Assessing the Risk due to Software Faults: Estimates of Failure Rate versus Evidence of Perfection.

In the debate over the assessment of software reliability (or safety), as applied to critical software, two extreme positions can be discerned: the ‘statistical’ position, which requires that the claims of reliability be supported by statistical inference from realistic testing or operation, and the ‘perfectionist’ position, which requires convincing indications that the software is free from defects. These two positions naturally lead to requiring different kinds of supporting evidence, and actually to stating the dependability requirements in different ways, not allowing any direct comparison. There is often confusion about the relationship between statements about software failure rates and about software correctness, and about which evidence can support either kind of statement. This note clarifies the meaning of the two kinds of statement and how they relate to the probability of failure-free operation, and discusses their practical merits, especially for high required reliability or safety

Mathematics in Software Reliability and Quality Assurance

This monograph concerns the mathematical aspects of software reliability and quality assurance and consists of 11 technical papers in this emerging area. Included are the latest research results related to formal methods and design, automatic software testing, software verification and validation, coalgebra theory, automata theory, hybrid system and software reliability modeling and assessment

Validation of Ultrahigh Dependability for Software-Based Systems

Modern society depends on computers for a number of critical tasks in which failure can have very high costs. As a consequence, high levels of dependability (reliability, safety, etc.) are required from such computers, including their software. Whenever a quantitative approach to risk is adopted, these requirements must be stated in quantitative terms, and a rigorous demonstration of their being attained is necessary. For software used in the most critical roles, such demonstrations are not usually supplied. The fact is that the dependability requirements often lie near the limit of the current state of the art, or beyond, in terms not only of the ability to satisfy them, but also, and more often, of the ability to demonstrate that they are satisfied in the individual operational products (validation). We discuss reasons why such demonstrations cannot usually be provided with the means available: reliability growth models, testing with stable reliability, structural dependability modelling, as well as more informal arguments based on good engineering practice. We state some rigorous arguments about the limits of what can be validated with each of such means. Combining evidence from these different sources would seem to raise the levels that can be validated; yet this improvement is not such as to solve the problem. It appears that engineering practice must take into account the fact that no solution exists, at present, for the validation of ultra-high dependability in systems relying on complex software

A theory of structural model validity in simulation.

During the last decennia, the practice of simulation has become increasingly popular among many system analysts, model builders and general scientists for the purpose of studying complex systems that surpass the operability of analytical solution techniques. As a consequence of the pragmatic orientation of simulation, a vital stage for a successful application is the issue of validating a constructed simulation model. Employing the model as an effective instrument for assessing the benefit of structural changes or for predicting future observations makes validation an essential part of any productive simulation study. The diversity of the employment field of simulation however brings about that there exists an irrefutable level of ambiguity concerning the principal subject of this validation process. Further, the literature has come up with a plethora of ad hoc validation techniques that have mostly been inherited from standard statistical analysis. It lies within the aim of this paper to reflect on the issue of validation in simulation and to present the reader with a topological parallelism of the classical philosophical polarity of objectivism versus relativism. First, we will position validation in relation to verification and accreditation and elaborate on the prime actors in validation, i.e. a conceptual model, a formal model and behaviour. Next, we will formally derive a topological interpretation of structural validation for both objectivists and relativists. As will be seen, recent advances in the domain of fuzzy topology allow for a valuable metaphor of a relativistic attitude towards modelling and structural validation. Finally, we will discuss several general types of modelling errors that may occur and examine their repercussion on the natural topological spaces of objectivists and relativists. We end this paper with a formal, topological oriented definition of structural model validity for both objectivists and relativists. The paper is concluded with summarising the most important findings and giving a direction for future research.Model; Simulation; Theory; Scientists; Processes; Statistical analysis;

Backward Reachability of Array-based Systems by SMT solving: Termination and Invariant Synthesis

The safety of infinite state systems can be checked by a backward reachability procedure. For certain classes of systems, it is possible to prove the termination of the procedure and hence conclude the decidability of the safety problem. Although backward reachability is property-directed, it can unnecessarily explore (large) portions of the state space of a system which are not required to verify the safety property under consideration. To avoid this, invariants can be used to dramatically prune the search space. Indeed, the problem is to guess such appropriate invariants. In this paper, we present a fully declarative and symbolic approach to the mechanization of backward reachability of infinite state systems manipulating arrays by Satisfiability Modulo Theories solving. Theories are used to specify the topology and the data manipulated by the system. We identify sufficient conditions on the theories to ensure the termination of backward reachability and we show the completeness of a method for invariant synthesis (obtained as the dual of backward reachability), again, under suitable hypotheses on the theories. We also present a pragmatic approach to interleave invariant synthesis and backward reachability so that a fix-point for the set of backward reachable states is more easily obtained. Finally, we discuss heuristics that allow us to derive an implementation of the techniques in the model checker MCMT, showing remarkable speed-ups on a significant set of safety problems extracted from a variety of sources.Comment: Accepted for publication in Logical Methods in Computer Scienc

Fundamental Approaches to Software Engineering

This open access book constitutes the proceedings of the 23rd International Conference on Fundamental Approaches to Software Engineering, FASE 2020, which took place in Dublin, Ireland, in April 2020, and was held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2020. The 23 full papers, 1 tool paper and 6 testing competition papers presented in this volume were carefully reviewed and selected from 81 submissions. The papers cover topics such as requirements engineering, software architectures, specification, software quality, validation, verification of functional and non-functional properties, model-driven development and model transformation, software processes, security and software evolution

Simulation Modelling Practice and Theory

The influx of data in the world today needs analysis that no one method can handle. Some reports estimated the influx of data would reach 163 zitabytes by 2025, hence the need for simulation and modeling theory and practice. Simulation and modeling tools and techniques are most important in this day and age. While simulation carries the needed work, tools for visualizing the results help in the decision-making process. Simulation ranges from a simple queue to molecular dynamics, including seismic reliability analysis, structural integrity assessment, games, reliability engineering, and system safety. This book will introduce practitioners, researchers, and novice users to simulation and modeling, and to the world of imagination

Validation and Verification of Formal Specifications in Object-Oriented Software Engineering

The use of formal specifications allows for a software system to be defined with stringent mathematical semantics and syntax via such tools as propositional calculus and set theory. There are many perceived benefits garnered from formal specifications, such as a thorough and in-depth understanding of the domain and system being specified and a reduction in user requirement ambiguity. Probably the greatest benefit of formal specifications, and that which is least capitalized upon, is that mathematical proof procedures can be used to test and prove internal consistency and syntactic correctness in an effort to ensure comprehensive validation and verification (V&V). The automation of the proof process will make formal methods far more attractive by reducing the time required and the effort involved in the V&V of software systems

Formal verification of AI software

The application of formal verification techniques to Artificial Intelligence (AI) software, particularly expert systems, is investigated. Constraint satisfaction and model inversion are identified as two formal specification paradigms for different classes of expert systems. A formal definition of consistency is developed, and the notion of approximate semantics is introduced. Examples are given of how these ideas can be applied in both declarative and imperative forms