“The situation is good, but not hopeless” (Polish folk wisdom) The text is devoted to the Software Analysis and Testing (SAT) methods and s- porting tools for assessing and, if possible, improving software quality, specifically its correctness. The term quality assurance is avoided for it is this author’s firm belief that in the current state of the art that goal is unattainable, a plethora of “gu- anteed” solutions to the problem notwithstanding. Therefore, the rather awkward phrase “improving correctness” is to be understood as an effort to minimize the number of residual programming faults (“bugs”) and their impact on the software’s behavior, that is, to make the faults tolerable. It is clear that such a minimalist approach is a result of frustration. Indeed, having spent years developing software and teaching (preaching?) “How to do it right,” I still do not know how to go about it with any degree of certainty! It appears then I probably should stop right now, for who with a modicum of common sense would reach for a text that does not offer salvation but (as will be seen) hard work and misery? If I intend to continue, it is only that I suspect there are many professionals out there who have similar doubts. And they are the intended audience of this project. The philosophical underpinning of the text is the importance of sound engine- ing practices in software development.
This book advocates the integrated and tool supported use of all available verification methods to improve software correctness. The following major software verification techniques and their supporting tools, based on sound mathematical models, are discussed:
• Correctness by construction, using the Vienna Development Method-Specification Language (VDM-SL) and its supporting CSK’s Toolbox.
• Static program analysis supported by the PRAXIS’ SPARK toolset and SofTools’ System for Testing And Debugging (STAD 4.0).
• Program proving supported by SPARK.
• Dynamic program analysis supported by STAD.
VDM-SL Toolbox and SPARK illustrate, respectively, the correctness by construction and program proving paradigms. The author demonstrates that while both methods are powerful, errors are inevitable and detecting these may be more difficult than in the case of an informally developed program. Consequently, error detection must be an integral part of the entire life cycle of a programming project. Black-Box (specification based) and Structural (code based) testing are covered and supported by STAD (including 5 testing criteria). STAD also features a quite powerful descriptive and proscriptive static analysis.
Software engineers, students and computer scientists will find that the book provides the reader with a comprehensive understanding of software verification issues. STAD’s outputs allow the user to implement and test their own ideas.
The most recent version of STAD can be downloaded from http://www.stadtools.com.
