Re: N-version software compared to others

From:         koopman@cs.cmu.edu (Phil Koopman)
Organization: Carnegie Mellon University, EDRC
Date:         10 Jul 96 12:47:15 
References:   1 2 3 4
Next article
View raw article
  or MIME structure


P.G.Hamer@nortel.co.uk (Peter Hamer) wrote:
>If the weak-link in N-version programming is the fact that the requirement
>is ambiguous and difficult to understand, surely the same holds true for
>formal methods? The formalization of the requirements might be internally
>water-tight, but its chances a of capturing the intentions of a large and
>complex informal spec are questionable.

I have found that there's nothing like executability in a design (or
specification) to make people think about all the little stuff that
falls through the cracks otherwise -- an increase in watertightness.
BUT, does this mean we need N-version specifications?  And what of the
design document for the executable specification?  And what about the
compilers for the specification language?

>I'm not arguing against formal methods, just saying that a system
>development path using them shares some of the failure mechanisms
>of more traditional system development paths. Finding out what
>the user needs [ie should have asked for] remains a hard problem.

Absolutely.  And, in fact, sometimes even finding out who the *real*
users/stakeholders are is an interesting problem.  And, when there are
multiple stakeholders you will often find that their requirements
conflict.

-- Phil


Phil Koopman -- koopman@cs.cmu.edu -- http://www.cs.cmu.edu/~koopman