As demonstrated, this vulnerability wasn’t a result of insufficient system testing; it was because of insufficient unit testing. Keith Ray himself wrote a “Testing on the Toilet”8 article, “Too Many Tests,”11 explaining how to break complex logic into small, testable functions to avoid a combinatorial explosion of inputs and still achieve coverage of critical corner cases (“equivalence class partitioning”). Given the complexity of the TLS algorithm, unit testing should be the first line of defense, not system testing. When six copies of the same algorithm exist, system testers are primed for failure.
Architects draw detailed plans before a brick is laid or a nail is hammered. Programmers and software engineers don’t. Can this be why houses seldom collapse and programs often crash?
This analogy made me laugh because software doesn’t have to fight gravity or -20F temperatures or whatever else planet Earth has in store for a physical structure. The gist of this article however seems to be that every software project should start with and needs a solid foundation of requirements. Shout out to system engineering!
Update: Here’s an interesting comment from slashdot and a shout out to awk.
Instead of starting from a silicon wafer or other substrate, as is usual today, researchers have made it possible for the structures to grow from freely suspended nanoparticles of gold in a flowing gas.
The structures are referred to as nanowires or nanorods. The breakthrough for these semiconductor structures came in 2002 and research on them is primarily carried out at Lund, Berkeley and Harvard universities.
It’s clear that Knight’s software was deployed without adequate verification. With a deadline that could not be extended, Knight had to choose between two alternatives: delaying their new system until they had a high degree of confidence in its reliability (possibly resulting in a loss of business to competitors in the interim), or deploying an incompletely verified system and hoping that any bugs would be minor. They did not choose wisely.
What is needed is a change in the way that such critical software is developed and deployed. Safety-critical domains such as commercial avionics, where software failure could directly cause or contribute to the loss of human life, have known about this for decades. These industries have produced standards for software certification that heavily emphasize appropriate “life cycle” processes for software development, verification, and quality assurance. A “safety culture” has infused the entire industry, with hazard/safety analysis a key part of the overall process. Until the software has been certified as compliant with the standard, the plane does not fly. The result is an impressive record in practice: no human fatality on a commercial aircraft has been attributed to a software error.
As the manager with primary responsibility for build management, Burt has supervised the construction of automated systems that perform continuous builds and continuous integration. The systems incorporate tools for testing, version control, and scheduling.
Most of all, the key to managing a large project was automation. “We automate everything that can be automated,” says Burt. “The tools make a huge difference. We maintain all the different versions of QuickBooks, on all our supported platforms, with about 60 code-writing developers. We couldn’t do that without automation.”
Microsoft SharePoint 2010 makes it easier for people to work together.
Using SharePoint 2010, your people can set up Web sites to share information with others, manage documents from start to finish, and publish reports to help everyone make better decisions.