What do you think?
Rate this book
Software for Dependable Systems: Sufficient Evidence?
The focus of Software for Dependable Systems is a set of fundamental principles that underlie software system dependability and that suggest a different approach to the development and assessment of dependable software.
Unfortunately, it is difficult to assess the dependability of software. The field of software engineering suffers from a pervasive lack of evidence about the incidence and severity of software failures; about the dependability of existing software systems; about the efficacy of existing and proposed development methods; about the benefits of certification schemes; and so on. There are many anecdotal reports, which-although often useful for indicating areas of concern or highlighting promising avenues of research-do little to establish a sound and complete basis for making policy decisions regarding dependability. The committee regards claims of extraordinary dependability that are sometimes made on this basis for the most critical of systems as unsubstantiated, and perhaps irresponsible. This difficulty regarding the lack of evidence for system dependability leads to two (1) that better evidence is needed, so that approaches aimed at improving the dependability of software can be objectively assessed, and (2) that, for now, the pursuit of dependability in software systems should focus on the construction and evaluation of evidence.
The committee also recognized the importance of adopting the practices that are already known and used by the best developers; this report gives a sample of such practices. Some of these (such as systematic configuration management and automated regression testing) are relatively easy to adopt; others (such as constructing hazard analyses and threat models, exploiting formal notations when appropriate, and applying static analysis to code) will require new training for many developers. However valuable, though, these practices are in themselves no silver bullet, and new techniques and methods will be required in order to build future software systems to the level of dependability that will be required.
Unfortunately, it is difficult to assess the dependability of software. The field of software engineering suffers from a pervasive lack of evidence about the incidence and severity of software failures; about the dependability of existing software systems; about the efficacy of existing and proposed development methods; about the benefits of certification schemes; and so on. There are many anecdotal reports, which-although often useful for indicating areas of concern or highlighting promising avenues of research-do little to establish a sound and complete basis for making policy decisions regarding dependability. The committee regards claims of extraordinary dependability that are sometimes made on this basis for the most critical of systems as unsubstantiated, and perhaps irresponsible. This difficulty regarding the lack of evidence for system dependability leads to two (1) that better evidence is needed, so that approaches aimed at improving the dependability of software can be objectively assessed, and (2) that, for now, the pursuit of dependability in software systems should focus on the construction and evaluation of evidence.
The committee also recognized the importance of adopting the practices that are already known and used by the best developers; this report gives a sample of such practices. Some of these (such as systematic configuration management and automated regression testing) are relatively easy to adopt; others (such as constructing hazard analyses and threat models, exploiting formal notations when appropriate, and applying static analysis to code) will require new training for many developers. However valuable, though, these practices are in themselves no silver bullet, and new techniques and methods will be required in order to build future software systems to the level of dependability that will be required.
148 pages, Hardcover
Published August 14, 2007
About the author
National Research Council
6,245 books43 followersThe National Research Council (NRC) functions under the auspices of the National Academy of Sciences (NAS), the National Academy of Engineering (NAE), and the Institute of Medicine (IOM). The NAS, NAE, IOM, and NRC are part of a private, nonprofit institution that provides science, technology and health policy advice under a congressional charter signed by President Abraham Lincoln that was originally granted to the NAS in 1863. Under this charter, the NRC was established in 1916, the NAE in 1964, and the IOM in 1970. The four organizations are collectively referred to as the National Academies.
The mission of the NRC is to improve government decision making and public policy, increase public education and understanding, and promote the acquisition and dissemination of knowledge in matters involving science, engineering, technology, and health. The institution takes this charge seriously and works to inform policies and actions that have the power to improve the lives of people in the U.S. and around the world.
The NRC is committed to providing elected leaders, policy makers, and the public with expert advice based on sound scientific evidence. The NRC does not receive direct federal appropriations for its work. Individual projects are funded by federal agencies, foundations, other governmental and private sources, and the institution’s endowment. The work is made possible by 6,000 of the world’s top scientists, engineers, and other professionals who volunteer their time without compensation to serve on committees and participate in activities. The NRC is administered jointly by the NAS, NAE, and the IOM through the NRC Governing Board.
The core services involve collecting, analyzing, and sharing information and knowledge. The independence of the institution, combined with its unique ability to convene experts, allows it to be responsive to a host of requests.
The portfolio of activities includes:
* Consensus Studies: These comprehensive reports focus on major policy issues and provide recommendations for solving complex problems.
* Expert Meetings and Workshops: By convening symposia, workshops, meetings, and roundtables, the NRC connects professionals as well as the interested public and stimulates dialogue on diverse matters.
* Program and Research Management: At the request of state and federal agencies, the NRC manages and evaluates research programs, conducts program assessments, and reviews proposals.
* Fellowships: The NRC administers several postdoctoral fellowship programs.
Free Scientific Information: Publishing more than 200 reports and related publications each year, the institution is one of the largest providers of free scientific and technical information in the world. Most of it is now on the Web at www.nap.edu.
The mission of the NRC is to improve government decision making and public policy, increase public education and understanding, and promote the acquisition and dissemination of knowledge in matters involving science, engineering, technology, and health. The institution takes this charge seriously and works to inform policies and actions that have the power to improve the lives of people in the U.S. and around the world.
The NRC is committed to providing elected leaders, policy makers, and the public with expert advice based on sound scientific evidence. The NRC does not receive direct federal appropriations for its work. Individual projects are funded by federal agencies, foundations, other governmental and private sources, and the institution’s endowment. The work is made possible by 6,000 of the world’s top scientists, engineers, and other professionals who volunteer their time without compensation to serve on committees and participate in activities. The NRC is administered jointly by the NAS, NAE, and the IOM through the NRC Governing Board.
The core services involve collecting, analyzing, and sharing information and knowledge. The independence of the institution, combined with its unique ability to convene experts, allows it to be responsive to a host of requests.
The portfolio of activities includes:
* Consensus Studies: These comprehensive reports focus on major policy issues and provide recommendations for solving complex problems.
* Expert Meetings and Workshops: By convening symposia, workshops, meetings, and roundtables, the NRC connects professionals as well as the interested public and stimulates dialogue on diverse matters.
* Program and Research Management: At the request of state and federal agencies, the NRC manages and evaluates research programs, conducts program assessments, and reviews proposals.
* Fellowships: The NRC administers several postdoctoral fellowship programs.
Free Scientific Information: Publishing more than 200 reports and related publications each year, the institution is one of the largest providers of free scientific and technical information in the world. Most of it is now on the Web at www.nap.edu.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
No one has reviewed this book yet.