By Topic

Software Engineering, IEEE Transactions on

Issue 11 • Date Nov 1989

Filter Results

Displaying Results 1 - 16 of 16
  • A formal evaluation of data flow path selection criteria

    Page(s): 1318 - 1332
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1356 KB)  

    The authors report on the results of their evaluation of path-selection criteria based on data-flow relationships. They show how these criteria relate to each other, thereby demonstrating some of their strengths and weaknesses. A subsumption hierarchy showing their relationship is presented. It is shown that one of the major weaknesses of all the criteria is that they are based solely on syntactic information and do not consider semantic issues such as infeasible paths. The authors discuss the infeasible-path problem as well as other issues that must be considered in order to evaluate these criteria more meaningfully and to formulate a more effective path-selection criterion View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Allocating modules to processors in a distributed system

    Page(s): 1427 - 1436
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (824 KB)  

    The author studies the complexity of the problem of allocating modules to processes in a distributed system to minimize total communication and execution costs. He shows that unless P=NP, there can be no polynomial-time ε-approximate algorithm for the problem, nor can there exist a local search algorithm that requires polynomial time per iteration and yields an optimum assignment. Both results hold even if the communication graph is planar and bipartite. On the positive side, it is shown that if the communication graph is a partial k-tree or an almost-tree with parameter k, the module allocation problem can be solved in polynomial time View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Mapping the Interface Description Language type model into C

    Page(s): 1333 - 1346
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1336 KB)  

    The Interface Description Language (IDL) is a notation for describing the characteristics of data structures passed among collections of cooperating processes in a programming environment. The authors discuss a mapping from IDL to C data structures and macro definitions that supports the full language and is type safe and run-time efficient, but is not particularly compile-time efficient nor easy to use. They then propose that the mapping be performed in a preprocessor, thereby achieving efficiency and ease of use as well View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Critical races in Ada programs

    Page(s): 1471 - 1480
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (924 KB)  

    It is noted that critical races in concurrent Ada programs are an insidious source of system errors, and that the Ada language does not have concurrency features to ease the development of critical race-free programs. The authors illustrate this using the CRF language, which extends the Ada language by the addition of a powerful caller selection mechanism. It is this facility that implements a discriminatory mutual exclusion (dimutex) construct, an important feature for building less critical race-prone programs. The MLog language supports the CRF caller selection mechanisms; thus it is convenient as a rapid-prototyping platform. A design method for systematically converting CRF designs into Ada designs is presented. The method uses a mixture of mechanical and creative transformations that are guaranteed not to introduce critical races. D. Helmbold and D. Luckham's (1985) gas-station example is used to illustrate the various approaches to applying the design method View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Kit: a study in operating system verification

    Page(s): 1382 - 1396
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1276 KB)  

    The author reviews Kit, a small multitasking operating system kernel written in the machine language of a uniprocessor von Neumann computer. The kernel is proved to implement on this shared computer a fixed number of conceptually distributed communicating processes. In addition to implementing processes, the kernel provides the following verified services: process scheduling, error handling, message passing, and an interface to asynchronous devices. As a by-product of the correctness proof, security-related results such as the protection of the kernel from tasks and the inability of tasks to enter supervisor mode are proved. The problem is stated in the Boyer-Moore logic, and the proof is mechanically checked with the Boyer-Moore theorem prover View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On conditions for defining a closed cover to verify progress for communicating finite state machines

    Page(s): 1491 - 1494
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (372 KB)  

    The closed-cover technique for verifying progress for two communicating finite-state machines exchanging messages over two lossless, FIFO channels is considered. The authors point out that the definition of a closed cover in M.G. Gouda (ibid., vol.SE-10, no.6, p.846-55, Nov. 1984) may be too restrictive, while that in M.G. Gouda and C.K. Chang (ACM Trans. Prog. Lang., vol.8, no.1, p.154-82, Jan. 1986) is not correct. They then show how a condition of the closed-cover definition can be modified to relax restriction to various degrees. They also discuss the similarities and relationship between the structural partition technique and the closed-cover technique View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The consistent comparison problem in N-version software

    Page(s): 1481 - 1485
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (584 KB)  

    The authors have identified a difficulty in the implementation of N-version programming. The problem, called the consistent comparison problem, arises for applications in which decisions are based on the results of comparing finite-precision numbers. It is shown that when versions make comparisons involving the results of finite-precision calculations, it is impossible to guarantee the consistency of their results. It is therefore possible that correct versions may arrive at completely different outputs for an application that does not apparently have multiple correct solutions. If this problem is not dealt with explicitly, an N-version system may be unable to reach consensus even when none of its component versions falls View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Trace analysis for conformance and arbitration testing

    Page(s): 1347 - 1356
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (944 KB)  

    The authors explore a testing approach where the concern for selecting the appropriate test input provided to the implementation under test (IUT) is separated as much as possible from the analysis of the observed output. Particular emphasis is placed on the analysis of the observed interactions of the IUT in order to determine whether the observed input/output trace conforms to the IUT's specification. The authors consider this aspect of testing with particular attention to testing of communication protocol implementations. Various distributed test architectures are used for this purpose, where partial input/output traces are observable by local observers at different interfaces. The error-detection power of different test configurations is determined on the basis of the partial trace visible to each local observer and their global knowledge about the applied test case. The automated construction of trace analysis modules from the formal specification of the protocol is also discussed. Different transformations of the protocol specification may be necessary to obtain the reference specification, which can be used by a local or global observer for checking the observed trace. Experience with the construction of an arbiter for the OSI (open systems interconnection) transport protocol is described View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Multiparty interactions for interprocess communication and synchronization

    Page(s): 1417 - 1426
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1044 KB)  

    The authors consider the essential properties of a multiparty interaction construct which serves as a primitive for interprocess communication and synchronization in distributed programs. It is claimed that more general constructs, which violate the suggested properties, are appropriate for abstraction but should not be seen as a communication primitive, and that both facilities are needed. Several acceptability criteria are posed for multiparty interactions, and various possibilities for constructs satisfying these criteria are presented. These include introducing a novel kind of nondeterminism within the assignments of an interaction, weakening the synchronization among the participants in an interaction, and varying the number of participants in order to provide a high-level treatment of fault tolerance View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A set of inference rules for quantified formula handling and array handling in verification of programs over integers

    Page(s): 1368 - 1381
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1096 KB)  

    Because of the undecidability problem of program verification, it becomes necessary for an automated verifier to seek human assistance for proving theorems which fall beyond its capability. In order that the user be able to interact smoothly with the machine, it is desired that the theorems be maintained and processed by the prover in a form as close as possible to the popular algebraic notation. Motivated by the need of such an automated verifier, which works in an environment congenial to human participation and at the same time uses the methodologies of resolution provers of first-order logic, some inference rules have previously been proposed by the authors (ibid., vol.15, no.1, p.1-9, Jan. 1989) for integer arithmetic, and their completeness issues have been discussed. In the present work, the authors examine how these rules can be applied to quantified formulas vis-a-vis verification of programs involving arrays. An interesting situation, referred to as bound-extension, has been found to occur frequently in proving the quantified verification conditions of the paths in a program. A novel rule, called bound-extension rule, has been devised to consolidate and depict the various issues involved in a bound-extension process. It has been proved that the rule set proposed previously by the authors is adequate for handling a more general phenomenon, called bound-modification, which covers bound-extension in all its entirety View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Statistical inference for general-order-statistics and nonhomogeneous-Poisson-process software reliability models

    Page(s): 1485 - 1490
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (540 KB)  

    There are many software reliability models that are based on the times of occurrences of errors in the debugging of software. It is shown that it is possible to do asymptotic likelihood inference for software reliability models based on order statistics or nonhomogeneous Poisson processes, with asymptotic confidence levels for interval estimates of parameters. In particular, interval estimates from these models are obtained for the conditional failure rate of the software, given the data from the debugging process. The data can be grouped or ungrouped. For someone making a decision about when to market software, the conditional failure rate is an important parameter. The use of interval estimates is demonstrated for two data sets that have appeared in the literature View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • CTDNet-a mechanism for the concurrent execution of lambda graphs

    Page(s): 1357 - 1367
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (844 KB)  

    The authors describe CTDNet, a data-driven reduction machine for the concurrent execution of applicative functional programs in the form of lambda calculus expressions. Such programs are stored as binary-tree-structured process graphs in which all processes maintain pointers to their immediate neighbors (i.e. ancestor and two children). Processes are of two basic types: master processes, which represent the original process graph, and slave processes, which carry out the actual executional work and are dynamically created and destroyed. CTDNet uses a distributed eager evaluation scheme with a modification to evaluate conditional expressions lazily, together with a form of distributed string reduction with some graphlike modifications View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A case study in structure specification: a grid description of Scribe

    Page(s): 1397 - 1416
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1776 KB)  

    The author describes a case study in which the grid mechanism was used to describe the structure of Scribe, a document-processing system in widespread use. The structure description is presented and explained in some detail, and the effectiveness of the grid for specifying the important structural features of Scribe is discussed. It is shown that the grid succeeds in its objective of presenting complex structures clearly. A grid specification forms a suitable basis for a narrative explanation of system structure. It is further noted that some detailed improvements would further enhance the expressiveness of the grid, and that environment support is essential for serious use of the grid View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A distributed algorithm for performance improvement through file replication, file migration, and process migration

    Page(s): 1459 - 1470
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (860 KB)  

    The author presents a distributed algorithm that considers the number of read and write accesses to files for every process type, the number of processes and their demands on system resources, the utilization of bottlenecks on all machines, and file sizes. Performance improvement obtained with the algorithm is discussed and proved. A number of experiments executed in a distributed system in order to predict the impact on performance of various algorithm strategies are examined. The experiments show changes in system performance due to file and process placement, file replication, and file and process migration View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Finding idle machines in a workstation-based distributed system

    Page(s): 1444 - 1458
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1336 KB)  

    The authors describe the design and performance of scheduling facilities for finding idle hosts in a workstation-based distributed system. They focus on the tradeoffs between centralized and decentralized architectures with respect to scalability, fault tolerance, and simplicity of design, as well as several implementation issues of interest when multicast communication is used. They conclude that the principal tradeoff between the two approaches is that a centralized architecture can be scaled to a significantly greater degree and can more easily monitor global system statistics whereas a decentralized architecture is simpler to implement View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Including scalars in a programming language based on the relational algebra

    Page(s): 1437 - 1443
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (684 KB)  

    Scalars, arrays, and records, together with associated operations and syntax, have been introduced as special cases of relations into the relational programming system, relix. This permits all of these data types, as well as relations, to be stored persistently. The requirement in most languages that array elements and record fields can be assigned to leads in this case to the general implementation of QT-selectors as l-expressions, with, in particular, systematic interpretations of assignment to projections and selections of relations. The authors discuss the principles and the implementation of this extension to the relational algebra. They take advantage of the very specialized syntax of array access to build a tuned access method, using B-trees and Z-order. The performance results show the advantage of this implementation over the slower implementation required for general QT-selectors View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.

Aims & Scope

The IEEE Transactions on Software Engineering is interested in well-defined theoretical results and empirical studies that have potential impact on the construction, analysis, or management of software. The scope of this Transactions ranges from the mechanisms through the development of principles to the application of those principles to specific environments. Specific topic areas include: a) development and maintenance methods and models, e.g., techniques and principles for the specification, design, and implementation of software systems, including notations and process models; b) assessment methods, e.g., software tests and validation, reliability models, test and diagnosis procedures, software redundancy and design for error control, and the measurements and evaluation of various aspects of the process and product; c) software project management, e.g., productivity factors, cost models, schedule and organizational issues, standards; d) tools and environments, e.g., specific tools, integrated tool environments including the associated architectures, databases, and parallel and distributed processing issues; e) system issues, e.g., hardware-software trade-off; and f) state-of-the-art surveys that provide a synthesis and comprehensive review of the historical development of one particular area of interest.

Full Aims & Scope

Meet Our Editors

Editor-in-Chief
Matthew B. Dwyer
Dept. Computer Science and Engineering
256 Avery Hall
University of Nebraska-Lincoln
Lincoln, NE 68588-0115 USA
tseeicdwyer@computer.org