This paper defines exception conditions, discusses the requirements exception handling language features must satisfy, and proposes some new language features for dealing with exceptions in an orderly and reliable way. The proposed language features serve to highlight exception handling issues by showing how deficiencies in current approaches can be… (More)
In this paper, we define what exception conditions are, discuss the requirements exception handling language features must satisfy, survey and analyze existing approaches to exception handling, and propose some new language features for dealing with exceptions in an orderly and reliable way. Our objective is not solely to put forward a language proposal. It… (More)
This paper examines the theoretical and practical role of testing in software development. We prove a fundamental theorem showing that properly structured tests are capable of demonstrating the absence of errors in a program. The theorem's proof hinges on our definition of test reliability and validity, but its practical utility hinges on being able to show… (More)
Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense. This material has been approved for public release and unlimited distribution except as restricted below. Internal use:* Permission to reproduce this material and… (More)
The basis for assessing the validity of an assurance case is an active area of study. In this paper, we discuss how to assess confidence in a case by considering the doubts eliminated by the claims and evidence in a case. This is an application of eliminative induction and the notion of Baconian probability as put forward by L. Jonathan Cohen.
The ideas and findings in this report should not be construed as an official DoD position. It is published in the interest of scientific and technical information exchange. Use of any trademarks in this report is not intended in any way to infringe on the rights of the trademark holder. Internal use. Permission to reproduce this document and to prepare… (More)
There is growing interest in using a structure of claims, arguments, and evidence to explain why all critical software hazards have been eliminated or adequately mitigated in mission critical and safety-critical systems. Such a structure has been called a dependability case, an assurance case, or a (goal-structured) safety case. Dependability cases are… (More)
Use of any trademarks in this report is not intended in any way to infringe on the rights of the trademark holder. Internal use. Permission to reproduce this document and to prepare derivative works from this document for internal use is granted, provided the copyright and " No Warranty " statements are included with all reproductions and derivative works.… (More)