ACM TechNews
Conquering Complexity
Computer (12/07) Vol. 40, No. 12, P. 111; Holzmann, Gerard J.
Minor software bugs can conspire to facilitate major system failures when
combined, writes Gerard J. Holzmann of the NASA/JPL Laboratory for Reliable
Software. "The probability of any one specific combination of failures
will be extremely low, but as experience shows, this is precisely what
leads to major accidents," he notes. Holzmann points out that the addition
of fault protection and redundancy, while reducing the severity of
failures, also makes a system bigger and more complex, which can
unintentionally broaden failure modes by introducing unplanned linkages
between otherwise separate system elements. Reduction of minor software
defects can be achieved in a number of ways, including adherence to
stricter coding standards, such as the required usage of strong static
source code analyzers on every software build. Another strategy is to
boost the amount of decoupling between software components, thus separating
independent system functionality to the maximum degree possible. Executing
independent functions on physically distinct processors supplying only
restricted interfaces between them is one of the most powerful decoupling
tactics. Holzmann also suggests that defects can be contained through the
use of memory protection to ensure that multiple threads of execution in a
computer cannot corrupt each other's address space, while supplying more
margin than is required for system operation is still another approach to
defect containment. Redundancy in safety-critical code can be delivered
through the use of multiple functionality layers, while the most commonly
utilized strategy is defect detection that commences at the very beginning
of the software development process.
http://www.computer.org/computer
© Copyright 2008 Information, Inc. This service may be reproduced for internal distribution.