1 / 96

The Ariane 5 Rocket Disaster

The Ariane 5 Rocket Disaster.

hanne
Télécharger la présentation

The Ariane 5 Rocket Disaster

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Ariane 5 Rocket Disaster • On June 4, 1996 an unmanned Ariane 5 rocket launched by the European Space Agency exploded just forty seconds after its liftoff from Kourou, French Guiana. The rocket was on its first voyage, after a decade of development costing $7 billion. The destroyed rocket and its cargo were valued at $500 million. http://ima.umn.edu/~arnold/disasters/ariane.html Fall 2010 - Software Testing and Quality Assurance

  2. The Ariane 5 Rocket Disaster • Failure due to unhandled Floating Point exception. • 64 bit Floating Point number was converted to a 16 bit signed Integer • Cost • Millions of dollars for loss of mission • Multiyear setback to the Ariane program Fall 2010 - Software Testing and Quality Assurance

  3. Software Failure Rate (Ideal) Fall 2010 - Software Testing and Quality Assurance

  4. Software Failure Rate (real) Fall 2010 - Software Testing and Quality Assurance

  5. Course Learning Outcomes • Various test processes and continuous quality improvement • Types of errors and fault models • Methods of test generation from requirements • Test generation from FSM models • Combinatorial test generation • Test adequacy assessment using: control flow, data flow, and program mutations Test generation, selection, prioritization, and assessment lie at the foundation of all technical activities involved in software testing. Fall 2010 - Software Testing and Quality Assurance

  6. Software Testing & Quality Assurance Software Testing: Basic Terminology, concepts, definitions, goals

  7. Chapter Learning Objectives • Errors and testing, software quality • Requirements • Testing, debugging, verification • Test process • Test generation strategies • Static testing • Control-flow graph • Types of testing Fall 2010 - Software Testing and Quality Assurance

  8. Error, Fault, Failure, and Defect Fall 2010 - Software Testing and Quality Assurance

  9. Errors • Errors are a part of our daily life. • They occur wherever humans are involved in making decisions and taking actions. • Humans make errors in their thoughts, actions, and in the products that might result from their actions. These fundamental facts of human existence make testing an essential activity. Fall 2010 - Software Testing and Quality Assurance

  10. Errors: Examples Fall 2010 - Software Testing and Quality Assurance

  11. Error, Fault, Failure IEEE defines the following terms related to defects: • Failure: the inability of a system or component to perform its required functions within specified performance requirements. • Behavioral deviation from the user requirement • Fault: an incorrect step, process, or data definition in a computer program. • Underlying condition within a software that causes certain failure(s) to occur • Error: a human action that produces an incorrect result. • Missing or incorrect human action resulting in certain fault(s) being injected into a software • Error sources: conceptual models, misconception, misunderstanding, etc. Fall 2010 - Software Testing and Quality Assurance

  12. Errors Faults Failures Error, Fault, Failure Failures, faults, and errors are collectively referred to as defects Fall 2010 - Software Testing and Quality Assurance

  13. Software Quality Fall 2010 - Software Testing and Quality Assurance

  14. Software Quality Static quality attributes: structured, maintainable, testable code as well as the availability of correct and complete documentation. Dynamic quality attributes: software reliability, correctness, completeness, consistency, usability, and performance Fall 2010 - Software Testing and Quality Assurance

  15. Dynamic Quality Attributes (contd.) Completeness refers to the availability of all features listed in the requirements, or in the user manual. An incomplete software is one that does not fully implement all features required. Consistency refers to adherence to a common set of conventions and assumptions. For example, all buttons in the user interface might follow a common color coding convention. An example of inconsistency would be when a database application displays the date of birth of a person in the database. Fall 2010 - Software Testing and Quality Assurance

  16. Dynamic Quality Attributes Usability refers to the ease with which an application can be used. This is an area in itself and there exist techniques for usability testing. Psychology plays an important role in the design of techniques for usability testing. Performance refers to the time the application takes to perform a requested task. It is considered as a non-functional requirement. It is specified in terms such as ``This task must be performed at the rate of X units of activity in one second on a machine running at speed Y, having Z gigabytes of memory." Fall 2010 - Software Testing and Quality Assurance

  17. Software Reliability Two Definition: Software Reliability [ANSI/IEEE Std 729-1983]: is the probability of failure free operation of software over a given time interval and under given conditions. Software Reliabilityis the probability of failure free operation of software in its intended environment. Fall 2010 - Software Testing and Quality Assurance

  18. Requirements, Input Domain, Behavior, and Correctness Fall 2010 - Software Testing and Quality Assurance

  19. Requirements Requirements leading to two different programs: Requirement 1: It is required to write a program that inputs two integers and outputs the maximum of these. Requirement 2: It is required to write a program that inputs a sequence of integers and outputs the sorted version of this sequence. Fall 2010 - Software Testing and Quality Assurance

  20. Requirements: Incompleteness Suppose that program max is developed to satisfy Requirement 1. The expected output of max when the input integers are 13 and 19 can be easily determined to be 19. Suppose now that the tester wants to know if the two integers are to be input to the program on one line followed by a carriage return, or on two separate lines with a carriage return typed in after each number. The requirement as stated above fails to provide an answer to this question. Fall 2010 - Software Testing and Quality Assurance

  21. Requirements: Ambiguity Requirement 2 is ambiguous. It is not clear whether the input sequence is to sorted in ascending or in descending order. The behavior of sort program, written to satisfy this requirement, will depend on the decision taken by the programmer while writing sort. Fall 2010 - Software Testing and Quality Assurance

  22. Input domain (Input space) The set of all possible inputs to a program P is known as the input domain or input space, of P. Using Requirement 1 above we find the input domain of max to be the set of all pairs of integers where each element in the pair integers is in the range -32,768 till 32,767. Using Requirement 2 it is not possible to find the input domain for the sort program. Why? Fall 2010 - Software Testing and Quality Assurance

  23. Input domain Modified Requirement 2: It is required to write a program that inputs a sequence of integers and outputs the integers in the sequence sorted in either ascending or descending order. The order of the output sequence is determined by an input request character which should be “A” when an ascending sequence is desired, and “D” otherwise. While providing input to the program, the request character is input first followed by the sequence of integers to be sorted; the sequence is terminated with a period. Fall 2010 - Software Testing and Quality Assurance

  24. Input domain (Continued) Based on the above modified requirement, the input domain for sort is a set of pairs. The first element of the pair is a character. The second element of the pair is a sequence of zero or more integers ending with a period. < A – 3 15 12 55 . > < D 23 78 . > < A . > Fall 2010 - Software Testing and Quality Assurance

  25. Valid And Invalid Inputs The modified requirement for sort mentions that the request characters can be “A” and “D”, but fails to answer the question “What if the user types a different character ? ” When using sort it is certainly possible for the user to type a character other than “A” and “D”. Any character other than “A” and “D” is considered as invalid input to sort. The requirement for sort does not specify what action it should take when an invalid input is encountered. Fall 2010 - Software Testing and Quality Assurance

  26. Correctness Vs. Reliability Fall 2010 - Software Testing and Quality Assurance

  27. Correctness and Testing Though correctness of a program is desirable, it is almost never the objective of testing. To establish correctness via testing would imply testing a program on all elements in the input domain. In most cases that are encountered in practice, this is impossible to accomplish. Thus correctness is established via mathematical proofs of programs. Fall 2010 - Software Testing and Quality Assurance

  28. Correctness and Testing While correctness attempts to establish that the program is error free, testing attempts to find if there are any errors in it. Thus completeness of testing does not necessarily demonstrate that a program is error free. Testing, debugging, and the error removal processes together increase our confidence in the correct functioning of the program under test. Ex. 1.8 Fall 2010 - Software Testing and Quality Assurance

  29. Reliability and Testing While measuring correctness, a program can be either correct (1) or incorrect (0). The probability of a program failure is captured more formally in the term reliability. “the reliability of a program P is the probability of its successful execution on a randomly selected element from its input domain”. Reliability can be anywhere between 0 and 1. Example 1.9: Fall 2010 - Software Testing and Quality Assurance

  30. Operational Profile An operational profile is a numerical description of how a program is used in the field. Consider a sort program which, on any given execution, allows any one of two types of input sequences. Sample operational profiles for sort follow. Fall 2010 - Software Testing and Quality Assurance

  31. Testing and Debugging Fall 2010 - Software Testing and Quality Assurance

  32. Testing and debugging • Testing is the process of determining if a program has any errors. • Most important and commonly performed QA activity. • When testing reveals an error, the process used to determine the cause of this error and to remove it, is known as debugging. Testing and debugging are often used as two related activities in a cyclic manner. Fall 2010 - Software Testing and Quality Assurance

  33. A Test/Debug Cycle Fall 2010 - Software Testing and Quality Assurance

  34. Test plan • A test cycle is often guided by a test plan. • Example (a sample test plan): The sort program is to be tested to meet the requirements given earlier. Specifically, the following needs to be done. • Execute sort on at least two input sequences, one with “A” and the other with “D” as request characters. • Execute the program on an empty input sequence. • Test the program for robustness against erroneous inputs such as “R” typed in as the request character. • All failures of the test program should be recorded in a suitable file using the Company Failure Report Form. Fall 2010 - Software Testing and Quality Assurance

  35. Test Case/Data A test case is a pair consisting of test data to be input to the program and the expected output. The test data is a set of values, one for each input variable. Test cases are derived in response to items in the test plan. • A test set (or test suite) is a collection of zero or more test cases. Sample test case for sort: Test data: <“A” 12 -29 32 > Expected output: -29 12 32 Fall 2010 - Software Testing and Quality Assurance

  36. Program Behavior • Basic idea during testing involves the execution of software and the observation of its behavior. “A sequence of program states is termed as program behavior.” • A state vector/diagram can be used to specify program behavior. • In case of failure, the execution record is analyzed to locate and fix the fault(s) – debugging, otherwise, confidence in software that it is more likely to fulfill its designated functions Fall 2010 - Software Testing and Quality Assurance

  37. Program Behavior: Example 1 Program P1.1 State Vector: A possible sequence of states that the max program may go through. [2 u u u] → [3 3 15 u] → [4 3 15 u] → [5 3 15 15] → [8 3 15 15] → [9 3 15 15] Fall 2010 - Software Testing and Quality Assurance

  38. Program Behavior: Example 2 Example: consider a menu driven application. Fall 2010 - Software Testing and Quality Assurance

  39. Program Behavior: State Diagram A state diagram specifies program states and how the program changes its state on an input sequence. Fall 2010 - Software Testing and Quality Assurance

  40. Assessing the Correctness Assessing the correctness of a Program Behavior is two step: • In the first step one observes the behavior. • In the second step one analyzes the observed behavior to check if it is correct or not. Both these steps could be quite complex for large commercial programs. The entity that performs the task of checking the correctness of the observed behavior is known as an Oracle. Fall 2010 - Software Testing and Quality Assurance

  41. Oracle An oracle is a mechanism used by software testers and software engineers for determining whether a test has passed or failed A tester can assumes the role of an oracle— human oracle Fall 2010 - Software Testing and Quality Assurance

  42. Oracle: Programs Oracle can also be a program designed to check the behavior of other programs. For example, one might use a matrix multiplication program to check if a matrix inversion program has produced the correct output. In this case, the matrix inversion program inverts a given matrix A and generates B as the output matrix. Fall 2010 - Software Testing and Quality Assurance

  43. Oracle Construction Construction of automated oracles, such as the one to check a matrix multiplication program or a sort program, requires the determination of input-output relationship. In general, the construction of automated oracles is a complex undertaking. Fall 2010 - Software Testing and Quality Assurance

  44. Oracle Construction: Example Program HVideo provides data entry and search functionality for keeping track of home videos. Fall 2010 - Software Testing and Quality Assurance

  45. Testing: Definitions, Statements, Goals Fall 2010 - Software Testing and Quality Assurance

  46. Definitions • “Testing is the process of establishing confidence that a program or system does what it is supposed to.” (Hetzel,1973) • “Testing is demonstrating that a system is fit for purpose.” (Evans et al. 1996) • “Testing is the process of executing a program or system with the intent of finding errors.” (Myers, 1979) • “Testing is the process consisting of all life cycle activities concerned with checking software and software-related work products.” (Gelperin and Hetzel, 1988) Fall 2010 - Software Testing and Quality Assurance

  47. Statements • “Program testing can be used to show the presence of bugs, but never to show their absence!” (Dijkstra 1969) • “In most cases ‘what you test in a system is much more important than ‘how much you test" (Craig 2002) • “Prioritize tests so that, when ever you stop testing, you have done the best testing in the time available." (ISEB testing foundation course material 2003) Fall 2010 - Software Testing and Quality Assurance

  48. How many testers does it take to change a light bulb • None. • Testers just noticed that the room was dark. Testers don’t fix the problems, they just find them. Fall 2010 - Software Testing and Quality Assurance

  49. Goals • Goal of Testing is to establish the ground for the acceptance of the software by the customer based on the specification through: • High test coverage • Low number of non critical defects. • Statements concerning software quality Testing Goals can vary. Define your mission. Fall 2010 - Software Testing and Quality Assurance

  50. High Test Coverage • Completeness: Ensure all requirements are implemented. Total scope must be tested at least once (of course hopefully successful) • Critical scope: Ensure that critical requirements are implemented and work fine. All high prioritized requirements must be tested successfully Fall 2010 - Software Testing and Quality Assurance

More Related