DOCSLIB.ORG

Reasoning About POSIX File Systems

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Reasoning About POSIX File Systems Imperial College London Department of Computing Reasoning About POSIX File Systems Gian Ntzik September 2016 Supervised by Philippa Gardner Submitted in part fulfilment of the requirements for the degree of Doctor of Philosophy in Computing of Imperial College London and the Diploma of Imperial College London 1 2 Declaration I herewith certify that all material in this thesis which is not my own work has been properly acknowl- edged. Gian Ntzik 3 4 Copyright The copyright of this thesis rests with the author and is made available under a Creative Commons Attribution Non-Commercial No Derivatives licence. Researchers are free to copy, distribute or trans- mit the thesis on the condition that they attribute it, that they do not use it for commercial purposes and that they do not alter, transform or build upon it. For any reuse or redistribution, researchers must make clear to others the licence terms of this work. 5 6 Abstract POSIX is a standard for operating systems, with a substantial part devoted to specifying file-system operations. File-system operations exhibit complex concurrent behaviour, comprising multiple actions affecting different parts of the state: typically, multiple atomic reads followed by an atomic update. However, the standard's description of concurrent behaviour is unsatisfactory: it is fragmented; con- tains ambiguities; and is generally under-specified. We provide a formal concurrent specification of POSIX file systems and demonstrate scalable reasoning for clients. Our specification is based on a concurrent specification language, which uses a modern concurrent separation logic for reasoning about abstract atomic operations, and an associated refinement calculus. Our reasoning about clients highlights an important difference between reasoning about modules built over a heap, where the interference on the shared state is restricted to the operations of the module, and modules built over a file system, where the interference cannot be restricted as the file system is a public namespace. We introduce specifications conditional on context invariants used to restrict the interference, and apply our reasoning to lock files and named pipes. Program reasoning based on separation logic has been successful at verifying that programs do not crash due to illegal use of resources, such invalid memory accesses. The underlying assumption of separation logics, however, is that machines do not fail. In practice, machines can fail unpredictably for various reasons, such as power loss, corrupting resources or resulting in permanent data loss. Critical software, such as file systems and databases, employ recovery methods to mitigate these effects. We introduce an extension of the Views framework to reason about programs in the presence of such events and their associated recovery methods. We use concurrent separation logic as an instance of the framework to illustrate our reasoning, and explore programs using write-ahead logging, such a stylised ARIES recovery algorithm. 7 8 To my loved ones forever lost, but in my heart forgotten not. 9 10 Contents 1. Introduction 19 1.1. Contributions and Dissertation Outline.......................... 21 2. File Systems and POSIX 23 2.1. File Systems.......................................... 23 2.1.1. Structure and Implementation........................... 24 2.2. The POSIX Standard.................................... 27 2.2.1. POSIX File-System Structure and Interface Overview.............. 28 2.3. Concurrency in POSIX File Systems............................ 32 2.3.1. Thread Safety and Atomicity............................ 32 2.3.2. Path Resolution and Client Applications...................... 36 2.3.3. Atomicity of directory operations.......................... 38 2.3.4. Non-determinism................................... 39 2.3.5. File Systems are a Public Namespace....................... 39 2.4. Conclusions.......................................... 40 3. Reasoning about Concurrent Modules 42 3.1. Separation Logic....................................... 42 3.2. Concurrent Separation Logic................................ 44 3.3. Abstract Separation Logic and Views............................ 45 3.4. Fine-grained Concurrency.................................. 46 3.5. Atomicity........................................... 47 3.5.1. Contextual Refinement and Separation Logic................... 48 3.5.2. Atomic Hoare Triples................................ 49 3.6. Conclusions.......................................... 51 4. Formal Methods for File Systems 52 4.1. Model Checking........................................ 52 4.2. Testing............................................ 52 4.3. Specification and Refinement to Implementation..................... 53 4.4. Program Reasoning...................................... 53 5. Modelling the File System 55 6. Concurrent Specifications and Client Reasoning 59 6.1. Specifications......................................... 59 6.1.1. Operations on Links................................. 59 11 6.1.2. Operations on Directories.............................. 68 6.1.3. I/O Operations on Regular Files.......................... 70 6.2. Client Reasoning....................................... 75 6.3. Extending Specifications................................... 84 6.3.1. Symbolic Links and Relative Paths......................... 84 6.3.2. File-Access Permissions............................... 87 6.3.3. Threads and Processes................................ 90 6.4. Conclusions.......................................... 91 7. Atomicity and Refinement 93 7.1. Specification Language.................................... 93 7.2. Model............................................. 97 7.3. Operational Semantics.................................... 105 7.4. Refinement.......................................... 107 7.4.1. Contextual Refinement................................ 107 7.4.2. Denotational Refinement.............................. 108 7.4.3. Adequacy....................................... 111 7.5. Refinement Laws....................................... 112 7.6. Abstract Atomicity...................................... 117 7.7. Syntax Encodings....................................... 129 7.8. Conclusions.......................................... 130 8. Client Examples 132 8.1. CAP Style Locks....................................... 132 8.2. Coarse-grained vs Fine-grained Specifications for POSIX................. 134 8.2.1. Behaviour with Coarse-grained Specifications................... 135 8.2.2. Behaviour with POSIX Specifications....................... 140 8.2.3. Correcting the Email Client-Server Interaction.................. 149 8.3. Case Study: Named Pipes.................................. 156 8.3.1. Specification..................................... 156 8.3.2. Implementation.................................... 159 8.3.3. Verification...................................... 166 8.4. Conclusions.......................................... 187 9. Fault Tolerance 188 9.1. Faults and Resource Reasoning............................... 188 9.2. Motivating Examples..................................... 190 9.2.1. Naive Bank Transfer................................. 190 9.2.2. Fault-tolerant Bank Transfer: Implementation.................. 190 9.2.3. Fault-tolerant Bank Transfer: Verification..................... 191 9.3. Journaling File Systems................................... 196 9.4. FTCSL Program Logic.................................... 196 9.4.1. Unsound Rules.................................... 199 12 9.5. Example: Concurrent Bank Transfer............................ 199 9.6. Semantics and Soundness.................................. 202 9.6.1. Fault-tolerant Views................................. 202 9.6.2. Fault-tolerant Concurrent Separation Logic.................... 202 9.7. Case Study: ARIES..................................... 203 9.8. Related Work......................................... 215 9.9. Conclusions.......................................... 216 10.Conclusions 217 10.1. Future Work......................................... 217 10.1.1. Mechanisation and Automation........................... 218 10.1.2. Total Correctness................................... 218 10.1.3. Helping and Speculation............................... 218 10.1.4. File-System Implementation and Testing...................... 219 10.1.5. Fault-tolerance of File Systems........................... 219 10.1.6. Atomicity? Which Atomicity?........................... 219 A. POSIX Fragment Formalisation 228 A.1. Path Resolution........................................ 230 A.2. Operations on Links..................................... 230 A.3. Operations on Directories.................................. 234 A.4. I/O Operations on Regular Files.............................. 235 A.5. I/O Operations on Directories................................ 236 B. Atomicity and Refinement Technical Appendix 238 B.1. Adequacy Addendum.................................... 238 B.1.1. Operational traces are denotational traces..................... 246 B.1.2. Denotational traces are operational traces..................... 249 B.2. Proofs of General Refinement Laws............................. 256 B.3. Primitive Atomic Refinement Laws Proofs......................... 268 B.4. Proofs of Abstract Atomic Refinement Laws........................ 274 B.5. Proofs of Hoare-Statement Refinement Laws........................ 288 C. Fault-Tolerant Views Framework 291 C.1. General Framework and Soundness............................. 291 C.2. FTCSL...........................................
Load more

Recommended publications
  • Technical Standard
    Technical Standard X/Open Curses, Issue 7 The Open Group ©November 2009, The Open Group All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of the copyright owners. Technical Standard X/Open Curses, Issue 7 ISBN: 1-931624-83-6 Document Number: C094 Published in the U.K. by The Open Group, November 2009. This standardhas been prepared by The Open Group Base Working Group. Feedback relating to the material contained within this standardmay be submitted by using the web site at http://austingroupbugs.net with the Project field set to "Xcurses Issue 7". ii Technical Standard 2009 Contents Chapter 1 Introduction........................................................................................... 1 1.1 This Document ........................................................................................ 1 1.1.1 Relationship to Previous Issues ......................................................... 1 1.1.2 Features Introduced in Issue 7 ........................................................... 2 1.1.3 Features Withdrawn in Issue 7........................................................... 2 1.1.4 Features Introduced in Issue 4 ........................................................... 2 1.2 Conformance............................................................................................ 3 1.2.1 Base Curses Conformance .................................................................
    [Show full text]
  • Lenovo Bootable Media Creator Installation and User Guide
    Lenovo Bootable Media Creator Installation and User Guide Version 12.3.0 Note Before using this information and the product it supports, read the information in Appendix C “Notices” on page 45. (August 2021) © Copyright Lenovo 2014, 2021. Portions © Copyright IBM Corporation 2009, 2021 LIMITED AND RESTRICTED RIGHTS NOTICE: If data or software is delivered pursuant to a General Services Administration (GSA) contract, use, reproduction, or disclosure is subject to restrictions set forth in Contract No. GS-35F- 05925. Tables 1. Acronyms . iii 6. Supported bootable environment. 7 2. Supported Lenovo platforms . 4 7. Main menus of ThinkSystem and System x 3. Supported IBM platforms. 5 (for Lenovo or IBM) . 25 4. Supported Storage platforms . 5 8. Configuration settings . 32 5. Operating systems supported by BoMC . 6 9. Return codes of commands . 40 © Copyright Lenovo 2014, 2021 ii iii Lenovo Bootable Media Creator Installation and User Guide Contents Tables . ii Creating bootable media for Lenovo servers and IBM servers . 11 About this publication . iii Creating bootable media for Storage systems . 15 Conventions and terminology . iii Updating existing bootable media. 16 Publications and related information. iv Web resources . iv Chapter 5. Using bootable media . 23 Starting bootable media from GUI. 23 Chapter 1. Technical overview . 1 Starting bootable media from text user interface . 24 Chapter 2. Hardware and software Chapter 6. Troubleshooting and requirements. 3 support . 27 Hardware requirements. 3 Limitations and problems . 27 Supported server models . 3 Workarounds. 28 EFI Boot . 5 Lenovo XClarity Essentials Bootable Media IPv6 enablement. 5 Creator log file . 28 Software requirements . 6 Appendix A. Accessibility features Supported operating systems .
    [Show full text]
  • CD-ROM, CD-R, CD-RW, and DVD-ROM Drives) Are the Hardware Devices That Read Computer Data from Disks
    A Brief History of CD/DVD The first disc that could be written and read by optical means (using light as a medium) was developed by James T. Russell. In the late 1960s, Russell created a system that recorded, stored, and played audio/video data using light rather than the traditional contact methods, which could easily damage the disks during playback. Russell developed a photosensitive disc that stored data as 1 micron-wide dots of light and dark. The dots were read by a laser, converted to an electrical signal, and then to audio or visual display for playback. Russell's own company manufactured the first disc player in 1980, although the technology never reached the marketplace until Philips and Sony developed the technology. In late 1982, Philips and Sony released the first of the compact disc (CD) formats, which they then called CD-DA (digital audio). In the years since, format has followed format as the original companies and other industry members developed more adaptations of the original specifications. Digital Versatile disc (DVD) had its beginning in 1994, when two formats, Super disc (SD) and Multimedia CD (MMCD) were introduced. Promoters of the competing technologies failed to reach an agreement on a single standard until 1996, when DVD was selected as a convergence format. DVD has, in the few years since, grown to include variations that do anything that CD does, and more efficiently. Standardization and compatibility issues aside, DVD is well-placed to supplant CD. Magnetic vs Optical Media Optical media are storage media that hold information in digital form and that are written and read by a laser; these media include all the various CD and DVD variations, as well as optical jukeboxes and autochangers.
    [Show full text]
  • Department of Computer Science & Engineering
    COURSE STURCTURE Of 4 YEARS DEGREE B.TECH. (Information Technology) Department of Computer Science & Engineering SCHOOL OF INFORMATION AND COMMUNICATION TECHNOLOGY GAUTAM BUDDHA UNIVERSITY GAUTAM BUDH NAGAR, GREATER NOIDA 2018-2019 4-Years Degree B. TECH. (Information Technology) I-YEAR (I-SEMESTER) (Effective from session: 2018-19) SEMESTER-I S r . Subject Code Courses L-T-P Credits CBCS/AICTE No. THEORY 1 PH102 Engineering Physics 3-1-0 4 CC/BS 2 MA101 Engineering Mathematics – I 3-1-0 4 CC/BS 3 ME101 Engineering Mechanics 3-1-0 4 CC/ESC 4 EE102 Basics Electrical Engineering 3-1-0 4 CC/ESC 5 ES101 Environmental Science 2-0-0 2 AECC/BS 6 EN101 English Proficiency 2-0-0 2 AECC/HSMC PRACTICALS 7 PH 104 Engineering Physics Lab 0-0-2 1 CC/BS 8 EE 104 Basic Electrical Engineering Lab 0-0-2 1 CC/ESC 9 ME102* Workshop Practices 1-0-2 2 CC/ESC 10 EN151 Language Lab 0-0-2 1 AECC/HSMC 11 GP General Proficiency - Non Credit Total 17-4-8 25 Total Contact Hours 29 I-YEAR (II-SEMESTER) (Effective from session: 2018-19) SEMESTER – II S r. Subject Code Courses L-T-P Credits CBCS/AICTE No. THEORY 1 CY101 Engineering Chemistry 3-1-0 4 CC/BS 2 MA102 Engineering Mathematics – II 3-1-0 4 CC/BS 3 EC101 Basic Electronics Engineering 3-1-0 4 CC/ESC 4 CS101 Fundamentals of Computer 3-1-0 4 SEC/ESC Programming 5 BS101 Human Values & Buddhist Ethics 2-0-0 2 AECC/HSMC PRACTICALS 6 CY 103 Engineering Chemistry Lab 0-0-2 1 CC/BS 7 EC 181 Basic Electronics Engineering Lab 0-0-2 1 CC/ESC 8 CS 181 Computer Programming Lab 0-0-2 1 SEC/ESC 9 CE103* Engineering Graphics 1-0-2 2 CC/ESC 10 GP General Proficiency - Non Credit Total 15-4-8 23 Total Contact Hours 27 II-YEAR (III-SEMESTER) (Effective from session: 2018-19) EVALUATION SCHEME PERIO SESSIO MID CBC CREDI COUR DS S.
    [Show full text]
  • Heritage Ascential Software Portfolio, Now Available in Passport Advantage, Delivers Trustable Information for Enterprise Initiatives
    Software Announcement July 18, 2006 Heritage Ascential software portfolio, now available in Passport Advantage, delivers trustable information for enterprise initiatives Overview structures ranging from simple to highly complex. It manages data At a glance With the 2005 acquisition of arriving in real time as well as data Ascential Software Corporation, received on a periodic or scheduled IBM software products acquired IBM added a suite of offerings to its basis and enables companies to from Ascential Software information management software solve large-scale business problems Corporation are now available portfolio that helps you profile, through high-performance through IBM Passport Advantage cleanse, and transform any data processing of massive data volumes. under new program numbers and across the enterprise in support of A WebSphere DataStage Enterprise a new, simplified licensing model. strategic business initiatives such as Edition license grants entitlement to You can now license the following business intelligence, master data media for both WebSphere programs for distributed platforms: DataStage Server and WebSphere management, infrastructure • consolidation, and data governance. DataStage Enterprise Edition. Core product: WebSphere The heritage Ascential programs in Datastore Enterprise Edition, this announcement are now WebSphere RTI enables WebSphere WebSphere QualityStage available through Passport DataStage jobs to participate in a Enterprise Edition, WebSphere Advantage under a new, service-oriented architecture (SOA)
    [Show full text]
  • CD Burning with Mac OS X
    CD Burning with Mac OS X Software: Macintosh OS X and iTunes Platform: Macintosh Connection:N/A Availability: Purchase/Labs Why create a CD-ROM? CD-ROMs are a low-cost media that can hold large amounts of information in a variety of formats. Also, nearly every computer today has a CD-ROM drive, so your data can be transported easily. While most people are introduced to CD-ROM burning as a way to create custom audio CDs, CD-ROMs are well suited for archiving and backing up personal data. In the classroom, existing electronic resources can be easily incorporated into a CD-ROM. Step 1. Decide what kind of CD you want to create Macintosh Files & Folders - This is the easiest method for burning for Mac. Macintosh Volume - This allows you to make an exact duplicate of another CD ISO 9660 - PC Format. Make sure fi le names are legal. Macintosh/ISO 9660 - “Hybrid” CD for both Macintosh and PC platforms Audio - For creating music CDs Step 2. Planning Gather your content This includes all the material you want to burn on the CD-ROM. Archive word documents, e-mail, presentations, PDF fi les and other traditional computer fi les. You may also need to collect any media fi les such as graphics, audio fi les, or movie fi les. In some cases, you may want to convert your fi les from one fi le type to another prior to creating your CD. For example, you may want to convert a word document to a PDF document prior to distribution.
    [Show full text]
  • Synchronizing Threads with POSIX Semaphores
    3/17/2016 POSIX Semaphores Synchronizing Threads with POSIX Semaphores 1. Why semaphores? 2. Posix semaphores are easy to use sem_init sem_wait sem_post sem_getvalue sem_destroy 3. Activities 1 2 Now it is time to take a look at some code that does something a little unexpected. The program badcnt.c creates two new threads, both of which increment a global variable called cnt exactly NITER, with NITER = 1,000,000. But the program produces unexpected results. Activity 1. Create a directory called posixsem in your class Unix directory. Download in this directory the code badcnt.c and compile it using gcc badcnt.c -o badcnt -lpthread Run the executable badcnt and observe the ouput. Try it on both tanner and felix. Quite unexpected! Since cnt starts at 0, and both threads increment it NITER times, we should see cnt equal to 2*NITER at the end of the program. What happens? Threads can greatly simplify writing elegant and efficient programs. However, there are problems when multiple threads share a common address space, like the variable cnt in our earlier example. To understand what might happen, let us analyze this simple piece of code: THREAD 1 THREAD 2 a = data; b = data; a++; b--; data = a; data = b; Now if this code is executed serially (for instance, THREAD 1 first and then THREAD 2), there are no problems. However threads execute in an arbitrary order, so consider the following situation: Thread 1 Thread 2 data a = data; --- 0 a = a+1; --- 0 --- b = data; // 0 0 --- b = b + 1; 0 data = a; // 1 --- 1 --- data = b; // 1 1 So data could end up +1, 0, -1, and there is NO WAY to know which value! It is completely non- deterministic! http://www.csc.villanova.edu/~mdamian/threads/posixsem.html 1/4 3/17/2016 POSIX Semaphores The solution to this is to provide functions that will block a thread if another thread is accessing data that it is using.
    [Show full text]
  • Formal Specification— Z Notation— Syntax, Type and Semantics
    Formal Specification— Z Notation| Syntax, Type and Semantics Consensus Working Draft 2.6 August 24, 2000 Developed by members of the Z Standards Panel BSI Panel IST/5/-/19/2 (Z Notation) ISO Panel JTC1/SC22/WG19 (Rapporteur Group for Z) Project number JTC1.22.45 Project editor: Ian Toyn [email protected] http://www.cs.york.ac.uk/~ian/zstan/ This is a Working Draft by the Z Standards Panel. It has evolved from Consensus Working Draft 2.5 of June 20, 2000 according to remarks received and discussed at Meeting 56 of the Z Panel. ISO/IEC 13568:2000(E) Contents Page Foreword . iv Introduction . v 1 Scope ....................................................... 1 2 Normative references . 1 3 Terms and definitions . 1 4 Symbols and definitions . 3 5 Conformance . 14 6 Z characters . 18 7 Lexis........................................................ 24 8 Concrete syntax . 30 9 Characterisation rules . 38 10 Annotated syntax . 40 11 Prelude . 43 12 Syntactic transformation rules . 44 13 Type inference rules . 54 14 Semantic transformation rules . 66 15 Semantic relations . 71 Annex A (normative) Mark-ups . 79 Annex B (normative) Mathematical toolkit . 90 Annex C (normative) Organisation by concrete syntax production . 107 Annex D (informative) Tutorial . 153 Annex E (informative) Conventions for state-based descriptions . 166 Bibliography . 168 Index . 169 ii c ISO/IEC 2000|All rights reserved ISO/IEC 13568:2000(E) Figures 1 Phases of the definition . 15 B.1 Parent relation between sections of the mathematical toolkit . 90 D.1 Parse tree of birthday book example . 155 D.2 Annotated parse tree of part of axiomatic example .
    [Show full text]
  • Openextensions POSIX Conformance Document
    z/VM Version 7 Release 1 OpenExtensions POSIX Conformance Document IBM GC24-6298-00 Note: Before you use this information and the product it supports, read the information in “Notices” on page 73. This edition applies to version 7, release 1, modification 0 of IBM z/VM (product number 5741-A09) and to all subsequent releases and modifications until otherwise indicated in new editions. Last updated: 2018-09-12 © Copyright International Business Machines Corporation 1993, 2018. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents List of Tables........................................................................................................ ix About This Document............................................................................................xi Intended Audience......................................................................................................................................xi Conventions Used in This Document.......................................................................................................... xi Where to Find More Information.................................................................................................................xi Links to Other Documents and Websites.............................................................................................. xi How to Send Your Comments to IBM....................................................................xiii Summary of Changes for z/VM
    [Show full text]
  • 1215-S Term DATE of AWARD to 04/30/2022 TITLE: Litigation Support Services Court Record & Data Canaan Media LLC Management Services, Inc
    Program No 1215-S Term DATE OF AWARD To 04/30/2022 TITLE: Litigation Support Services Court Record & Data Canaan Media LLC Management Services, Inc. The MCS Group, Inc. BASIS OF Piscataway, NJ East Brunswick, NJ Newark, NJ ITEM NO. ITEM DESCRIPTION: AWARD UNIT RATE COST UNIT RATE COST UNIT RATE COST I. DUPLICATING/COPYING: a. Duplicating/copying in black…………. per printed page 36,284 $0.18 $6,531.12 $0.06 $2,177.04 $0.12 $4,354.08 b. Duplicating/copying in color………….per printed page 12,748 $0.24 $3,059.52 $0.08 $1,019.84 $0.15 $1,912.20 c. Juror Questionnaire printing in black……... per printed page 35,000 $0.18 $6,300.00 $0.06 $2,100.00 $0.10 $3,500.00 II. BLOWBACK: a. Litigation documents printing in black………….per printed page 53,628 $0.18 $9,653.04 $0.08 $4,290.24 $0.10 $5,362.80 b. Litigation documents printing in color………….per printed page 105,774 $0.24 $25,385.76 $0.12 $12,692.88 $0.20 $21,154.80 c. Juror Questionnaires printing in black……... per printed page 52,500 $0.18 $9,450.00 $0.08 $4,200.00 $0.10 $5,250.00 III. SCANNING: Document Preparation- No Intervention to Light Intervention: Scanning in black or color up to 8-1/2 x 14"....per image a. 176,051 $0.04 $7,042.04 $0.12 $21,126.12 $0.07 $12,323.57 Document Preparation- Medium Intervention: Scanning in black b.
    [Show full text]
  • So You Think You Know C? [Pdf]
    So You Think You Know C? And Ten More Short Essays on Programming Languages by Oleksandr Kaleniuk Published in 2020 This is being published under the Creative Commons Zero license. I have dedicated this work to the public domain by waiving all of my rights to the work worldwide under copyright law, including all related and neighboring rights, to the extent allowed by law. You can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. Table of Contents Introduction......................................................................................................... 4 So you think you know C?..................................................................................6 APL deserves its renaissance too.......................................................................13 Going beyond the idiomatic Python..................................................................30 Why Erlang is the only true computer language................................................39 The invisible Prolog in C++..............................................................................43 One reason you probably shouldn’t bet your whole career on JavaScript.........54 You don't have to learn assembly to read disassembly......................................57 Fortran is still a thing........................................................................................64 Learn you a Lisp in 0 minutes...........................................................................68 Blood, sweat,
    [Show full text]
  • Software Engineering Standards Introduction
    6/21/2008 Software Engineering Standards Introduction 1028 9126 730 12207 9000 CMM 15288 CMMI J-016 1679 Outline 1. Definitions 2. Sources of Standards 3. Why Use Standards ? 4. ISO and Software Engineering Standards 5. IEEE Software Engineering Collection Sources: IEEE Standards, Software Engineering, Volume Three: Product Standards, Introduction to the1999 Edition, pages i to xxiii. Horch, J., ‘Practical Guide to Software Quality management’, Artech House, 1996, chap 2. Wells, J., ‘An Introduction to IEEE/EIA 12207’, US DoD, SEPO, 1999. Moore, J., ‘Selecting Software Engineering Standards’, QAI Conference, 1998. Moore, J., ‘The Road Map to Software Engineering: A Standards-Based Guide’, Wiley-IEEE Computer Society Press, 2006. Moore, J.,’An Integrated Collection of Software Engineering Standards’, IEEE Software, Nov 1999. Gray, L., ‘Guidebook to IEEE/EIA 12207 Standard for Information Technology, Software Life Cycle Processes’, Abelia Corporation, Fairfax, Virginia, 2000. Coallier, F.; International Standardization in Software and Systems Engineering, Crosstalk, February 2003, pp. 18-22. 6/21/2008 2 1 6/21/2008 Exemple d’un système complexe Système de transport aérien Système de transport Système de Transport Aérien terrestre Système de Système de gestion du trafic réservation aérien Système Système aéroportuaire de distribution du kérosène SystèmeSystème avionique avion Système de Système de gestion de la Structure vie à bord SystèmeSystème de de équipage propulsionpropulsion Système SystèmeNavigation de de SystèmeVisualisation Système de navigationsystem de visualisation contrôle de vol SystèmeSystème de de réception réception Système de GPSGPS transport terrestremaritime 6/21/2008 3 Toward a Software Engineering Profession • What does it take ? 1. Body of Knowledge (e.g. SWEBOK) 2.
    [Show full text]