a course given by an old friend Inspecting Critical Software, a course by David Parnas

[David Farber <farber () central cis upenn edu>]

Date: Tue, 26 Apr 94 20:43:34 EDT
From: arsenau () mcmail cis mcmaster ca
Subject: Inspecting Critical Software, a course by David Parnas


  Inspecting Critical Software: An Intensive 3-day Course offered by
  The Faculty of Engineering, McMaster University, Hamilton, Ontario, Canada


  Taught by Prof. David Lorge Parnas, with the support of TRIO


  June 7, 8, 9, 1994


1.  Background


    Software is critical to the operation of modern companies and is
frequently a key component of modern products.  Some pieces of software
are particularly critical; if they are not correct, the system will have
serious failures.  Standard methods of software inspection are not
systematic. This course teaches a procedure for software inspection that
is based on a sound mathematical model and can be carried out
systematically by large groups.
    The software inspection procedure combines methods used at IBM, work
originally done at the U.S. Naval Reserve Laboratory for the A-7E
aircraft, and procedures applied to the inspection of software at the
Darlington Nuclear Power Generating Station.  The method has been refined
and enhanced by the Software Engineering Research Group at McMaster
University's Communication Research Laboratory.  It can be applied to
software written in any imperative programming language.


2.  What Will Participants Learn?


    Participants in the course should return to their workplace with an
understanding of the way that mathematics can be used to document and
analyze programs.  They will also return with documentation of a piece of
their employer's code that can be used to explain the work to others.


3.  Programme


Day 1  Predicate Logic and Program-Functions/Relations


1)  Overview and Case Study
    A discussion of previous applications of the method.
2)  Predicate Logic
    The inspection method is based on predicate logic, which will be
    reviewed in this section.
3)  Tabular Expressions
    This session will be devoted to the writing of readable
    predicates using two-dimensional notations rather than classical
    one-dimensional expressions.  There will be numerous examples.
    Participants will be taught to read and write tabular expressions.
4)  Describing Program Function
    This session will be devoted to writing program descriptions
    using predicates and tables.


Day 2  Inspection of Dijkstra's Dutch National Flag Program


    Participants will be given a copy of E.W. Dijkstra's explanation of a
program along with several sample programs.  They will be asked to apply
the inspection method and approve or reject each program.  The instructor
and some assistants will be available as consultants during this process.


Day 3  Morning:  Inspection of a "Real" Program


    Working in small groups, the participants will take a section of a
program from their company and inspect it using the method learned so
far, producing documentation as they go.  Day 3 Afternoon: Report on the
Inspection Results, Discussion of Testing
    The first part of the afternoon will be devoted to a series of
reports by the participants on the results of their efforts in the
morning.  The remainder of the afternoon will be devoted to a discussion
of the interaction between testing and inspection.  We treat testing, not
as an alternative to inspection, but as complementary to inspection.  We
discuss the way that the documentation produced in the inspection process
can be used in the testing process.


4.  Learning By Doing


    The course is language-independent.  In fact, on the third day,
participants will inspect code written in any language that they use in
the workplace.  This course presents an approach to active design reviews
that has the reviewers writing precise documentation about the program
and explaining their documentation to an audience of other reviewers.  A
significant part of each day will be spent using the ideas that have been
presented to determine whether or not programs do what they are supposed
to do.  On the last day, participants will inspect a small program that
they brought with them from their company.  Participants should leave the
course with improved ability to inspect software.


5.  Who Should Attend?


    Participants should be experienced programmers and not afraid of
learning a little mathematics.  The mathematical basis for the method is
classical and takes up only a few hours in the course.  However, it is
fundamental to understanding the method.  It is expected that the
participants will be used to reading code written by others and it will
be helpful if they can read Pascal.


6.  What Should You Bring With You?


    For the exercise on the third day, each participant should bring a
small program, perhaps 50 lines that are critical to some project.  It
need not be "mature" code, but it should compile and have survived some
testing or use.  If there are several participants from the same company,
they may work in small groups on slightly larger programs.  You may want
to bring a reference manual and some conventional documentation about the
program with you.  It will help if one of the participants is familiar
with the program.


7.  The Instructor


    The course will be taught by Prof. David L. Parnas, an
internationally recognized expert on Software Engineering.  Dr.  Parnas
initiated and led the U.S. Navy's Software Cost Reduction Project, where
the tabular notation was first used, advised the AECB on the use of these
methods at Darlington, worked with IBM's Federal Systems Division, leads
the Software Engineering Research Group at McMaster University and is a
Project Leader for the Telecommunications Research Institute of Ontario.


Information about costs, registration, etc. can be obtained from:
Jan Arsenault, Faculty of Engineering,
JHE-201A, McMaster University,
1280 Main Street West,
Hamilton, ON, Canada, L8S 4L7.


Telephone: 905 525 9140 x 24910
email: arsenau () mcmail cis mcmaster ca