Design by contract to improve software vigilance

Skip to Main Content. A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.

Use of this web site signifies your agreement to the terms and conditions. Design by Contract to Improve Software Vigilance Abstract: Design by Contract is a lightweight technique for embedding elements of formal specification such as invariants, pre and postconditions into an object-oriented design. When contracts are made executable, they can play the role of embedded, online oracles. As is the standard in this domain, the parameters are then fixed through actual measures, based on a mutation analysis in our case.

Several measures are presented that reveal and estimate the contribution of contracts to the overall quality of a system in terms of vigilance and diagnosability.

Index Terms—Object-oriented design methods, programming by contract, diagnostics, metrics. We exhibit the benefits of using formal methods for constructing and documenting component software.

Formal specifications provide concise and complete descriptions of black-box components and, herewith, pave the way for full encapsulation. Specifications using abstract statements scale up better Abstract - Cited by 24 3 self - Add to MetaCart We exhibit the benefits of using formal methods for constructing and documenting component software. Nondeterminism in specifications permits enhancements and alternate implementations.

A formally verifiable refinement relationship between specification and implementation of a component ensures compliance with the published specification. Unambiguous and complete contracts are the foundation of any component market. A software product line is a set of similar software products that share a common code base. While software product lines can be implemented efficiently using feature-oriented programming, verifying each product individually does not scale, especially if human effort is required e.

Abstract - Cited by 15 9 self - Add to MetaCart A software product line is a set of similar software products that share a common code base. We present a family-based approach of deductive verification to prove the correctness of a software product line efficiently. We illustrate and evaluate our approach for software product lines written in a feature-oriented dialect of Java and specified using the Java Modeling Language.

We show that the theorem prover KeY can be used off-the-shelf for this task, without any modifications. Program transformation techniques have reached a maturity level that allows processing high-level language sources in new ways. Not only do they revolutionize the implementation of compilers and interpreters, but with modularity as a design philosophy, they also permit the seamless extension of the Abstract - Cited by 14 3 self - Add to MetaCart Program transformation techniques have reached a maturity level that allows processing high-level language sources in new ways.

Not only do they revolutionize the implementation of compilers and interpreters, but with modularity as a design philosophy, they also permit the seamless extension of the syntax and semantics of existing programming languages. The C-Transformers project provides a transformation environment for C, a language that proves to be hard to transform. Kiniry, Daniel M. The use of formal methods can significantly improve software quality.

However, many instructors and students consider formal methods to be too difficult, impractical, and esoteric for use in undergraduate classes. This paper describes a method, used successfully at several universities, th Journal articles. Hide details. Abstract : Design by Contract is a lightweight technique for embedding elements of formal specification such as invariants, pre- and post-conditions into an object-oriented design. When contracts are made executable, they can play the role of embedded, on-line oracles.

Executable contracts allow components to be responsive to erroneous states, and thus may help in detecting and locating faults. In this paper, we define Vigilance as the degree to which a program is able to detect an erroneous state at runtime.

Diagnosability represents the effort needed to locate a fault once it has been detected.