Improving Software Safety: Finding the Defects That Testing and Inspection Miss

摘要

Software Safety processes typically identify critical areas of the software that must be subjected to the most rigorousdefect identification processes. A software defect in one of these critical areas often leads to a catastrophic hazard.The defect identification techniques commonly used include Inspection, Black-Box (Functional) System Testing,and White Box (Structural) Testing. These techniques have been employed for many years, and are well covered inthe literature. They find the vast majority of errors in most software-based systems. However, just finding themajority of the errors in a safety-critical software function is not adequate.Many safety-critical software applications are based on concurrent, real-time embedded systems. Even the mostrigorous application of the common Inspection and Testing techniques cannot find certain types of software defectsin these systems. Stack overflows, timing anomalies, race conditions, and deadlocks cannot generally be detectedwith these traditional methods. Black-Box Functional Testing is unlikely to trigger the specific sequences of eventsnecessary to reveal the error. Inspection and White-Box Testing focus on only one unit of the software at a time,ignoring its effects on the rest of the system.This paper shows the strengths and weaknesses of the most commonly used error detection methods, and illustratesanalysis techniques which can be used to uncover the software errors which Testing and Inspection methods willmiss.