发布求助
文献互助 智能选刊 最新文献

Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance最新文献

筛选
英文 中文
A software metric for logical errors and integration testing effort 逻辑错误和集成测试工作的软件度量
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613302
R. Leach, D. Coleman
{"title":"A software metric for logical errors and integration testing effort","authors":"R. Leach, D. Coleman","doi":"10.1109/CMPASS.1997.613302","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613302","url":null,"abstract":"Many software metrics are based on analysis of individual source code modules and do not consider the way that modules are interconnected. This presents a special problem for many current software development project environments that utilize a considerable amount of commercial, off-the-shelf or other reusable software components and devote a considerable amount of time to testing and integrating such components. We describe a new metric called the BVA metric that is based on an assessment of the coupling between program subunits. The metric is based on the testing theory technique known as boundary value analysis. For each parameter or global variable in a program module or subunit, we compute the number of test cases necessary for a \"black-box\" test of a program subunit based on partitioning that portion of the domain of the subunit that is affected by the parameter. The BVA metric can be computed relatively early in the software life cycle. Experiments in several different languages and both academic and industrial programming environments suggest a close predictive relationship with the density of logical software errors and also with integration and testing effort.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131957246","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
"What is a formal method (and what is an informal method)?" “什么是正式方法(什么是非正式方法)?”
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613286
L. Hatton
{"title":"\"What is a formal method (and what is an informal method)?\"","authors":"L. Hatton","doi":"10.1109/CMPASS.1997.613286","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613286","url":null,"abstract":"This position paper traces a very personal view of formal methods in the period 1982-1997. The author describes his own experiences in formal methods all the way from outright belief in the power of mathematics in the early 1980s, to a measurement-tempered and rather cautious optimism in the late 1990s.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130546864","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
On the uniformity of error propagation in software 软件中误差传播的均匀性
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613237
C. Michael, R. C. Jones
{"title":"On the uniformity of error propagation in software","authors":"C. Michael, R. C. Jones","doi":"10.1109/CMPASS.1997.613237","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613237","url":null,"abstract":"This paper presents an empirical study of an important aspect of software defect behavior: the propagation of data-state errors. A data-state error occurs when a fault is executed and affects a program's data-state, and it is said to propagate if it affects the outcome of the execution. Our results show that data-state errors appear to have a property that is quite useful when simulating faulty code: for a given input, it appears that either all data state errors injected at a given location tend to propagate to the output, or else none of them do. These results are interesting because of what they indicate about the behavior of data-state errors in software. They suggest that data state errors behave in an orderly way, and that the behavior of software may not be as unpredictable as it could theoretically be. Additionally, if all faults behave the same for a given input and a given location, then one can use simulation to get a good picture of how faults behave, regardless of whether the faults one has simulated are representative of real faults.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"751 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132518221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
Quantitative reliability and availability assessment for critical systems including software 包括软件在内的关键系统的定量可靠性和可用性评估
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613307
M. Hecht, Dong Tang, Herbert Hecht, Sohar, Beverly Hills, Robert W. Brill
{"title":"Quantitative reliability and availability assessment for critical systems including software","authors":"M. Hecht, Dong Tang, Herbert Hecht, Sohar, Beverly Hills, Robert W. Brill","doi":"10.1109/CMPASS.1997.613307","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613307","url":null,"abstract":"In many cases, it is possible to derive a quantitative reliability or availability assessment for systems containing software with the appropriate use of system-level measurement-based modeling and supporting data. This paper demonstrates the system-level measurement based approach using a simplified safety protection system example. The approach is contrasted with other software reliability prediction methodologies. The treatment of multiple correlated and common mode failures, systematic failures, and degraded states are also discussed. Finally a tool called MEADEP, which is now under development, is described. The objective of the tool is to reduce the system-level measurement-based approach to a practical task that can be performed on systems with element failure rates as low as 10/sup -6/ per hour.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126773963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 30
Effect of repair policies on software reliability 修复策略对软件可靠性的影响
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613262
S. Gokhale, P. Marinos, M. Lyn, Kishor S. Trivedi
{"title":"Effect of repair policies on software reliability","authors":"S. Gokhale, P. Marinos, M. Lyn, Kishor S. Trivedi","doi":"10.1109/CMPASS.1997.613262","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613262","url":null,"abstract":"Software reliability is an important metric that quantifies the quality of the software product and is inversely related to the number of unrepaired faults in the system. Fault removal is a critical process in achieving the desired level of quality before software deployment in the field. Conventional software reliability models assume that the time to remove a fault is negligible and that the repair process is perfect. We examine various kinds of repair scenarios, and analyze the effect of these fault removal policies on the residual number of faults at the end of the testing process, using a non-homogeneous continuous time Markov chain. The fault removal rate is initially assumed to be constant, and it is subsequently extended to cover time and state dependencies. These fault removal scenarios can be easily incorporated using the state space view of the non-homogeneous Poisson process.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128679033","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Tools for formal specification, verification, and validation of requirements 用于正式规范、验证和确认需求的工具
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613206
C. Heitmeyer, J. Kirby, B. Labaw
{"title":"Tools for formal specification, verification, and validation of requirements","authors":"C. Heitmeyer, J. Kirby, B. Labaw","doi":"10.1109/CMPASS.1997.613206","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613206","url":null,"abstract":"Although formal methods for developing computer systems have been available for more than a decade, few have had significant impact in practice. A major barrier to their use is that software developers find formal methods difficult to understand and apply. One exception is a formal method called SCR for specifying computer system requirements which, due to its easy to use tabular notation and its demonstrated scalability, has already achieved some success in industry. Recently a set of software tools, including a specification editor, a consistency checker, a simulator, and a verifier has been developed to support the SCR method. This paper describes recent enhancements to the SCR tools: a new dependency graph browser which displays the dependencies among the variables in the specification, an improved consistency checker which produces detailed feedback about detected errors, and an assertion checker which checks application properties during simulation. To illustrate the tool enhancements, a simple automobile cruise control system is presented and analyzed.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115223688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 76
Information security: from reference monitors to wrappers 信息安全:从参考监视器到包装器
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613283
L. Badger
{"title":"Information security: from reference monitors to wrappers","authors":"L. Badger","doi":"10.1109/CMPASS.1997.613283","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613283","url":null,"abstract":"Information system security has turned out to be much more challenging than at first thought. In the 1980s a great deal of energy was expended in an attempt to create a broad market of security-enhanced systems. This market, however, did not develop, and most computer systems today include only rudimentary security mechanisms. New technologies, however, such as extensible systems and security wrappers, hold promise to reintroduce security as an effective and ubiquitous system service.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131624810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Simulation-based test of fault-tolerant group membership services 基于仿真的容错组成员服务测试
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613291
G. A. Alvarez, F. Cristian
{"title":"Simulation-based test of fault-tolerant group membership services","authors":"G. A. Alvarez, F. Cristian","doi":"10.1109/CMPASS.1997.613291","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613291","url":null,"abstract":"We address the problem of gaining assurance on the correctness of fault-tolerant and real-time distributed protocols. We validate implementations of two group membership protocols by running a centralized simulation of the distributed system, and testing whether the protocols satisfy the safety and timeliness properties prescribed by their specifications. Our testing environment performs deterministic experiments that include both normal workloads and failures injected into the execution, to test protocol behavior under failure scenarios the protocols are supposed to tolerate. The two membership protocols assume different system models, and depend on quite different sets of underlying services. Even though their specifications contain properties that cannot be evaluated accurately in a distributed platform, our testing environment overcomes this limitation. The tests performed uncovered several flaws in the implementations.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132917211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Perturbation analysis of computer programs 计算机程序的摄动分析
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613242
L. Morell, B. Murrill, Renata Rand
{"title":"Perturbation analysis of computer programs","authors":"L. Morell, B. Murrill, Renata Rand","doi":"10.1109/CMPASS.1997.613242","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613242","url":null,"abstract":"Error flow analysis is the study of how errors originate, spread, and propagate during program execution based on the three steps of the fault/failure model: execution, infection, and propagation. These three steps are defined relative to a virtual computer-by judiciously selecting the instruction set and data state of this computer the need for infection analysis can be reduced or eliminated in favor of execution and propagation analysis. A key aspect of propagation analysis is injecting errors into the data state and tracing their expect. Perturbation analysis injects errors by directly modifying the data state of on executing program. The resulting code that is executed-the tail code-is analyzed for its error-flow behavior. Perturbation analysis is a language-independent and efficient method of characterizing the propagation rate of each tail function, the function computed by all tail code originating at a given location. This paper defines a model for perturbation analysis, and uses the model to explain the performance of analysis techniques (e.g. statement, data flow, and mutation analysis).","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125622465","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Is information security an oxymoron? 信息安全是一个矛盾的说法吗?
Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance Pub Date : 1997-06-16 DOI: 10.1109/CMPASS.1997.613273
J. Knight
{"title":"Is information security an oxymoron?","authors":"J. Knight","doi":"10.1109/CMPASS.1997.613273","DOIUrl":"https://doi.org/10.1109/CMPASS.1997.613273","url":null,"abstract":"Although weaknesses have been demonstrated in some security techniques (encryption, protocols, mobile code such as Java, etc.), current security technology is quite strong in many areas. Despite this, information security has proved difficult to achieve in large modern software systems. Many problems have been reported in which supposedly secure systems have been penetrated and in some cases significant damage done. In practice, it appears that many (perhaps even the majority) of serious security failures are attributable to software engineering defects in the systems experiencing the failure. The author discusses the use of wrappers which can deal with deficiencies in security and considers the software architectural approach.","PeriodicalId":377266,"journal":{"name":"Proceedings of COMPASS '97: 12th Annual Conference on Computer Assurance","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1997-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126774055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信