Walking through a minefield

AntiPattern Problem

Using today’s software technology is analogous to walking through a high-technology mine field. This mini-AntiPattern is also known as Nothing Works or Do You Believe in Magic?

Numerous bugs occur in released software products; in fact, experts estimate that original source code contains two to five bugs per line of code. This means that the code will require two or more changes per line to remove all defects. Without question, many products are released well before they are ready to support operational systems. A knowledgeable software engineer states that, “There are no real systems, not even ours.”

The location and consequences of software defects are unrelated to their apparent causes, and even a minor bug can be catastrophic. For example, operating systems (UNIX, Windows, etc.) contain many known and unknown security defects that make them vulnerable to attack; furthermore, the Internet has dramatically increased the likelihood

of system attack.

End users encounter software bugs frequently. For example, approximately one in seven correctly dialed telephone numbers is not completed by the telephone system (a software-intensive application). And note, the rate of complaint is low compared to the frequency of software failures.

The purpose of commercial software testing is to limit risk, in particular, support costs For shrink-wrapped software products, each time an end user contacts a vendor for technical support, most or all of the profit margin is spent answering the call.

With simpler systems of the past, we were lucky. When a software bug occurred, the likely outcome was that nothing happened. With today’s systems, including computer-controlled passenger trains and spacecraft control systems, the outcome of a bug can be catastrophic. Already, there have been half a dozen major software failures where financial losses exceeded $100 million.
Refactored Solution

Proper investment in software testing is required to make systems relatively bug-free. In some progressive companies, the size of testing staff exceeds programming staff The most important change to make to testing procedures is configuration control of test cases.

A typical system can require five times as much test-case software as production software. Test software is often more complex than production software because it involves the explicit management of execution timing to detect many bugs.

When test software detects a bug, it is more likely to be the result of a bug in the test than in the code being tested. Configuration control enables the management of test software assets; for example, to support regression testing.

Other effective approaches for testing include automation of test execution and test design. Manual test execution is labor-intensive, and there is no proven basis for the effectiveness of manual testing.

In contrast, automatic test execution enables running tests in concert with the build cycle. Regression tests can be executed without manual intervention, ensuring that software modifications do not cause defects in previously tested behaviors. Test design automation supports the generation of rigorous test suites, and dozens of good tools are available to support test design automation.
Variations

Formal verification is used in a number of applications to ensure an error-free design Formal verification involves prov-ing (in a mathematical sense) the satisfaction of requirements. Unfortunately, computer scientists trained to perform this form of analysis are relatively rare.



Walking through a minefield