Escolar Documentos
Profissional Documentos
Cultura Documentos
Cleanroom Strategy
Increment planning.
The project plan is built around the incremental strategy.
The functionality of each increment, projected size of the increment and the
cleanroom development schedule is created.
The care is to be taken that each increment is certified and integrated in proper
time according to the plan.
Requirements gathering.
Customer requirements are elicited and refined for each increment using traditional
methods. like analysis, design, code, test and debug.
A more detailed description of the customer level requirement is developed.
Box structure specification.
The specification method uses box structure.
Box structure is used to describe the functional specification.
Box structures isolate and separate the definition of behavior, data, and procedures
at each level of refinement.
Formal design.
Specifications (black-boxes) are iteratively refined to become architectural designs
(state-boxes) and component-level designs (clear boxes).
Correctness verification.
Correctness questions are asked and answered, formal mathematical verification is used
as required.
The cleanroom conducts the exact correctness verification activities on the design and
then the code.
Verification starts with the highest level testing box structure and then moves toward
the design detail and code.
The first level of correctness takes place by applying a set of 'correcting questions'.
More mathematical or formal methods are used for verification if correctness does not
signify that the specification is correct.
Code generation, inspection, verification.
Box structures are translated into program language; inspections are used to ensure
conformance of code and boxes, as well as syntactic correctness of code; followed by
correctness verification of the code. Use the technical reviews for the syntactic
correctness of the code.
Statistical test planning.
A suite of test cases is created to match the probability distribution of the projected
product usage pattern.
Analyzed, planned and designed the projected usages of the software.
The cleanroom activity is organized in parallel with specification, verification and
code generation.
Statistical use testing.
A statistical sample of all possible test cases is used rather than exhaustive testing.
The exhaustive testing of computer software is impossible. It is compulsory to
design limited number of test cases.
Statistical use technique execute a set of tests derived from a statistical sample
in all possible program executions.
These samples are collected from the users from a targeted population.
Certification.
Once verification, inspection, and usage testing are complete and all defects
removed, the increment is certified as ready for integration.
Cleanroom process model
The modeling approach in cleanroom software engineering uses a method called box
structure specification.
A 'box' contains the system or the aspect of the system in detail.
The information in each box specification is sufficient to define its refinement without
depending on the implementation of other boxes.
The cleanroom process model uses three types of boxes as follows:
5
Black Box
Specifies a set of transition rules that describe the behavior of system components as
responses to specific stimuli, makes use of inheritance in a manner similar to classes
Specifies system function by mapping all possible stimulus histories to all possible responses
S* R
stimulus history responses
The black box identifies the behavior of a system.
The system responds to specific events by applying the set of transition rules.
State Box
Generalization of a state machine, encapsulates the data and operations similar to an object,
the inputs (stimuli) and outputs (responses) are represented, data that must be retained
between transitions is encapsulated
The state is the encapsulation of the stimulus history
State variables are invented to save any stimuli that need to retained
SxTRxT
stimuli X state data responses X state data
The box consist of state data or operations that are similar to the objects.
The state box represents the history of the black box i.e the data contained in the state
box must be maintained in all transitions.
Clear Box
Contains the procedural design of the state box, in a manner similar to structured
programming
Specifies both data flow and control flow
SxTRxT
stimuli X state data responses X state data
State update and response production is allowed
The transition function used by the state box is defined in the clear box.
It simply states that a clear box includes the procedural design for the state box.
Box Principles
Transaction closure of stimuli and responses
users and uses are considered including security and error recovery
State migration within box hierarchy
downward migration of state data is possible whenever new black boxes are created
inside a clear box
upward migration of state date is desirable when duplicate data is updated in
several places in the tree
Common services
reusable boxes from library
Cleanroom Certification Models
Sampling model
determines the number if random cases that need to be executed to achieve a
particular reliability level
Component model
allows analyst to determine the probability that a given component in a multi-
component system fails prior to completion
Certification model
projected overall reliability of system
Cleanroom Process Evaluation
Some organizations have achieved impressive results and have delivered systems with few
faults
Independent assessment shows that the process is no more expensive the other approaches
Produces products with fewer errors than traditional software engineering techniques
6
Hard to see how this approach can be used by inexperienced software engineers
Requires highly a motivated development team
Cleanroom &OO SE Common Characteristics
Lifecycle
both rely on incremental development
Usage
cleanroom usage model similar to OO use case
State Machine Use
cleanroom state box and OO transition diagram
Reuse
explicit objective in both process models
Cleanroom and OO SE Key Differences
Cleanroom relies on decomposition OO relies on composition
Cleanroom relies on formal methods while OO allows informal use case definition and
testing
OO inheritance hierarchy is a design resource where cleanroom usage hierarchy is system
itself
OO practitioners prefer graphical representations while cleanroom practitioners prefer
tabular representations
Tool support is good for most OO processes, but usually tool support is only found in
cleanroom testing not design
R&R Recommendations
Use OO for front-end domain analysis
Use cleanroom for life cycle application engineering
Use OO for exploring a problem
Use cleanrrom for developing a solution
Use OO to develop components
Use cleanroom to develop systems
Use OO to identify domain pertinent to problem and characterizing domain objects and
relationships
Use cleanroom for formal specification, design, verification, usage modeling, and testing