Browse Books

Reviewer: Paul W. Abrahams

In producing a working program that meets a set of requirements, defect removal inevitably is a large part, if not the largest part, of the job. In Software defect removal, Dunn provides a comprehensive, soup-to-nuts (or requirements- to-maintenance) collection of advice on how to prevent and remove defects — that is, bugs — in software. A theme that occurs throughout the book is the importance of getting the bugs out early, since it is far less expensive to remove a bug at the requirements stage than it is to remove the same bug when the progam is under test. The book is divided into four parts: (1) Introduction, (2) Statis Methods, (3) Dynamic Methods, and (4) Operational Phase. The Introduction, in addition to giving an overview of the book describes a number of currently popular development methodologies and relates them to defect removal. The better the quality of a program, the fewer defects it is likely to have and the easier it is to remove those defects that it does have. In addition, a good methodology lens itself to systematic checking and to traceability — that is, to relating requirements to design, and design to code, in such a way that each specification level can be related systematically to its predecessor. Static methods are those that can be applied to a program without actually running it. They include reviews of requirements, design, and code, as well as static analysis tools that can be mechanically applied to programs. I found the discussion of static analysis to be particularly good. Proofs of correctness are also treated within the discussio of static methods. Dynamic methods are those that involve running the program. These include glass box testing, based on the structure of the unit under test, and black box testing, in which only the external requirements of the unit under test are considered. In this part of the book, the author also discusses useful statistics that can be collected as part of the testing process, in the hope of isolating failure-prone modules and predicting the likelihood of failures in the future. The final portio of the book, on the operational phase, is concerned with what happens when a program is finally put to use in its intended environment. Maintenance and modification has its own peculiar difficulties, intensified by the fact that maintenance programmers usually work with fewer tools and less knowledge than development programmers. During maintenance and modification, it is particularly important to keep different parts of a program, including the test cases, properly coordinated. Here lies the role of configuration control. The author of this book is Manager of Programming Quality at the ITT Advanced Technology Center, and he clearly brings a wealth of personal experience to this book. Unfortunately, he sometimes falls into the assumption that all the world is like ITT, where programs which are millions of lines long are produced by hundreds of programmers, aided and abetted by groups such as Software Test and Quality Assurance, and the customer is usually the Federal Government. Defect removal is as important in programming in the small as it is in programming in the large, and different methods of quality control are appropriate in different environments. A few aspects of this book left me feeling less than satisfied. Some of the techniques that Dunn discusses are more practical than others, but he does not sufficiently emphasize the distinction. He treats proofs of correctness as though they are as readily applicable and as much a part of industrial practice as design walkthrughs. His discussion of symbolic execution fails to indicate what sorts of programs it applied to. The discussion of developent methodologies emphasizes procedural abstraction over data abstraction, and thus does not place enough emphasis on how to develop appropriate data structures. Some of the defect removal methods discussed in the book do ot seem to apply too well to compilers, particularly the testing methods; it is difficult to test the back parts of a compiler in isolation because they can only be driven effectively by the front parts. In summary, this is a well-written, well-organized, technically sound, and interesting book that collects a lot of useful information about defect removal in a single place. It does suffer, however, from a failure to acknowledge its implicit assumptions about the kinds of programs being written and from insufficient distinction between methods currently in practice and methods that are still academic. Also, most of Dunn's ideas are conventional wisdom; I found few startling insights that would lead me to different ways of thinking about defects in software.