12-19-2007
| #21 (permalink) | |
 Questioning | Re: Software Risk Analysis So where are we going with all this? Lets say a perfect software risk algorithm is created and we can assign nice neat scores to each module. If we discover high risk modules, what will be done with them?
Knowing what will be done about it can help reverse engineer and tune what is trying to be scored and how. ---------------- Point: Making the simple complicated is commonplace; making the complicated simple, awesomely simple, that's creativity. ~ Charles Mingus  Counter Point: The simplest solutions are often the cleverest. They are also usually wrong. | |
 | ||
|
12-20-2007
| #22 (permalink) | ||
 Explaining | Re: Software Risk Analysis Quote:
At the moment the shuttle has been grounded because of a faulty fuel guage that shows empty when it's nearly full. NASA knows that the fuel tank is nearly full because they have put so much fuel in without it leaking out but the guage disagrees. The temperature environment in the tank changed when the fuel started to be added. This probably has something to do with the problem. This type of problem goes beyond software risk analysis and the solution is a holistic combination of all the factors that directly contribute to the problem, before the problem develops (i.e. environment, function, operation etc). I think this is what Pyro is after, a generic early warning system for human intervention if the software stuffs up by going to or past its boundaries, because if it knew it was stuffing up it could fix the problem itself without any intervention from anybody (which is ideal but not realistic due to the nature of the problem(s)). | ||
| | |||
|
12-20-2007
| #23 (permalink) | ||
 Resident USSRian        | Re: Software Risk Analysis Hi, back from a mini-leaveation ( leavation - a leave in a vacation sense, only where you didnt really go anywhere, and were working the entire time) Quote:
 Ok, so thoughts as to how you can do Software Risk Analysis... Firstly i need to tell you that it is not something that can have concrete mathematics, nothing like probablility, although some math may be needed. In all reality this one of the topics i could write a thesis on, and although i dont know it very extremely well, i already have lots and lots of thoughts as to what factors should contribute... so thoughs: First of all, just how do you quantify software risk? It is a highly complex set of factors, and many a things need to be looked at before you can begin... Remember some of these pertain to an organization, so if you are auditing some software for somebody else, you may or may not apply some of the points below. Application - what the apllication for the software is, what kinds of data it holds, what kinds of settings there are, permissions, so forth... (on a scale of pointless data to high risk stuff) People - Who is responsible for the software, who has the ability to change data, who has the ability to view data, who has the ability to add data, within all those factors a person using this software may be the biggest determining factor for software risk... (more people, more chance of a mishap) Importance - related to application, importance is more towards the line of, what will happen if a part or parts of this software stop functioning, how damaging would it be to a business. For example, if the software stops displaying data, would it hinder the performance of a business using it, if so what amount of hinderance are we talking here? remember consider short-term and long-term cases... what if there is a miscalcualtion in the output... all that stuff. (a combination of numbers and verbal assessment is here) Software security - yes you need to look at this, if you are a high class pro, you should assess how secure the software is, if you are not, look at the regularity of fixes administered, try to find patterns in them. Best yet try to find patterns in fixes, and do your own assessment, various ways to do so, it's best to try a few, like fuzzing... (on a level of not secure to secure) Costs - for every question under importance, what would be the worst-case cost of anything happening in that category, factor in the code and software security sections. Also remember that time is also a cost, possibility of a lawsuit is another one. (you can get solid numbers out of this) Data Security - determine where the data is stored, how it is stored, if its backed up, people that have access to those places, and determine the probability of data loss, including hardware security, including natural processes, fire, thunderstorms, etc... (for some of this, you can do hard statistical analysis with complex math )look at this too Software Metrics Program for Risk Assessment and lastly this Software Risk Assessment both of the links have some interesting info, some of it will repeat me, some of it will be new... i hope some of my thoughts dont sound too crazy  ---------------- And remember that great question that Pierre-Simon Laplace and Sir Isaac Newton, Andrei Markov and David Hilbert, Richard Feynman and Enrico Fermi, Albert Einstein and Edmund Halley did not come to ask throughout all of their dedication and work: "Who the hell is IMing me?"  This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 License.  | ||
| | |||
|
12-20-2007
| #24 (permalink) | |
 Slaying Bad Memes    | Re: Software Risk Analysis No, it doesn't sound crazy at all. However, not all of it applies to my situation. Risk from hackers/crackers & vandalism is not an issue here. Analyzing the risk (probability) that a piece of software will "fail" in some way, leading to disaster ("crash!") is a very difficult problem that has been addressed only in limited cases. One way of doing this is by Bayesian Updates. This can be summarized by the question, "Given that the probability of failure was initially F1, what is the probability of failure now (F2), now that the software has been used X times without a failure?" --optionally-- "...now that the software has been used X times and it has only failed Z times?" In certain very constrained cases, where there is a mammoth body of real-world experience with the software, this is a successful approach. You start off by showing that after integration testing, 5 lethal bugs were found, and we estimate (loosely) from this that the risk of disaster is 1 / 200. After 1,000 actual runs of the software, we have 1 disaster. We do the math, and this yields a new risk of disaster is now 1 / 465. After another 1,000 actual runs, with no disasters, the math yields an updated risk of 1 / 970. And so on, and so on. Presumably, the longer this goes on, the more accurate the updated risk probability is. But with avionics software, say, like the stuff in the Shuttle, you just cannot run it often enough to generate the kind of disaster data you need. Real-world execution of software in a challenging environment (guiding a jet with terrain surveillance radar, or guiding a re-entry vehicle into the atmosphere, for example--where "disaster" means Loss of Vehicle) operates in rapid interface with a highly dynamic environment, which cannot be totally predicted. The volume of input parameters attempts to model the external environment and vehicle state, but never can completely. What if the software is asked to handle 2 boundary problems ("edge of the model") at the same time? How rare an occurrence is that? Testing HW essentially performs a massively parallel set of tests on every atom, molecule and component simultaneously--until one of them breaks. Testing SW is essentially a sequential process, testing each one of the millions of paths one at a time. A small compiler or command-and-control module could potentially have 10^15 paths. Or 10^20. Combinatorics make exhaustive testing impossible. What if there is a pure math approach similar to Bayesian Update or Weibull Analysis that can take a body of code, analyze it for complexity (path density), and then use historic information to calculate the probable number of bugs still in there undetected? Hmmmmmm, he said.  ---------------- Hypography Forums Moderator -- - - - - - What concerns me is not the way things are, but rather the way people think things are. Epictetus, Greek Philosopher The map is NOT the territory. Korzybski, Polish-American Philosopher | |
| | ||
|
12-20-2007
| #25 (permalink) | ||
| Resident USSRian | Re: Software Risk Analysis Quote:
---------------- And remember that great question that Pierre-Simon Laplace and Sir Isaac Newton, Andrei Markov and David Hilbert, Richard Feynman and Enrico Fermi, Albert Einstein and Edmund Halley did not come to ask throughout all of their dedication and work: "Who the hell is IMing me?" This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 License. | ||
| | |||
|
12-20-2007
| #26 (permalink) | ||
| Questioning | Re: Software Risk Analysis Quote:
But it can never hurt to be too careful. It only costs you time and resources. ---------------- Point: Making the simple complicated is commonplace; making the complicated simple, awesomely simple, that's creativity. ~ Charles Mingus Counter Point: The simplest solutions are often the cleverest. They are also usually wrong. | ||
| | |||
|
12-20-2007
| #27 (permalink) | ||
| Questioning | Re: Software Risk Analysis Quote:
 Using something like a Rete Network, the system can know which specific rules are eligible to fire (R1, R2, R3 etc) when an alpha variable is changed by a rule or a beta variable is changed by an external source such as an interrupt or I/O, instead of having to reevaluate the entire system. The trick here would be how to treat modules of code like rules in an inference engine. Basically if there is a mapping between what variables a module can modify vs which variables are inputs to a module, then you know the dependencies. ---------------- Point: Making the simple complicated is commonplace; making the complicated simple, awesomely simple, that's creativity. ~ Charles Mingus Counter Point: The simplest solutions are often the cleverest. They are also usually wrong. | ||
| | |||
|
12-21-2007
| #28 (permalink) | |||
| Explaining | Re: Software Risk Analysis Quote:
Quote:
| |||
| | ||||
|
12-22-2007
| #29 (permalink) | |
 Creating |  ProCoS As this thread still seems open and brainstorm-y, and I’ve not seen mention of it yet, I throw out a concept: provable correctness. This was a largely hypothetical approach to software popular, as best I can tell, mostly in the 1980s. Basically, it required that language compilers be what one book I read called “higher order”, so that one could prove that all the object/executable code they produced could function only within a formally well-defined domain, corresponding roughly to “bug free” A common acryonym-oid for such software was/is ProCoS. A “popular” languages of this kind was called AXIS. Here is as basically random web-search result finding reference to both. Along with a couple of management folk, I tried to stir interest in ProCoS within my org in the early 1990s, with little success, encountering daunting “cultural” obstacles. To this day, I often find it difficult to successfully argue much weaker applications of such an approach, such as the idea that very formally defined unit testing can substantially reduce the need for end-to-end integration and regression testing. In some projects in which I’ve had personal stake, this what-I-perceive-as cultural barrier has, I’m convinced, incurred million of unnecessary cost, and in the worst case, actually made resources (including me) unavailable for unit testing, resulting in significantly more undetected defects in deployed software. While I suspect the culture at the JSC to be a bit … well, better than in my medical IT world – that discussions like these are even coming out of it appears to confirm my suspicion – the basic ProCoS concept – that special language and compiler design can effectively eliminate specific categories of errors, and to a great extent the need for testing – is, I suspect, not much more comfortably received in any IT community than in my own. ---------------- Moderator: Computers and Technology; Medical Science; Science Projects and Homework; Philosophy of Science; Physics and Mathematics; Environmental Studies | |
| | ||
|
12-22-2007
| #30 (permalink) | |||||||
| Slaying Bad Memes | Re: Software Risk Analysis Quote:
I also have given this thought. I have made a list (exhaustive?) of all transformations that are sources of data-risk, and those that mitigate or even fix data-risk. What this produces is a complex "network" of data-risk-flow, that yields at the end, the probability that there will still be flaws or bugs in the Flight Load (the final step in my chart, so far). I still have to address what the probabilities are that 1) the bug will actually be executed, and 2) the executed bug will actually cause loss of mission. We already have real-world examples of bugs in Flight Loads that would have caused a crash, but the circumstances that would have triggered that code never came about. (phew!!!) Quote:
Quote:
Quote:
Quote:
 Quote:
What I have concluded is this: 1) The probability of software "failing" is essentially an analysis of HUMAN ERROR in all the various stages and transformations of the software. 2) The probability of a (given) software bug causing a CRASH!!!! BOOM!!!! ARRRGGGGGHHHHHHHHHHH!!!!! is essentially dependent on anomalous environmental conditions and events. "Edge of the Model" circumstances. Rare events or rare combinations of events. ---------------- Hypography Forums Moderator -- - - - - - What concerns me is not the way things are, but rather the way people think things are. Epictetus, Greek Philosopher The map is NOT the territory. Korzybski, Polish-American Philosopher Last edited by Pyrotex; 12-22-2007 at 10:44 AM. | |||||||
| | ||||||||
 |
| Bookmarks |
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| analysis and topology | php111 | Questions and Answers | 1 | 09-01-2007 01:07 AM |
| Sample Rate Conversion Analysis | freeztar | Music studies | 0 | 06-13-2007 11:12 PM |
| "The Risk Conundrum" | Simon | Physics and Mathematics | 10 | 04-28-2007 04:47 PM |
| Transaction analysis | tarak | Political sciences | 5 | 12-13-2006 07:56 AM |
| error analysis | labview1958 | Science Projects and Homework | 0 | 03-24-2006 09:02 AM |
All times are GMT -8. The time now is 01:20 PM.
