sss ssss rrrrrrrrrrr
ssss ss rrrr rrrr
sssss s rrrr rrrr
ssssss rrrr rrrr
ssssssss rrrr rrrr
ssssss rrrrrrrrr
s ssssss rrrr rrrr
ss sssss rrrr rrrr
sss sssss rrrr rrrr
s sssssss rrrrr rrrrr
+===================================================+
+======= Testing Techniques Newsletter (TTN) =======+
+======= ON-LINE EDITION =======+
+======= November 1998 =======+
+===================================================+
TESTING TECHNIQUES NEWSLETTER (TTN), Online Edition, is E-mailed monthly
to support the Software Research, Inc. (SR)/TestWorks user community and
to provide information of general use to the worldwide software quality
and testing community.
Permission to copy and/or re-distribute is granted, and secondary
circulation is encouraged by recipients of TTN-Online provided that the
entire document/file is kept intact and this complete copyright notice
appears with it in all copies. (c) Copyright 1998 by Software Research,
Inc.
========================================================================
INSIDE THIS ISSUE:
o QWE'98 Best Paper Award: Monica Bobrowski (Universidad de Buenos
Aires)
o "Better DES Challenge" solved by John Gilmore and "Deep Crack"
(Reprinted from RISKS).
o Definitions of the Major Angsts of Testing!
o 12th International Software Quality Week 1999 -- Call for Papers
and Presentations
o Special Issue on Software Reuse Published
o QWE'98 Speaker Survey
o Reliability Maturity Model
o Why Wait? Alternative Y2K Solutions!
o 7th IFIP Conference on Dependable Computing for Critical
Applications (DCCA-7)
o TTN-Online Articles Wanted
o TTN Submittal Policy
o TTN SUBSCRIPTION INFORMATION
========================================================================
QWE'98 Best Paper Award
One of the features of the Quality Week Conferences is the presentation
of a Best Paper award. The recipient of the QW"98 Best Paper, Mr. Jim
Clark, re-presented his paper at QWE'98.
We're pleased to announce that the QWE'98 Best Paper award was awarded
to:
A Software Engineering View of Data Quality
Monica Bobrowski
(Universidad de Buenos Aires)
Joint Authors:
Martina Marre and Daniel Yankelevich
Ms. Bobrowski will be invited to present the paper again at QW'99 in San
Francisco.
ABSTRACT: Thirty years ago software was not considered a
concrete value. Everyone agreed on its importance, but it
was not considered as a good or possession. Nowadays,
software is part of the balance of an organization. Data is
slowly following the same process. The information owned by
an organization is an important part of its assets.
Information can be used to competitive advantage. However,
data has long been underestimated by the software community
Usually, methods and techniques apply to software (including
data schemata), but the data itself has often been
considered as an external problem. Validation and
verification techniques usually assume that data is provided
by an external agent and concentrate only on software.
In this work we present different issues related to data
quality from a software engineering point of view. We
propose three main streams that should be analyzed: data
quality metrics, data testing, and data quality requirements
in the software development process. We point out the main
problem and opportunities in each of them.
========================================================================
``Better DES challenge''
solved by John Gilmore and ``Deep Crack''
NOTE: This item appeared in RISKS in August 1998.
Date: Fri, 17 Jul 1998 03:31:45 -0400
From: Matt Blaze
Subject: ``Better DES challenge'' solved by John Gilmore and ``Deep Crack''
On June 23 1997, I offered a prize of 56 bits ($7.00) for finding a DES
key with a certain interesting property. In particular, I wanted a DES
key such that some ciphertext block of the form decrypts to a
plaintext block of the form , where X and Y represent any
fixed eight-bit byte value repeated across each of the eight bytes of
the 64 bit DES codebook block.
Finding a key of this form would require either computational effort
approximately equal to searching the DES keyspace or discovering a new
cryptanalytic technique against DES. Knowing such a key would therefore
demonstrate that it is feasible to mount an exhaustive search against
the DES keyspace or that there is some weakness in DES that allows keys
to be found analytically. This challenge, then, has the desirable
property that a result ``speaks for itself'' in demonstrating the
weakness of DES, without the need for an ``honest broker'' who must
safeguard the solution. The solution keys could not be known to any
people who haven't themselves searched the keyspace or found some other
weakness. It would be just as much of an accomplishment for me to claim
the prize as it would be for anyone else.
I am pleased to announce that the prize has been claimed. On July 2,
1998, John Gilmore, of the Electronic Frontier Foundation, informed me
that:
With a (parity-padded) key of 0E 32 92 32 EA 6D 0D 73, the plaintext
of 8787878787878787 becomes the ciphertext 0000000000000000
According to John, this solution was found after several days of work
with the EFF ``Deep Crack'' hardware, a specialized parallel processor
optimized for DES key search. Information on Deep Crack can be found at
<http://www.eff.org/descracker>. I am especially gratified that this
DES challenge problem was chosen as the first application of the Deep
Crack hardware, and that the challenge has revealed data that might,
perhaps, yield some additional analytic clues about the structure of the
DES algorithm.
A number of individuals and organizations generously pledged additional
bits to supplement my original (quite modest) 56 bit prize, for a total
over 10000 bits ($1250.00). I will be contacting these individuals
privately to inform them that their pledges have come due.
Note that although the prize has been claimed and the contest is now
officially closed, there may be other solution keys (in fact, we'd
expect to find about 255 more, if DES emulates a random permutation). I
encourage the community to continue looking for solution keys. Indeed,
it would be interesting to know how many such keys actually do exist in
DES.
Congratulations John! -matt
------------------------------
Date: Fri, 17 Jul 1998 03:23:32 -0700 (PDT) From: John Gilmore
Subject: "EFF DES Cracker" machine brings honesty to
crypto debate
CONTACTS:
Alexander Fowler, +1 202 462 5826, afowler@eff.org
Barry Steinhardt, +1 415 436 9333 ext. 102, barrys@eff.org
John Gilmore, +1 415 221 6524, gnu@toad.com
"EFF DES CRACKER" MACHINE BRINGS HONESTY TO CRYPTO DEBATE
ELECTRONIC FRONTIER FOUNDATION PROVES THAT DES IS NOT SECURE
SAN FRANCISCO, CA -- The Electronic Frontier Foundation (EFF) today
raised the level of honesty in crypto politics by revealing that the
Data Encryption Standard (DES) is insecure. The U.S. government has
long pressed industry to limit encryption to DES (and even weaker
forms), without revealing how easy it is to crack. Continued adherence
to this policy would put critical infrastructures at risk; society
should choose a different course.
To prove the insecurity of DES, EFF built the first unclassified
hardware for cracking messages encoded with it. On Wednesday of this
week the EFF DES Cracker, which was built for less than $250,000, easily
won RSA Laboratory's "DES Challenge II" contest and a $10,000 cash
prize. It took the machine less than 3 days to complete the challenge,
shattering the previous record of 39 days set by a massive network of
tens of thousands of computers. The research results are fully
documented in a book published this week by EFF and O'Reilly and
Associates, entitled "Cracking DES: Secrets of Encryption Research,
Wiretap Politics, and Chip Design."
"Producing a workable policy for encryption has proven a very hard
political challenge. We believe that it will only be possible to craft
good policies if all the players are honest with one another and the
public," said John Gilmore, EFF co-founder and project leader. "When
the government won't reveal relevant facts, the private sector must
independently conduct the research and publish the results so that we
can all see the social trade-offs involved in policy choices."
The nonprofit foundation designed and built the EFF DES Cracker to
counter the claim made by U.S. government officials that governments
cannot decrypt information when protected by DES, or that it would take
multimillion-dollar networks of computers months to decrypt one message.
"The government has used that claim to justify policies of weak
encryption and 'key recovery,' which erode privacy and security in the
digital age," said EFF Executive Director Barry Steinhardt. It is now
time for an honest and fully informed debate, which we believe will lead
to a reversal of these policies."
"EFF has proved what has been argued by scientists for twenty years,
that DES can be cracked quickly and inexpensively," said Gilmore. "Now
that the public knows, it will not be fooled into buying products that
promise real privacy but only deliver DES. This will prevent
manufacturers from buckling under government pressure to 'dumb down'
their products, since such products will no longer sell." Steinhardt
added, "If a small nonprofit can crack DES, your competitors can too.
Five years from now some teenager may well build a DES Cracker as her
high school science fair project."
The Data Encryption Standard, adopted as a federal standard in 1977 to
protect unclassified communications and data, was designed by IBM and
modified by the National Security Agency. It uses 56-bit keys, meaning
a user must employ precisely the right combination of 56 1s and 0s to
decode information correctly. DES accounted for more than $125 million
annually in software and hardware sales, according to a 1993 article in
"Federal Computer Week." Trusted Information Systems reported last
December that DES can be found in 281 foreign and 466 domestic
encryption products, which accounts for between a third and half of the
market.
A DES cracker is a machine that can read information encrypted with DES
by finding the key that was used to encrypt that data. DES crackers
have been researched by scientists and speculated about in the popular
literature on cryptography since the 1970s. The design of the EFF DES
Cracker consists of an ordinary personal computer connected to a large
array of custom chips. It took EFF less than one year to build and cost
less than $250,000.
This week marks the first public test of the EFF DES Cracker, which won
the latest DES-cracking speed competition sponsored by RSA Laboratories
<http://www.rsa.com/rsalabs/>. Two previous RSA challenges proved that
massive collections of computers coordinated over the Internet could
successfully crack DES. Beginning Monday morning, the EFF DES Cracker
began searching for the correct answer to this latest challenge, the RSA
DES Challenge II-2. In less than 3 days of searching, the EFF DES
Cracker found the correct key. "We searched more than 88 billion keys
every second, for 56 hours, before we found the right 56-bit key to
decrypt the answer to the RSA challenge, which was 'It's time for those
128-, 192-, and 256-bit keys,'" said Gilmore.
Many of the world's top cryptographers agree that the EFF DES Cracker
represents a fundamental breakthrough in how we evaluate computer
security and the public policies that control its use. "With the advent
of the EFF DES Cracker machine, the game changes forever," said
Whitfield Diffie, Distinguished Engineer at Sun Microsystems and famed
co-inventor of public key cryptography. "Vast Internet collaborations
cannot be concealed and so they cannot be used to attack real, secret
messages. The EFF DES Cracker shows that it is easy to build search
engines that can."
"The news is not that a DES cracker can be built; we've known that for
years," said Bruce Schneier, the President of Counterpane Systems. "The
news is that it can be built cheaply using off-the-shelf technology and
minimal engineering, even though the department of Justice and the FBI
have been denying that this was possible." Matt Blaze, a cryptographer
at AT&T Labs, agreed: "Today's announcement is significant because it
unambiguously demonstrates that DES is vulnerable, even to attackers
with relatively modest resources. The existence of the EFF DES Cracker
proves that the threat of "brute force" DES key search is a reality.
Although the cryptographic community has understood for years that DES
keys are much too small, DES-based systems are still being designed and
used today. Today's announcement should dissuade anyone from using
DES."
EFF and O'Reilly and Associates have published a book about the EFF DES
Cracker, "Cracking DES: Secrets of Encryption Research, Wiretap
Politics, and Chip Design." The book contains the complete design
details for the EFF DES Cracker chips, boards, and software. This
provides other researchers with the necessary data to fully reproduce,
validate, and/or improve on EFF's research, an important step in the
scientific method. The book is only available on paper because U.S.
export controls on encryption potentially make it a crime to publish
such information on the Internet.
EFF has prepared a background document on the EFF DES Cracker, which
includes the foreword by Whitfield Diffie to "Cracking DES." See
<http://www.eff.org/descracker/>. The book can be ordered for worldwide
delivery from O'Reilly & Associates at
<http://www.ora.com/catalog/crackdes>, +1 800 998 9938, or +1 707 829
0515.
========================================================================
DEFINITIONS OF THE MAJOR ANGSTS OF TESTING
Thanks for this piece to: ken.sadahiro@natinst.com
During a particularly long and painful bout of REGRESSION TESTING our
application software, my buddies and I came up with this list of other
types of testing we'd like not to see:
AGRESSION TESTING: If this doesn't work, I'm gonna kill somebody.
COMPRESSION TESTING: [].
CONFESSION TESTING: Okay, okay, I did cause that bug.
CONGRESSIONAL TESTING: Are you now, or have you ever been a bug?
DEPRESSION TESTING: If this doesn't work, I'm gonna kill myself.
EGRESSION TESTING: Uh-oh, a bug... I'm outta here.
DIGRESSION TESTING: No, it still doesn't work, but let me tell you about
my new truck..
EXPRESSION TESTING: #@%^&*!!!, a bug.
OBSESSION TESTING: I'll find this bug if it's the last thing I do.
OPRESSION TESTING: Test this now!
POISSION TESTING: Alors! Regardez le poission!
REPRESSION TESTING: It's not a bug, it's a feature.
SECCESSION TESTING: The bug is dead! Long live the bug!
SUGGESTION TESTING: Well, it seems to be working but wouldn't it be
better if...
========================================================================
TWELFTH INTERNATIONAL SOFTWARE QUALITY WEEK 1999 (QW'99)
CALL FOR PAPERS AND PRESENTATIONS
Conference Theme: Facing the Future
San Francisco Bay Area, California -- 24-28 May 1999
QW'99 is the twelfth in the continuing series of
International Software Quality Week Conferences
that focus on advances in software test technology, reliability
assessment, software quality processes, quality control, risk
management, software safety and reliability, and test automation.
Software analysis and verification methodologies and processes,
supported by automated software analysis and test tools, promise major
advances in system quality and reliability.
The mission of the QW'99 Conference is to increase awareness of the
entire spectrum of methods used to achieve software quality. QW'99
provides technical education, with opportunities for practical
experience exchange, for the software development and testing community.
The QW'99 theme "Facing the Future" draws attention to the impact of the
Y2K and EURO conversion/verification problems on the entire software
quality area. The aim is to focus attention on finding out what are the
the right things to do for software quality in the coming decade.
The QW'99 program consists of two days of pre-conference tutorials,
followed by a three-day conference including Mini-Tutorials, Quick-Start
talks, Panel Sessions, and regular Technical Presentations. QW'99
provides the Software Testing and QA/QC community with:
o Carefully chosen 1/2-day and full-day tutorials from well-known
technical experts.
o Three-Day Four-Track (Technology, Applications, Process, Tools
& Solutions) Technical Conference
o Special Quick-Start and Mini-Tutorial Sessions
o Two-Day Vendor Show/Exhibition
o Vendor Technical Presentations and Demonstrations
o Analysis of method and process effectiveness through case
studies.
o Meeting of Special Interest groups.
o Exchange of critical information among technologists.
o State-of-the-art information on software test methods.
QW'99 is soliciting 45 and 90 minute presentations, half-day and full-
day standard seminar/tutorial proposals, 90-minute mini-tutorial
proposals, or proposals participation in a panel and "hot topic"
discussions on any area of testing and automation, including:
Application of Formal Methods
Automated and Manual Inspection Methods
CMM/PMM Process Assessment
Data Flow Testing Technology
Defect Tracking / Monitoring
GUI Test Technology and Test Management
Integrated Test Environments
ISO-9000 Application and Methods
New and Novel Test Methods
Process Assessment/Improvement
Productivity and Quality Issues
Object Oriented Testing
Real-Time Software
Real-World Experience
Reliability Studies
Software Metrics in Test Planning
System Load Generation and Analysis
Test Automation Technology and Experience
Test Data Generation Techniques
Test Documentation Standards
Test Management Automation
Test Policies and Standards
Web Testing/WebSite Quality
Year 2000 Issues
IMPORTANT DATES:
Abstracts and Proposals Due: 18 December 1998
Notification of Participation: 20 February 1999
Camera Ready Materials Due: 31 March 1999
FINAL PAPER LENGTH:
Papers should be limited to 10-20 pages, including Text, Slides
and/or View Graphs.
SUBMISSION INFORMATION:
Abstracts should be 2-4 pages long, with enough detail to give
members of QW'99's International Advisory Board an understanding
of the final paper/presentation, including a rough outline of its
contents. FAX your proposal to us, or send it (by Email to
qw@soft.com) as an ASCII file or a Microsoft Word 6.0 format
document (as a MIME attachment), or in PostScript file, or in a
PDF format file. Please indicate if the most likely audience is
technical, managerial/process, applications, or tools and
solutions oriented.
In addition, please include:
o A cover page with the paper title, complete mailing and
Email address(es), and telephone and FAX number(s) of each
author.
o A list of keywords describing the paper contents.
o A brief biographical sketch of each author.
Send abstracts and proposals including complete contact
information to:
Ms. Rita Bral
Quality Week '99 Director
Software Research Institute
901 Minnesota Street
San Francisco, CA 94107 USA
INFORMATION
For complete information on the QW'99 Conference, send Email to
qw@soft.com, phone SR Institute at +1 (415) 550-3020, or, send a
FAX to SR/Institute at +1 (415) 550-3030.
Candidate product/service vendors should contact the QW'99 team
early as exhibit space is strictly limited.
Complete information about QW'99 is available at the QW'99
Conference WebSite:
<http://www.soft.com/QualWeek/QW99>
========================================================================
Special Issue on Software Reuse Published
A special issue of the Annals of Software Engineering on software
reuse has been published. The contents of the special are given below.
For more information see the webpages at:
<http://www.baltzer.nl/ansoft/5.html>
Editor: William Frakes, Computer Science Department, Virginia Tech,
Falls Church, Virginia, USA
CONTENTS
Business Issues:
J.M. Favaro, K.R. Favaro and P.F. Favaro, Value Based Software Reuse
Investment
F.J. Lerch, N.V. Flor, M. Fichman and S.-J. Hong, Software Reuse and
Competition: Consumer Preferences in a Software Component Market
W.C. Lim, Strategy-driven Reuse: Bringing Reuse from the Engineering
Department to the Executive Boardroom
A. Lynex and P.J. Layzell, Organizational Considerations for Software
Reuse
Domain Analysis:
W. Frakes, R. Prieto-Diaz and C. Fox, DARE: Domain Analysis and Reuse
Environment
K.Y. Kang, S. Kim, J. Lee, K. Kim, G.J. Kim, E. Shin and M. Huh,
FORM: A Feature-Oriented Reuse Method with Domain-Specific Reference
Architectures
Generative Reuse:
T.J. Biggerstaff, A Perspective of Generative Reuse
Early Lifecycle Reuse:
J.L. Cybulski, R.D. Neal, A. Kram and J.C. Allen, Reuse of Early
Life-Cycle Artifacts: Workproducts, Methods and Tools
W. Lam, A Case-Study of Requirements Reuse Through Product Families
Asset Certification:
E.A. Addy, A Framework for Performing Verification and Validation in
Reuse-Based Software Engineering
J.C. Knight and M.F. Dunn, Software Quality Through Domain-Driven
Certification
Reuse Libraries:
Y. Matsumoto and A. Yamada, An Association-based Management of
Reusable Software Components
A. Mili, R. Mili and R.T. Mittermeir, A Survey of Software Reuse
Libraries
========================================================================
QWE"98 SPEAKER SURVEY
As part of the QWE'98 event all of the speakers were asked to provide
(1) The Biggest Quality Issue: Based on your work and your knowledge
of the field, what do YOU see as the most important issue(s)
facing the software quality community in the coming decade plus --
i.e. through, say, 2010?
(2) The Reality of the Y2K Event: In YOUR opinion, what will the real
consequences be of the "Y2K event" at the end of next year? Will
there be chaos (and should we all run for the hills, as some have
suggested)? Will there be some minor hiccups and glitches and
it'll be over with relatively painlessly? Or, do you think that
nothing really significant will happen at all?
(3) What is Your Favorite Single Quality Method: What single method or
approach to improving overall software quality do YOU think every
software developer and/or quality specialist ought to be using?
Here is an edited summary of the responses. The number of *'s indicates
the number of responding QWE'98 speakers who expressed the same basic
idea.
(1) The Biggest Quality Issue:
***** Software process improvement with better reuse and better
quantification of results.
***** Retraining professionals in the newer software technologies.
**** That Quality takes time and money and that managers need to know
this fact.
**** More emphasis on requirements including methods for disambiguation
and confirmation.
** The Quality of internet software.
* Resisting the need to "push a product to market" with a too-quick
release schedule.
* Making software simpler and the documentation clearer.
* Reliability and safety.
* Quantitative forecasting.
* Making test techniques keep up with the need.
(2) The Reality of the Y2K Event:
********** Minor hiccups and glitches, over relatively quickly (days or
weeks and up to several months).
**** Minor hiccups and glitches that continue for up to several years.
*** A few very serious disasters, but only in the non-developed world.
** Unable to guess!
* The biggest problem will be with "illegal" copies (i.e. those that
were not fixed).
* Several months of economic recession.
* Some people will make a LOT of money!
* Some spectacular failures and a lot of very minor problems.
* Everything will work OK.
(3) What is Your Favorite Single Quality Method:
******* Total Quality Management, or systems thinking, or CMM: generally
any method that combines process and tools with measurable results.
**** There is NO silver bullet!
**** Concentration on requirements and specifications and the earliest-
possible extraction of them.
*** More complete, i.e. 100% C1 = branch coverage and continuous
testing.
** Standards and inspections plus reviews.
========================================================================
Reliability Maturity Model
I am thinking of defining a Reliability Maturity Model, analogous to the
Capability Maturity Model. Is anyone aware of anything having been done
in this area? If so, could you give me a name and email address or a
paper citation?
JOHN D. MUSA
Software Reliability Engineering and Testing Courses
39 Hamilton Road Phone: 1-973-267-5284
Morristown, NJ 07960-5341 Fax: 1-973-267-6788
USA E-mail: j.musa@ieee.org
Website: <http://members.aol.com/JohnDMusa/>
========================================================================
CALL FOR PARTICIPATION
Seventh IFIP International Working Conference on
Dependable Computing for Critical Applications (DCCA-7)
The Fairmont Hotel
San Jose, California, USA
January 6-8, 1999
Organized by:
IFIP Working Group 10.4 on Dependable Computing and Fault Tolerance
In cooperation with:
The Software Engineering Institute, Carnegie Mellon University
IFIP Technical Committee 11 on Security and Protection in
Information Processing Systems
IEEE Computer Society Technical Committee on Fault-Tolerant Computing
EWICS Technical Committee 7 on Systems Reliability, Safety and Security
SCOPE OF THE CONFERENCE
This is the seventh conference in a series dedicated to advancing the
theory and practice of dependable computing for critical applications.
DCCA differs from other conferences on related topics in encouraging
participation across all fields that contribute to dependable computing,
and in its format as a working conference that provides ample time for
discussion; these attributes provide for a stimulating meeting that
facilitates cross-fertilization of ideas and interaction between
researchers and practitioners.
PRELIMINARY CONFERENCE SCHEDULE (Preliminary)
Wednesday January 6, 1999
8:45am: Welcome etc.
9 am: Assessment of COTS Components
There is increasing pressure to use COTS (commercial off-the-shelf)
components in critical systems. How dependable are these components? These
two papers respectively examine design faults in a commercial processor
(Pentium II), and the reliability of a commercial microkernel (Chorus
ClassiX).
* The Taxonomy of Design Faults in COTS Microprocessors by Algirdas
Avizienis and Yutao He of UCLA, USA
* Assessment of COTS Microkernels by Fault Injection by J.-C. Fabre, F.
Salles, M. Rodriguez-Moreno, and J. Arlat of LAAS, France
11am: Coping with COTS
These two papers respectively describe how to construct a reliable
spacecraft controller and fault-tolerant clocks from COTS components.
* Minimalist Recovery Techniques for Single Event Effects in Spaceborne
Microcontrollers by Douglas W. Caldwell and David A. Rennels of UCLA,
USA
* Building Fault-Tolerant Hardware Clocks from COTS Components by
Christof Fetzer and Flaviu Cristian of UCSD, USA
2pm: Formal Methods
Formal methods can help develop verified systems, and can also be used to
examine requirements and designs for bugs. The first of these papers uses
theorem proving to develop verified controllers, while the other two use
model checking in the validation of complex requirements.
* A methodology for proving control systems with Lustre and PVS by S.
Bensalem, P. Caspi, C. Parent-Vigouroux, and C. Dumas, D. Pilaud,
VERIMAG, France
* Prototyping and Formal Requirement Validation of GPRS: A Mobile Data
Packet Radio Service for GSM by Luigi Logrippo, Laurent
Andriantsiferana, and Brahim Ghribi of University of Ottawa, Canada
* Formal Description and Validation for an Integrity Policy Supporting
Multiple Levels of Criticality by A. Fantechi, S. Gnesi, and L. Semini
of Universiti di Firenze, Italy
4:30pm: Distributed Systems
The first of these papers develops an infrastructure for fault-tolerance on
top of CORBA; the second considers how to improve performance of one of the
protocols used in such infrastructures.
* Proteus: A Flexible Infrastructure to Implement Adaptive Fault
Tolerance in AQuA by Chetan Sabnis, Michel Cukier, Jennifer Ren,
William H. Sanders, David E. Bakken, and David Karr of University of
Illinois and BBN, USA
* Improving Performance of Atomic Broadcast Protocols Using the
Newsmonger Technique by Shivakant Mishra and Sudha M. Kuntur of
University of Wyoming, USA
Thursday January 7, 1999
9am: Time-Triggered Architecture
The time-triggered architecture (TTA) provides a robust foundation for
critical control applications such as drive-by-wire. The first paper
describes how fault-tolerant applications can be supported in this
architecture, while the second describes formal verification of the
clock-synchronization protocol used in TTA.
* The Transparent Implementation of Fault Tolerance in the
Time-Triggered Architecture by Hermann Kopetz and Dietmar Millinger of
TU Vienna, Austria
* Formal Verification for Time-Triggered Clock Synchronization by Holger
Pfeifer, Detlef Schwier, and Friedrich W. von Henke of University of
Ulm, Germany
11am: Fault Tolerance and Safety
The redundancy added to provide fault tolerance can introduce new failure
modes that may compromise safety. The first paper describes such a
situation and presents a protocol that overcomes it. The second paper
describes validation of fault tolerant systems by fault injection.
* PADRE: A Protocol For Asymmetric Duplex Redundancy by Didier Essame,
Jean Arlat, and David Powell of LAAS, France
* Experimental Validation of High-Speed Fault-Tolerant Systems Using
Physical Fault Injection by R. J. Martinez, P. J. Gil, G. Martin, C2E
Perez, and J.J. Serrano of the University and Politecnica of Valencia,
Spain
2pm: Models of Partitioning for Integrated Modular Avionics
Integrated Modular Avionics (IMA) bring together several airplane control
functions that were previously performed by separate computer systems. This
creates new opportunities for fault propagation that must be eliminated by
partitioning. But what exactly are the requirements for safe partitioning?
These three papers attempt to answer this question using models that have
their roots in computer security.
* A Model of Cooperative Noninterference for Integrated Modular Avionics
by Ben L. Di Vito of ViGYAN/NASA Langley, USA
* Invariant Performance: A Statement of Task Isolation Useful for
Embedded Application Integration by Matthew M. Wilding, David S.
Hardin, and David A. Greve of Collins Commercial Avionics, USA
* A Model of Non-Interference for Integrating Mixed-Criticality Software
Components by Bruno Dutertre and Victoria Stavridou of SRI
International, USA
Dependability Evaluation
For some, dependability is closely related to reliability; for others, it
is a more complex mix of properties. The first paper applies classical
reliability modeling to phased missions, while the second proposes a method
for evaluating a system against multiple criteria.
* Dependability Modeling and Evaluation of Phased Mission Systems: a
DSPN Approach by Ivan Mura, Andrea Bondavalli, Xinyu Zang, and Kishor
Trivedi of University of Pisa and CNUCE/CNR, Italy, and Duke
University, USA
* Dependability Evaluation using a Multi-Criteria Decision Analysis
Procedure by Divya Prasad and John McDermid of the University of York,
UK
Friday January 7, 1999
9am: Panel: Certification and Assessment of Critical Systems
It is difficult or impossible to measure some important attributes of
critical systems (e.g., experimental quantification of failure rates in the
10-9 range is infeasible). Therefore, many of the standards for critical
software development (e.g., DO-178B, IEC1508, the Common Security Criteria)
focus on the development process: "we cannot measure how well you did, so
we measure how hard you tried." Some criticise these standards for having
requirements whose compliance cannot be objectively determined, or for
requiring use of techniques whose efficacy has not been established. Others
note that multiple sources of evidence are required in assessing a critical
systems, and ask how best to combine these different sources.
This panel will comprise experts representing a range of opinion who will
examine the topic of certification and assessment of critical systems from
several perspectives.
11:30am: Probabilistic Guarantees
The first paper considers scheduling in the presence of faults, while the
second considers detection of faulty components. Both papers employ
statistical methods.
* Probabilistic Scheduling Guarantees for Fault-Tolerant Real-Time
Systems by A. Burns, S. Punnekkat, L. Strigini and D. R. Wright of the
University of York and City University, UK
* Fault Detection for Byzantine Quorum Systems by Evelyn Pierce, Lorenzo
Alvisi, Dahlia Malkhi, and Michael Reiter of University of Texas at
Austin, and Bell Laboratories, USA
REGISTRATION DETAILS
DCCA Registration
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3800
Phone: 412-268-7388 (inquiries only)
Fax: 412-268-7401
E-Mail: registration@sei.cmu.edu
========================================================================
WHY WAIT? ALTERNATIVE Y2K SOLUTIONS
Rather than fix the y2k problem, the goal has now been switched to
removing all computers from the desktop by Dec 31, 1999. Afterwards,
everyone will be provided with an Etch-A-Sketch. There are many sound
reasons for doing this:
1. No Y2K problems
2. No technical glitches keeping work from being done.
3. No more wasted time reading and writing emails.
4. Many users will not know the difference.
Frequently Asked Questions from the Etch-A-Sketch Help Desk:
Q: My Etch-A-Sketch has all of these funny little lines all over the
screen. What do I do?
A: Pick it up and shake it.
Q: How do I turn my Etch-A-Sketch off?
A: Pick it up and shake it.
Q: What's the shortcut for Undo?
A: Pick it up and shake it.
Q: How do I create a New Document window?
A: Pick it up and shake it.
Q: How do I set the background and foreground to the same color?
A: Pick it up and shake it.
Q: What is the proper procedure for rebooting my Etch-A-Sketch?
A: Pick it up and shake it.
Q: How do I delete a document on my Etch-A-Sketch?
A: Pick it up and shake it.
Q: How do I save my Etch-A-Sketch document?
A: Don't shake it.
Thanks for this item go to to:
Bob Binder <http://www.rbsc.com> RBSC Corporation
rbinder@rbsc.com Software Engineering 3 First National Plaza
312 214-3280 tel Process Improvement Suite 1400
312 214-3110 fax Chicago, IL 60602-4205
========================================================================
TTN-Online Articles Wanted
Keywords: Quality, Testing, Conferences, Unix, Windows, Technology
Resources, Newsletter
TTN-Online, sent to over 5000 subscribers worldwide, is seeking articles
about testing, quality technology, and test automation.
If you have a pet story about testing, a gripe about what quality
assurance quality control is all about, or a sage observation you think
ought to be shared with the community, I urge you to compose your item
and forward for possible inclusion in a future issue of TTN-Online.
Articles should be in pure-ASCII format and should include an
authorization to print/re-print.
Best wishes,
Edward Miller
TTN-Online Publisher
Send articles to info@soft.com or to miller@soft.com
========================================================================
------------>>> TTN SUBMITTAL POLICY <<<------------
========================================================================
The TTN Online Edition is E-mailed around the 15th of each month to
subscribers worldwide. To have your event listed in an upcoming issue
E-mail a complete description and full details of your Call for Papers
or Call for Participation to "ttn@soft.com".
TTN On-Line's submittal policy is as follows:
o Submission deadlines indicated in "Calls for Papers" should provide at
least a 1-month lead time from the TTN On-Line issue date. For
example, submission deadlines for "Calls for Papers" in the January
issue of TTN On-Line would be for February and beyond.
o Length of submitted non-calendar items should not exceed 350 lines
(about four pages). Longer articles are OK and may be serialized.
o Length of submitted calendar items should not exceed 60 lines (one
page).
o Publication of submitted items is determined by Software Research,
Inc. and may be edited for style and content as necessary.
DISCLAIMER: Articles and items are the opinions of their authors or
submitters; TTN-Online disclaims any responsibility for their content.
TRADEMARKS: STW, TestWorks, CAPBAK, SMARTS, EXDIFF, Xdemo, Xvirtual,
Xflight, STW/Regression, STW/Coverage, STW/Advisor, TCAT, TCAT-PATH, T-
SCOPE and the SR logo are trademarks or registered trademarks of
Software Research, Inc. All other systems are either trademarks or
registered trademarks of their respective companies.
========================================================================
----------------->>> TTN SUBSCRIPTION INFORMATION <<<-----------------
========================================================================
To SUBSCRIBE to TTN-Online, to CANCEL a current subscription, to CHANGE
an address (a CANCEL and a SUBSCRIBE combined) or to submit or propose
an article, use the convenient Subscribe/Unsubscribe facility at
<http://www.soft.com/News/TTN-Online>. Or, send E-mail to
"ttn@soft.com" as follows:
TO SUBSCRIBE: Include in the body the phrase "subscribe {your-E-
mail-address}".
TO UNSUBSCRIBE: Include in the body the phrase "unsubscribe {your-E-
mail-address}".
TESTING TECHNIQUES NEWSLETTER
Software Research, Inc.
901 Minnesota Street
San Francisco, CA 94107 USA USA
Phone: +1 (415) 550-3020
Toll Free: +1 (800) 942-SOFT (USA Only)
FAX: +1 (415) 550-3030
E-mail: ttn@soft.com
WWW: <http://www.soft.com/News/TTN-Online>
## End ##