Dr. Rob Hasker. Classic Quality Assurance  Ensure follow process Solid, reviewed requirements Reviewed design Reviewed, passing tests  Why doesn’t “we.

Slides:



Advertisements
Similar presentations
Ch.21 Software Its Nature and Qualities. Ch.22 Outline Software engineering (SE) is an intellectual activity and thus human-intensive Software is built.
Advertisements

“An Investigation of the Therac-25 Accidents” by Nancy G. Leveson and Clark S. Turner Catherine Schell CSC 508 October 13, 2004.
The Therac-25: A Software Fatal Failure
Why Leap Seconds are Difficult for a Vendor. Multiple Notification Sources  Inconsistencies in notification date  GPS< 6 months  NTPneeds 24 hours.
Background Increasing use of automated systems Hardware and software technology are improving rapidly User interface technology is lagging Critical bottleneck.
An Investigation of the Therac-25 Accidents Nancy G. Leveson Clark S. Turner IEEE, 1993 Presented by Jack Kustanowitz April 26, 2005 University of Maryland.
Can We Trust the Computer? Case Study: The Therac-25 Based on Article in IEEE-Computer, July 1993.
+ THE THERAC-25 - A SOFTWARE FATAL FAILURE Kpea, Aagbara Saturday SYSM 6309 Spring ’12 UT-Dallas.
Real Time Consulting LLC Continuously Engineering Real Solutions Complete Outsource Solution Provider.
(Quickly) Testing the Tester via Path Coverage Alex Groce Oregon State University (formerly NASA/JPL Laboratory for Reliable Software)
Motivation Why study Software Engineering ?. What is Engineering ? 2 Engineering (Webster) – The application of scientific and mathematical principles.
Improving Process for Better Software. Who We Are An experiential learning program that provides technology solutions for our partners, and real- world.
Building Reliable Software Requirements and Methods.
June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #18-1 Chapter 18: Introduction to Assurance Overview Why assurance? Trust and.
CS CS 5150 Software Engineering Lecture 21 Reliability 3.
Jacky: “Safety-Critical Computing …” ► Therac-25 illustrated that comp controlled equipment could be less safe. ► Why use computers at all, if satisfactory.
Proactive Risk and Problem Management March 14 – 15, 2011 John E. Tinsley Director, Air & Missile Defense Systems Mission Assurance 19 th Annual Conference.
CONTINUOUS DELIVERY / CONTINUOUS INTEGRATION. IDEAS -> SOLUTIONS Time.
Effective Methods for Software and Systems Integration
Lecture 7, part 2: Software Reliability
Software Project Management
A User-Oriented Software Reliability Model Per Trygve Myhrer 20 februar Roger C. Cheung.
Introduction to Software Quality Assurance (SQA)
1 Thread Synchronization: Too Much Milk. 2 Implementing Critical Sections in Software Hard The following example will demonstrate the difficulty of providing.
MODAL VERBS Ability & Obligation MUST & HAVE TO CAN & COULD.
CS 501: Software Engineering Fall 1999 Lecture 16 Verification and Validation.
Therac-25 Final Presentation
ITGS Software Reliability. ITGS All IT systems are a combination of: –Hardware –Software –People –Data Problems with any of these parts, or a combination.
Course: Software Engineering © Alessandra RussoUnit 1 - Introduction, slide Number 1 Unit 1: Introduction Course: C525 Software Engineering Lecturer: Alessandra.
Project Tracking. Questions... Why should we track a project that is underway? What aspects of a project need tracking?
1 Welcome to CS 362 Applied Software Engineering What happens after (and during) design? Testing, debugging, maintaining programs Lessons for software.
1 Lecture 19 Configuration Management Software Engineering.
CS 430/530 Formal Semantics Paul Hudak Yale University Department of Computer Science Lecture 1 Course Overview September 6, 2007.
Security and Reliability THERAC CASE STUDY TEXTBOOK: BRINKMAN’S ETHICS IN A COMPUTING CULTURE READING: CHAPTER 5, PAGES
Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or.
Therac-25 Case Family vs. Programmer. People Suffered From Different Type of Bad Programming Database accuracy problems. Many people could not vote in.
Digitaalsüsteemide verifitseerimise kursus1 Digitaalsüsteemide verifitseerimine IAF0620, 5.0 AP, E Jaan Raik IT-208,
1 The Do’s and Don’ts of Software Process Improvement Steve Chenoweth, RHIT.
Dimitrios Christias Robert Lyon Andreas Petrou Dimitrios Christias Robert Lyon Andreas Petrou.
©2001 Southern Illinois University, Edwardsville All rights reserved. Today Fun with Icons Thursday Presentation Lottery Q & A on Final Exam Course Evaluations.
(A radical interpretation) Tomo Lennox Bow Tie computer services Why Agile Works.
Critical Success Factors in Software Maintenance Paper by Sneed & Brossler Presented March 17, 2004 By Alice Lewis.
1 Vulnerable Time During Patient Transitions Terrence O’Malley, MD Medical Director, Non-Acute Care Services Partners HealthCare
PSP Quality Strategy [SE-280 Dr. Mark L. Hornick 1.
Therac-25 CS4001 Kristin Marsicano. Therac-25 Overview  What was the Therac-25?  How did it relate to previous models? In what ways was it similar/different?
Copyright © 2007 by Thomson Delmar Learning. ALL RIGHTS RESERVED.1.
WATERFALL DEVELOPMENT MODEL. Waterfall model is LINEAR development lifecycle. This means each phase must be completed before moving onto the next!!! WHAT.
Lecture 4: Requirements Engineering COSI 120b, Principles of Software Engineering.
CSE 403, Software Engineering Lecture 6
©2001 Southern Illinois University, Edwardsville All rights reserved. Today Finish Ethics Next Week Research Topics in HCI CS 321 Human-Computer Interaction.
Dr. Rob Hasker. Classic Quality Assurance  Ensure follow process Solid, reviewed requirements Reviewed design Reviewed, passing tests  Why doesn’t “we.
Copyright 2015, Robert W. Hasker. Classic Model Gathering Requirements Specification Scenarios Sequences Design Architecture Class, state models Implementation.
Chapter 8: Maintenance and Software Evolution Ronald J. Leach Copyright Ronald J. Leach, 1997, 2009, 2014,
Testing 1. Aims To understand the purpose of testing To understand the different test strategies To explore the four types of test data Have a understanding.
Slide #18-1 Introduction to Assurance CS461/ECE422 Fall 2008 Based on slides provided by Matt Bishop for use with Computer Security: Art and Science.
windows
Lesson Objectives Aims 1.Be able to understand the waterfall life cycle, agile methodologies, extreme programming, the spiral model and rapid application.
Increasing use of automated systems
Software Quality and Testing (CSC 4133)
Software Engineering Process
Why study Software Design/Engineering ?
Introduction to Assurance
Iterative and Agile Development
Chapter 18: Introduction to Assurance
EE 585 : FAULT TOLERANT COMPUTING SYSTEMS B.RAM MOHAN
Software Quality Assurance Lecture 1
Therac-25 Accidents What was Therac-25? Who developed it?
Reliability and Safety
Therac-25.
Week 13: Errors, Failures, and Risks
Presentation transcript:

Dr. Rob Hasker

Classic Quality Assurance  Ensure follow process Solid, reviewed requirements Reviewed design Reviewed, passing tests  Why doesn’t “we did a good job” work?  Why isn’t this model needed for Scrum?  Why do we need something?

A little history  What’s the Hippocratic oath?  Therac-25: medical linear accelerator Generates high-energy beams Targets tumors from multiple angles  June, year old woman receives radiation therapy She received 15,000 to 20,000 rads ○ Typical therapeutic does: in range of 200 rads ○ 1000 rads can be fatal Her breast had to be removed, constant pain in arms  Nov 3, 1985: patient dies after receiving 13,000 to 17,000 rads

A little history  March, April 1986 Patient receives 16,500 to 25,000 rads in < 1 sec Within weeks: paralysis in an arm, legs, vocal cords Died 5 months later  At least 3 other documented deaths  Cause: poor software design Interface assumed operators would type slowly Experienced operators could type faster than SW allowed, so data entry was setting a different field than shown on screen Classic race condition: timing assumptions gone wrong

What is the root cause?  Simple root cause analysis: ask why 6 times  Multiple failures beyond design Manufacturer: poor safety model ○ Relied on hardware reliability ○ Reliability: likely to work ≠ safety: no harm Hardware engineers: assumed SW worked ○ Inadequate logs SW Developers: poor specs, no process Medical authorities: slow to respond

But that can’t happen today, right?  July, 2015: Wired reports ability to remotely control JeepsWired reports Set radio blaring Engaged windshield wipers Disabled accelerator Disabled brakes  Method: Connect via cellular Rewrite entertainment firmware Connect to CAN bus Send signals to engine, brakes, etc.

Software Quality Assurance  Need a process to ensure SW well designed, tested Who signs off on that in an agile model? What do they look for? Open questions!!

SQA  Definition of software quality  Goals  Methods  Quality metrics

CMMI  How can an organization establish it provides quality software?  One solution: capability maturity model

Another approach  What can you accomplish by testing? Showing the existence of bugs NOT: showing system has no bugs  Solution: prove system correct Provide formal specification ○ Basic tool: mathematics – esp. set theory Can then prove theorems  Limitations Writing specifications is difficult Limited support for theorems  Has been done for compilers, safety critical systems Easy to dismiss, but strong limits to testing

Model-based Development

Proving code works  Z specification:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.