exam3 Flashcards
What is the distinction between validation and verification?
Validation: software should do what the user really requires; are we building the right product
Verification: software should conform to its specification; are we building the product correctly
What are the advantages of inspections over testing
can check conformance with a specification
static process so no interactions between errors
specialized test harnesses
consider broader quality attributes
of a program
What are the three principal stages of testing for a commercial software system?
Development: during development to test for bugs and defects
Release: 2nd testing team test complete version before releasing
User: users test system in their own environment
What are the three important classes of interface errors?
misuse
misunderstanding
timing errors
What are the three types of user testing?
Alpha
Beta
Acceptance
Why might it sometimes be necessary to bypass the normal change management system and make urgent
changes to a system?
- serious system fault needs repairing
- changes to systems environment have unexpected effects
- business changed
Why is software evolution important?
- critical business assets
- maintain the value of these assets to the business,
they must be changed and updated - most of the budget goes to changing and evolving existing software rather than developing new software.
What are the stages in the system evolution process?
Change request
Impact analysis
Release planning
Change implementation
System release
What are the fundamental elements of a legacy system?
- support software
- system hardware
- application software
- application data
- business policies and rules
- business processes
What are the three different types of software maintenance, and how is effort distributed across these
maintenance types?
Fault repairs; changing a system to fix bugs and correct deficiencies
Environmental adaptation; adapt the software to a different operating environment
Functionality addition and modification; modify to satisfy new requirements
Why is it expensive and risky to replace legacy systems with new systems?
- Lack of complete system specification
-Tight integration of system and business processes - Undocumented business rules embedded
- New software development may be late and/or over budget
What factors should be assessed to understand the relationship between a system and its environment?
-Number and complexity of system interfaces
-Number of inherently volatile system requirements
-The business processes where the system is used
What are the principal systems re-engineering activities?
Source code translation
Reverse engineering
Program structure improvement
Program modularization
Data reengineering
What are the two classes of safety-critical system and what is the important difference between these types of
system?
Primary and secondary
primary: a failure can lead directly to an accident.
secondary: a failure can lead to the introduction of faults into another system, whose failure can lead to an accident.
What is the difference between a hazard and an accident?
A hazard is a condition of the system that has the potential to cause an accident.
An accident is an unplanned event or sequence of events that result in human death or injury, or other damage to the system’s environment
What are functional safety requirements?
Checking and recovery features that should be included in a
system
Features that provide protection against system failures and
external attacks
What are the three risk categories that are normally used in hazard assessment for safety-critical systems?
Intolerable
ALARP - as low as reasonably practical
Acceptable
What are the three possible strategies that can be used for risk reduction in safety-critical systems?
Hazard avoidance,
Hazard detection and removal
Damage limitation
What are fault trees and how are they used?
Fault trees are an approach to hazard analysis that, for each identified hazard, breaks down that hazard to find how that hazard occurred
The hazard is placed at the root of the tree, and the causes of the hazard are identified; Each of these causes is then further broken down and analyzed until the fundamental software or hardware behavior that leads to these causes is identified.
What are activities in a hazard-driven safety specification?
identification
assessment
analysis
risk reduction
What safety assurance activities might be included in a critical systems development process
Creation of a hazard logging and monitoring system,
Appointment of a project safety engineer,
Extensive use of safety reviews,
Creation of a safety certification system
Use of detailed configuration management.
What is a safety case?
A documented body of evidence that provides a convincing and
valid argument that a system is adequately safe for a given
application in a given environment
Test scenarios from usage scenarios (chap8)
Hazard identification from example software/hardware systems (chap12)
