1 / 7

Developing Confidence in Software through Credentials and Low-Ceremony Evidence

This document explores the limitations of high-ceremony evidence in software engineering, such as formal analysis and intensive testing, which can be expensive and difficult to obtain. It advocates for the use of low-ceremony evidence, including vendor documentation and product reviews, while acknowledging its own limitations. To bridge the gap between these two approaches, the authors propose the use of software annotations termed "credentials," which provide incremental evidence about software attributes, record provenance, and increase confidence in component reuse.

lelia
Télécharger la présentation

Developing Confidence in Software through Credentials and Low-Ceremony Evidence

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Developing Confidence in Software through Credentialsand Low-Ceremony Evidence Christopher Scaffidi & Mary Shaw Carnegie Mellon University

  2. Limitations of high-ceremony evidence • When selecting components for reuse, traditional software engineering doctrine says that we should eliminate uncertainty about those components through: • Formal analysis • Intensive testing • Empirical evidence on field use • Correctness-by-construction (generative programming) • Unfortunately, this “high-ceremony evidence” is: • Expensive to obtain • Unobtainable in some cases • Often hard to organize and disseminate evidence  credentials  use cases

  3. Alternative: Low-ceremony evidence • So engineers Live With (some) Uncertainty and typically use “low-ceremony” evidence instead: • Documentation & other vendor claims • Product reviews / expert opinions • Product popularity and reputation • Seller reputation • This evidence often has limitations of its own: • Incomplete and incremental • Low quality (inaccurate, imprecise, ...) • From untrustworthy sources • Inconsistent evidence  credentials  use cases

  4. Approach and requirements for addressing these limitations • Goal: support the use of low and high-ceremony evidence through software annotations that: • Can record many forms of evidence • Can be added/revised incrementally • Can be read/written by analysis & visualization tools • Can be combined by analysis tools • Can record meta-information supporting annotation use • We call these annotations “credentials”. evidence  credentials  use cases

  5. Each credential is an estimate of one software attribute. • Each of a software’s credentials is an annotation <attribute, value, credibility, provenance> • Attribute: identifies some attribute of the software • E.g.: “thread-safety” • Value: identifies the value of that attribute • E.g.: “Apartment” • Credibility: indicates a level of confidence in the value • E.g.: “high” • Provenance: indicates how the value was determined • E.g.: “Fluid analysis toolkit 2.0” evidence  credentials  use cases

  6. We envision that credentials will… • Record findings (output) of high-ceremony techniques, as well as low-ceremony evidence. • Be added incrementally as new analysis techniques become available. • Be combined using domain-appropriate analytical techniques (e.g.: average throughput, worst-case safety) • Enable repository search engines to identify components with credentials meeting certain criteria evidence  credentials  use cases

  7. Thank you… • … to ILWU for the opportunity to participate. • … to NSF and the EUSES Consortium for funding (ITR-0325273, CCF-0438929 and CNS-0613823).

More Related