Gradational conception in Cleanroom Software Development by editorijettcs


More Info
									   International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)
       Web Site: Email:,
Volume 1, Issue 2, July – August 2012                                          ISSN 2278-6856

   Gradational conception in Cleanroom Software
                                           Anshu Sharma1 and Shilpa Sharma2
                                        DAV Institute of Engineering and Technology,
                                              Kabir Nagar, Jalandhar, India
                         Lovely Professional University, Department of Computer Science and Engineering,
                                                       Jalandhar, India

Abstract: The aim of this paper is to lay down the idea and
practical application of gradational conception in cleanroom
software engineering process. Gradational development is
based on the mathematical principle of referential
transparency. Cleanroom software engineering process
makes use of gradients or increments to develop the software
product in sequence or series of additive subsets of user
functions. The gradients are aggregated in the top down
manner into the final product in the conception and the
certification pipeline. The various factors that must be
considered for the development of gradients understand of the
requirements, complexity, reliability, requirement for sub
system, clarity of user functions, dependencies between
functions and reusability.
Keywords: Gradient conception, cleanroom software
engineering, software life cycle, referential transparency.

The main purpose of using cleanroom software
engineering is to transform from individual craftsmanship
to peered review engineering, sequential development to
gradational development, individual unit testing to team
correctness verification, unmeasured reliability to
measured reliability. The central fundamental of                  Figure 1 Cleanroom Software Engineering Process [5]
cleanroom software process is the software development
based on formal methods and control implementation              There are basically three teams to perform the various
under statistical quality measurement.                          activities and they are:
                                                                     1. Specification Team: It deals with the hardware/
The cleanroom software engineering process deals with                     software requirement definitions, design and
various methods of software specification, design or                      implementation of the software gradients.
verification/validation testing and finally to get quality           2. Certification Team: it deals with the quality
certification. It starts up with small unit and end up with               assurance by using various methods.
fully integrated product by using top-down methodology.              3. Development Team: This team is responsible for
The cleanroom strategy contains four parts i.e Part1                      developing and verifying the software. The code
consists of incremental planning, requirement gathering,                  inspection is performed for the correctness.[1]
and box structure specification. Part2 consists of formal
design and correctness verification. Part3 consists of code     2. EASE OF USE
generation, inspection, verification and statistical testing         1.   Proper Control on Each Process: This
and part4 contains statistical use testing and certification.             technique gives the proper control over gradation
                                                                          development of software through the properties
                                                                          of referential transparencies. It also deals with
                                                                          the state date and responses based on stimuli

Volume 1, Issue 2 July-August 2012                                                                              Page 150
   International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)
       Web Site: Email:,
Volume 1, Issue 2, July – August 2012                                          ISSN 2278-6856

         histories. By verifying the result with the          3. PROPOSED WORK
         previous result one can improve or control on
                                                              The overall objective of the gradational development is to
         each and every process. It combines many of
                                                              grow a system with each new gradient as an elaboration
         formal methods and software quality methods to
                                                              of the functions implemented in previous gradients. The
         get better decision and help in developing the
                                                              new function in gradient should be plug-in to the previous
         error free products.
                                                              gradient at predefined point in its structure and should
                                                              satisfy the sub specifications associated with the
                                                              processing requirements at those points. This process of
                                                              function allocation is the practical implementation of
                                                              referential transparency to gradational conception
                                                              planning. Thus, logical allocation of functions to
                                                              gradients based on relationship among functions and
                                                              intrinsic functional dependencies will predominate in the
                                                              definition of gradient content. In a database system, for
                                                              example, functions to add data would typically precede
                                                              functions to delete data. In a statistical system, functions
                                                              to collect and enter data would ordinarily precede
                                                              functions to analyze data and report results.
                 Figure 2 Control Process
         It also enables cleanroom team to perform
                                                                 3.1 Cleanroom Software Engineering
         various activities simultaneously. The product
         will undergo well proved increments and get the      Cleanroom defines formal methods of requirement and
         feedback. Many specifications and models help        design with statistical usage testing to produce software
         keep a product longer periods of time.               with nearly none or zero defects. Software engineering
    2.   Zero failure in the field: this is the main          emphasizes following a process model that separates
         objective of this paper. It gives less than five     requirements, design, coding, testing and the other steps.
         failures per KLOC. New teams should                  The cleanroom process embeds software development and
         experience a productivity increase in their first    testing within a statistical quality control framework.
         project and continue the increase.                   Mathematically based software development processes are
         Correctness questions are asked and answered         employed to create software that is correct by design and
         then formal mathematical verification is done.       statistical usage testing processes are employed to provide
    3.   Implemented gradually with higher quality:           inferences about software reliability. This systematic
         The significant advantage of cleanroom software
                                                              process of accessing and controlling software quality
         engineering is that it can be developed gradually.
                                                              during development permits the certification of software
         While the activities involved in cleanroom
         software engineering is very strict so it attain a   fitness for use at delivery.
         higher quality. It deals with the deeper             Cleanroom management is based on development and
         understanding of the requirements, design and        certification of pipeline of user function gradients that
         code by all verifiers involved.                      execute in a system environment and accumulate top
    4.   Deals with formal design: It works on the            down into the final product.
         specifications that are iteratively refined to       Cleanroom teams interact with the variety of peer
         become the architectural designs and component       organizations depending on organizational and project
         level designs. Cleanroom software engineering        context. System engineering and system test
         uses the box structure specification to define the   organizations may be involved in embedded software
         products.                                            projects, standards, procurement and quality assurance.
                                                              Organizations may be involved in large projects,
                                                              configuration       management,      documentation     and
                                                              organizational software engineering process.
                                                              The customer is part of cleanroom team as well. The term
                                                              customer may mean external institutional sponsor,
                                                              internal organizational sponsor, end user or any other
                Figure 3 Formal Design                        party that is appropriate for defining requirement and
Once the requirements are fixed then functional and
                                                              evaluating the evolving system.
behavior of each gradation must be defined. At the end of
each process the teams should have design resembling            3.2 Key ideas in Gradational Conception
structure programming of their language of choice [2].        The purpose of Gradient Planning Process is to:
                                                                 Allocate customer requirements defined in function

Volume 1, Issue 2 July-August 2012                                                                             Page 151
   International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)
       Web Site: Email:,
Volume 1, Issue 2, July – August 2012                                          ISSN 2278-6856

        specification to a series of software gradients that   operations similar to an object, the stimuli (inputs) and
        satisfies software architecture.                       response (output) are represented, the information must
    Define schedule and resource allocation for gradient      be fetched between transitions. The state is the
        development and certification.                         encapsulation of the stimulus history.
    Obtain agreement with the customer on the gradient                           SH * SD → R * SD
        plan.                                                    Stimulus history * State Data → Response * State Data
Increments are designed and implemented as usage               Clear box contains the algorithm design of state box
hierarchies through box structure decomposition. This          similar to the structure programming. It gives both data
process preserves referential transparency between             flow and control flow. It also allows updating the state
successive decomposition to maintain intellectual control.     data and response [3].
Increments designs can be expressed in object, functions
or any other form. Each increment is based on a prior          5. THEORETICAL FOUNDATION                             OF
specification. Increment specifications are expressed in       GRADATIONAL CONCEPTION
stimulus history based black box and state based state box
                                                               Cleanroom software development is based upon the
forms. Increment designs and implementations are
                                                               mathematical principle of referential transparency.
expressed in procedure based clear box forms that can
                                                               Referential transparency in box structure hierarchies
introduce new black boxes for further decomposition.
                                                               requires that the black box specifications embedded in
Reused or reengineered components are incorporated as
                                                               clear boxes at each level of decomposition precisely
                                                               define the required functional behavior of their
Team reviews during the increment design process focus
                                                               subsequent decompositions into state and clear boxes.
on issues such as clarity, maintainability, reuse and
                                                               With referential transparency, intellectual control is
conformance to style. In the companion correctness
                                                               maintained and independent work at lower levels can
verification process, the team focuses exclusively on
                                                               proceed without concern for functional interactions at
correctness. Specifications, designs and implementation
                                                               higher levels.
evolve during the increment design process and intended
                                                               Referential transparency is the special property of
functions are embedded in clear box procedure
                                                               arithmetic mathematics that computes large and complex
decomposition to permit effective correctness verification.
                                                               expressions at one goes and gives the correct answer. It
The team performs correctness verification as the last
                                                               deals with the concept that operands value matters a lot in
intellectual pass through the work.
                                                               the equation its operands can be changed with other but
The development team does not execute the increment
                                                               same in value within a specific range.
implementation. First execution is performed by the
                                                                  Table 1: Referential transparency in various systems
certification team in the statistical testing and
certification process after the development team has
completed verification in the correctness verification
Cleanroom minimizes the risk of integration faults
through development based on the mathematical principle
of referential transparency. Referential transparency in
box structure hierarchies requires that the black box          Once referential transparency has been established for a
specifications embedded in clear boxes at each level of        particular system or for a particular programming
decomposition into state and clear boxes. With referential     language, cleanroom incremental development and
transparency, intellectual control is maintained and           verification techniques are guaranteed to work for any
independent work at lower levels can proceed without           application that is developed in that language. In
concern for functional interactions at higher level.           applying cleanroom to object oriented development, the
                                                               functional description of objects and their methods must
4. EQUATIONS                                                   be enhanced to establish referential transparency [4].
                                                               Referential transparency can be applied in a formal way
The black box gives the transition rules that specify the
                                                               to full scale system development projects.
product behavior as response to particular stimuli by
using the concept of OO inheritance concept.
         SH (Stimulus History) →R (response)                   6. PROCESS MODEL
It specifies the system properties and functions by            The gradational conception or we can say incremental
mapping all possible stimulus histories to all possible        development is the life cycle process model. It is the
response.                                                      standardized format of planning, organizing and running
State box encapsulates the information (state Data) and        the new development products. Cleanroom software

Volume 1, Issue 2 July-August 2012                                                                             Page 152
   International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)
       Web Site: Email:,
Volume 1, Issue 2, July – August 2012                                          ISSN 2278-6856

development products usually deal with the fixed                use best strategies to remove risk factors. The spiral is
financial budget, time constraints and other product            visualized as a process passing through some number of
constraints.                                                    iterations, with the four quadrants that represents the
                                                                following activities:
                                                                   A. Formulate plans to identify software targets
                                                                        selected to implement the program, clarify the
                                                                        project development restrictions.
                                                                   B. Risk analysis that is an analytical assessment of
                                                                        selected programs to consider how to identify and
                                                                        eliminate risk.
                                                                   C. The implementation of the project for the
                                                                        development and verification.
                                                                   Risk driven spiral model emphasizing the conditions of
                                                                   options and constraints in order to support software
               Figure 4 Project Constraints                        reuse, software quality can help as a special goal of
                                                                   integration into the product development.
There are hundreds of life cycle models like waterfall             6.3 Incremental Life Cycle Model
model, spiral model, iterative model and many more. By          It is also known as loop approach. In 1988 Boehm
changing the life cycle model, we can improve or tradeoff       developed the iterative model which includes risk analysis
product quality, product visibility, development time, risk     and risk management. It takes the core part and adds the
reduction etc.                                                  functionality after every successful iteration. The
                                                                incremental model is an intuitive approach to the
                                                                waterfall model. Multiple development cycles take place
                                                                making a life cycle as “multi waterfall cycle” cycles are
                                                                divided up into smaller, more easily managed iterations.
                                                                Each iteration passes through the requirements, design,
                                                                implementation and testing phases.
                                                                The working version of the software is produced during
                                                                the first iteration, so one can have working software early
                                                                on during the software life cycle. Subsequent iterations
                                                                build on the initial software produced during the first

                                                                7. CONCLUSION
       Figure 5 Software Development Life Cycle                 Cleanroom software engineering is an engineering and
                                                                managerial process for the development of high quality
The various models that can be used for the gradational         software with certified reliability. The main aim is to
conception in cleanroom software development are as             prevent the software errors as they occur. Testing should
follows:                                                        not be the only place where the errors must be caught, but
   6.1 Waterfall Model                                          the design phase as well. One of the main components of
It is easy to understand and work well matured products         the cleanroom software engineering is gradational
and weak team but it does not match real world. It is the       development.
theoretical model to understand the product properly.           In gradational conception process of cleanroom software
In a strict waterfall model, after each phase is finished, it   engineering, each gradient is developed separately and
proceeds to the next one. Reviews may occur before              tested in a simulated production environment. This way
moving to the next phase which allows for the possibility       the test result will speak about the quality of sub system.
of changes. Reviews may also be employed to ensure that         If the gradient adheres to the pre defined quality
the phase is indeed complete. The phase completion              standards, then the next gradient development process is
criteria are often referred to as a “gate” that the project     started. If not then development is stopped and the
must pass through to move to the next phase. Waterfall          process is fixed. The results of the gradients can use in
discourages revisiting and revising any prior phase once        the improvement of the quality of the next gradient.
it’s complete.                                                  Gradient prototyping and spiral life cycle model are
   6.2 Spiral Life Cycle Model                                  useful to manage the risks. Each gradient is a complete
Since end user requirements are hard to obtain, it is           iteration in the life cycle. This makes the process more
natural to develop software in an experimental way and
Volume 1, Issue 2 July-August 2012                                                                              Page 153
   International Journal of Emerging Trends & Technology in Computer Science (IJETTCS)
       Web Site: Email:,
Volume 1, Issue 2, July – August 2012                                          ISSN 2278-6856

successful. The mathematical principle of referential
transparency proved to be very useful in defining
gradients that can be implemented as a sub system.

 [1] Stacy J. Powell, Carmen J. Trammell, Richard C.
      Linger, Jessy H. Poore, “Cleanroom software
      engineering: technology and process”.
[2] Carmen J. Trammell, Richard C. Linger,
     “Cleanroom software engineering” version 1
     November 1996.
[3] Carmen J. Trammell, Mark G. Pleszkoch, Richard
     C. Linger, Allan R. Hevner “The Incremental
     Development Process in Software Engineering” in
     Decision Support System 17 (1996) 55-71.
[4] Richard C. Linger, Carmen J. Trammel “ technical
     Report on cleanroom software engineering reference
     model” November 1996
[5] Chaelynne M. Wolak, “Taking the art out of
     Software Development an In-Depth Review of
     Cleanroom Software Engineering” 2001.


Anshu Sharma received the B.E degree in Computer Science
and Engineering from Lovely Institute of technology in 2009.
And currently perusing M.S. degrees in Computer Science and
Engineering from DAV Institute of Engineering and
Technology, Jalandhar.
Shilpa Sharma received the B.E degree in Computer Science
and Engineering from Lovely Institute of technology in 2009.
And currently perusing M.S. degrees in Computer Science and
Engineering from DAV Institute of Engineering and
Technology, Jalandhar.

Volume 1, Issue 2 July-August 2012                                                  Page 154

To top