[ NIST Home Page ][Information
Technology Laboratory ]
[ Software and Systems Division ]
Quality Group ][ Standards
and Conformance Testing Group ][Interoperability
Projects and Activities
Software Standard Reference Material and Data
Software Error, Fault, Failure Reference Material
Software Test Standard Reference Material
Statistical Evaluation of Tools and Testing Techniques
Reference Information for Software Quality (RISQ) Facility
High Integrity Software System Assurance
Role Based Access Control on the Web
Develop tools for static and dynamic analysis of software, focused on measuring
conformance to specifications and diagnosis of the causes for deviations
from specifications. Initial efforts are static analysis tools for program
slicing and generation of paths for basis testing; and object classes for
detecting pre and post-condition violations in WWW applets.
This tool computes "slices" of C programs, where a slice is a subset of
the program that contains all lines of code that can directly or indirectly
affect the value of a particular variable at a particular point. The slicer
makes it possible to reduce the effort to debug or test a program by letting
the programmer focus only on those parts of the program that are relevant
to the computation in question.
A tool for program maintenance and modification, based on the slicer, that
makes it possible to extract slices of programs and combine them into new,
workable programs without hand coding.
Basis Path Testing is a technique for unit testing. This method involves
taking a program flowgraph and determining a basis set of test paths. A
basis set has the two following properties:
no path in the set can be constructed from a combination of other paths
in the basis set
any path through the flowgraph (not in the basis set) can be formed as
a combination of paths in the basis set.
Extension of Object-Oriented Languages
to Allow for Diagnostic Testing
This task extends programming languages to include program correctness
statements. Program correctness statements are used by programmers to assert
conditions which should be met at a given point in the program. Program
correctness statements improve program quality by providing for the immediate
notification and location of program behavior. Specifically, the task will
result in a tool that adds source code instrumentation to detect pre or
post condition violations, test assertions, trace values or error condition
diagnosis. This task is particularly useful for object-oriented languages.
QIS is a simple example of a tool resulting from this task.
Generation from Specifications
This is a set of tools which use the formal method of model checking to
automatically generate complete tests, including expected outputs, from
formal specifications. Formal methods, or methods based on mathematically
sound foundations, can be more dependable than ad hoc methods, since they
can be analyzed and properties proven. A specification mutation engine
creates test requirements, and the model checker produces test cases to
detect the mutations. Additional tools report coverage of a test set on
a specification or generate code in C or Java for the test cases.
Standard Reference Materials and Data
Standard reference materials consisting of software with known errors will
be developed for use in determining the effectiveness of test tools and
techniques. In addition, experimental designs will be developed (in cooperation
with Statistics group) to measure the effectiveness of particular software
testing or development methods.
Software Error, Fault, Failure Reference Materials:
and analysis of error, fault and failure data from industry projects. The
data will be analyzed according to published error, fault, failure taxonomies
and according to development and diagnostics methods used.
Software Test Standard Reference Materials:
The development of C programs with known errors that cover the known range
of software errors as identified in published error taxonomies. Programs
with known errors will also be developed for Java, C++ and perhaps Fortran.
Statistical Evaluation of Tools and Testing
Statistical methods of evaluating testing procedures and software development
tools and techniques will be developed. The task will examine types of
data that needs to be collected for this evaluation. Different statistical
designs and collection methods are needed depending on the software development
techniques being evaluated. Statistical and software data collection tools
for software quality evaluation are also included in this task.
Reference Information for Software Quality (RISQ)
Develop a WWW guided search capability for software reference information
that is transferrable to other domains.
High Integrity Software System Assurance
The High Integrity Software System Assurance project provides technology
to produce high integrity, affordable software for productive use. The
sophistication and cost of techniques to produce quality software are commensurate
with the need for assurance. The project focuses on guidance to establish
fundamental life cycle processes for development and maintenance of quality
computer software, and advanced assurance technology in development, evaluation,
and measurement methods to address specific problems.
Based Access Control on the Web
This project develops technical specifications, including a formal description,
of role based access control (RBAC) on the Web, as well as a prototype
implementation. The project also develops an abstract and physical test
suite to measure conformance to the RBAC model. For more information on
RBAC, see http://hissa.ncsl.nist.gov/rbac/.
Created on October 1996
Last modified May 30, 2000
Email any comments about this page to: firstname.lastname@example.org