Software Acceptance: Direct Artifact Assurance William L. Scherlis Carnegie Mellon University Professor, School of Computer Science Director, CMU/NASA.

Slides:



Advertisements
Similar presentations
Our Corporate Mission Quality Systems Management, Inc. (QSMI)
Advertisements

Chapter 1: Introduction
Kai H. Chang COMP 6710 Course NotesSlide CMMI-1 Auburn University Computer Science and Software Engineering Capability Maturity Model Integration - CMMI.
Unit 2. Software Lifecycle
Metrics for Process and Projects
1 Independent Verification and Validation Current Status, Challenges, and Research Opportunities Dan McCaugherty IV&V Program Manager Titan Systems Corporation.
OHT 2.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 What is software? Software errors, faults and failures Classification.
27 September 1999 Crisis Management William L. Scherlis Carnegie Mellon University School of Computer Science.
CS CS 5150 Software Engineering Lecture 13 System Architecture and Design 1.
Quality is about testing early and testing often Joe Apuzzo, Ngozi Nwana, Sweety Varghese Student/Faculty Research Day CSIS Pace University May 6th, 2005.
SE 555 Software Requirements & Specification Requirements Validation.
CSE 219 COMPUTER SCIENCE III PROPERTIES OF HIGH QUALITY SOFTWARE.
 QUALITY ASSURANCE:  QA is defined as a procedure or set of procedures intended to ensure that a product or service under development (before work is.
Software Quality Assurance For Software Engineering && Architecture and Design.
Introduction to Software Testing
IV&V Facility Model-based Design Verification IVV Annual Workshop September, 2009 Tom Hempler.
OHT 2.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 Software Quality - continued So let’s move on to ‘exactly’ what we mean.
Creating a world where environmental sustainability and social justice are the normal conditions of business
Software Reliability: The “Physics” of “Failure” SJSU ISE 297 Donald Kerns 7/31/00.
PV213 EIS in Practice: 04 – Quality assurance1 PV213 Enterprise Information Systems in Practice 04 – Quality assurance.
Upstream Prerequisites
CPTE 209 Software Engineering Summary and Review.
1 Software Process Lecture Outline Nature of software projects Engineering approaches Software process A process step Characteristics of a good.
University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.
N By: Md Rezaul Huda Reza n
Towards Scalable Modular Checking of User-defined Properties Thomas Ball, MSR Brian Hackett, Mozilla Shuvendu Lahiri, MSR Shaz Qadeer, MSR Julien Vanegue,
Chapter 5 – Part II IT Infrastructure and Emerging Technologies.
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 1: Software and Software Engineering.
Software Quality Assurance Activities
Class 5 Computer Software. Outline System Software Application Software (“Applications”) Markup languages for Internet (HTML, XML) User Interface Client-Server.
By: Md Rezaul Huda Reza 5Ps for SE Process Project Product People Problem.
Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.
POSITIONING STATEMENT For people who operate shared computers with Genuine Windows XP, the Shared Computer Toolkit is an affordable, integrated, and easy-to-use.
SE513 Software Quality Control Lecture01: Introduction to Software Quality Assurance Galin, SQA from Theory to Education Limited.
 DATABASE DATABASE  DATABASE ENVIRONMENT DATABASE ENVIRONMENT  WHY STUDY DATABASE WHY STUDY DATABASE  DBMS & ITS FUNCTIONS DBMS & ITS FUNCTIONS 
Instructor: Peter Clarke
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 3 Slide 1 Software Processes l Coherent sets of activities for specifying, designing,
1 10/14/2015ã 2007, Spencer Rugaber The Waterfall Process Software plans and requirements Validation System feasibility Validation Product design Verification.
IT Requirements Management Balancing Needs and Expectations.
Software Quality Assurance
Software Metrics – part 2 Mehran Rezaei. Software Metrics Objectives – Provide State-of-art measurement of software products, processes and projects Why.
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 1: Software and Software Engineering.
Software Testing and Quality Assurance Software Quality Assurance 1.
21-22 May 2004IMPROQ 2004 / Impact of SW Processes on Quality Workshop 1 Quality for Components: Component and Component- Based Software Quality Issues.
OHT 1.1 Galin, SQA from theory to implementation © Pearson Education Limited 2004 The uniqueness of software quality assurance The environments for which.
Process Improvement. It is not necessary to change. Survival is not mandatory. »W. Edwards Deming Both change and stability are fundamental to process.
FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Chapter 2: Testing in Software Life Cycle MNN1063 System Testing and Evaluation.
Plug-in Architectures Presented by Truc Nguyen. What’s a plug-in? “a type of program that tightly integrates with a larger application to add a special.
LOGO TESTING Team 8: 1.Nguyễn Hoàng Khánh 2.Dương Quốc Việt 3.Trang Thế Vinh.
Using Symbolic PathFinder at NASA Corina Pãsãreanu Carnegie Mellon/NASA Ames.
Evidence about the Benefits of CMMI ® What We Already Know and What We Need to Know Joe Jarzombek, PMP Deputy Director for Software Assurance Information.
Grigore Rosu Founder, President and CEO Professor of Computer Science, University of Illinois
Formal Methods in Software Engineering1 Today’s Agenda  Mailing list  Syllabus  Introduction.
Testing Overview Software Reliability Techniques Testing Concepts CEN 4010 Class 24 – 11/17.
CS220:INTRODUCTION TO SOFTWARE ENGINEERING CH1 : INTRODUCTION 1.
CompSci 280 S Introduction to Software Development
Analysis of Current Maturity Models and Standards
Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-
Software Engineering (CSI 321)
Chapter 18 Maintaining Information Systems
CSE 403 Software Engineering
Introduction Edited by Enas Naffar using the following textbooks: - A concise introduction to Software Engineering - Software Engineering for students-
Software Quality Engineering
Verification and Validation Unit Testing
What is software quality?
Baisc Of Software Testing
What is software quality?
Albeado - Enabling Smart Energy
Presentation transcript:

Software Acceptance: Direct Artifact Assurance William L. Scherlis Carnegie Mellon University Professor, School of Computer Science Director, CMU/NASA High Dependability Computing Program Director, CMU PhD Program in Software Engineering

Outline Problems Software test and inspection inadequate to assure dependability and security  Barriers in IT supply chain: off-the-shelf, outsourcing, etc.  Example: the real story of Ariane-5  Example: Windows device drivers and blue-screens Software acceptance Direct assurance of software Contrast: CMM and NIAP-CC Examples: MSR SLAM, CMU Fluid What’s new:  Deep technical results informed by engineering pragmatism  Focus on scalability, decomposition, usability

Assurance of critical properties— today’s best practice Interface barriers exist between producers * and consumers at all stages of an IT supply chain *Producers: Internal development groups; subcontractors/outsources/offshore; off-the-shelf; open source; etc. Problem: Testing, inspection, and design analysis are inadequate to assure security and dependability Symptom: Software failures and security defects Challenges: Subsystem decomposition, critical properties with non-locality in code, concurrency and non-determinism Some examples… Four barriers Contractor qualification Requirements definition Engineering acceptance “Second” sourcing Mitigation (today’s best practice) CMM / CMMI Close relationships Testing, inspection, design analysis API conventionalization

Examples: The inadequacy of test and inspection Ariane 5—mission critical Ariane 5 veered off course and exploded 40 seconds into its maiden flight due to software failure The failure was due to a known unhandled exception in the software—cost $1 billion Why? “Heritage Ariane 4 code” Trust in the legacy…it worked for Ariane 4 Distrust in defined criteria…too risky to modify “working” software even when it is known to be broken “Blue screen”—desktop Most occur due to faulty 3 rd party device driver code—but Microsoft “blamed” by users Reputational cost to Microsoft Windows OS 3 rd party device driver OS API with associated integrity constraints

Problem: Software acceptance in today’s practice Sources of software Internally developed Mission- or security-critical Differentiating capability Business logic Outsourced custom Whole solutions Separable subsystems Off-the-shelf components Windows, OS X, Office, Oracle Open source components Apache, Linux, Tomcat, etc Mobile code JavaScript in a web page MS Word document Free players, plug-ins “Cool screensaver” virus mail Spoofed executable enclosure Basis for accepting software Trust the source “Always trust content from __” Chain of trust – certificates Explicit test and inspection Custom and outsourced May be more costly than code development itself Limited privilege – containment Sandboxing for Java, scripts Verification of safety attributes Ada/Java type integrity Assert (often based on testing) Lack of awareness Spyware and adware Configuration mgt failures Little focus on direct assurance of software code and design artifacts …

Focus—direct assurance and evaluation best practice What’s needed: Direct assurance ( focused tools and ongoing research ) (technology-dependent; attribute focused) Assure the software itselfQuality, dependability, security ( objective analysis ) Contrast with accepted best practices for evaluation: CMM/CMMI ( ISO 9001x ) (timeless; comprehensive) Evaluate the teamCost and schedule predictability Evaluate the process( correlates with bug reduction ) NIAP/CC ( ISO ) ( including potential EAL 7 ) (timeless; comprehensive) Evaluate the processSecurity policy definition Evaluate the designDesign compliance Sample the product* (*sampled – no direct assurance )

Direct assurance—industry example: Microsoft SLAM for Windows XP research.microsoft.com/slam /

Direct assurance—research example: CMU Fluid Assure diverse “mechanical” program properties for dependability and security E.g., race conditions, locking policy, unaliased references Detected numerous race conditions (and developed assured fixes) for widely used production software code E.g., Sun Java 1.4 library BufferedInputStream Provide Java programmers with direct positive assurance of design intent Focused on incrementality of work and programmer early gratification

Direct assurance—conclusion Today’s software evaluation practices (testing, inspection, design analysis) are necessary but not sufficient to provide guarantees critical dependability and security attributes. Industry and lab evidence suggests that S&T focus on defect avoidance can yield useful results New analytical techniques for assurance are starting to emerge in research and industry The most recently developed industry tools are based on technical results of early 6.1 and 6.2 lab projects Focus on specific engineering attributes related to dependability and security A priori emphasis on scalability, component decomposition, and harmony with engineering best practices.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.