1 / 129

Daniel Amyot University of Ottawa 200 7

CSI 5112 Review of Software Engineering. Daniel Amyot University of Ottawa 200 7. A Few Bugs from the Past 25 Years… [ http://www.wired.com/news/technology/bugs/0,2924,69355,00.html and other sources].

Download Presentation

Daniel Amyot University of Ottawa 200 7

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CSI 5112 Review of Software Engineering Daniel Amyot University of Ottawa 2007

  2. A Few Bugs from the Past 25 Years… [http://www.wired.com/news/technology/bugs/0,2924,69355,00.html and other sources] • 1982 — Soviet gas pipeline. Operatives working for the CIA allegedly plant a bug in a Canadian computer system purchased to control the trans-Siberian gas pipeline. The resulting event is reportedly the largest non-nuclear explosion in the planet’s history. • 1985-1987 — Therac-25 medical accelerator. A Canadian radiation therapy device malfunctions and delivers lethal radiation doses at several medical facilities. • 1988-1996 — Kerberos Random Number Generator. The authors of the Kerberos security system neglect to properly “seed” the program’s random number generator with a truly random seed. • 1990 — AT&T Network Outage. A bug in a new release of the software that controls AT&T’s #4ESS long distance switches causes these mammoth computers to crash. • 1993 — Intel Pentium floating point divide. A silicon error causes Intel’s highly promoted Pentium chip to make mistakes when dividing floating-point numbers that occur within a specific range. • 1995-1996 — The Ping of Death. A lack of sanity checks and error handling in the IP fragmentation reassembly code makes it possible to crash a wide variety of operating systems by sending a malformed “ping” packet from anywhere on the internet. • 1996 — Ariane 5 Flight 501. Working code for the Ariane 4 rocket is reused in the Ariane 5, but the Ariane 5’s faster engines trigger a bug in an arithmetic routine inside the rocket’s flight computer. • 1995-2000 — Year 2000 Problem (Y2K). Two digits for representing a year ain’t enough  • 2000 — National Cancer Institute, Panama City. In a series of accidents, therapy planning software created by Multidata Systems International, a U.S. firm, miscalculates the proper dosage of radiation for patients undergoing radiation therapy. • 2003 — North America blackout triggered by a local outage that went undetected due to a in General Electric Energy's XA/21 monitoring software. Review of Software Engineering

  3. RISK Stories by Peter G. Neumann • Illustrative Risks to the Public in the Use of Computer Systems and Related Technology • http://www.csl.sri.com/users/neumann/illustrativerisks.html • Digest • http://catless.ncl.ac.uk/Risks/ • Software Horror Stories • http://www.cs.tau.ac.il/~nachumd/verify/horror.html Review of Software Engineering

  4. Review • The review will be done in four parts. This information is meant to refresh your memory (many of these concepts should be known by now) and to motivate several aspects of the course. • Software and Software Engineering • Modelling, and Dealing with Complexity • Modelling with UML 1.x • Essential Java Features Review of Software Engineering

  5. Part I:Software and Software Engineering Review, CSI 5112 (Based on Lethbridge and Laganière)

  6. Objective • Provide elements of answers to several important questions: • What is software? • What is software engineering? • What does quality mean in that context? • What kind of software projects exist? • What about software project management and process models? Review of Software Engineering

  7. Why Software Engineering? • To address real needs of users, in a profitable way • To ensure quality • To ensure security (of systems, information, people) • To develop large, complex systems… and small ones • To reduce development time • To manage risks • To select appropriate alternatives • To support system evolution • To consider human aspects • … much more than just programming Review of Software Engineering

  8. The Nature of Software... • Software is intangible • Hard to understand development effort • Software is easy to reproduce • Cost is in its development • Often, in other engineering products, manufacturing is the costly stage • The industry is labor-intensive • Hard to automate Review of Software Engineering

  9. The Nature of Software ... • Untrained people can hack something together • Quality problems are hard to notice • Software is easy to modify • People make changes without fully understanding it • Software does not ‘wear out’ • It deteriorates by having its design changed: • erroneously, or • in ways that were not anticipated, thus making it complex Review of Software Engineering

  10. The Nature of Software • Observations • Much software has poor design and is getting worse • Demand for software is high and rising • We are in a perpetual ‘software crisis’ • Very few projects actually deliver working software, on time • We have to learn to ‘engineer’ software Review of Software Engineering

  11. Types of Software... • Custom • For a specific customer • Few copies in circulation • Generic • Sold on open market • Often called • COTS • Shrink-wrapped • Embedded • Built into hardware • Tons of copies in circulation • Hard to change • Real time software • Control and monitoring systems • Must react immediately • Safety often a concern • Data processing software • Used to run businesses • Accuracy and security of data are key • Many other aspects exist, and most software integrate many aspects at different levels. Review of Software Engineering

  12. What is Software Engineering?... • The process of solving customers’ problems by the systematic development and evolution of large, high-quality software systems within cost, time and other constraints • … Solving customers’ problems • This is the goal of software engineering • Sometimes the solution is to buy, not build • Adding unnecessary features does not help solve the problem • Software engineers must communicate effectively to identify and understand the problem Review of Software Engineering

  13. What is Software Engineering?… • … Systematic development and evolution • An engineering process involves applying well understood techniques in a organized and disciplined way • Many well-accepted practices have been formally standardized • e.g. by the IEEE or ISO • Most development work is evolution • … Large, high quality software systems • Software engineering techniques are needed because large systems cannot be completely understood by one person • Teamwork and co-ordination are required • Key challenge: Dividing up the work and ensuring that the parts of the system work properly together • The end-product that is produced must be of sufficient quality Review of Software Engineering

  14. What is Software Engineering? • … Cost, time and other constraints • Finite resources • The benefit must outweigh the cost • Others are competing to do the job cheaper and faster • Inaccurate estimates of cost and time have caused many project failures “Software and Cathedrals are much the same: First we build them, then we pray!!!” -Sam Redwine, Jr. Review of Software Engineering

  15. Software Engineering: a Profession • The term Software Engineering was coined in 1968 • People began to realize that the principles of engineering should be applied to software development • Engineering is a licensed profession • In order to protect the public • Engineers design artefacts following well accepted practices which involve the application of science, mathematics and economics • Ethical practice is also a key tenet of the profession • Examples: PEO (Ontario), OIQ (Québec) Review of Software Engineering

  16. Software Engineering Code of Ethics and Professional Practice, 5.2 (ACM/IEEE-CS) • Complete version: http://seeri.etsu.edu/Codes/TheSECode.htm • Software engineers shall commit themselves to making the analysis, specification, design, development, testing and maintenance of software a beneficial and respected profession. In accordance with their commitment to the health, safety and welfare of the public, software engineers shall adhere to the following Eight Principles: Review of Software Engineering

  17. Software Engineering Code of Ethics and Professional Practice, 5.2 (ACM/IEEE-CS) • PUBLIC - Software engineers shall act consistently with the public interest. • CLIENT AND EMPLOYER - Software engineers shall act in a manner that is in the best interests of their client and employer, consistent with the public interest. • PRODUCT - Software engineers shall ensure that their products and related modifications meet the highest professional standards possible. • JUDGMENT - Software engineers shall maintain integrity and independence in their professional judgment. • MANAGEMENT - Software engineering managers and leaders shall subscribe to and promote an ethical approach to the management of software development and maintenance. • PROFESSION - Software engineers shall advance the integrity and reputation of the profession consistent with the public interest. • COLLEAGUES - Software engineers shall be fair to and supportive of their colleagues. • SELF - Software engineers shall participate in lifelong learning regarding the practice of their profession and shall promote an ethical approach to the practice of the profession. Review of Software Engineering

  18. Typical Stakeholders in Software Engineering • 1. Users • Those who use the software • 2. Customers • Those who pay for the software • 3. Software developers and maintainers • 4. Development Managers • 5. Salesmen/Distributors • Many other types of stakeholders could be discussed. Note that many roles can be fulfilled by the same person! Review of Software Engineering

  19. Software Quality... • Usability • Users can learn it and fast and get their job done easily • Efficiency • It doesn’t waste resources such as CPU time and memory • Reliability • It does what it is required to do without failing • Maintainability • It can be easily changed • Reusability • Its parts can be used in other projects, so reprogramming is not needed • … and many other -ities Review of Software Engineering

  20. Software Quality... An example ontology… [http://www.cs.cf.ac.uk/user/M.Burgess/phd/index.html] Review of Software Engineering

  21. QUALITY SOFTWARE Software Quality: What is at Stake? Customer: User: solves problems at easy to learn; an acceptable cost in efficient to use; terms of money paid and helps get work done resources used Salesman/Distributor: simple packaging; customization; warranty and updates; benefit margins Developer: Development manager: easy to design; sells more and easy to maintain; pleases customers easy to reuse its parts while costing less to develop and maintain Review of Software Engineering

  22. Software Quality • The different qualities can conflict • Increasing efficiency can reduce maintainability or reusability • Increasing usability can reduce efficiency • Setting objectives for quality is a key engineering activity • You then design to meet the objectives • Avoids ‘over-engineering’ which wastes money • Optimizing is also sometimes necessary • E.g. obtain the highest possible reliability using a fixed budget Review of Software Engineering

  23. Software Engineering Projects • Most projects are evolutionary or maintenance projects, involving work on legacy systems • Corrective projects: fixing defects • Adaptive projects: changing the system in response to changes in • Operating system • Database • Rules and regulations • Enhancement projects: adding new features for users • Reengineering or perfective projects: changing the system internally so it is more maintainable Review of Software Engineering

  24. Software Engineering Projects • ‘Green field’ projects • New development • The minority of projects Review of Software Engineering

  25. Software Engineering Projects • Projects that involve building on a framework or a set of existing components. • The framework is an application that is missing some important details. • E.g. Specific rules of organization, business logic... • Such projects: • Involve plugging together components that are: • Already developed. • Provide significant functionality. • Benefit from reusing reliable software. • Provide much of the same freedom to innovate found in green field development. Review of Software Engineering

  26. Activities Common to Software Projects... • Requirements and specification • Includes • Domain analysis and problem definition • Requirements elicitation • Obtaining input from as many sources as possible • Requirements analysis • Organizing the information • Requirements specification • Writing detailed instructions about how the software should behave • Requirements validation • Requirements management Review of Software Engineering

  27. Activities Common to Software Projects... • Design • Deciding how the requirements should be implemented, using the available technology • Includes: • Systems engineering: Deciding what should be in hardware and what in software • Software architecture: Dividing the system into subsystems and deciding how the subsystems will interact • Detailed design of the internals of a subsystem • User interface design • Design of databases Review of Software Engineering

  28. Activities Common to Software Projects • Modelling • Creating representations of the domain or the software • Use case modelling • Structural modelling • Dynamic and behavioural modelling • Issue modelling • Programming • Quality assurance • Reviews and inspections • Testing, validation, verification • Deployment • Change and process management Review of Software Engineering

  29. Difficulties and Risks in Software Engineering • • Complexity and large numbers of details • • Uncertainty about technology • • Uncertainty about requirements • • Uncertainty about software engineering skills • • Constant change • • Deterioration of software design • • Political risks Good management skills are required! Review of Software Engineering

  30. (Software) Project Management • Project management encompasses all the activities needed to plan and execute a project: • Deciding what needs to be done • Estimating costs • Ensuring there are suitable people to undertake the project • Defining responsibilities • Scheduling • Making arrangementsfor the work • continued ... Review of Software Engineering

  31. (Software) Project Management • Directing • Being a technical leader • Reviewing and approving decisions made by others • Building morale and supporting staff • Monitoring and controlling • Co-ordinating the work with managers of other projects • Reporting • Continually striving to improve the process Review of Software Engineering

  32. Software Process Models • Software process models are general approaches for organizing a project into activities. • Help the project manager and his or her team to decide: • What work should be done; • In what sequence to perform the work. • The models should be seen as aids to thinking, not rigid prescriptions of the way to do things. • Each project ends up with its own unique plan. Review of Software Engineering

  33. Dilbert on Processes and Methodologies Review of Software Engineering

  34. The Opportunistic Approach Review of Software Engineering

  35. The Opportunistic Approach • … is what occurs when an organization does not follow good engineering practices. • It does not acknowledge the importance of working out the requirements and the design before implementing a system. • The design of software deteriorates faster if it is not well designed. • Since there are no plans, there is nothing to aim towards. • There is no explicit recognition of the need for systematic testing and other forms of quality assurance. • The above problems make the cost of developing and maintaining software very high. Review of Software Engineering

  36. The Waterfall Model Requirements V Gathering and & Definition V V Specification & V V & Design V V Implementation & V V Integration and & Deployment V V Maintenance & V Review of Software Engineering

  37. The Waterfall Model • The classic way of looking at S.E. that accounts for the importance of requirements, design and quality assurance. • The model suggests that software engineers should work in a series of stages. • Before completing each stage, they should perform quality assurance (verification and validation). • The waterfall model also recognizes, to a limited extent, that you sometimes have to step back to earlier stages. Review of Software Engineering

  38. Limitations of the Waterfall Model • The model implies that you should attempt to complete a given stage before moving on to the next stage • Does not account for the fact that requirements constantly change. • It also means that customers can not use anything until the entire system is complete. • The model makes no allowances for prototyping. • It implies that you can get the requirements right by simply writing them down and reviewing them. • The model implies that once the product is finished, everything else is maintenance. Review of Software Engineering

  39. The Phased-Release Model Phase 1 V & Design V Requirements V V Gathering and & Implementation & Definition V V V V Specification & Integration and & V Deployment V V Planning & V Phase 2 V & Design V V Implementation & V V Integration and & Deployment V etc ... Review of Software Engineering

  40. The Phased-Release Model • It introduces the notion of incremental development. • After requirements gathering and planning, the project should be broken into separate subprojects, or phases. • Each phase can be released to customers when ready. • Parts of the system will be available earlier than when using a strict waterfall approach. • However, it continues to suggest that all requirements be finalized at the start of development. Review of Software Engineering

  41. The Spiral Model Release 2 Release 1 Analysis of risk Review Prototype Requirements Integration and deployment Specification Implementation Design Review of Software Engineering

  42. The Spiral Model • It explicitly embraces prototyping and an iterative approach to software development. • Start by developing a small prototype. • Followed by a mini-waterfall process, primarily to gather requirements. • Then, the first prototype is reviewed. • In subsequent loops, the project team performs further requirements, design, implementation and review. • The first thing to do before embarking on each new loop is risk analysis. • Maintenance is simply a type of on-going development. Review of Software Engineering

  43. The Evolutionary Model Time Development Activity Review of Software Engineering

  44. The Evolutionary Model • It shows software development as a series of hills, each representing a separate loop of the spiral. • Shows that loops, or releases, tend to overlap each other. • Makes it clear that development work tends to reach a peak, at around the time of the deadline for completion. • Shows that each prototype or release can take • different amounts of time to deliver; • differing amounts of effort. Review of Software Engineering

  45. The Concurrent Engineering Model Review of Software Engineering

  46. The Concurrent Engineering Model • It explicitly accounts for the divide and conquer principle. • Each team works in parallel on its own component, typically following a spiral or evolutionary approach. • There has to be some initial planning, and periodic integration. Review of Software Engineering

  47. Choosing a Process Model • From the waterfall model: • Incorporate the notion of stages. • From the phased-release model: • Incorporate the notion of doing some initial high-level analysis, and then dividing the project into releases. • From the spiral model: • Incorporate prototyping and risk analysis. • From the evolutionary model: • Incorporate the notion of varying amounts of time and work, with overlapping releases. • From the concurrent engineering: • Incorporate the notion of breaking the system down into components and developing them in parallel. Review of Software Engineering

  48. Reengineering • Periodically project managers should set aside some time to re-engineer part or all of the system • The extent of this work can vary considerably: • Cleaning up the code to make it more readable. • Completely replacing a layer. • Re-factoring part of the design. • In general, the objective of a re-engineering activity is to increase maintainability. Review of Software Engineering

  49. Extreme Programming • Extreme Programming (XP) was created in response to problem domains whose requirements change. • Your customers may not have a firm idea of what the system should do. • You may not have to develop large requirement documents. Instead you write a series of user stories. • Project planning is based on user stories. There must be a series of small and frequent/regular releases; • In many software environments dynamically changing requirements is the only constant. • XP requires an extended development team. The XP team includes not only the developers, but the managers and customers as well. • Extreme Listening, Testing, Coding, Designing. http://www.extremeprogramming.org Review of Software Engineering

  50. Dilbert on Extreme Programming… Review of Software Engineering

More Related