24-09-2014, 12:09 PM
Research in Software Reliability Engineering
Research in Software.pdf (Size: 276.32 KB / Downloads: 11)
INTRODUCTION
Research and education define a faculty’s life. An
exposition of one’s research or education is a way to “Meet
the Faculty”. Thus, this paper discusses my research in
software reliability engineering and related areas at the
University of Maryland, Center for Risk and Reliability
Engineering.
The Center for Risk and Reliability Engineering is hosted
in the James Clark School of Engineering at the University of
Maryland. The Center is the research arm of the Reliability
Engineering Program, an accredited program that delivers
Masters and doctoral degrees in Reliability Engineering. The
Reliability Engineering program is currently hosted in the
Department of Mechanical Engineering. Seven faculty and
one hundred and twenty full time and part-time graduate
students constitute the core of the program and of the Center.
Research and education are centered on different
concentration areas. These include: General Reliability,
Software Reliability, Micro-electronics Reliability and
Probabilistic Risk Assessment. In addition to the core faculty,
multiple affiliate faculty borrowed from different schools
(Computer Science, Business) and departments (Electrical
Engineering, Civil Engineering) participate on research and
teaching activities.
My area of responsibility is Software Reliability
Engineering. As such I have been the main developer of the
Software Reliability Engineering Curriculum, a series of four
graduate level courses allowing graduate students to achieve a
certificate in Software Reliability Engineering or a Masters or
PhD degree in Reliability Engineering, with a concentration
area in Software Reliability Engineering. The four courses
taught are Software Quality Assurance, Software Reliability,
and Software Safety and Information Security. The
Curriculum was instituted in 1996 with joint funding from
NSA and is an active educational area with two core faculty,
myself and a recent addition, Dr. M. Cukier. At this point, the
Curriculum has graduated 27 MS and PhDs who have taken
positions in research laboratories such as Motorola Labs and
IBM Watson, and in companies such as SUN, Booz-Allen
Hamilton, etc.
In parallel to the development of the curriculum, multiple
research activities have flourished, which are described below
Integrating Software Into Dynamic PRA
PRA has been proven to be a systematic, logical, and
comprehensive methodology for risk assessment. However the
classical PRA framework is widely believed to be very
limiting when it comes to identifying software and human
contributions to system risk. The enumeration of risk scenarios
in the case of highly complex and hybrid systems of hardware,
software, and human components is very difficult using the
classical PRA method. The dynamic interactions among the
components inside the system often make it hard to identify
and predict all the possible scenarios. Dynamic Probabilistic
Risk Assessment (DPRA) is a set of methods and techniques,
in which executable models that represent the behavior of the
elements of a system are exercised in order to identify risks
and vulnerabilities of the system. Using the DPRA method,
the analyst no longer needs to enumerate all the possible risk
scenarios. The computer model will explore the possible
scenarios based on the system model. Therefore, the burden of
proof of correctness is shifted from the analyst to the DPRA
methodology. The fact remains, however, that modeling
software for use in the DPRA framework is also quite
complex and little has been done to address the question
directly and comprehensively
SOFTWARE RELIABILITY AND MEASUREMENT
Software reliability models are typically based on failure
data or failure trends collected/observed during either the
testing phase or the operational phase. Consequently failure
data should be available. This may not always be the case.
Companies may not wish to release their data. In the case of a
highly reliable system, failure data may be rare and
insufficient to obtain accurate statistical estimates of
reliability. Our research has targeted the development of
alternate means of obtaining reliability estimates based on
software engineering measures rather than on failure data.
Obtaining such estimates is more cost effective for an
organization. Different estimates can be obtained using
different measures. These estimates may also be used to
reduce the number of test cases required to establish a
particular reliability target. The principal concept introduced
in this line of research is the concept of Reliability Prediction
System (RePS), i.e. a complete set of measures from which
software reliability can be predicted. A RePS (See Figure 7) is
typically built around a main measure called a root measure.
Support measures are then identified which connect the root
measure to reliability. A model then connects the measures to
reliability