16.982
Advanced Software Engineering
Fall 2000
a0
Problem
Background
Why Hard?
Slyllabus
Outline
Is There a Problem?
Background Information
Why is Software Engineering Hard?
Syllabus and Class Description
Copyright
c
Nancy Leveson, Sept. 2000
a1
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
Is there a problem?
a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3 a3
Examples:
AAS (FAA Advanced Automation System)
FBI CIC
IRS Modernization Program
C-17
Ariane 5
Problem
Trends
Why Hard?
Slyllabus
Head of AF Systems Command: ‘‘Software is the achilles heel
of weapons development"
7 out of every 10 major weapons development programs are
encountering software problems and rate is increasing.
Copyright
c
Nancy Leveson, Sept. 1999
a4
a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5 a5
Problem
Trends
Why Hard?
Slyllabus
Some "Data" (Myths?)
a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6 a6
The development of large applications in excess of 5000
function points (~500,000 LOC) is one of the most risky
business undertakings in the modern. world (Capers Jones)
The risks of cancellation or major delays rise rapidly as the
overall application size increases (Capers Jones):
65% of large systems (over 1,000,000 LOC) are
cancelled before completion
50% for systems exceeding half million LOC
25 % for those over 100,000 LOC
Failure or cancellation rate of large software systems is
over 20% (Capers Jones)
Copyright Nancy Leveson, Sept. 1999
c
a7
a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8 a8
Problem
Trends
Why Hard?
Slyllabus
More "Data" (Myths?)
a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9 a9
After surveying 8,000 IT projects, Standish Group reported
about 30% of all projects were cancelled.
Average cancelled project in U.S. is about a year behind
schedule and has consumed 200% of expected budget
(Capers Jones).
Work on cancelled projects comprises about 15% of total
U.S. software efforts, amounting to as much as $14 billion
in 1993 dollars (Capers Jones).
c
Copyright Nancy Leveson, Sept. 1999
a10
a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11 a11
Problem
Trends
Why Hard?
Slyllabus
And Yet More
a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12 a12
Of completed projects, 2/3 experience schedule delays
and cost overruns (Capers Jones) [bad estimates?]
2/3 of completed projects experience low reliability and
quality problems in first year of deployment (Jones).
Software errors in fielded systems typically range from
0.5 to 3.0 occurrences per 1000 lines of code (Bell Labs
survey).
Civilian software: at least 100 English words produced for
every source code statement.
Military: about 400 words (Capers Jones)
c
Copyright Nancy Leveson, Sept. 1999
a13
Problem
Trends
Why Hard?
Slyllabus
Have you ever been on a project where the
software was never finished or used?
What were some of the problems?
c
Copyright Nancy Leveson, Sept. 1999
a14
a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15 a15
Problem
Trends
Why Hard?
Slyllabus
Death March Projects
a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16 a16
Feature (scope) creep
Thrashing
Integration problems
Overwriting source code
Constant re-estimation
Redesign and rewriting during test
No documentation of design decisions
Etc.
Copyright
c
Nancy Leveson, Sept. 1999
a17
a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18 a18
Problem
Trends
Why Hard?
Slyllabus
Types of Problem Projects (Yourdan)
a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19 a19
Mission Impossible
Likely to succeed, happy workers
Ugly
Likely to succeed, unhappy workers
Kamikaze
Unlikely to succeed, happy workers
Suicide
Unlikely to succeed, unhappy workers
Copyright
c
Nancy Leveson, Sept. 1999
a20
a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21
a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a21 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22
Understanding the Problem
a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22 a22
Problem
Trends
Why Hard?
Slyllabus
Development Costs
Coding
Test
Planning
a23a25a24a27a26a28a24a30a29 a31a30a32a30a33a34a24a30a35a37a36
a38a40a39a42a41a42a43 a44a46a45a30a47
a48a25a47a50a49a46a51 a52a42a39
a53a55a54a42a56 a47
a57a58a47a50a49a46a59
a60a61a41a42a51 a39a50a59a62a41a42a51 a39
1/3 planning
1/6 coding
1/4 component test
Development costs are only
1/4 system test
the tip of the iceberg.
Copyright
c
Nancy Leveson, Sept. 1999
a0a64a63
a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83
a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83 a83
Problem
Trends
Why Hard?
Slyllabus
a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84
Understanding the Problem (2)
a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84 a84
a75a40a77a34a78a34a68a70a69a34a79
a65a67a66a34a68a70a69a72a71a74a73a34a69a34a66a34a69a34a75a40a73
a71a74a73a34a76a64a71
a80a34a81a70a66a34a69a34a69a34a68a82a69a34a79
Software Maintenance:
20% error correction
20% adaptation
60% enhancements
Most fielded software errors stem
from requirements not code
c
Copyright Nancy Leveson, Sept. 1999
a0a85a0
a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86 a86
Problem
Trends
Why Hard?
Slyllabus
Software Evolution (Maintenance)
a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87 a87
Belady and Lehman’s Laws:
Software will continually change.
Software will become increasingly
unstructured as it is changed.
Leveson’s Law:
Introducing computers will not reduce
personnel numbers or costs.
Copyright
c
Nancy Leveson, Sept. 1999
a0a88a1
a89 a89
a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91 a91
Problem
Trends
Why Hard?
Slyllabus
a90 a90
Are Things Improving?
a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92 a92
Is software improving at a slower rate than hardware?
"Software expands to fill the available memory" (Parkinson)
"Software is getting slower more rapidly than hardware
becomes faster" (Reiser)
Expectations are changing
c
Copyright Nancy Leveson, Sept. 1999
a0a64a4
Is software engineering more difficult than hardware engineering?
Why or why not?
.
a0 a7
a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93 a93
Problem
Trends
Why Hard?
Slyllabus
Why is software engineering hard?
a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94 a94
"Curse of flexibility"
Organized complexity
Intangibility
Lack of historical usage information
Large discrete state spaces
Copyright
c
Nancy Leveson, Sept. 1999
a0a88a10
a95 a95
Problem
Trends
Why Hard?
Slyllabus
The Computer Revolution
Design separated from physical representation; design
became a completely abstract concept.
a95 a96 a96
General
Purpose
Machine
+ Software =
Special
Purpose
Machine
Machines that were physically impossible or impractical
to build become feasible.
Design can be changed without retooling or manufacturing.
Emphasis on steps to be achieved without worrying
about how steps will be realized physically.
c
Copyright Nancy Leveson, Sept. 1999
a0a64a13
Problem
Trends
Why Hard?
Slyllabus
The Curse of Flexibility
"Software is the resting place of afterthoughts."
No physical constraints
To enforce discipline on design, construction
and modification
To control complexity
So flexible that start working with it before fully understanding
what need to do
The untrained can get partial success.
"Scaling up is hard to do"
‘‘And they looked upon the software and saw that it
was good. But they just had to add one other feature ...’’
Copyright
c
Nancy Leveson, Sept. 1999
a0 a14
Problem
Trends
Why Hard?
Slyllabus
What is Complexity?
a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97 a97a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98 a98
The underlying factor is intellectual manageability
1. A "simple" system has a small number of unknowns in its
interactions within the system and with its environment.
2. A system becomes intellectually unmanageable when the level of
interactions reaches the point where they cannot be thoroughly
planned
understood
anticipated
guarded against
c
Copyright Nancy Leveson, Sept. 1999
a0a64a17
a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99 a99
Problem
Trends
Why Hard?
Slyllabus
Ways to Cope with Complexity
a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100 a100
Analytic Reduction (Descartes)
Divide system into distinct parts for analysis purposes.
Examine the parts separately.
Three important assumptions:
1.
2.
3.
c
The division into parts will not distort the
phenomenon being studied.
Components are the same when examined singly
as when playing their part in the whole.
Principles governing the assembling of the components
into the whole are themselves straightforward.
Copyright Nancy Leveson, Sept. 1999
a0a64a20
a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101 a101
Problem
Trends
Why Hard?
Slyllabus
Ways to Cope with Complexity (con’t.)
a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102 a102
Statistics
Treat as a structureless mass with interchangeable parts.
Use Law of Large Numbers to describe behavior in
terms of averages.
Assumes components sufficiently regular and random
in their behavior that they can be studied statistically.
c
Copyright Nancy Leveson, Sept. 1999
a1a103a63
| 课件名称: | 高级软件工程(英文版) |
| 课件分类: | 计算机 |
| 课件类型: | 电子教案 |
| 文件大小: | 1.22MB |
| 下载次数: | 2 |
| 评论次数: | 2 |
| 用户评分: | 5.5 |
- 1. 高级软件工程(英文版):c130j
- 2. 高级软件工程(英文版):cots
- 3. 高级软件工程(英文版):metrics1
- 4. 高级软件工程(英文版):metrics2
- 5. 高级软件工程(英文版):oct13
- 6. 高级软件工程(英文版):oct20
- 7. 高级软件工程(英文版):oct6
- 8. 高级软件工程(英文版):people
- 9. 高级软件工程(英文版):print00
- 10. 高级软件工程(英文版):print200
- 11. 高级软件工程(英文版):proglang
- 12. 高级软件工程(英文版):reviews
- 13. 高级软件工程(英文版):safety
- 14. 高级软件工程(英文版):sept14
- 15. 高级软件工程(英文版):sept221
- 16. 高级软件工程(英文版):sept222
- 17. 高级软件工程(英文版):sept29
- 18. 高级软件工程(英文版):types
