Cleanroom Principles - part 1
O Small teams
O independent specification, development, and
O Incremental development under statistical quality
O performance assessed during each increment
using measure like number of sequential error-
free test cases
O feedback is used for process improvement and
the development plan is adjusted as needed
Cleanroom Process Teams
O Specification team
O develops and maintains the system specification
O Development team
O develops and verifies software
O the software is not compiled or executes during
O Certification team
O develops set of statistical test to exercise
software after development
O reliability growth models used to assess reliability
Cleanroom Principles - part 2
O Software development based on mathematical principles
O the box principle is used for specification and design
O formal verification is used to confirm correctness of
implementation of specification
O program correctness is verified by team reviews using
O Testing based on statistical principles
O operational usage profiles needed
O test cases are randomly generated from the usage
O failure data is interpreted using statistical models
Modeling approach in cleanroom software
engineering uses a method called box
Cleanroom Strategy - part 1
O Increment planning.
O The project plan is built around the incremental
O Requirements gathering.
O Customer requirements are elicited and refined
for each increment using traditional methods.
O Box structure specification.
O Box structures isolate and separate the definition
of behavior, data, and procedures at each level of
Cleanroom Strategy - part 2
O Formal design.
O Specifications (black-boxes) are iteratively refined
to become architectural designs (state-boxes) and
component-level designs (clear boxes).
O Correctness verification.
O Correctness questions are asked and answered,
formal mathematical verification is used as
Cleanroom Strategy - part 3
O Code generation, inspection, verification.
O Box structures are translated into program
language; inspections are used to ensure
conformance of code and boxes, as well as
syntactic correctness of code; followed by
correctness verification of the code.
O Statistical test planning.
O A suite of test cases is created to match the
probability distribution of the projected product
Cleanroom Strategy - part 4
O Statistical use testing.
O A statistical sample of all possible test cases is
used rather than exhaustive testing.
O Once verification, inspection, and usage testing
are complete and all defects removed, the
increment is certified as ready for integration.
Cleanroom Process Overview
O Key Characteristics of Cleanroom SE
O Incremental Development Life Cycle
O Defect Prevention: Quality Assessment thru
O Disciplined SE methods required to create
correct, verifiable software
O Software Engineering – Roger S Pressman