DOCSLIB.ORG

Inspection's Role in Software Quality Assurance

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Inspection's Role in Software Quality Assurance focusguest editors’ introduction Inspection’s Role in Software Quality Assurance David L. Parnas, University of Limerick Mark Lawford, McMaster University espite more than 30 years’ effort to improve software quality, companies still release programs containing numerous errors. Many major products have thousands of bugs. It’s not for lack of D trying; all major software developers stress software quality as- surance and try to remove bugs before release. The problem is the code’s complexity. It’s easy to review code but fail to notice significant errors. Researchers have responded to these prob- lems by studying methods of formal correct- ness verification for programs. In theory, we now know how to prove programs correct with the same degree of rigor that we apply to mathematical theorems. In reality, this is rarely practical and even more rarely done. Most research papers on verification make simplifying assumptions (for example, a 1:1 correspondence between variables and vari- able names) that aren’t valid for real pro- grams. Proofs of realistic programs involve long, complex expressions and require pa- tience, time, and diligence that developers don’t think they have. (Interestingly enough, they never have time to verify a program be- fore release, but they must take time to re- spond to complaints after release.) Inspection methods can be more effective than informal reviews and require less effort than formal 16 IEEE SOFTWARE Published by the IEEE Computer Society 0740-7459/03/$17.00 © 2003 IEEE proofs, but their success depends on having a I The TSE papers do communicate the re- sound, systematic procedure. Tools that sup- search results. We considered a paper to port this procedure are also important. make a valid contribution if it showed Connecting The Workshop on Inspection in Software how to apply known results to the prob- Engineering (WISE), a satellite event of the lem of inspecting software for suitability theory with 2001 Computer Aided Verification Confer- (fitness for use). The papers are intended practice is the ence (CAV 01), brought together researchers, for people who are willing to read de- essence of any practitioners, and regulators in the hope of tailed, careful research papers. finding new, more effective software inspec- type of tion approaches. Submissions described how We intend that each TSE paper and its corre- engineering. practitioners and researchers were performing sponding Software article have little overlap. inspections, discussed inspections’ relevance, One reports results; the other explains how to provided evidence of how refinement of the use those results and perhaps what research is inspection process and computer-aided tool still needed. support can improve inspections, and ex- We hope that future guest editors will emu- plained how careful software design could late and improve the linked-special-issues ap- make inspections more effective. The best proach for other topics important to both ideas from the workshop have been distilled practitioners and researchers. After all, con- into pairs of articles appearing in linked spe- necting theory with practice is the essence of cial issues of IEEE Software and IEEE Trans- any type of engineering. actions on Software Engineering. What we mean by inspection Why two linked special issues? By inspection we mean a systematic ap- As guest editors, we had a specific goal proach to examining a program in detail. Such when we proposed the joint special issues to an examination’s goal is to assess the quality the publications’ editorial boards. We had ob- of the software in question, not the quality of served that the practitioners habitually neglect the software development process. the kind of research found in TSE on the In general, inspection means examining a (sometimes correct) assumption that it’s irrele- product by following a prescribed, systematic vant to them. On the other hand, researchers process that aims to determine whether the tend to write for each other and to lose con- product is fit for its intended use. For exam- tact with the realities that practitioners must ple, many jurisdictions require vehicle safety face. The linked issues try to narrow this gap. inspections. (Some advocates of specific ap- Some contributors to WISE were practitioners proaches to software inspection assume that who explained what they’re doing and what their method defines “inspection.” In fact, the problems they encounter. Others were re- word was well defined much earlier.) They leg- searchers trying to discover and verify (either islate a list of parts that must be examined, mathematically or experimentally) some fun- measurements that must be made, and so on, damental facts. We thought that these re- and criteria for passing the inspection. The searchers should write articles that explained word “inspection” usually implies that the to practitioners why the problems they were process is described in documents (for exam- studying were relevant to practice. We also ple, checklists and printed forms) that explain thought that the practitioners could communi- exactly what the inspectors must do. These cate to researchers what inspecting a program documents try to ensure that each inspection is actually like. In addition, we asked that the is so careful and so complete that an inspec- purpose of each paper in one publication be tion’s failure to reveal any defects justifies hav- explained to the readers of the other. ing great confidence that the product will per- To summarize: form as required. An inspection process, while systematic I The Software articles aim to make practi- and tightly prescribed, isn’t mechanical; the tioners aware of research ideas that they process description guides the inspectors but might be able to apply. These articles don’t isn’t so prescriptive that a machine could per- communicate the research results as com- form inspections without human involvement. pletely as a normal research paper would. Success depends on the inspectors understand- July/August 2003 IEEE SOFTWARE 17 ing the product and the underlying technolo- cation helps determine mathematical correct- gies, knowing how to use the appropriate ness, but you can have error-free (mathemati- Early inspection tools, and having considerable experience do- cally correct) code that’s hard to understand ing related work. and difficult to maintain. In addition to find- of a document Because the inspectors, like all of us, have ing errors in code and related software docu- that states limits on their ability to handle details, the key ments, inspection can also help determine system to inspection of any complex product is a pol- whether coding style guidelines are followed, icy of divide and conquer—that is, examining comments in the code are relevant and of ap- requirements small parts of the product in isolation, while propriate length, naming conventions are clear can help insure ensuring that and consistent, the code is easy to maintain, and so on. Although these issues are irrelevant that the correct I Nothing is overlooked to theorem provers, model checkers, and au- system is built. I The inspected components’ correctness tomated testing tools, they are crucial to the implies the whole product’s correctness cost of building and maintaining large soft- ware products. The inspection’s organization as a set of You don’t need to wait until code is com- discrete steps must assure that each step is plete to reap inspection’s benefits. Early in- simple enough to carry out reliably and that spection of a document that states system re- one step can be carried out without detailed quirements can help insure that the correct knowledge of the others. Inspection can be system is built. In our experience, even when a time consuming. Moreover, no inspection product’s formal verification uses mathemati- process is perfect. Inspectors might take short- cal requirements, they might not accurately cuts, might inadequately understand what capture the designer’s or customer’s intent. In- they are doing, and might identify a product spection of a requirements document helps as- as acceptable when it isn’t. Nonetheless, a sure that the requirements are capturing the well-designed inspection process can find er- right thing. rors that other methods would miss and can engender great trust. Inspection’s future Although many companies now do inspec- Inspection’s benefits tion, they can do better. The Software articles Industry widely employs testing and the re- in this issue provide insights into how soft- search community widely advocates formal ware practitioners can improve their inspec- verification as methods for improving soft- tions’ effectiveness and applicability today. ware quality. Inspection falls somewhere be- The TSE research papers provide the theoreti- tween the two. Formal verification has yet to cal underpinnings of these suggested improve- catch on with software practitioners, while in- ments and offer insights into how we could spection in one form or another has been further improve inspections in the future. The widely adopted by industry and advocated by TSE articles are evidence that inspection con- leading software practitioners (for example, tinues to be an active area of academic research. see Stuart Ball’s Embedded Microprocessor Systems: Real World Design, Newnes, 2000, Refining software inspection pp. 16–24). This difference in acceptance has One way that researchers and practitioners three main causes: are addressing current inspection techniques’ limitations is by refining inspection methods I You can inspect the code itself, not just to make them more appropriate for a particu- abstract models of it. lar setting. Such refinement will help inspec- I Inspection doesn’t require as substantial a tors focus on the most important problems in training investment as verification. the sea of details. I Inspection doesn’t require the time and the In “Practical Code Inspection Techniques for formula manipulation ability that verifica- Object-Oriented Systems: An Experimental tion of typical programs does.
Load more

Recommended publications
  • Revealing the Secrets of David Parnas
    Revealing the Secrets of David Parnas H. Conrad Cunningham Department of Computer and Information Science University of Mississippi March 7, 2014 Those of us in the fast-changing field of computing often dismiss anything writ- ten more than five years ago as obsolete. Yet several decades-old papers by David L. Parnas [1, 4, 5, 6, 7, 8] are as timely as those published in recent issues of the top journals. Parnas articulates the timeless software design concepts known as information hiding and abstract interfaces. Most programmers would describe a module as a unit of code such as a sub- routine or class. Parnas focuses on the programmers rather than the programs. He defines a module as \a work assignment given to a programmer or group of programmers" as a part of a larger software development project [7]. His goals are to enable programmers to develop each module independently, change one module without affecting other modules, and comprehend the overall system by examining one module at a time [5]. Programmers often design a software system by breaking the required pro- cessing into steps and making each step a module. Instead, Parnas uses in- formation hiding to decompose the system into modules that satisfy his goals (2); each module keeps its own secreta design decision about some aspect of the system (e.g., choice of a data structure). A modules design decision can change but none of the other modules should be affected. If some aspect is unlikely to change, the design can distribute this knowledge across several modules and the interfaces among them.
    [Show full text]
  • Keeping Secrets Within a Family: Rediscovering Parnas
    Keeping Secrets within a Family: Rediscovering Parnas H. Conrad Cunningham Cuihua Zhang Yi Liu Computer Science Computer & Information Systems Computer Science University of Mississippi Northwest Vista College University of Mississippi University, MS, 38677 San Antonio, TX 78251 University, MS 38677 Abstract of related programs. The motivation for product lines and frameworks is to take advantage of the David Parnas wrote several papers in the 1970’s commonalities among the members of the product line and 1980’s that are now considered classics. The to lower the overall cost of producing and maintaining concepts he advocated such as information hiding and a group of related software systems. use of abstract interfaces are generally accepted as Since the foundation of software product lines and the appropriate way to design nontrivial software frameworks is what Parnas proposed in his papers, an systems. However, not all of what he proposed has examination of the concepts in these papers (collected been fully appreciated and assimilated into our in [5]) can still reveal much of value to current-day practices. Many of his simple, elegant ideas have software developers and researchers. Many of the been lost amongst the hype surrounding the lessons taught in these works should also be technologies and methods that have arisen in the past incorporated into our college-level teaching. two decades. This paper examines Parnas’s ideas, This paper examines several of the lessons on the especially his emphasis on program families, and design of program families taught by Parnas that are proposes that college-level computing science and still important for contemporary students to learn.
    [Show full text]
  • Stephan Goericke Editor the Future of Software Quality Assurance the Future of Software Quality Assurance Stephan Goericke Editor
    Stephan Goericke Editor The Future of Software Quality Assurance The Future of Software Quality Assurance Stephan Goericke Editor The Future of Software Quality Assurance Editor Stephan Goericke iSQI GmbH Potsdam Germany Translated from the Dutch Original book: ‘AGILE’, © 2018, Rini van Solingen & Manage- ment Impact – translation by tolingo GmbH, © 2019, Rini van Solingen ISBN 978-3-030-29508-0 ISBN 978-3-030-29509-7 (eBook) https://doi.org/10.1007/978-3-030-29509-7 This book is an open access publication. © The Editor(s) (if applicable) and the Author(s) 2020 Open Access This book is licensed under the terms of the Creative Commons Attribution 4.0 Inter- national License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made. The images or other third party material in this book are included in the book’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the book’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use.
    [Show full text]
  • Systems Development Life Cycle
    Systems Development Life Cycle From Wikipedia, the free encyclopedia Jump to: navigation, search For other uses, see SDLC (disambiguation). Model of the Systems Development Life Cycle with the Maintenance bubble highlighted. The Systems Development Life Cycle (SDLC), or Software Development Life Cycle in systems engineering, information systems and software engineering, is the process of creating or altering systems, and the models and methodologies that people use to develop these systems. The concept generally refers to computer or information systems. In software engineering the SDLC concept underpins many kinds of software development methodologies. These methodologies form the framework for planning and controlling the creation of an information system[1]: the software development process. Contents y 1 Overview y 2 History y 3 Systems development phases o 3.1 Requirements gathering and analysis o 3.2 Design o 3.3 Build or coding o 3.4 Testing o 3.5 Operations and maintenance y 4 Systems development life cycle topics o 4.1 Management and control o 4.2 Work breakdown structured organization o 4.3 Baselines in the SDLC o 4.4 Complementary to SDLC y 5 Strengths and weaknesses y 6 See also y 7 References y 8 Further reading y 9 External links [edit] Overview Systems and Development Life Cycle (SDLC) is a process used by a systems analyst to develop an information system, including requirements, validation, training, and user (stakeholder) ownership. Any SDLC should result in a high quality system that meets or exceeds customer expectations, reaches completion within time and cost estimates, works effectively and efficiently in the current and planned Information Technology infrastructure, and is inexpensive to maintain and cost-effective to enhance.[2] Computer systems are complex and often (especially with the recent rise of Service-Oriented Architecture) link multiple traditional systems potentially supplied by different software vendors.
    [Show full text]
  • Devops E Continuous Delivery Release-Automation Di Software Mediante Implementazione Di Una Pipeline
    POLITECNICO DI TORINO Corso di Laurea Magistrale in Ingegneria Informatica (Computer Engineering) Tesi di Laurea Magistrale DevOps e Continuous Delivery Release-Automation di software mediante implementazione di una pipeline Relatore Candidato prof. Marco Mezzalama Marco Punzi Supervisore aziendale Consoft Sistemi dott. Marco Casu Anno accademico 2017 – 2018 Ai complici della realizzazione di un sogno Abstract «L’avvento della Application Economy impone sempre più l’idea del soft- ware come strumento per generare direttamente valore di business. Occorre quindi garantire servizi di deployment rapidi e in alta affidabil- ità, che permettano il rilascio di software testato e di qualità in qualsi- asi istante. La Continuous Delivery quale estensione della Continuous Integration prevede un approccio strutturato ed automatizzato ai test funzionali, di non regressione e di integrazione, ottimizzando i processi ripetibili di Lifecycle e Deploy. Per assicurare soluzioni flessibili ed in- tegrabili all’interno dei processi aziendali, si necessita di un approccio metodologico di gestione del ciclo del software agendo sulla comunicazione e collaborazione tra gli sviluppatori e gli operatori IT.» (Consoft Sistemi SpA, DevOps Solution, 2017) iii Indice Abstract .................................... iii Introduzione Generale 1 1 Modelli e filosofie a confronto 5 1.1 Introduzione . 5 1.2 Nascita e decadenza del modello Waterfall ............... 6 1.2.1 Le fasi del modello . 6 1.2.2 Gli svantaggi del modello . 7 1.3 Lo sviluppo Agile ............................. 8 1.4 Software release: Anti-pattern e Soluzioni . 12 1.5 L’etica DevOps .............................. 13 1.6 DevOps: il valore di business . 16 1.6.1 Il Return of Investment del DevOps . 18 1.7 Conclusione .
    [Show full text]
  • A Debate on Teaching Computing Science
    Teaching Computing Science t the ACM Computer Science Conference last Strategic Defense Initiative. William Scherlis is February, Edsger Dijkstra gave an invited talk known for his articulate advocacy of formal methods called “On the Cruelty of Really Teaching in computer science. M. H. van Emden is known for Computing Science.” He challenged some of his contributions in programming languages and the basic assumptions on which our curricula philosophical insights into science. Jacques Cohen Aare based and provoked a lot of discussion. The edi- is known for his work with programming languages tors of Comwunications received several recommenda- and logic programming and is a member of the Edi- tions to publish his talk in these pages. His comments torial Panel of this magazine. Richard Hamming brought into the foreground some of the background received the Turing Award in 1968 and is well known of controversy that surrounds the issue of what be- for his work in communications and coding theory. longs in the core of a computer science curriculum. Richard M. Karp received the Turing Award in 1985 To give full airing to the controversy, we invited and is known for his contributions in the design of Dijkstra to engage in a debate with selected col- algorithms. Terry Winograd is well known for his leagues, each of whom would contribute a short early work in artificial intelligence and recent work critique of his position, with Dijkstra himself making in the principles of design. a closing statement. He graciously accepted this offer. I am grateful to these people for participating in We invited people from a variety of specialties, this debate and to Professor Dijkstra for creating the backgrounds, and interpretations to provide their opening.
    [Show full text]
  • Dr. Dobb's | Software Engineering ≠ Computer Science | June 4, 2009
    Software Engineering ≠ Computer Science Software engineering seems different, in a frustrating way, from other disciplines of computer science By Chuck Connell, Dr. Dobb's Journal Jun 04, 2009 URL:http://www.ddj.com/architect/217701907 Chuck Connell is a software consultant. He can be reached at www.chc-3.com. A few years ago, I studied algorithms and complexity. The field is wonderfully clean, with each concept clearly defined, and each result building on earlier proofs. When you learn a fact in this area, you can take it to the bank, since mathematics would have to be inconsistent to overturn what you just learned. Even the imperfect results, such as approximation and probabilistic algorithms, have rigorous analyses about their imperfections. Other disciplines of computer science, such as network topology and cryptography also enjoy similar satisfying status. Now I work on software engineering, and this area is maddeningly slippery. No concept is precisely defined. Results are qualified with "usually" or "in general". Today's research may, or may not, help tomorrow's work. New approaches often overturn earlier methods, with the new approaches burning brightly for a while and then falling out of fashion as their limitations emerge. We believed that structured programming was the answer. Then we put faith in fourth-generation languages, then object-oriented methods, then extreme programming, and now maybe open source. But software engineering is where the rubber meets the road. Few people care whether P equals NP just for the beauty of the question. The computer field is about doing things with computers. This means writing software to solve human problems, and running that software on real machines.
    [Show full text]
  • Revealing the Secrets of David Parnas
    Revealing the Secrets of David Parnas H. Conrad Cunningham Department of Computer and Information Science University of Mississippi March 7, 2014 Those of us in the fast-changing field of computing often dismiss anything writ- ten more than five years ago as obsolete. Yet several decades-old papers by David L. Parnas [1, 4, 5, 6, 7, 8] are as timely as those published in recent issues of the top journals. Parnas articulates the timeless software design concepts known as information hiding and abstract interfaces. Most programmers would describe a module as a unit of code such as a sub- routine or class. Parnas focuses on the programmers rather than the programs. He defines a module as \a work assignment given to a programmer or group of programmers" as a part of a larger software development project [7]. His goals are to enable programmers to develop each module independently, change one module without affecting other modules, and comprehend the overall system by examining one module at a time [5]. Programmers often design a software system by breaking the required pro- cessing into steps and making each step a module. Instead, Parnas uses in- formation hiding to decompose the system into modules that satisfy his goals (2); each module keeps its own secreta design decision about some aspect of the system (e.g., choice of a data structure). A modules design decision can change but none of the other modules should be affected. If some aspect is unlikely to change, the design can distribute this knowledge across several modules and the interfaces among them.
    [Show full text]
  • From Play-In Scenarios to Code: an Achievable Dream
    COVER FEATURE From Play-In Scenarios to Code: An Achievable Dream A development scheme for complex reactive systems leads from a user- friendly requirements capture method, called play-in scenarios, to full behavioral descriptions of system parts, and from there to final implementation. 1 David Harel n a 1992 Computer article, I tried to present an system model, most notably its structure and behav- The Weizmann optimistic view of the future of development ior. The linking of structure and behavior is crucial Institute of methods for complex systems. Research since and by no means a straightforward issue. In SA/SD, Science then only supports this optimism, as I will for example, each system function or activity is asso- I attempt to show. ciated with a state machine or a statechart2 that This article presents a general, rather sweeping describes its behavior. In OOAD, as evident in the development scheme, combining ideas that have been Unified Modeling Language (UML)3 and its exe- known for a long time with more recent ones. The cutable basis, the XUML,4 each class is associated scheme makes it possible to go from a high-level user- with a statechart, which describes the behavior of friendly requirements capture method—which I call every instance object. The “Structured Analysis and play-in scenarios—via a rich language for describing Structured Design” and “Object-Oriented Analysis message sequencing to a full model of the system, and and Design” sidebars give some background on these from there to final implementation. modeling approaches. A cyclic process of verifying the system against An indispensable part of any serious modeling requirements and synthesizing system parts from the approach is a rigorous semantical basis for the model requirements is central to the proposal.
    [Show full text]
  • Software Engineering
    Software Engineering ACM Fellow David Parnas, 2004 What advice do you have for computer science/software engineering students? Most students who are studying computer science really want to study software engineering but they don't have that choice. There are very few programs that are designed as engineering programs but specialize in software. I would advise students to pay more attention to the fundamental ideas rather than the latest technology. The technology will be out-of-date before they graduate. Fundamental ideas never get out of date. However, what worries me about what I just said is that some people would think of Turing machines and Goedel's theorem as fundamentals. I think those things are fundamental but they are also nearly irrelevant. I think there are fundamental design principles, for example structured programming principles, the good ideas in "Object Oriented" programming, etc. What is the most often-overlooked risk in software engineering? Incompetent programmers. There are estimates that the number of programmers needed in the U.S. exceeds 200,000. This is entirely misleading. It is not a quantity problem; we have a quality problem. One bad programmer can easily create two new jobs a year. Hiring more bad programmers will just increase our perceived need for them. If we had more good programmers, and could easily identify them, we would need fewer, not more. What is the most-repeated mistake in software engineering? People tend to underestimate the difficulty of the task. Overconfidence explains most of the poor software that I see. Doing it right is hard work.
    [Show full text]
  • Integrative Educational Approach Oriented Towards Software And
    PAPER INTEGRATIVE EDUCATIONAL APPROACH ORIENTED TOWARDS SOFTWARE AND SYSTEMS DEVELOPMENT Integrative Educational Approach Oriented Towards Software and Systems Development http://dx.doi.org/10.3991/ijep.v3i1.2345 A.J. Stoica1 and S. Islam2 1 Uppsala University, Uppsala, Sweden 2 University of East London, London, United Kingdom Abstract—The paper is based on our academic teaching and between conceptual and operational aspects in software research work in software and system engineering to effec- engineering education. tively develop modern, complex real-life Web application In our educational work, we are guided by: i) lifelong systems. It bridges the gap between academic education and learning preparing our students for applications-oriented industry needs and illustrates how such collaboration can be careers, working in all levels of computer systems engi- successfully developed in the IT area where technology neering in particular software and systems engineering development is rapid. Its scope covers the processes, models, domain; ii) contributions Harlan D. Mills award recipi- technologies, people, and knowledge that have the capability ents: Bertrand Meyer for practical and fundamental con- to contribute to developing such systems. The paper also tributions to object-oriented software engineering, soft- relates to contributions of some of Harlan D. Mills award ware reuse, and the integration of formal methods into the recipients for software engineering achievement, to address above; Barry Boehm for developing empirical software the needs to: i) improve the engineering education in an engineering models that consider cost, schedule, and academic setting, and ii) develop real-life software and quality, as well as software process spiral model, Theory system projects.
    [Show full text]
  • Software Engineering, Why and What
    Middle Road Software, Inc. Software Engineering, Why And What David Lorge Parnas1! Abstract In the 1960s many of the scientists and mathematicians who were interested in computer software observed that software development was a profession that had more in common with Engineering than it did with the fields in which they had been trained. Most of them had mastered a body of knowledge and been taught how to extend that knowledge. They had not been taught how to apply what they had learned when building products that would be used by strangers. It was proposed that, in addition to "Computer Science", there was a need for a for a new Engineering discipline called "Software Engineering". Although some critics considered the new field, redundant and superfluous, time has proven that it is needed. Today we depend on software in the same way that previous generations depended on traditional engineering products. While the early pioneers correctly sensed that a new field was needed, they did not succeed in defining the capabilities required of practitioners in the new field. More recently, there have been several efforts to identify a "body of knowledge" for Software Engineering. In my opinion, none have captured the essence of the field. This talk approaches the subject by focussing on capabilities, i.e., by addressing the question, What should a Software Engineer be able to do? Starting with two historical characterizations of the field by the pioneers, it presents a set of capabilities required by today's "Software Engineers". 1 After lengthy discussions with Carl Landwehr, Jochen Ludewig Robert Meersman, Peretz Shoval, Yair Wand ,David Weiss and Elaine Weyuker whose contributions were substantial and substantive.
    [Show full text]