1
play

1 In other application areas The basic issue (source: Siemens) - PDF document

Chair of Softw are Engineering Chair of Softw are Engineering Einfhrung in die Programmierung Einfhrung in die Programmierung Introduction to Programming Introduction to Programming Prof. Dr. Bertrand Meyer Prof. Dr. Bertrand Meyer


  1. Chair of Softw are Engineering Chair of Softw are Engineering Einführung in die Programmierung Einführung in die Programmierung Introduction to Programming Introduction to Programming Prof. Dr. Bertrand Meyer Prof. Dr. Bertrand Meyer October 2006 – February 2007 October 2006 – February 2007 Lectures 23-24: From Programming to Software Engineering Software engineering (1) Software engineering (2) The processes, methods, techniques, tools and languages The processes, methods, techniques, tools and languages for developing quality operational software. for developing quality operational software that may need to � Be of large size � Be developed and used over a long period � Involve many developers � Undergo many changes and revisions Intro. to Programming, lecture 23: From Programming t o Software Engineering 3 Intro. to Programming, lecture 23: From Programming t o Software Engineering 4 Moore’s “Law” Operating systems: source size Debian 3.1: 213! Approximate doubling of computer power, for comparable price, Lines of code (millions) every eighteen months Debian 2.2: 55 Vista: 50 50 Speed of Intel processors Windows XP: 45 3.8 GHz Pentium IV: 40 Windows 2000: 40 1.3 GHz 1 GHz (1 Hertz = 1 clock cycle per second) Red Hat 7.1: 30 30 Pentium: 133 MHz 100 MHz 80486: 50 MHz 20 Windows 98: 18 80386: 33 MHz Red Hat 6.2: 17 Windows 95: 15 10 MHz Solaris 7: 12 to 1 GHz: 26 years 10 from 1 to 2 GHz: 8 months Windows NT: 4 M 1 MHz Windows 3.1: 3 M 8008: < 1 MHz 1990 1995 1998 2000 2001 Linux: 10 K 2006 1992 Unix V7: 10K 1970 1980 1990 2000 Intro. to Programming, lecture 23: From Programming t o Software Engineering 5 Intro. to Programming, lecture 23: From Programming t o Software Engineering 6 1

  2. In other application areas The basic issue (source: Siemens) Developing software systems that are � On time and within budget � Of high immediate quality � Possibly large and complex � Extendible Intro. to Programming, lecture 23: From Programming t o Software Engineering 7 Intro. to Programming, lecture 23: From Programming t o Software Engineering 8 Software engineering Non-quality What does software quality mean? Intro. to Programming, lecture 23: From Programming t o Software Engineering 9 Intro. to Programming, lecture 23: From Programming t o Software Engineering 10 Associated Press, 21 October 2000 1998 Mars Orbiter Vehicle* LOS ANGELES. Failure of the Southwest's main air traffic radar system was traced to new software unable to recognize data typed manually by The orbiter was lost due to a miscalculation in trajectory. Mexico controllers. The miscalculation was caused by an unintended and The software installed Wednesday evening at the FAA's Los Angeles undetected mismatch between metric and English units of Center in the Mojave Desert, which controls aircraft over a 100,000- square-mile area, is the same upgrade completed successfully at 19 other measurement. The use of metric units as well as the data FAA radar centers. But designers didn't allow for information typed in by formats to employ were specified in a navigation software Mexico controllers, who don’t have a computerized system, the FAA spokesman said. "The computer didn't recognize the information from interface specification (SIS) published by JPL in 1996. Mexico and it aborted". "A digit out of place could do it." Despite this, the flight operations team at Lockheed When controllers at the LA Center switched to the new system Thursday Martin provided impulse data in English units of pound- morning, it quickly failed when data from a Mexico controller was received. force seconds rather than newton seconds. These values The radar system instantly switched to backup. The computer with the new software was restarted later, but failed again. The old system was were incorrect by a factor of 4.45 (1 lbf = 4.45 N). The reinstalled and the system returned to operation more than two hours later. Air travel schedules were left in disarray as the FAA ordered a mix-up caused erroneous course corrections that resulting nationwide ground stop for all flights bound for the Southwest, causing in the orbiter descending too low in Mars atmosphere. The cancellations, rerouting, long delays and airport gridlock. vehicle either burned up or bounced off into space. Technicians must now rewrite the software to recognize Mexico controller information. It wasn't clear when a revised program would be installed. * Source: Wikipedia Intro. to Programming, lecture 23: From Programming t o Software Engineering 11 Intro. to Programming, lecture 23: From Programming t o Software Engineering 12 2

  3. Ariane-5 maiden launch, 1996 Security example: the buffer overflow 37 seconds into flight, exception in Ada program not processed; System expects some input from an external user: order given to abort mission. Loss estimated to $10 billion. Exception was caused by an incorrect conversion: a 64-bit real value was incorrectly translated into a 16-bit integer. Systematic analysis had “proved” that the exception could not First name: occur – the 64-bit value (“horizontal bias” of the flight) was proved to be always representable as a 16-bit integer ! Last name: It was a REUSE error: Address: � The analysis was correct – for Ariane 4 ! � The assumption was documented – in a design document ! See Jean-Marc Jézéquel & Bertrand Meyer, “Design by Contract: The Lessons of Ariane, IEEE Computer , January 1997, available at se.ethz.ch/~meyer/publications/computer/ariane.pdf Intro. to Programming, lecture 23: From Programming t o Software Engineering 13 Intro. to Programming, lecture 23: From Programming t o Software Engineering 14 Getting the input C brings in a special twist… For a string, there’s no way to know input_size in advance from i := 1 until You have to read until you find the string terminator, \0 i > input_size (the null character) loop buffer [ i ] := input [ i ] These two strings walk into a bar. The bartender says: “What will it be?" i := i + 1 The first string says: "I think I'll have a beer zdiup tako^jDjftk /. \\134.206.21.02 end C#VB.NET 8086%N ~~|~~#@$ Dz @-)))" "Please excuse my friend," the second string says, “He isn't null-terminated." Intro. to Programming, lecture 23: From Programming t o Software Engineering 15 Intro. to Programming, lecture 23: From Programming t o Software Engineering 16 Getting the input Max Main … “The stack” Data (activation records) Routine 1 from i := 1 until Routine 2 … Return address, i > input_size Routine n Return address arguments, or i > buffer_size My return address locals Overflowing loop a buffer! buffer [ i ] := input [ i ] i := i + 1 The buffer The buffer My nasty code (overflowing) end Code of routine n -1 Programs 0 Memory 17 18 3

  4. US software industry, 2000 Standish: evolution 1994-2000 Source: Standish report Project leaders and CIOs representing several thousand software projects Project outcome: • 28% success (1998: 26% ) • 23% failure (1998: 28% ) • Rest: “challenged” (1998: 46% ) (completed over budget, over time, under features) Smaller projects have a higher chance of succeeding Intro. to Programming, lecture 23: From Programming t o Software Engineering 19 Intro. to Programming, lecture 23: From Programming t o Software Engineering 20 NIST report on “testing” (May 2002) Software quality: external vs internal External factors: visible to customers Monetary effect on (not just end users but e.g. purchasers) Developers and User due to � Examples : ease of use, extendibility, timeliness “insufficient testing infrastructure”: Internal factors: perceptible only to developers $59.5 billion � Examples : good programming style, information hiding (Financial sector: $3.3 billion, Only external factors count in the end, but the internal auto/ aerospace $1.8 billion etc.) factors make it possible to obtain them. Intro. to Programming, lecture 23: From Programming t o Software Engineering 21 Intro. to Programming, lecture 23: From Programming t o Software Engineering 22 Some external factors Software quality: product vs process Product quality (immediate): Product: properties of the resulting software � Reliability � Efficiency For example: correctness, efficiency � Ease of use Process quality: � Ease of learning � Production speed (timeliness) � Cost-effectiveness Process: properties of the procedures used to produce � Predictability and “maintain” the software � Reproducibility � Self-improvement Product quality (long term): � Extendibility � Reusability � Portability Intro. to Programming, lecture 23: From Programming t o Software Engineering 23 Intro. to Programming, lecture 23: From Programming t o Software Engineering 24 4

Recommend


More recommend