Software Integration and Software Integration and DocumentingDocumenting

ByBy

FranklynFranklyn

Cleanroom Software Cleanroom Software Engineering Engineering • A software development process intended to produce A software development process intended to produce

software with a certifiable level of reliability.software with a certifiable level of reliability.• The Cleanroom process was originally developed by The Cleanroom process was originally developed by

Harlan Mills and several of his colleagues at IBMHarlan Mills and several of his colleagues at IBM• The focus of the Cleanroom process is on defect The focus of the Cleanroom process is on defect

prevention, rather than defect removal prevention, rather than defect removal • The name The name CleanroomCleanroom was chosen to evoke the was chosen to evoke the

cleanrooms used in the electronics industry to prevent cleanrooms used in the electronics industry to prevent the introduction of defects during the fabrication of the introduction of defects during the fabrication of integrated circuits.integrated circuits.

CleanRoom Software EngineeringCleanRoom Software Engineering

• It emphasizes need to develop correctness into software It emphasizes need to develop correctness into software as it being developed.as it being developed.

• It is different form classic analysis, design, test and It is different form classic analysis, design, test and debugging. The cleanroom has a different approach.debugging. The cleanroom has a different approach.

• It emphasizes rigor in specification and design and It emphasizes rigor in specification and design and formal verification of each design using correctness formal verification of each design using correctness proofs that are mathematically based.proofs that are mathematically based.

• It also emphasizes on the techniques for statistical It also emphasizes on the techniques for statistical quality control, including testing that is based on quality control, including testing that is based on customers use.customers use.

Some problems by Some problems by Henderson Henderson

• Cleanroom is too technical and Cleanroom is too technical and mathematicalmathematical

• It advocates no unit testingIt advocates no unit testing

• It requires rigorous applicationsIt requires rigorous applications

The cleanroom strategyThe cleanroom strategy

• A “pipeline of software increments”A “pipeline of software increments”

• Developed by small independent Developed by small independent software teams.software teams.

• Once functionality has been assigned Once functionality has been assigned to the software element of the to the software element of the system the pipeline is initiated.system the pipeline is initiated.

• Some tasks occurSome tasks occur

The cleanroom strategyThe cleanroom strategy

• Increment planningIncrement planning• Requirement gatheringRequirement gathering• Box structure specification-describe functionality Box structure specification-describe functionality

specificationspecification• Formal designFormal design• Correctness verificationCorrectness verification• Code generation, inspection and verificationCode generation, inspection and verification• Statistical test planningStatistical test planning• Statistical use testingStatistical use testing• certificationcertification

What makes it differentWhat makes it different

• It makes use of statistical quality It makes use of statistical quality controlcontrol

• It verifies specification using It verifies specification using mathematical based proofmathematical based proof

• Testing techniques to under cover Testing techniques to under cover errorserrors

Functional specificationFunctional specification

• Uses a model called box structure Uses a model called box structure specificationspecification

• A “box” hold the system or part at some A “box” hold the system or part at some level of details.level of details.

• The information in each box is enough for The information in each box is enough for its refinement without depending on the its refinement without depending on the other.other.

• Enable analysts to partition systems Enable analysts to partition systems hierarically .hierarically .

Three types of boxes Three types of boxes

• Black box- used to represent externally Black box- used to represent externally observed behavior observed of a system.observed behavior observed of a system.

• State box- holds state data and State box- holds state data and operation. Input to sate box and output operation. Input to sate box and output are reprsentedare reprsented

• Clear box- to model the procedural Clear box- to model the procedural design that is implied by the data and design that is implied by the data and operations.operations.

Cleanroom designCleanroom design

• S.E heavily use structured S.E heavily use structured programming.programming.

• Used moreUsed more

• Program data holds a set of Program data holds a set of abstractions that are called by a sub abstractions that are called by a sub functionsfunctions

Advantages of design Advantages of design verificationverification

• Reduce verification to a finite processReduce verification to a finite process• Lets cleanroom verifies every line of Lets cleanroom verifies every line of

design and codedesign and code• Near zero defect levelNear zero defect level• Produces better codeProduces better code• Design verification must be applied Design verification must be applied

to the source code which is known as to the source code which is known as correctness verifcationcorrectness verifcation

Cleanroom testingCleanroom testing

• To validate the software To validate the software requirementsrequirements

• By demonstrating use –cases have By demonstrating use –cases have been executed successfullybeen executed successfully

Cleanroom testing contd.Cleanroom testing contd.

• Testing it the way users will.Testing it the way users will.• Cleanroom teams determine usage Cleanroom teams determine usage

probability distribution of the software.probability distribution of the software.• Timing for test is recorded so that interval Timing for test is recorded so that interval

time may be determined. time may be determined. • Using interval time the certification teams Using interval time the certification teams

can compute Mane-time-to failure (MTTF)can compute Mane-time-to failure (MTTF)• A long sequence conducted without failure A long sequence conducted without failure

the MMTF is low and software reliability is the MMTF is low and software reliability is high.high.

CertificationCertification

• It implies reliabilityIt implies reliability

• Its approach involve five steps: Its approach involve five steps: usage scenario, profile specified. usage scenario, profile specified. Test generated from profile , failure Test generated from profile , failure data are recorded and analyzed, data are recorded and analyzed, reliability is computed and certified.reliability is computed and certified.

Certification contd.Certification contd.

• It requires three modelsIt requires three models

• sampling model- random test sampling model- random test

• component model- componentscomponent model- components

• Certification model-overallCertification model-overall