Verification and Validation

Group 2
Group members
●
Panashe Mushinyi H180534V
●
Mangudya ngonidzashe H180202M
●
Munyaradzi mberi H180331A
●
Gavin Mlambo H180538M
●
Mungundungundu George H180471E
 Objectives
● To introduce software verification and validation and
to discuss the distinction between them
● To describe the program inspection process and its
role in V & V
● To explain static analysis as a verification technique
 Topics covered
● Verification and validation planning
● Software inspections
● Automated static analysis
 Verification vs validation
● Verification:
"Are we building the product right”.
● The software should conform to its
specification.
● Validation:
"Are we building the right product”.
● The software should do what the user really
requires.
 The V & V process
● Is a whole life-cycle process - V & V must be
applied at each stage in the software
process.
● Has two principal objectives
• The discovery of defects in a system;
• The assessment of whether or not the system is
useful and useable in an operational situation.
 V& V goals
● Verification and validation should establish
confidence that the software is fit for
purpose.
● This does NOT mean completely free of
defects.
● Rather, it must be good enough for its
intended use and the type of use will
determine the degree of confidence that is
needed.
 V & V confidence
● Depends on system’s purpose, user
expectations and marketing environment
• Software function
• The level of confidence depends on how critical the
software is to an organisation.
• User expectations
• Users may have low expectations of certain kinds of
software.
• Marketing environment
• Getting a product to market early may be more
important than finding defects in the program.
 Static and dynamic verification

● Software inspections. Concerned with analysis of

the static system representation to discover
problems (static verification)
• May be supplement by tool-based document and code
analysis
● Software testing. Concerned with exercising and
observing product behaviour (dynamic verification)
• The system is executed with test data and its operational
behaviour is observed
Static and dynamic V&V
The debugging process
 V & V planning
● Careful planning is required to get the most
out of testing and inspection processes.
● Planning should start early in the
development process.
● The plan should identify the balance
between static verification and testing.
● Test planning is about defining standards for
the testing process rather than describing
product tests.
The V-model of development
 Software inspections
● These involve people examining the source
representation with the aim of discovering anomalies
and defects.
● Inspections not require execution of a system so
may be used before implementation.
● They may be applied to any representation of the
system (requirements, design,configuration data,
test data, etc.).
● They have been shown to be an effective technique
for discovering program errors.
 Inspection success
● Many different defects may be discovered in
a single inspection. In testing, one defect
,may mask another so several executions
are required.
● The reuse domain and programming
knowledge so reviewers are likely to have
seen the types of error that commonly arise.
 Inspections and testing
● Inspections and testing are complementary and not
opposing verification techniques.
● Both should be used during the V & V process.
● Inspections can check conformance with a
specification but not conformance with the
customer’s real requirements.
● Inspections cannot check non-functional
characteristics such as performance, usability, etc.
 Program inspections
● Formalised approach to document reviews
● Intended explicitly for defect detection (not
correction).
● Defects may be logical errors, anomalies in
the code that might indicate an erroneous
condition (e.g. an uninitialised variable) or
non-compliance with standards.
 Inspection pre-conditions
● A precise specification must be available.
● Team members must be familiar with the
organisation standards.
● Syntactically correct code or other system
representations must be available.
● An error checklist should be prepared.
● Management must accept that inspection will
increase costs early in the software process.
● Management should not use inspections for staff
appraisal ie finding out who makes mistakes.
The inspection process
 Inspection procedure
● System overview presented to inspection
team.
● Code and associated documents are
distributed to inspection team in advance.
● Inspection takes place and discovered errors
are noted.
● Modifications are made to repair discovered
errors.
● Re-inspection may or may not be required.
 Inspection roles

Author or owner The programmeror designerresponsible for

producing the program or document. Responsible
for fixing defects discovered during the inspection
process.
Inspector Finds errors, omissions and inconsistencies in
programsand documents.May also identify
broader issues that are outside the scope of the
inspection team.
Reader Presents the code or document at an inspection
meeting.
Scribe Records the results of the inspection meeting.
Chairman or moderator
Manages the process and facilitates the inspection.
Reports process results to the Chief moderator.
Chief moderator Responsible for inspection process improvements,
checklist updating, standards development etc.
 Automated static analysis
● Static analysers are software tools for source
text processing.
● They parse the program text and try to
discover potentially erroneous conditions and
bring these to the attention of the V & V
team.
● They are very effective as an aid to
inspections - they are a supplement to but
not a replacement for inspections.
 Stages of static analysis
● Control flow analysis. Checks for loops with
multiple exit or entry points, finds unreachable
code, etc.
● Data use analysis. Detects uninitialised
variables, variables written twice without an
intervening assignment, variables which are
declared but never used, etc.
● Interface analysis. Checks the consistency of
routine and procedure declarations and their
use
 Stages of static analysis
● Information flow analysis. Identifies the
dependencies of output variables. Does not
detect anomalies itself but highlights
information for code inspection or review
● Path analysis. Identifies paths through the
program and sets out the statements
executed in that path. Again, potentially
useful in the review process
● Both these stages generate vast amounts of
information. They must be used with care.
 Use of static analysis
● Particularly valuable when a language such
as C is used which has weak typing and
hence many errors are undetected by the
compiler,
● Less cost-effective for languages like Java
that have strong type checking and can
therefore detect many errors during
compilation.
Verification and formal methods
● Formal methods can be used when a
mathematical specification of the system is
produced.
● They are the ultimate static verification
technique.
● They involve detailed mathematical analysis
of the specification and may develop formal
arguments that a program conforms to its
mathematical specification.
Arguments for formal methods
● Producing a mathematical specification
requires a detailed analysis of the
requirements and this is likely to uncover
errors.
● They can detect implementation errors
before testing when the program is analysed
alongside the specification.
Arguments against formal methods

● Require specialised notations that cannot be

understood by domain experts.
● Very expensive to develop a specification
and even more expensive to show that a
program meets that specification.
● It may be possible to reach the same level of
confidence in a program more cheaply using
other V & V techniques.