5,697 research outputs found
Recommended from our members
Assessing the Risk due to Software Faults: Estimates of Failure Rate versus Evidence of Perfection.
In the debate over the assessment of software reliability (or safety), as applied to critical software, two extreme positions can be discerned: the âstatisticalâ position, which requires that the claims of reliability be supported by statistical inference from realistic testing or operation, and the âperfectionistâ position, which requires convincing indications that the software is free from defects. These two positions naturally lead to requiring different kinds of supporting evidence, and actually to stating the dependability requirements in different ways, not allowing any direct comparison. There is often confusion about the relationship between statements about software failure rates and about software correctness, and about which evidence can support either kind of statement. This note clarifies the meaning of the two kinds of statement and how they relate to the probability of failure-free operation, and discusses their practical merits, especially for high required reliability or safety
Recommended from our members
On the use of testability measures for dependability assessment
Program âtestabilityâ is informally, the probability that a program will fail under test if it contains at least one fault. When a dependability assessment has to be derived from the observation of a series of failure free test executions (a common need for software subject to âultra high reliabilityâ requirements), measures of testability can-in theory-be used to draw inferences on program correctness. We rigorously investigate the concept of testability and its use in dependability assessment, criticizing, and improving on, previously published results. We give a general descriptive model of program execution and testing, on which the different measures of interest can be defined. We propose a more precise definition of program testability than that given by other authors, and discuss how to increase testing effectiveness without impairing program reliability in operation. We then study the mathematics of using testability to estimate, from test results: the probability of program correctness and the probability of failures. To derive the probability of program correctness, we use a Bayesian inference procedure and argue that this is more useful than deriving a classical âconfidence levelâ. We also show that a high testability is not an unconditionally desirable property for a program. In particular, for programs complex enough that they are unlikely to be completely fault free, increasing testability may produce a program which will be less trustworthy, even after successful testin
Acceptance Criteria for Critical Software Based on Testability Estimates and Test Results
Testability is defined as the probability that a program will fail a test, conditional on the program containing some fault. In this paper, we show that statements about the testability of a program can be more simply described in terms of assumptions on the probability distribution of the failure intensity of the program. We can thus state general acceptance conditions in clear mathematical terms using Bayesian inference. We develop two scenarios, one for software for which the reliability requirements are that the software must be completely fault-free, and another for requirements stated as an upper bound on the acceptable failure probability
Uprated OMS Engine Status-Sea Level Testing Results
The current Space Shuttle Orbital Maneuvering Engine (OME) is pressure fed, utilizing storable propellants. Performance uprating of this engine, through the use of a gas generator driven turbopump to increase operating pressure, is being pursued by the NASA Johnson Space Center (JSC). Component level design, fabrication, and test activities for this engine system have been on-going since 1984. More recently, a complete engine designated the Integrated Component Test Bed (ICTB), was tested at sea level conditions by Aerojet. A description of the test hardware and results of the sea level test program are presented. These results, which include the test condition operating envelope and projected performance at altitude conditions, confirm the capability of the selected Uprated OME (UOME) configuration to meet or exceed performance and operational requirements. Engine flexibility, demonstrated through testing at two different operational mixture ratios, along with a summary of projected Space Shuttle performance enhancements using the UOME, are discussed. Planned future activities, including ICTB tests at simulated altitude conditions, and recommendations for further engine development, are also discussed
An automated model-based test oracle for access control systems
In the context of XACML-based access control systems, an intensive testing
activity is among the most adopted means to assure that sensible information or
resources are correctly accessed. Unfortunately, it requires a huge effort for
manual inspection of results: thus automated verdict derivation is a key aspect
for improving the cost-effectiveness of testing. To this purpose, we introduce
XACMET, a novel approach for automated model-based oracle definition. XACMET
defines a typed graph, called the XAC-Graph, that models the XACML policy
evaluation. The expected verdict of a specific request execution can thus be
automatically derived by executing the corresponding path in such graph. Our
validation of the XACMET prototype implementation confirms the effectiveness of
the proposed approach.Comment: 7 page
Collective housing as a good way to reduce city fragmentation
Today the study of the fragmentation represents an important
occasion to meditate on the city and on the evolution of the
relational strategies of settlements. If we analyse in a critical way
our contemporary cities, we can see several interventions of the last
decades, that brought, more or less consciously, to discontinuity and
isolation (gated communities to the new ghettos). In this situation the
individual becomes part of a small community; but how long does it
can go on? Are the public and sharing spaces, in which we can open
ourselves to the city and in the same time we can develop a sense
of identity and belonging, well designed? Are they at human scale? A
tendency, that can be observed in the modern western cities, is the
intervention as collective living and cohousing that are producing urban
continuities and community relations trying to institute relationships
with the outside, always keeping their own differences and identities.
Anyway the architectonic results donât seem already innovative and
the general quality of the interventions remains of low level. The
innovative examples for collective living can certainly be considered
positive for what deals with functions, topics and sense of community:
spaces where liveability increases and where a rediscovered relation
between Man and Environment is at the centre of the project, have
been designed. So the lacking passage to completely solve, thanks to
the cohousing projects, the fragmentation of the city, deals with the
architectural aspect. Architects must underline the importance of the
architectonical results in terms of language and spatiality to increase
the integration capability of the intervention. In this case the design of
architecture has a fundamental role for the next development of the
city and for solving all the fragmented and inclusive situation
Recommended from our members
Software fault-freeness and reliability predictions
Many software development practices aim at ensuring that software is correct, or fault-free. In safety critical applications, requirements are in terms of probabilities of certain behaviours, e.g. as associated to the Safety Integrity Levels of IEC 61508. The two forms of reasoning - about evidence of correctness and about probabilities of certain failures -are rarely brought together explicitly. The desirability of using claims of correctness has been argued by many authors, but not been taken up in practice. We address how to combine evidence concerning probability of failure together with evidence pertaining to likelihood of fault-freeness, in a Bayesian framework. We present novel results to make this approach practical, by guaranteeing reliability predictions that are conservative (err on the side of pessimism), despite the difficulty of stating prior probability distributions for reliability parameters. This approach seems suitable for practical application to assessment of certain classes of safety critical systems
Rosenzweig in prospettiva. Il nuovo pensiero tra vecchia filosofia e filosofia della differenza
Rosenzweig's "new thinking" can be seen, among other things, as the vanishing point of two gazes: one addressed to the "old philosophy" of the past, the other to the postmodernity of the present. The goal of the present essay is therefore twofold: on the one hand, to go back retrospectively to the relationship between critical idealism and the theoretical proposal represented by "Der Stern der Erlösung"; on the other hand, to evaluate, in a perspectival way, what the latter has to say in relation to the philosophy of difference. It is thus possible to investigate the meaning of philosophizing in general and to assess the relevance of Rosenzweig's thought in particular.
New thinking is all the more fruitful because it exists in a close dialectic relationship with modern rationality, grasping its "up-to-here-and-no-further" boundary; at the same time, it presents analogies with the postmodern philosophy of difference, without, however, reaching the same antirational conclusions.
As for the meaning of philosophizing, Rosenzweig famously thought that the religious experience of revelation could offer a space-time orientation, which is why it was the keystone of his new thinking. However, if one wants to prescind from the "belief" element and find a meaning and orientation in the alogical and purposeless context of postmodernity, one has to yearn for a form that is present in absence: this tension finds its foundation in the up-to-here-and-no-further of critical idealism and is continually reconfigured in relation to difference, both thought-of and experienced
- âŠ