SlideShare ist ein Scribd-Unternehmen logo

Static analysis and reliability testing (CS 5032 2012)

Als PPTX, PDF herunterladen
Ian Sommerville
Ian Sommerville
TechnologieBusiness
1 von 25
Dependability and Security Assurance Lecture 1 Dependability and Security Assurance, CSE course, 2011 Slide 1
Topics covered • Static analysis • Reliability testing • Security testing • Process assurance • Safety and dependability cases Dependability and Security Assurance, CSE course, 2011 Slide 2
Validation of critical systems • The verification and validation costs for critical systems involves additional validation processes and analysis than for non-critical systems: – The costs and consequences of failure are high so it is cheaper to find and remove faults than to pay for system failure; – You may have to make a formal case to customers or to a regulator that the system meets its dependability requirements. This dependability case may require specific V & V activities to be carried out. Dependability and Security Assurance, CSE course, 2011 Slide 3
Validation costs • Because of the additional activities involved, the validation costs for critical systems are usually significantly higher than for non-critical systems. • Normally, V & V costs take up more than 50% of the total system development costs. • The outcome of the validation process is a tangible body of evidence that demonstrates the level of dependability of a software system. Dependability and Security Assurance, CSE course, 2011 Slide 4
Static analysis • Static analysis techniques are system verification techniques that don’t involve executing a program. • The work on a source representation of the software – either a model or the program code itself. • Inspections and reviews are a form of static analysis • Techniques covered here: – Formal verification – Model checking – Automated program analysis Dependability and Security Assurance, CSE course, 2011 Slide 5
Verification and formal methods • Formal methods can be used when a mathematical specification of the system is produced. • The specification is based on well-understood mathematical theories such as formal logic and set theory • Used in the development of some critical systems Dependability and Security Assurance, CSE course, 2011 Slide 6
Formal methods • Formal methods are the ultimate static verification technique that may be used at different stages in the development process: – A formal specification may be developed and mathematically analyzed for consistency. This helps discover specification errors and omissions. – Formal arguments that a program conforms to its mathematical specification may be developed. This is effective in discovering programming and design errors. Dependability and Security Assurance, CSE course, 2011 Slide 7
Arguments for formal methods • Producing a mathematical specification requires a detailed analysis of the requirements and this is likely to uncover errors. • Concurrent systems can be analysed to discover race conditions that might lead to deadlock. Testing for such problems is very difficult. • They can detect implementation errors before testing when the program is analyzed alongside the specification. Dependability and Security Assurance, CSE course, 2011 Slide 8
Arguments against formal methods • They require the use of specialised notations that cannot be understood by domain experts. • Very expensive to develop a specification and even more expensive to show that a program meets that specification. • Proofs may contain errors. • It may be possible to reach the same level of confidence in a program more cheaply using other V & V techniques. Dependability and Security Assurance, CSE course, 2011 Slide 9
Model checking Create an extended finite state model of a system and, using a specialized system (a model checker), check that model for errors. Dependability and Security Assurance, CSE course, 2011 Slide 10
Model checking • The model checker explores all possible paths through the model and checks that a user-specified property is valid for each path. • Model checking is particularly valuable for verifying concurrent systems, which are hard to test. • Although model checking is computationally very expensive, it is now practical to use it in the verification of small to medium sized critical systems. Dependability and Security Assurance, CSE course, 2011 Slide 11
Model checking process Dependability and Security Assurance, CSE course, 2011 Slide 12
Automated static analysis • Static analysers are software tools for source text processing. • They parse the program text and try to discover potentially erroneous conditions and bring these to the attention of the V & V team. • They are very effective as an aid to program inspections – but inspections can catch errors of understanding that tools can’t. Dependability and Security Assurance, CSE course, 2011 Slide 13
Levels of static analysis • Characteristic error checking – The static analyzer can check for patterns in the code that are characteristic of errors made by programmers using a particular language. • User-defined error checking – Users of a programming language define error patterns, thus extending the types of error that can be detected. This allows specific rules that apply to a program to be checked. • Assertion checking – Developers include formal assertions in their program and relationships that must hold. The static analyzer symbolically executes the code and highlights potential problems. Dependability and Security Assurance, CSE course, 2011 Slide 14
Automated static analysis checks Fault class Static analysis check Data faults Variables used before initialization Variables declared but never used Variables assigned twice but never used between assignments Possible array bound violations Undeclared variables Control faults Unreachable code Unconditional branches into loops Input/output faults Variables output twice with no intervening assignment Interface faults Parameter-type mismatches Parameter number mismatches Non-usage of the results of functions Uncalled functions and procedures Storage management faults Unassigned pointers Pointer arithmetic Memory leaks Dependability and Security Assurance, CSE course, 2011 Slide 15
Use of static analysis • Particularly valuable when a language such as C is used which has weak typing and hence many errors are undetected by the compiler. • Particularly valuable for security checking – the static analyzer can discover areas of vulnerability such as buffer overflows or unchecked inputs. • Static analysis is now routinely used in the development of many safety and security critical systems. Dependability and Security Assurance, CSE course, 2011 Slide 16
Reliability testing • Reliability validation involves exercising the program to assess whether or not it has reached the required level of reliability. • This cannot normally be included as part of a normal defect testing process because data for defect testing is (usually) atypical of actual usage data. • Reliability measurement therefore requires a specially designed data set that replicates the pattern of inputs to be processed by the system. Dependability and Security Assurance, CSE course, 2011 Slide 17
Statistical testing • Testing software for reliability rather than fault detection. • Measuring the number of errors allows the reliability of the software to be predicted. Note that, for statistical reasons, more errors than are allowed for in the reliability specification must be induced. • An acceptable level of reliability should be specified and the software tested and amended until that level of reliability is reached. Dependability and Security Assurance, CSE course, 2011 Slide 18
Reliability validation activities • Establish the operational profile for the system. • Construct test data reflecting the operational profile. • Test the system and observe the number of failures and the times of these failures. • Compute the reliability after a statistically significant number of failures have been observed. Dependability and Security Assurance, CSE course, 2011 Slide 19
Reliability measurement Dependability and Security Assurance, CSE course, 2011 Slide 20
Operational profiles • An operational profile is a set of test data whose frequency matches the actual frequency of these inputs from ‘normal’ usage of the system. A close match with actual usage is necessary otherwise the measured reliability will not be reflected in the actual usage of the system. • It can be generated from real data collected from an existing system or (more often) depends on assumptions made about the pattern of usage of a system. Dependability and Security Assurance, CSE course, 2011 Slide 21
An operational profile Dependability and Security Assurance, CSE course, 2011 Slide 22
Operational profile generation • Should be generated automatically whenever possible. • Automatic profile generation is difficult for interactive systems. • May be straightforward for ‘normal’ inputs but it is difficult to predict ‘unlikely’ inputs and to create test data for them. • Pattern of usage of new systems is unknown. • Operational profiles are not static but change as users learn about a new system and change the way that they use it. Dependability and Security Assurance, CSE course, 2011 Slide 23
Reliability measurement problems • Operational profile uncertainty – The operational profile may not be an accurate reflection of the real use of the system. • High costs of test data generation – Costs can be very high if the test data for the system cannot be generated automatically. • Statistical uncertainty – You need a statistically significant number of failures to compute the reliability but highly reliable systems will rarely fail. • Recognizing failure – It is not always obvious when a failure has occurred as there may be conflicting interpretations of a specification. Dependability and Security Assurance, CSE course, 2011 Slide 24
Key points • Static analysis is an approach to V & V that examines the source code (or other representation) of a system, looking for errors and anomalies. It allows all parts of a program to be checked, not just those parts that are exercised by system tests. • Model checking is a formal approach to static analysis that exhaustively checks all states in a system for potential errors. • Statistical testing is used to estimate software reliability. It relies on testing the system with a test data set that reflects the operational profile of the software. Dependability and Security Assurance, CSE course, 2011 Slide 25

Empfohlen

Static testing techniques
Static testing techniquesStatic testing techniques
Static testing techniquesMazenetsolution
 
Static Testing
Static TestingStatic Testing
Static TestingDharita Chokshi
 
Static testing
Static testingStatic testing
Static testingVaibhav Dash
 
Static Testing
Static Testing Static Testing
Static Testing Suraj Vishwakarma
 
Software Testing 4/5
Software Testing 4/5Software Testing 4/5
Software Testing 4/5Damian T. Gordon
 
Iseb, ISTQB Static Testing
Iseb, ISTQB Static TestingIseb, ISTQB Static Testing
Iseb, ISTQB Static Testingonsoftwaretest
 
Static Testing
Static TestingStatic Testing
Static TestingHoang Nguyen
 
ISTQB Foundation - Chapter 3
ISTQB Foundation - Chapter 3ISTQB Foundation - Chapter 3
ISTQB Foundation - Chapter 3Chandukar
 

Empfohlen

Static testing techniques
Static testing techniquesStatic testing techniques
Static testing techniquesMazenetsolution
 
Static Testing
Static TestingStatic Testing
Static TestingDharita Chokshi
 
Static testing
Static testingStatic testing
Static testingVaibhav Dash
 
Static Testing
Static Testing Static Testing
Static Testing Suraj Vishwakarma
 
Software Testing 4/5
Software Testing 4/5Software Testing 4/5
Software Testing 4/5Damian T. Gordon
 
Iseb, ISTQB Static Testing
Iseb, ISTQB Static TestingIseb, ISTQB Static Testing
Iseb, ISTQB Static Testingonsoftwaretest
 
Static Testing
Static TestingStatic Testing
Static TestingHoang Nguyen
 
ISTQB Foundation - Chapter 3
ISTQB Foundation - Chapter 3ISTQB Foundation - Chapter 3
ISTQB Foundation - Chapter 3Chandukar
 
Software Testing-Dynamic testing technique-Mazenet solution
Software Testing-Dynamic testing technique-Mazenet solutionSoftware Testing-Dynamic testing technique-Mazenet solution
Software Testing-Dynamic testing technique-Mazenet solutionMazenetsolution
 
Static testing vs dynamic testing
Static testing vs dynamic testingStatic testing vs dynamic testing
Static testing vs dynamic testingpooja deshmukh
 
ISTQB / ISEB Foundation Exam Practice - 2
ISTQB / ISEB Foundation Exam Practice - 2ISTQB / ISEB Foundation Exam Practice - 2
ISTQB / ISEB Foundation Exam Practice - 2Yogindernath Gupta
 
ISTQB / ISEB Foundation Exam Practice - 4
ISTQB / ISEB Foundation Exam Practice - 4ISTQB / ISEB Foundation Exam Practice - 4
ISTQB / ISEB Foundation Exam Practice - 4Yogindernath Gupta
 
Istqb foundation level day 1
Istqb foundation level day 1Istqb foundation level day 1
Istqb foundation level day 1Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level BasicSelin Gungor
 
Learn software testing
Learn software testingLearn software testing
Learn software testingsajedah abukhdeir
 
Introduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB CertificationsIntroduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB CertificationsYogindernath Gupta
 
Istqb chapter 5
Istqb chapter 5Istqb chapter 5
Istqb chapter 5nstprabakaran
 
Dynamic Testing
Dynamic TestingDynamic Testing
Dynamic TestingJimi Patel
 
ISTQB / ISEB Foundation Exam Practice - 5
ISTQB / ISEB Foundation Exam Practice - 5ISTQB / ISEB Foundation Exam Practice - 5
ISTQB / ISEB Foundation Exam Practice - 5Yogindernath Gupta
 
ISTQB Test level, Test type
ISTQB Test level, Test typeISTQB Test level, Test type
ISTQB Test level, Test typeHoangThiHien1
 
Fundamentals of Software Testing
Fundamentals of Software TestingFundamentals of Software Testing
Fundamentals of Software TestingSagar Joshi
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level BasicErol Selitektay
 
ISTQB / ISEB Foundation Exam Practice
ISTQB / ISEB Foundation Exam PracticeISTQB / ISEB Foundation Exam Practice
ISTQB / ISEB Foundation Exam PracticeYogindernath Gupta
 
ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2onsoftwaretest
 
Fundamentals of Testing Section 1/6
Fundamentals of Testing Section 1/6Fundamentals of Testing Section 1/6
Fundamentals of Testing Section 1/6International Personal Finance Plc
 
System testing
System testingSystem testing
System testingSifat Hossain
 
ISTQB / ISEB Foundation Exam Practice - 6
ISTQB / ISEB Foundation Exam Practice - 6ISTQB / ISEB Foundation Exam Practice - 6
ISTQB / ISEB Foundation Exam Practice - 6Yogindernath Gupta
 
CTFL Module 03
CTFL Module 03CTFL Module 03
CTFL Module 03Davis Thomas
 
CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013Ian Sommerville
 
Software engineering
Software engineeringSoftware engineering
Software engineeringsakthibalabalamuruga
 

Weitere ähnliche Inhalte

Was ist angesagt?

Software Testing-Dynamic testing technique-Mazenet solution
Software Testing-Dynamic testing technique-Mazenet solutionSoftware Testing-Dynamic testing technique-Mazenet solution
Software Testing-Dynamic testing technique-Mazenet solutionMazenetsolution
 
Static testing vs dynamic testing
Static testing vs dynamic testingStatic testing vs dynamic testing
Static testing vs dynamic testingpooja deshmukh
 
ISTQB / ISEB Foundation Exam Practice - 2
ISTQB / ISEB Foundation Exam Practice - 2ISTQB / ISEB Foundation Exam Practice - 2
ISTQB / ISEB Foundation Exam Practice - 2Yogindernath Gupta
 
ISTQB / ISEB Foundation Exam Practice - 4
ISTQB / ISEB Foundation Exam Practice - 4ISTQB / ISEB Foundation Exam Practice - 4
ISTQB / ISEB Foundation Exam Practice - 4Yogindernath Gupta
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level BasicSelin Gungor
 
Introduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB CertificationsIntroduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB CertificationsYogindernath Gupta
 
Dynamic Testing
Dynamic TestingDynamic Testing
Dynamic TestingJimi Patel
 
ISTQB / ISEB Foundation Exam Practice - 5
ISTQB / ISEB Foundation Exam Practice - 5ISTQB / ISEB Foundation Exam Practice - 5
ISTQB / ISEB Foundation Exam Practice - 5Yogindernath Gupta
 
ISTQB Test level, Test type
ISTQB Test level, Test typeISTQB Test level, Test type
ISTQB Test level, Test typeHoangThiHien1
 
Fundamentals of Software Testing
Fundamentals of Software TestingFundamentals of Software Testing
Fundamentals of Software TestingSagar Joshi
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level BasicErol Selitektay
 
ISTQB / ISEB Foundation Exam Practice
ISTQB / ISEB Foundation Exam PracticeISTQB / ISEB Foundation Exam Practice
ISTQB / ISEB Foundation Exam PracticeYogindernath Gupta
 
ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2onsoftwaretest
 
ISTQB / ISEB Foundation Exam Practice - 6
ISTQB / ISEB Foundation Exam Practice - 6ISTQB / ISEB Foundation Exam Practice - 6
ISTQB / ISEB Foundation Exam Practice - 6Yogindernath Gupta
 

Was ist angesagt? (20)

Software Testing-Dynamic testing technique-Mazenet solution
Software Testing-Dynamic testing technique-Mazenet solutionSoftware Testing-Dynamic testing technique-Mazenet solution
Software Testing-Dynamic testing technique-Mazenet solution
 
Static testing vs dynamic testing
Static testing vs dynamic testingStatic testing vs dynamic testing
Static testing vs dynamic testing
 
ISTQB / ISEB Foundation Exam Practice - 2
ISTQB / ISEB Foundation Exam Practice - 2ISTQB / ISEB Foundation Exam Practice - 2
ISTQB / ISEB Foundation Exam Practice - 2
 
ISTQB / ISEB Foundation Exam Practice - 4
ISTQB / ISEB Foundation Exam Practice - 4ISTQB / ISEB Foundation Exam Practice - 4
ISTQB / ISEB Foundation Exam Practice - 4
 
Istqb foundation level day 1
Istqb foundation level day 1Istqb foundation level day 1
Istqb foundation level day 1
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level Basic
 
Learn software testing
Learn software testingLearn software testing
Learn software testing
 
Introduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB CertificationsIntroduction to ISTQB & ISEB Certifications
Introduction to ISTQB & ISEB Certifications
 
Istqb chapter 5
Istqb chapter 5Istqb chapter 5
Istqb chapter 5
 
Dynamic Testing
Dynamic TestingDynamic Testing
Dynamic Testing
 
ISTQB / ISEB Foundation Exam Practice - 5
ISTQB / ISEB Foundation Exam Practice - 5ISTQB / ISEB Foundation Exam Practice - 5
ISTQB / ISEB Foundation Exam Practice - 5
 
ISTQB Test level, Test type
ISTQB Test level, Test typeISTQB Test level, Test type
ISTQB Test level, Test type
 
Fundamentals of Software Testing
Fundamentals of Software TestingFundamentals of Software Testing
Fundamentals of Software Testing
 
ISTQB Foundation Level Basic
ISTQB Foundation Level BasicISTQB Foundation Level Basic
ISTQB Foundation Level Basic
 
ISTQB / ISEB Foundation Exam Practice
ISTQB / ISEB Foundation Exam PracticeISTQB / ISEB Foundation Exam Practice
ISTQB / ISEB Foundation Exam Practice
 
ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2ISTQB, ISEB Lecture Notes- 2
ISTQB, ISEB Lecture Notes- 2
 
Fundamentals of Testing Section 1/6
Fundamentals of Testing Section 1/6Fundamentals of Testing Section 1/6
Fundamentals of Testing Section 1/6
 
System testing
System testingSystem testing
System testing
 
ISTQB / ISEB Foundation Exam Practice - 6
ISTQB / ISEB Foundation Exam Practice - 6ISTQB / ISEB Foundation Exam Practice - 6
ISTQB / ISEB Foundation Exam Practice - 6
 
CTFL Module 03
CTFL Module 03CTFL Module 03
CTFL Module 03
 

Ähnlich wie Static analysis and reliability testing (CS 5032 2012)

CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013Ian Sommerville
 
Dependablity Engineering 1 (CS 5032 2012)
Dependablity Engineering 1 (CS 5032 2012)Dependablity Engineering 1 (CS 5032 2012)
Dependablity Engineering 1 (CS 5032 2012)Ian Sommerville
 
eFrame® for Insurance Solvency II Standard Formula
eFrame® for Insurance Solvency II Standard FormulaeFrame® for Insurance Solvency II Standard Formula
eFrame® for Insurance Solvency II Standard FormulaSecondFloor
 
Testing throughout the software life cycle - Testing & Implementation
Testing throughout the software life cycle - Testing & ImplementationTesting throughout the software life cycle - Testing & Implementation
Testing throughout the software life cycle - Testing & Implementationyogi syafrialdi
 
Role of Testing
Role of Testing Role of Testing
Role of Testing Rishu Seth
 
verification and validation
verification and validationverification and validation
verification and validationDinesh Pasi
 
Formal Specification Ian Sommerville 9th Edition
Formal Specification Ian Sommerville 9th EditionFormal Specification Ian Sommerville 9th Edition
Formal Specification Ian Sommerville 9th EditionRupeshShrestha28
 
10-Testing-system.pdf
10-Testing-system.pdf10-Testing-system.pdf
10-Testing-system.pdfn190212
 
Software quality assurance
Software quality assuranceSoftware quality assurance
Software quality assuranceAman Adhikari
 
Softwarequalityassurance with Abu ul hassan Sahadvi
Softwarequalityassurance with Abu ul hassan SahadviSoftwarequalityassurance with Abu ul hassan Sahadvi
Softwarequalityassurance with Abu ul hassan SahadviAbuulHassan2
 
Michael.bay
Michael.bayMichael.bay
Michael.bayNASAPMC
 
eFrame® for Insurance Solvency II Stress Testing
eFrame® for Insurance Solvency II Stress TestingeFrame® for Insurance Solvency II Stress Testing
eFrame® for Insurance Solvency II Stress TestingSecondFloor
 
White Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device EvaluationWhite Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device EvaluationIxia
 
IT8076 – Software Testing Intro
IT8076 – Software Testing IntroIT8076 – Software Testing Intro
IT8076 – Software Testing IntroJohnSamuel280314
 

Ähnlich wie Static analysis and reliability testing (CS 5032 2012) (20)

CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013CS5032 L11 validation and reliability testing 2013
CS5032 L11 validation and reliability testing 2013
 
Software engineering
Software engineeringSoftware engineering
Software engineering
 
Dependablity Engineering 1 (CS 5032 2012)
Dependablity Engineering 1 (CS 5032 2012)Dependablity Engineering 1 (CS 5032 2012)
Dependablity Engineering 1 (CS 5032 2012)
 
eFrame® for Insurance Solvency II Standard Formula
eFrame® for Insurance Solvency II Standard FormulaeFrame® for Insurance Solvency II Standard Formula
eFrame® for Insurance Solvency II Standard Formula
 
Testing throughout the software life cycle - Testing & Implementation
Testing throughout the software life cycle - Testing & ImplementationTesting throughout the software life cycle - Testing & Implementation
Testing throughout the software life cycle - Testing & Implementation
 
V-model-7.pptx
V-model-7.pptxV-model-7.pptx
V-model-7.pptx
 
Role of Testing
Role of Testing Role of Testing
Role of Testing
 
Testing Experience Magazine Vol.14 June 2011
Testing Experience Magazine Vol.14 June 2011Testing Experience Magazine Vol.14 June 2011
Testing Experience Magazine Vol.14 June 2011
 
Formal Method
Formal MethodFormal Method
Formal Method
 
verification and validation
verification and validationverification and validation
verification and validation
 
Formal Specification Ian Sommerville 9th Edition
Formal Specification Ian Sommerville 9th EditionFormal Specification Ian Sommerville 9th Edition
Formal Specification Ian Sommerville 9th Edition
 
IaaS
IaaSIaaS
IaaS
 
10-Testing-system.pdf
10-Testing-system.pdf10-Testing-system.pdf
10-Testing-system.pdf
 
Software quality assurance
Software quality assuranceSoftware quality assurance
Software quality assurance
 
Softwarequalityassurance with Abu ul hassan Sahadvi
Softwarequalityassurance with Abu ul hassan SahadviSoftwarequalityassurance with Abu ul hassan Sahadvi
Softwarequalityassurance with Abu ul hassan Sahadvi
 
Michael.bay
Michael.bayMichael.bay
Michael.bay
 
eFrame® for Insurance Solvency II Stress Testing
eFrame® for Insurance Solvency II Stress TestingeFrame® for Insurance Solvency II Stress Testing
eFrame® for Insurance Solvency II Stress Testing
 
6. oose testing
6. oose testing6. oose testing
6. oose testing
 
White Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device EvaluationWhite Paper: Six-Step Competitive Device Evaluation
White Paper: Six-Step Competitive Device Evaluation
 
IT8076 – Software Testing Intro
IT8076 – Software Testing IntroIT8076 – Software Testing Intro
IT8076 – Software Testing Intro
 

Mehr von Ian Sommerville

Ultra Large Scale Systems
Ultra Large Scale SystemsUltra Large Scale Systems
Ultra Large Scale SystemsIan Sommerville
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITSIan Sommerville
 
Conceptual systems design
Conceptual systems designConceptual systems design
Conceptual systems designIan Sommerville
 
Requirements Engineering for LSCITS
Requirements Engineering for LSCITSRequirements Engineering for LSCITS
Requirements Engineering for LSCITSIan Sommerville
 
An introduction to LSCITS
An introduction to LSCITSAn introduction to LSCITS
An introduction to LSCITSIan Sommerville
 
Internet worm-case-study
Internet worm-case-studyInternet worm-case-study
Internet worm-case-studyIan Sommerville
 
Designing software for a million users
Designing software for a million usersDesigning software for a million users
Designing software for a million usersIan Sommerville
 
Security case buffer overflow
Security case buffer overflowSecurity case buffer overflow
Security case buffer overflowIan Sommerville
 
CS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureCS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureIan Sommerville
 
CS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterCS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterIan Sommerville
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1Ian Sommerville
 
CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2Ian Sommerville
 
L17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureL17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureIan Sommerville
 
CS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachCS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachIan Sommerville
 
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsCS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsIan Sommerville
 
CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013Ian Sommerville
 

Mehr von Ian Sommerville (20)

Ultra Large Scale Systems
Ultra Large Scale SystemsUltra Large Scale Systems
Ultra Large Scale Systems
 
Resp modellingintro
Resp modellingintroResp modellingintro
Resp modellingintro
 
Resilience and recovery
Resilience and recoveryResilience and recovery
Resilience and recovery
 
LSCITS-engineering
LSCITS-engineeringLSCITS-engineering
LSCITS-engineering
 
Requirements reality
Requirements realityRequirements reality
Requirements reality
 
Dependability requirements for LSCITS
Dependability requirements for LSCITSDependability requirements for LSCITS
Dependability requirements for LSCITS
 
Conceptual systems design
Conceptual systems designConceptual systems design
Conceptual systems design
 
Requirements Engineering for LSCITS
Requirements Engineering for LSCITSRequirements Engineering for LSCITS
Requirements Engineering for LSCITS
 
An introduction to LSCITS
An introduction to LSCITSAn introduction to LSCITS
An introduction to LSCITS
 
Internet worm-case-study
Internet worm-case-studyInternet worm-case-study
Internet worm-case-study
 
Designing software for a million users
Designing software for a million usersDesigning software for a million users
Designing software for a million users
 
Security case buffer overflow
Security case buffer overflowSecurity case buffer overflow
Security case buffer overflow
 
CS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failureCS5032 Case study Ariane 5 launcher failure
CS5032 Case study Ariane 5 launcher failure
 
CS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disasterCS5032 Case study Kegworth air disaster
CS5032 Case study Kegworth air disaster
 
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
 
CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2CS5032 L20 cybersecurity 2
CS5032 L20 cybersecurity 2
 
L17 CS5032 critical infrastructure
L17 CS5032 critical infrastructureL17 CS5032 critical infrastructure
L17 CS5032 critical infrastructure
 
CS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breachCS5032 Case study Maroochy water breach
CS5032 Case study Maroochy water breach
 
CS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systemsCS 5032 L18 Critical infrastructure 2: SCADA systems
CS 5032 L18 Critical infrastructure 2: SCADA systems
 
CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013CS5032 L9 security engineering 1 2013
CS5032 L9 security engineering 1 2013
 

Kürzlich hochgeladen

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 

Kürzlich hochgeladen (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 

Static analysis and reliability testing (CS 5032 2012)

  • 1. Dependability and Security Assurance Lecture 1 Dependability and Security Assurance, CSE course, 2011 Slide 1
  • 2. Topics covered • Static analysis • Reliability testing • Security testing • Process assurance • Safety and dependability cases Dependability and Security Assurance, CSE course, 2011 Slide 2
  • 3. Validation of critical systems • The verification and validation costs for critical systems involves additional validation processes and analysis than for non-critical systems: – The costs and consequences of failure are high so it is cheaper to find and remove faults than to pay for system failure; – You may have to make a formal case to customers or to a regulator that the system meets its dependability requirements. This dependability case may require specific V & V activities to be carried out. Dependability and Security Assurance, CSE course, 2011 Slide 3
  • 4. Validation costs • Because of the additional activities involved, the validation costs for critical systems are usually significantly higher than for non-critical systems. • Normally, V & V costs take up more than 50% of the total system development costs. • The outcome of the validation process is a tangible body of evidence that demonstrates the level of dependability of a software system. Dependability and Security Assurance, CSE course, 2011 Slide 4
  • 5. Static analysis • Static analysis techniques are system verification techniques that don’t involve executing a program. • The work on a source representation of the software – either a model or the program code itself. • Inspections and reviews are a form of static analysis • Techniques covered here: – Formal verification – Model checking – Automated program analysis Dependability and Security Assurance, CSE course, 2011 Slide 5
  • 6. Verification and formal methods • Formal methods can be used when a mathematical specification of the system is produced. • The specification is based on well-understood mathematical theories such as formal logic and set theory • Used in the development of some critical systems Dependability and Security Assurance, CSE course, 2011 Slide 6
  • 7. Formal methods • Formal methods are the ultimate static verification technique that may be used at different stages in the development process: – A formal specification may be developed and mathematically analyzed for consistency. This helps discover specification errors and omissions. – Formal arguments that a program conforms to its mathematical specification may be developed. This is effective in discovering programming and design errors. Dependability and Security Assurance, CSE course, 2011 Slide 7
  • 8. Arguments for formal methods • Producing a mathematical specification requires a detailed analysis of the requirements and this is likely to uncover errors. • Concurrent systems can be analysed to discover race conditions that might lead to deadlock. Testing for such problems is very difficult. • They can detect implementation errors before testing when the program is analyzed alongside the specification. Dependability and Security Assurance, CSE course, 2011 Slide 8
  • 9. Arguments against formal methods • They require the use of specialised notations that cannot be understood by domain experts. • Very expensive to develop a specification and even more expensive to show that a program meets that specification. • Proofs may contain errors. • It may be possible to reach the same level of confidence in a program more cheaply using other V & V techniques. Dependability and Security Assurance, CSE course, 2011 Slide 9
  • 10. Model checking Create an extended finite state model of a system and, using a specialized system (a model checker), check that model for errors. Dependability and Security Assurance, CSE course, 2011 Slide 10
  • 11. Model checking • The model checker explores all possible paths through the model and checks that a user-specified property is valid for each path. • Model checking is particularly valuable for verifying concurrent systems, which are hard to test. • Although model checking is computationally very expensive, it is now practical to use it in the verification of small to medium sized critical systems. Dependability and Security Assurance, CSE course, 2011 Slide 11
  • 12. Model checking process Dependability and Security Assurance, CSE course, 2011 Slide 12
  • 13. Automated static analysis • Static analysers are software tools for source text processing. • They parse the program text and try to discover potentially erroneous conditions and bring these to the attention of the V & V team. • They are very effective as an aid to program inspections – but inspections can catch errors of understanding that tools can’t. Dependability and Security Assurance, CSE course, 2011 Slide 13
  • 14. Levels of static analysis • Characteristic error checking – The static analyzer can check for patterns in the code that are characteristic of errors made by programmers using a particular language. • User-defined error checking – Users of a programming language define error patterns, thus extending the types of error that can be detected. This allows specific rules that apply to a program to be checked. • Assertion checking – Developers include formal assertions in their program and relationships that must hold. The static analyzer symbolically executes the code and highlights potential problems. Dependability and Security Assurance, CSE course, 2011 Slide 14
  • 15. Automated static analysis checks Fault class Static analysis check Data faults Variables used before initialization Variables declared but never used Variables assigned twice but never used between assignments Possible array bound violations Undeclared variables Control faults Unreachable code Unconditional branches into loops Input/output faults Variables output twice with no intervening assignment Interface faults Parameter-type mismatches Parameter number mismatches Non-usage of the results of functions Uncalled functions and procedures Storage management faults Unassigned pointers Pointer arithmetic Memory leaks Dependability and Security Assurance, CSE course, 2011 Slide 15
  • 16. Use of static analysis • Particularly valuable when a language such as C is used which has weak typing and hence many errors are undetected by the compiler. • Particularly valuable for security checking – the static analyzer can discover areas of vulnerability such as buffer overflows or unchecked inputs. • Static analysis is now routinely used in the development of many safety and security critical systems. Dependability and Security Assurance, CSE course, 2011 Slide 16
  • 17. Reliability testing • Reliability validation involves exercising the program to assess whether or not it has reached the required level of reliability. • This cannot normally be included as part of a normal defect testing process because data for defect testing is (usually) atypical of actual usage data. • Reliability measurement therefore requires a specially designed data set that replicates the pattern of inputs to be processed by the system. Dependability and Security Assurance, CSE course, 2011 Slide 17
  • 18. Statistical testing • Testing software for reliability rather than fault detection. • Measuring the number of errors allows the reliability of the software to be predicted. Note that, for statistical reasons, more errors than are allowed for in the reliability specification must be induced. • An acceptable level of reliability should be specified and the software tested and amended until that level of reliability is reached. Dependability and Security Assurance, CSE course, 2011 Slide 18
  • 19. Reliability validation activities • Establish the operational profile for the system. • Construct test data reflecting the operational profile. • Test the system and observe the number of failures and the times of these failures. • Compute the reliability after a statistically significant number of failures have been observed. Dependability and Security Assurance, CSE course, 2011 Slide 19
  • 20. Reliability measurement Dependability and Security Assurance, CSE course, 2011 Slide 20
  • 21. Operational profiles • An operational profile is a set of test data whose frequency matches the actual frequency of these inputs from ‘normal’ usage of the system. A close match with actual usage is necessary otherwise the measured reliability will not be reflected in the actual usage of the system. • It can be generated from real data collected from an existing system or (more often) depends on assumptions made about the pattern of usage of a system. Dependability and Security Assurance, CSE course, 2011 Slide 21
  • 22. An operational profile Dependability and Security Assurance, CSE course, 2011 Slide 22
  • 23. Operational profile generation • Should be generated automatically whenever possible. • Automatic profile generation is difficult for interactive systems. • May be straightforward for ‘normal’ inputs but it is difficult to predict ‘unlikely’ inputs and to create test data for them. • Pattern of usage of new systems is unknown. • Operational profiles are not static but change as users learn about a new system and change the way that they use it. Dependability and Security Assurance, CSE course, 2011 Slide 23
  • 24. Reliability measurement problems • Operational profile uncertainty – The operational profile may not be an accurate reflection of the real use of the system. • High costs of test data generation – Costs can be very high if the test data for the system cannot be generated automatically. • Statistical uncertainty – You need a statistically significant number of failures to compute the reliability but highly reliable systems will rarely fail. • Recognizing failure – It is not always obvious when a failure has occurred as there may be conflicting interpretations of a specification. Dependability and Security Assurance, CSE course, 2011 Slide 24
  • 25. Key points • Static analysis is an approach to V & V that examines the source code (or other representation) of a system, looking for errors and anomalies. It allows all parts of a program to be checked, not just those parts that are exercised by system tests. • Model checking is a formal approach to static analysis that exhaustively checks all states in a system for potential errors. • Statistical testing is used to estimate software reliability. It relies on testing the system with a test data set that reflects the operational profile of the software. Dependability and Security Assurance, CSE course, 2011 Slide 25