Toward Zero Defect Programming [Paperback]

Allan M. Stavely (Author)

Book Description

Publication Date: September 24, 1998 | ISBN-10: 0201385953 | ISBN-13: 978-0201385953 | Edition: 1

* This book describes current methods for writing (nearly) bug-free programs. These methods are based on practices developed at IBM and elsewhere under the name Cleanroom Software Engineering. In a concise presentation, the author shows how to apply these methods in three key areas of software development: specification, verification, and testing. * Requiring formal specifications forces students to program more simply and more clearly, eliminating many defects as a consequence. Performing semiformal verification as part of a team process uncovers additional defects. Testing the program, to compensate for human fallibility in the preceding steps, catches (nearly) all remaining bugs. The author departs somewhat from IBM Cleanroom methods to simplify the formalism that students must learn, and to make specification and verification readily accessible to anyone who can write well-structured programs. Although the book's examples are written in several programming languages, the largest number is in C.

Editorial Reviews

From the Back Cover

Read a paper by the author describing a course taught using this book.

Toward Zero-Defect Programming describes current methods for writing (nearly) bug-free programs. These methods are based on practices developed at IBM and elsewhere under the name Cleanroom Software Engineering. The successful application of these methods in commercial projects over the past fifteen years has produced defect rates that are, at least, an order of magnitude lower than industry averages. Remarkably, this reduction in defects comes at no net cost; on the contrary, it is often accompanied by increased productivity and shorter overall development time!

In a concise and well-illustrated presentation, Stavely shows how these methods can be applied in three key areas of software development:

1. specification
2. verification
3. testing.

Requiring formal specifications, and requiring that the code be proved mathematically to agree with the specifications, forces software engineers to program more simply and more clearly, eliminating many defects as a consequence. Performing verification as part of a team process uncovers additional defects and encourages careful examination of the program for efficiency and other quality aspects. Testing the program, to compensate for human fallibility in the preceding steps, catches (nearly) all remaining bugs.

Highlights

• Explains Cleanroom methods for developing high-quality software.
• Encourages a team process for program verification.
• Illustrates the importance of incremental development.

The author departs somewhat from IBM Cleanroom methods in simplifying the procedures that readers must learn. His aim is to make specification and verification readily accessible to any student or practitioner who can write well-structured programs. No great mathematical sophistication is assumed. Although the book’s examples are written in a number of programming languages to explain different points, the largest number are in C; therefore, a prior knowledge of C is useful.

About the Author

Allan M. Stavely was a faculty member in the Computer Science Department at New Mexico Tech for more than twenty years. He has also been a visiting staff member at IBM Research in San Jose, California; at Hewlett-Packard Labs in Bristol, England; and at IBM UK Laboratories at Hursley Park, Winchester, England. Much of his teaching, and most of his research, have focused on software engineering, formal methods, and improved methods of programming in general. Dr. Stavely is now an independent consultant, and can be reached at astavely@acm.org; he has web pages at http://www.nmt.edu/~astavely.

0201385953AB05072001

See all Editorial Reviews

Product Details

• Paperback: 256 pages
• Publisher: Addison-Wesley Professional; 1 edition (September 24, 1998)
• Language: English
• ISBN-10: 0201385953
• ISBN-13: 978-0201385953
• Product Dimensions: 9.2 x 6.3 x 0.6 inches
• Shipping Weight: 14.7 ounces (View shipping rates and policies)
• Average Customer Review: 4.7 out of 5 stars  See all reviews (3 customer reviews)
• Amazon Best Sellers Rank: #625,930 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

9 of 10 people found the following review helpful:

5.0 out of 5 stars Cleanroom method---distilled!, January 19, 2000

By 

Sean Kelly "Consultant" (Dallas, TX USA) - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: Toward Zero Defect Programming (Paperback)

Dr. Allan Stavely has done for the Cleanroom Software Engineering method what Martin Fowler did for the Unified Modeling Language in his book "UML Distilled." He's analyzed the best and most useful parts of the Cleanroom method and found a great way to present them. After reading this book, you'll be controlling defect rates and shortening development times on your own software projects.

For those not in the know, the Cleanroom method is a set of practices pioneered by the late Harlan Mills. The idea is to use some simplified mathematical formalism along with group verifications. The result? You shift time away from hack-and-slash debugging towards review. Often, the entire start-to-finish development time is shortened.

With object-oriented languages and template instantiation times, this is a really good thing: the compile-debug-test cycle is far too painful and too slow to support today's shortened deadlines.

The key to Cleanroom is that the mathematical formalism is simplified and "just enough." Stavely demonstrates the typical structures found in programs and shows how intended function statements (the math part) are used in the group review (the verification part) to discover defects in the code. Later, a testing group exercises the paths through the code that users are most likely to take, giving statistical metrics on mean-time to failure and feedback into the quality of the method's practice.

Stavely's conversational writing style makes grasping the material efficient. Each chapter focus on just one aspect of the method, and exercises at the end test how well you grasped the material. Although Stavely includes hints to the answers for selected questions, I would've preferred complete answers to all the questions. That'd make the book more useful outside of a classroom setting.

Transcripts of review sessions show how the method succeeds in the group review. Although hypothetical, Stavely based them on actual review sessions taken by his coworkers and students over the years. They help guide newcomers to the method on how to conduct the verification step.

Overall, this is a great introduction to the Cleanroom method and after finishing the book you'll be able to introduce it to your own group in no time. Buy a copy for everyone on your team!

7 of 9 people found the following review helpful:

5.0 out of 5 stars Excellent, February 9, 1999

By A Customer

This review is from: Toward Zero Defect Programming (Paperback)

This book is a clear, practical introduction to the Cleanroom method. Though designed as a textbook, it is also suitable for professionals.

It includes a useful bibliography, with suggestions at the end of the chapters for further reading. The final chapter sketches some areas not covered, giving references.

There are some areas intentionally omitted or only sketched, though references are provided. These include: (1) using "black boxes, state boxes, and clear boxes" for top-down development. (2) introducing Cleanroom methods in an organization (3) organizing a Cleanroom team.

Mathematically, the book is very easy going. For example, some methods which, technically, would require proof are not proved. Those of us who easily digest such details can readily fill in gaps, while others are probably happy to be spared.

The book provided an unusually high return of useful content per unit time invested in reading it, and as such I recommend it highly.

1 of 2 people found the following review helpful:

4.0 out of 5 stars Laudable goal, useful thoughts, November 20, 2009

By 

Jay P. Vansanten - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: Toward Zero Defect Programming (Paperback)

Minimizing defects when writing software is a goal that all programmers seek. Typically, a programmer will reflect and develop strategies after the "heat of the battle." Books that provide a systematic approach to a particular aspect -- that of logical correctness -- are not that common -- particularly those directed towards programmers rather than academicians -- so any addition to the literature is welcomed.

Before reading this book, I was unfamiliar with either Cleanroom Software Engineering or Harlan Mills, who is credited with conceiving the method. It was developed by IBM in the 70s, and adopted more widely in the company in the 80s. Since that time, its influence has spread beyond IBM.

In my reading, the heart of the method is a logical formalism which represents the operation and flow of a program in a language-neutral fashion. This is described straightforwardly in the text, and other aspects of the software development process are described from the CSE point of view.

For the programmer, this approach most basically moves the focus from "what am I doing" to "how am I doing it." Considerations of logical branching and set completeness of operations come to the fore through this analysis. This is an essential step in moving from a coder to a programmer. In a team setting, this provides a "style neutral" approach to identifying the logical structure of each member's program contribution.

I feel somewhat about this formalism they way I felt about flow charts in college. The concept is good. The visual provided by flow charts is helpful as a training approach. But, the formalism simply replicates the logic of the application.

At the same time, well-constructed code with well-chosen function and variable names can pretty much emulate the symbolic representation of CSE. So, I'd go a step further and suggest that one simply model one's coding style on the formalism. That avoids the double work and duplication of the program logic.