Link to the Home Page of The National Institute of Standards and Technology  

Software Quality Group
 

[ NIST Home Page ][Information Technology Laboratory ]
[ Software and Systems Division ]
[ Software Quality Group ][ Standards and Conformance Testing Group ][Interoperability Group ]

Projects and Activities

Contents:

  • Software Standard Reference Material and Data
  • Software Error, Fault, Failure Reference Material
  • Software Test Standard Reference Material
  • Statistical Evaluation of Tools and Testing Techniques
  • Reference Information for Software Quality (RISQ) Facility
  • High Integrity Software System Assurance
  • Role Based Access Control on the Web

    • green dotSoftware Analysis Tools
    Develop tools for static and dynamic analysis of software, focused on measuring conformance to specifications and diagnosis of the causes for deviations from specifications. Initial efforts are static analysis tools for program slicing and generation of paths for basis testing; and object classes for detecting pre and post-condition violations in WWW applets.
    Unravel Program Slicer
    This tool computes "slices" of C programs, where a slice is a subset of the program that contains all lines of code that can directly or indirectly affect the value of a particular variable at a particular point. The slicer makes it possible to reduce the effort to debug or test a program by letting the programmer focus only on those parts of the program that are relevant to the computation in question.
    Surgeon's Assistant
    A tool for program maintenance and modification, based on the slicer, that makes it possible to extract slices of programs and combine them into new, workable programs without hand coding.
    Basis Path Testing
    Basis Path Testing is a technique for unit testing. This method involves taking a program flowgraph and determining a basis set of test paths. A basis set has the two following properties:
    Extension of Object-Oriented Languages to Allow for Diagnostic Testing
    This task extends programming languages to include program correctness statements. Program correctness statements are used by programmers to assert conditions which should be met at a given point in the program. Program correctness statements improve program quality by providing for the immediate notification and location of program behavior. Specifically, the task will result in a tool that adds source code instrumentation to detect pre or post condition violations, test assertions, trace values or error condition diagnosis. This task is particularly useful for object-oriented languages. Java QIS is a simple example of a tool resulting from this task.
    Test Generation from Specifications
    This is a set of tools which use the formal method of model checking to automatically generate complete tests, including expected outputs, from formal specifications. Formal methods, or methods based on mathematically sound foundations, can be more dependable than ad hoc methods, since they can be analyzed and properties proven. A specification mutation engine creates test requirements, and the model checker produces test cases to detect the mutations. Additional tools report coverage of a test set on a specification or generate code in C or Java for the test cases.
    green dotSoftware Standard Reference Materials and Data
    Standard reference materials consisting of software with known errors will be developed for use in determining the effectiveness of test tools and techniques. In addition, experimental designs will be developed (in cooperation with Statistics group) to measure the effectiveness of particular software testing or development methods.
    Software Error, Fault, Failure Reference Materials:
    The collection and analysis of error, fault and failure data from industry projects. The data will be analyzed according to published error, fault, failure taxonomies and according to development and diagnostics methods used.
    Software Test Standard Reference Materials:
    The development of C programs with known errors that cover the known range of software errors as identified in published error taxonomies. Programs with known errors will also be developed for Java, C++ and perhaps Fortran.
    Statistical Evaluation of Tools and Testing Techniques:
    Statistical methods of evaluating testing procedures and software development tools and techniques will be developed. The task will examine types of data that needs to be collected for this evaluation. Different statistical designs and collection methods are needed depending on the software development techniques being evaluated. Statistical and software data collection tools for software quality evaluation are also included in this task.
    Reference Information for Software Quality (RISQ) Facility:
    Develop a WWW guided search capability for software reference information that is transferrable to other domains.
    green dot High Integrity Software System Assurance
    The High Integrity Software System Assurance project provides technology to produce high integrity, affordable software for productive use. The sophistication and cost of techniques to produce quality software are commensurate with the need for assurance. The project focuses on guidance to establish fundamental life cycle processes for development and maintenance of quality computer software, and advanced assurance technology in development, evaluation, and measurement methods to address specific problems.
    green dotRole Based Access Control on the Web
    This project develops technical specifications, including a formal description, of role based access control (RBAC) on the Web, as well as a prototype implementation. The project also develops an abstract and physical test suite to measure conformance to the RBAC model. For more information on RBAC, see http://hissa.ncsl.nist.gov/rbac/.

     

    Created on October 1996
    Last modified May 30,  2000
     

    Email any comments about this page to: candy.leatherman@nist.gov