ASQ RD Many Faces of Software un-Reliability

The Many Faces of Software

UnReliabilityTaz Daughtrey©2011 ASQ & T. DAughtrey

Presented live on Jan 12th, 2012

http://reliabilitycalendar.org/The_Reliability_Calendar/Webinars_-_English/Webinars_-_English.html

ASQ Reliability Division English Webinar SeriesOne of the monthly webinars

on topics of interest to reliability engineers.

To view recorded webinar (available to ASQ Reliability Division members only) visit asq.org/reliability

To sign up for the free and available to anyone live webinars visit reliabilitycalendar.org and select English Webinars to find links to register for upcoming events

http://reliabilitycalendar.org/The_Reliability_Calendar/Webinars_-_English/Webinars_-_English.html

The Many Faces ofSoftware Unreliability

Taz Daughtrey

Data and Analysis Center for Software

James Madison University

© 2011 Quanterion Solutions, Inc.

The Many Faces ofSoftware Unreliability

ASQ Reliability Division WebinarJanuary 12, 2012

Defining software reliability

Measuring software reliability

Achieving software reliability

The future

Errors => Defects => Failures

The Many Faces of Software Unreliability

Defining software reliability

Reliability: does what is expected

Unreliability: doesn’t do what is expected

unavailable

compromised

unsafeincorrect

The Many Faces of Software Unreliability

Measuring software reliability

Reliability: measured in……success/failure probability

…Mean Time To Failure

Mean Time To Repair

mission failure

$ lossrisk exposure

measured in …

Risk Exposure =

Probability of occurrence

X

Consequence of occurrence

Risk Avoidance

X

Consequence of occurrence

Risk Exposure =Risk Exposure =

ProbabilityProbability of of occurrenceoccurrence

Risk Mitigation

Risk Exposure =

Probability of occurrence

X

ConsequenceConsequence of occurrence of occurrence

R O I = return

investment

R O R I = risk exposure reduction

reliability investment

Risk Avoidance costs $3 x 103

4 x 10 4 x 10 --

4 4

$4 x 103

risk exposure reduction of $104 -$4 x 103 = $6 x 103

Risk Avoidance costs $3 x 103

4 x 10 4 x 10 --

4 4

$4 x 103

risk exposure reduction of $104 -$4 x 103 = $6 x 103

Return On Risk Exposure Reduction =$6 x 103 / $3 x 103 = 2.0

Risk Mitigation costs $5 x 103

10 10 -3 -3 ProbabilityProbability of occurrence of occurrence

$3 x 106

$3 x 103

risk exposure reduction of $104 -$3 x 103 = $7 x 103

Risk Mitigation costs $5 x 103

10 10 -3 -3 ProbabilityProbability of occurrence of occurrence

$3 x 106

$3 x 103

risk exposure reduction of $104 -$3 x 103 = $7 x 103

Return On Risk Exposure Reduction =$7 x 103 / $5 x 103 = 1.4

The Many Faces of Software Unreliability

Achieving software reliability

Software Reliability Engineering

E Establish quantitative reliability targets

Construct usage profiles of operational system

Test statistically to predict system reliability

Software Reliability Estimation+

Reliability Growth Modeling

Lifecycle Software Reliability Measurements

Statistical Modeling and Estimation of Reliability Functions for Software

Set measureable targets

Design, implement

Conduct appraisals

Release? Rework?

reviews tests

stakeholder agreement operational profiles

verifiable requirements fault-tolerant design

FAULT ENCOUNTER

FAULTSOURCE

intentional

accidental

intentionalaccidental

FAULT ENCOUNTER

FAULTSOURCE

intentional

accidental

intentionalaccidental

malicious

tradeoffs

Attack + Countermeasure Tree

The Many Faces of Software Unreliability

The future of software reliability

DACS Software Reliability Initiative

= “Roadmap to Dependability”

DACS projected products:

Handbook series Software Reliability and Security Testing Software Reliability and Security Specification

Software Reliability and Security Assessment and Improvement

Training offerings Software Reliability and Security Fundamentals

+ industry-specific modules

Research support

ongoing mentoring

on-the-job application

management-sponsored projectinitial class session

follow-up sessions

The Many Faces ofSoftware Unreliability

Taz Daughtrey

[email protected]

www.thedacs.com