DNV IT Global Services COO, France
Link to slides
Systematic verification and validation: The consequences of not managing software failure risks
Though consequences of software failures are typically not publicly disseminated, critical software failures are widespread and Det Norske Veritas (DNV) is very much concerned with the risk management of software failures. Various reports and websites provide information regarding software risks that are worth analyzing and reflecting upon. For example, we recently analyzed seven thousand recalls in the automotive industry: 4% of these recalls involved software-based components and embedded systems.
In a completely different domain, back in the 90's, the introduction of a new Command and Control System for the London Ambulance Service turned into a disaster; The Secretary of State for Health was forced to announce that up to twenty people may have died because of the collapse of a new computer system controlling emergency calls. Several issues were found:
- There appeared to have been NO backup procedure at all.
- The design of the user interface was inadequate.
- No consideration had been given to system overload.
Over the past year, we have also started to hear complaints from Ship owners, Rig owners and Yards, who are the primary customers of DNV. At a Rig Owners' Committee Meeting last May, the Owners voiced concerns about control software carried onboard their drilling units:
Software control with microprocessor based control systems is a concern. In particular, verification and testing of software and systems when they are first integrated and then when changes are implemented onboard during operation seem to be inefficient. Failures are revealed which lead to enormous delays in starting operations and/or catastrophic losses in exploitation.
From an industrial viewpoint, at the risk of being provocative, the impression is that progress over the last 30 years has been far too slow regarding improving the quality, reliability and dependability of software and systems. In every industry, both large and small companies have experienced damages - loss of business, heavy costs, damaged image, even loss of lives - due to insufficient software testing and verification. Several standards, which are de facto good practices, have been developed. But how can we ensure that we are on the right track? How can we share knowledge in order to improve the trust in software systems in the future?
The presentation will focus on the industrial reality and the challenges that both researchers and practitioners have to address together.
As president of DNV/Q-Labs, which she founded in 1989, and COO of DNV IT Risk
management, Combelles has more than 30 years of project management and
organization governance experience. She was the software project manager
for the first generation of embedded systems for Airbus flight control.
Prior to founding Q-Labs, she led a corporate software engineering program
at Thales. DNV IT Risk Management, a leading European consulting group for
software engineering services, process modeling, and improvement, Information
security has more than 300 consultants. The firm primarily serves world-class
leaders in the finance, defence, aeronautics, automotive, and telecom sectors
in Europe (France, Germany, The Netherlands, Sweden, UK and Italy), USA and
Combelles has worked with global companies, mixing various languages, cultures,
and experiences. As a Capability Maturity Model and Capability Maturity Model
Integration lead appraiser, she has participated in numerous process
improvement initiatives worldwide.
Combelles has also been serving in several EU Information Technology R&D
programs and delivered tutorials and seminars on value-added process management.
Combelles is a 1973 graduate of the Ecole Nationale Superieure de
l'Aeronautique et de l'Espace and a 2001 graduate of Hautes Etudes
Commerciales Management (2001). She received the 1980 Aerospace and
Aeronautics medal for Innovation in France.
Combelles has served on the IEEE Software editorial board and the Industry
Advisory Board. From 1993 to 1996, she chaired the Advisory Board and is
still active. She is in the Board of Governors of IEEE CS from 2003 to 2006.
Mary Jean Harrold
Georgia Institute of Technology, USA
Link to slides
Testing of Evolving Software: Achievements, Challenges, and Promises
Testing is the most common way to increase confidence in the
correctness and reliability of software. Studies report that testing
consumes about half the cost of software development. Studies also show
that maintenance consumes up to 80% of the software lifecycle, and much
of that cost is devoted to testing. Rapidly changing software and computing
environments present many challenges for effective and efficient testing
Past research in testing of evolving software has resulted in techniques
that attempt to automate or partially automate the process. Although
few of these techniques have been successfully transferred to practice,
existing techniques show promise for use in industry. By combining
program analysis, machine learning, and visualization techniques, we
can expect significant improvement in the process of testing evolving
software that will provide reduction in cost and improvement in quality.
In this talk, I will overview research in testing of evolving
software and discuss our achievements to date, our challenges for
solving the difficult problems that exist, and my view of the promise
for testing of evolving software in the future.
Mary Jean Harrold is the ADVANCE Professor of Computing at Georgia
Institute of Technology. She performs research in analysis and testing of
large, evolving software, fault localization and failure identification
using statistical analysis, machine learnng, and visualization, monitoring
deployed software to improve quality, and software self-awareness through
real-time assessment and response. Professor Harrold received an NSF NYI
Award and was named an ACM Fellow. She is general chair of ACM SIGSOFT
FSE 16, serves on the editorial boards of ACM Transactions on Software
Engineering and Methodology and the Journal of Software Testing,
Verification and Reliability, serves on the Board of Directors for the Computing
Research Association (CRA), is a member and past co-chair of CRA Committee on
the Status of Women in Computing (CRA-W). She received the Ph.D. from
the University of Pittsburgh.