[CSUSB]>> [CNS]>> [CSE]>> [R J Botting]>> biba.php

Bibliographic Item (1.0)


  1. Bev Littlewood & David Wright
  2. The Use of Multilegged Arguments to increase confidence in safety claims for software-Based Systems: A Study based on a BBN Analysis of an idealized example
  3. IEEE Trans Software Engineering V33n5(May 2007)pp347-365
  5. When should two different arguments for the safety of a system increase our belief that a system is safe?
  6. Answer: when the arguments do not depend (too much) on a common source of defects.
  7. Compare with the simpler [Littlewood00] example.
  8. Example BBN:=following,
    1. Z: random_variable(Bit)= specification is correct
    2. O: random_variable(Bit)= test oracle is correct
    3. S: random_variable(Beta_distribution(0,1,...)) = probability of failure on demand.
    4. T: random_variable(Bit)= probability of failure during testing.
    5. V: random_variable(Bit)= formal verification proves correctness.
    6. C: random_variable(Bit) = Claim that system is fit for use should be accepted.

      Dependencies:= (Z+>O | Z+>S | Z+>V | O+>T | S+> T | S+>V | T+>C | V+>C ).

      Example dependency: the correctness of the oracle O depends on the correctness of the specification (Z).

      Example dependency: the parameters of the distribution of S depend on whether the specification is correct(Z).

      In general, for each dependency XY+>W tabulate for each X&Y value the probability of each W value given the XY values. If W is a continuous random variable then tabulate the probability density functions. The table is called a conditional probability table. See paper for a large example.

    7. A BBN implicitly defines a set of Conditional_independencies.

      Example Conditional_independencies:= following,
      OS VZ
      TZ VO S
      CO S ZV T

      (Close Table)
      So: if Z is given then O is independent of S and V.

    8. CI::BBN=conditionally_independent, two events are independent under certain conditions.
    9. conditionally_independent(A,B,C)::BBN= ( Pr(A B C) = Pr(A|C) Pr(B|C) Pr(C) ).
    10. ...

    11. Bayes's formula allows us to calculate the distribution of S and C given that T and V are true, see Bayes_theorem.

    (End of Net)

Search for bibliographic items containing a matching string.

(Search uses POSIX regular expressions and ignores case)

Search for a specific bibliographic item by name.

To see the complete bibliography (1Mb+) select:[Bibliography]