Kĩ thuật lập trình - Chapter 14: Testing reusable software components in safety - Critical real - time systems
Failure
The inability of a system or component to perform its intended function as defined by the specification.
A failure is a consequence of a fault, which has been executed.
When a fault in a computer program is executed an error arise.
Finally, if the error propagates and becomes externally visible for an observer of a system or component, a failure occurs.
22 trang |
Chia sẻ: huyhoang44 | Lượt xem: 703 | Lượt tải: 0
Bạn đang xem trước 20 trang tài liệu Kĩ thuật lập trình - Chapter 14: Testing reusable software components in safety - Critical real - time systems, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
Chapter 14Testing Reusable Software Components in Safety-Critical Real-Time Systems Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsOverviewIntroductionReuse and Exhaustive Testing Reuse and Statistical Evidence Component Reuse, Statistical Evidence and Failure BehaviorPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsIntroductionHow dynamic verification of real-time software relates to component reuse in safety-critical real-time systems. Re-testing cannot be eliminated in general. Ariane 5 Therac 25 Contract Pre-conditionsPost-conditions InvariantsPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsReuse and Exhaustive TestingProvide evidence based on the component’s:Contracts, Experience accumulated, That a component can be reused immediately, That only parts can be reused or that it cannot be reused. Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsFirst UsePage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time Systems New Environment Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsOverlapping Input DomainPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsPre- and Post-conditions Telephone A 0...1027 G...P 345...640 Pre-condition ( (0 £ input1 £ 1027) && (”G” £ input2 £ ”P”) ) // pre-condition statement 1; . . . statement n;Post-condition(345 £ output £ 640 ) // post-conditionA component with Pre- and Post-conditionsPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsUpdated Pre- and Post-conditionsTelephone B -17...778 A...F 5...123 Pre-condition ( (-17 £ input1 £ 1027) && (”A” £ input2 £ ”P”) ) // pre-condition statement 1; . . . statement n;Post-condition (45 < output < 640 ) // post-conditionA new environment would violate the pre- and post-conditions unless they are updated Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsReliability and Confidence for a Input DomainR(c)C(c)I(c)01027A graph representing the reliability and the confidence for a input domainPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsLower Reliability Requirements R(c)C(c)I(c)01027A component reused in a context with lower reliability requirements Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsReaching Desired Reliability R(c)C(c)I(c)01027The component must be run for a longer time to reach the desired reliability Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsPreviously Experienced ReliabilityR(c)C(c)I(c)01027Previously experienced reliability cannot be utilized ifinput domains are outside historical use of the componentPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsComponent Reuse, Statistical Evidence and Failure BehaviorFailure The inability of a system or component to perform its intended function as defined by the specification. A failure is a consequence of a fault, which has been executed. When a fault in a computer program is executed an error arise. Finally, if the error propagates and becomes externally visible for an observer of a system or component, a failure occurs. Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsByzantine and Arbitrary FailuresThis failure mode is characterized by a non-assumption:Meaning that there is absolutely no restriction with respect to which effects the component user may perceive. The failure mode has therefore been called malicious or fail-uncontrolled. This failure mode includes two-faced behavior: a component can output “X is true” to one component user, and “X is false” to another component user.Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsSequential Failure Behavior Control failures: Selecting the wrong branch in an if-then-else statement.Value failures:Assigning an incorrect value to a correct (intended) variable.Addressing failures: Assigning a correct (intended) value to an incorrect variable.Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsSequential Failure BehaviorTermination failures: A loop statement failing to complete because the termination condition is never satisfied. Input failures: Receiving an (undetected) erroneous value from a sensor.Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsFailure BehaviorsR(c)C(c)Failure behaviorAddressing failureThe confidence in the measured reliability is decreased when new failure behaviors can developPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsTiming Failure BehaviorThis failure mode yields a correct result (value), although the procurement of the result is time-wise incorrect. For example, deadline violations, start of task too early, incorrect period time, too much jitter, too many interrupts. Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsDeadline RequirementsIf we reuse a component with only a deadline requirement in a new environment in which the execution time is shorter, the component can be reused without re-testing. Page Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsDeadline RequirementsR(c)C(c)Worst case execution timeNewoldThe deadline requirement is still fulfilledsince the new execution time is shorterPage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time SystemsResponse TimeR(c)C(c)Response timeTol minTol MaxThe response time for the reused component is within the tolerancePage Building Reliable Component-based Systems Chapter 14 - Testing Reusable Software Components in Safety-Critical Real-Time Systems
Các file đính kèm theo tài liệu này:
- 14_chapterwc_8816.ppt