[CSUSB]>> [CNS]>> [CSE]>> [R J Botting]>> biba.php

#### LittlewoodWright07

1. Bev Littlewood & David Wright
2. The Use of Multilegged Arguments to increase confidence in safety claims for software-Based Systems: A Study based on a BBN Analysis of an idealized example
3. IEEE Trans Software Engineering V33n5(May 2007)pp347-365
4. =EXAMPLE THEORY RELIABILITY RISKS Arguments BAYES PROBABILITY BBN CAUSALITY SPECIFICATION CORRECTNESS TESTING
5. When should two different arguments for the safety of a system increase our belief that a system is safe?
6. Answer: when the arguments do not depend (too much) on a common source of defects.
7. Compare with the simpler [Littlewood00] example.
8. Example BBN:=following,
Net
1. Z: random_variable(Bit)= specification is correct
2. O: random_variable(Bit)= test oracle is correct
3. S: random_variable(Beta_distribution(0,1,...)) = probability of failure on demand.
4. T: random_variable(Bit)= probability of failure during testing.
5. V: random_variable(Bit)= formal verification proves correctness.
6. C: random_variable(Bit) = Claim that system is fit for use should be accepted.

Dependencies:= (Z+>O | Z+>S | Z+>V | O+>T | S+> T | S+>V | T+>C | V+>C ).

Example dependency: the correctness of the oracle O depends on the correctness of the specification (Z).

Example dependency: the parameters of the distribution of S depend on whether the specification is correct(Z).

In general, for each dependency XY+>W tabulate for each X&Y value the probability of each W value given the XY values. If W is a continuous random variable then tabulate the probability density functions. The table is called a conditional probability table. See paper for a large example.

7. A BBN implicitly defines a set of Conditional_independencies.

Example Conditional_independencies:= following,
Table
Independent0fGiven
OS VZ
TZ VO S
CO S ZV T

(Close Table)
So: if Z is given then O is independent of S and V.

8. CI::BBN=conditionally_independent, two events are independent under certain conditions.
9. conditionally_independent(A,B,C)::BBN= ( Pr(A B C) = Pr(A|C) Pr(B|C) Pr(C) ).
10. ...

11. Bayes's formula allows us to calculate the distribution of S and C given that T and V are true, see Bayes_theorem.

(End of Net)

Search for bibliographic items containing a matching string.

(Search uses POSIX regular expressions and ignores case)

Search for a specific bibliographic item by name.

To see the complete bibliography (1Mb+) select:[Bibliography]