defiant9#361
Na ja, profit orientált megközelítés ide vezet. Űrhajózással szemben az lehet a különbség hogy ott nagyon költséges 1-1 SW hiba következménye. A követelmények elég szigorúnak tűnnek Joe-nál. Ezért is nem értem hogy Igor a Sojuz-nál miért nem detektálta a bug-ot, szimulációkkal, ma már bőven lenne szuperszámítógép kapacitás csilliárd tesztelésre.
In this paper, we present practical problems and
challenges encountered in an ongoing effort to
assess software reliability of NASA’s Day-ofLaunch
I-Load Update (DOLILU) system. The
Day-of-Launch I-Load Update system for the
Space Shuttle program has been developed to
allow modification of the Shuttle first stage
guidance commands based on actual wind
conditions measured in hours preceding launch.
This system consists of the trajectory software
required to generate and verify the new I-Loads,
to evaluate wind and trajectory conditions, and to
recommend decisions to fly (or not to fly) with
the new I-Loads. From this short description, it
is apparent that DOLILU is a high consequence
system, i.e., there is a very high cost associated
with eventual occurrence of a failure. Software
reliability is defined as a probability of failure
free execution given a specific environment and
a fixed time interval. The goal of software
reliability assessment is not just to estimate the
failure probability of the program, θ, but to gain
statistical confidence that θ is realistic. In
practice, the required failure probability θ and
the confidence level C are application specific
and predefined. Our discussions with NASA
IV&V personnel revealed that DOLILU system
requires demonstration of failure probability to
be under 10-4. Due to the criticality of the
program, required confidence level should
surpass 0.99. The state of the practice in software
reliability engineering states that these reliability
levels are practically achievable
In principle, software reliability can be
quantified through program verification or
statistical testing. The requirements specification
for DOLILU system is written in English and no
attempt has been made to formalize it in any
form of mathematical notation. Furthermore, the
size and the complexity of the specification
documents make formal program verification
virtually impossible. Therefore, the reliability
assessment of DOLILU system is to be obtained
from program testing. Utoljára szerkesztette: defiant9, 2017.12.18. 17:57:06