Striving for correctness

TitleStriving for correctness
Publication TypeJournal Articles
Year of Publication1995
AuthorsAbrams MD, Zelkowitz MV
JournalComputers & Security
Pagination719 - 738
Date Published1995///
ISBN Number0167-4048
KeywordsAssurance, belief, correctness, Formal Methods, MATHEMATICAL MODELS, metrics, Process models, Risk management, Security testing, Silver bullets, simulation, Trustworthiness

In developing information technology, you want assurance that systems are secure and reliable, but you cannot have assurance or security without correctness. We discuss methods used to achieve correctness, focusing on weaknesses and approaches that management might take to increase belief in correctness. Formal methods, simulation, testing, and process modeling are addressed in detail. Structured programming, life-cycle modeling like the spiral model, use of CASE tools, use of formal methods, object-oriented design, reuse of existing code are also mentioned. Reliance on these methods involves some element of belief since no validated metrics on the effectiveness of these methods exist. Suggestions for using these methods as the basis for managerial decisions conclude the paper.