Fig 1 - uploaded by Roy Sterritt
Content may be subject to copyright.
Contrasting availability of Telephone Systems, Computer Systems, Internet, and Mobile Phones.
Source publication
The explosion of capabilities and new products within the sphere of Information Technology (IT) has fostered widespread, overly optimistic opinions regarding the industry, based on common but unjustified assumptions of quality and correctness of software. These assumptions are encouraged by software producers and vendors, who at this late date have...
Context in source publication
Context 1
... S OFTWARE P ROBLEMS With the situation stated this way, many flawed assumptions regarding the IT industry come into view. The situation is even worse if we focus primarily on software. The Computing industry has failed to avoid software-related catastrophes. Notable examples include: • Therac-25, where cancer patients were given lethal doses of radiation during radiation therapy [33]. • Ariane 5, where it was assumed that the same launch software used in the prior version (Ariane 4) could be reused. The result was the loss of the rocket within seconds of launch [34]. • The Mars Polar Lander, where failure to initialize a variable resulted in the craft crash landing on the Martian surface, instead of reverse thrusting and landing softly [29]. Progress in software regularly lags behind hardware. In the last decade, for example, two highly software-intensive applications, namely Internet communications and mobile phone technology, have suffered reduced availability and increased down time , while their hardware counterparts, computer hardware and telephony systems, have continued to improve. Figure 1 illustrates this trend [17]. The realization that software development has lagged greatly behind hardware is hardly a new one [6], nor is the realization that our software development processes have some severe deficiencies. Brooks, in a widely quoted and much-referenced article [7], warns of complacency in software development. He stresses that, unlike hardware development, we cannot expect to achieve great advances in productivity in software development unless we concentrate on more appropriate development methods. He highlights how software systems can suddenly turn from being well-behaved to behaving erratically and uncontrollably, with unanticipated delays and increased costs. Brooks sees software systems as “werewolves” and rightly points out that there is no single technique, no Silver Bullet, capable of slaying such monsters [6]. On the contrary, more and more complex systems are run on highly distributed, heterogeneous networks, subject to strict performance, fault tolerance, and security constraints, all of which may conflict. Many engineering disciplines must contribute to the development of complex systems in an attempt to satisfy all of these requirements. No single technique is adequate to address all issues of complex system development; rather, different techniques must be applied at different stages of development (and throughout the development process) to ensure unambiguous requirements state- ments, precise specifications that are amenable to analysis and evaluation, implementations that satisfy the requirements and various (often conflicting) goals, re-use, re-engineering and reverse engineering of legacy code, appropriate integration with existing systems, ease-of-use, predictability, dependability, maintainability, fault tolerance, etc. [6]. Brooks [7] differentiates between the essence (that is, problems that are necessarily inherent in the nature of software) and accidents (that is, problems that are secondary and caused by current development environments and techniques). He points out the great need for appropriate means of coming to grips with the conceptual difficulties of software development—that is, for appropriate emphasis on specification and design, rather than on coding and testing. In his article [7], he highlights some successes that have been achieved in gaining improvements in productivity, but points out that these address problems in the current development process, rather than the problems inherent in software itself. In this category, he includes: the advent of high-level programming languages, time-sharing, and unified programming environments. Object-oriented programming, techniques from artificial intelligence, expert systems, automatic programming, program verification, and the advent of workstations, he sees as non-bullets, as they will not help in slaying the werewolf. He sees software reuse, rapid prototyping, incremental development, and the employment of top-class designers as potential starting points for the Silver Bullet, but warns that none in itself is sufficient. Brooks’ article has been very influential, and remains one of the classics of software engineering. His viewpoint has been criticized, however, as being overly pessimistic and for failing to acknowledge some promising developments [6]. Harel, in an equally influential paper, written as a rebuttal to Brooks [19], points to developments in Computer-Aided Software Engineering (CASE) and visual formalisms [18] as potential bullets . Harel’s view is far more optimistic. He writes five years after Brooks, and has seen the developments in that period. The last forty years of system development have been equally difficult, according to Harel, and, using a conceptual vanilla framework, the development community has devised means of overcoming many difficulties. As we address more complex systems, Harel argues that we must devise similar frameworks that are applicable to the classes of system we are developing. III. Harel, N EW along C HALLENGES with many FOR others, S OFTWARE including E NGINEERING the authors of this Clearly paper, there believes have that been appropriate significant techniques advances for in modeling software engineering must have a rigorous tools, techniques, mathematical and semantics, methods, and since appropriate the time of means Brooks’ for representing and Harel’s constructs. papers. In many This differs cases, however, greatly from the advantages Brooks, who of sees these representational developments issues have as been mainly mitigated accidental by . corresponding increases in demand for greater, more complex functionality, stricter constraints on performance and reaction times, and attempts to increase productivity and reduce costs, while simultaneously pushing systems requirements to their limits. NASA, for example, continues to build more and more complex systems, with impressive functionality, and increasingly autonomous behavior. In the main, this ...
Similar publications
![Figure 1. Global Data Growth Trend ([4])](profile/Mohammed-Ali-177/publication/277573538/figure/fig1/AS:669469248589849@1536625315521/Global-Data-Growth-Trend-4_Q320.jpg)
This paper presents a novel evaluation study of various strategies for modeling and simulating cloud computing systems in order to assess their performance. Considering the exponential growth in the deployment of cloud computing systems worldwide and the need for their proper evaluation, this work provides three major contributions through comprehe...
Citations
Verification of autonomy requirements needs to show a proof of compliance with the requirements the system can meet, i.e., each self-* objective is proven through performance of a test, analysis, inspection, or demonstration. Validation of autonomy requirements needs to demonstrate that the system pursuing a space mission accomplishes the intended self-* objectives in the intended environment (e.g., outer space or Mercury’s orbit) and under specific constraints, i.e., the system’s behavior meets the expectations defined by the autonomy requirements. However, due to their large state space, non-determinism, and the changing nature, traditional verification and validation of unmanned space systems is not adequate. This chapter reasons on the subject and presents a possible approach to verification and validation of autonomy requirements. The approach called AdaptiV uses the combination of stabilization science, HPC simulations, compositional verification, and traditional verification techniques where a self-adaptive system is linearized into stable and unstable (or adaptive) components verified separately first and then as a whole using compositional verification techniques.
NASA is developing increasingly complex missions to conduct new science and exploration. Missions are increasingly turning to multi-spacecraft to provide multiple simultaneous views of phenomena, and to search more of the solar system in less time. Swarms of intelligent autonomous spacecraft, involv- ing complex behaviors and interactions, are being proposed to accomplish the goals of these new missions. The emergent properties of swarms make these mis- sions powerful, but simultaneously far more difficult to design, and to verify that the proper behaviors will emerge. In verifying the desired behavior of swarms of intelligent interacting agents, the two significant sources of difficulty are the ex- ponential growth of interactions and the emergent behaviors of the swarm. NASA Goddard Space Flight Center (GSFC) is currently involved in two projects that aim to address these sources of difficulty. We describe the work being conducted by NASA GSFC to develop a formal method specifically for swarm technologies. We also describe the use of requirements-based programming in the development of these missions, which, it is believed, will greatly reduce development lead- times and avoid many of the problems associated with such complex systems.
Currently available tools and methods for system development that start with a formal model of a system and mechanically produce a provably equivalent implementation are valuable but not sufficient. The "gap" that such tools and methods leave unfilled is that the formal models cannot be proven to be equivalent to the system requirements as originated by the customer. For the classes of complex systems whose behavior can be described as a finite (but significant) set of scenarios, we offer a method for mechanically transforming requirements expressed in restricted natural language, or appropriate graphical notations, into a provably equivalent formal model that can be used as the basis for code generation and other transformations. The same approach may be applied to address computer science aspects of bioinformatics problems. Many software tools for bioinformatics have been developed using scripting languages such as Perl and Python. Scripts are developed based on a set of requirements that can be expressed using English-like statements. Using our approach, these may be used to automatically generate and validate scripts rather than write them from scratch.
