Cleanroom Software Engineering

Getting it right the first time

A Spectrum of Methods

Less Formal

More Formal

Cleanroom

OCL and Z

Traditional Models:Waterfall, Spiral, Incremental

Agile Methods:FDD and SCRUM

Characteristics of Formal Methods

Well-defined specification language Typically based on set-theoretical concepts

Emphasis on verification Of program correctness Of completeness of description Of refinements to different abstractions

Testing/Debugging De-emphasized Process idea borrowed from manufacturing—

worth the cost to ensure process delivers acceptable products rather than remove defects to achieve quality

Why Use Cleanroom Process?

ClaimsVerification and testing are synergistic

Reasoning faults are “easier to find” than debugging faults

Testing based on usage scenarios focuses on “important” errors

Not all faults are of equal significance Bottom Line: software developed under the

cleanroom process has fewer errors

The Cleanroom Approach

Based on the Incremental Process Model with the twist that formal verification is applied to engineering models and the code.

Subprocesses System Engineering, Requirements Gathering, Test Planning,

Box Structure Specification, Formal Design, Correctness Verification, Code Generation, Code Inspection and Verification, Statistical Usage Testing, Certification

Additional Points of Emphasis

Why the cleanroom process is not widely used (pg 797) Stereotyped perception, departure from standard

practice, and process maturity How cleanroom differs from OO development

(pg 800) Statistical QC, mathematical verification, usage-

driven testing. Functional Specification Types (pg 801)

Black Box (concerned only with I/O) State Box (similar to a UML class diagram) Clear Box (procedural design, e.g., pseudocode)