4):34-41, July 1995.

J.P. Bowen and M.G. Hinchey, Ten Commandments of Formal Methods. IEEE Computer, 28(4):56-63, April 1995.

R. E. Bryant, ``Symbolic Boolean Manipulation with Ordered Binary Decision Diagrams,'' ACM Computing Surveys, Vol. 24, No. 3 (September, 1992), pp. 293-318.

Dan Craigen, Susan Gerhart and Ted Ralston, "Formal Methods Technology Transfer: Impediments and Innovation", In Applications of Formal Methods. ed. M. G. Hinchey and J. P. Bowen. Prentice-Hall International Series in Computer Science, September 1995. (23 pages)

Anthony Hall, "Using Formal Methods to Develop an ATC Information System", IEEE Software, v. 13 n.2, Mar 96, pp. 66-76

Evaluation of a commercially available testing tool other than Testmate

EVES/Verdi/NEVER or another program proof of correctness tool, using model checking in particular.

Usability Testing

In depth presentation of a selection of papers on any of the areas covered in the course