14.3 Software Validation and Verification Methodologies and
Tools
In this section we discuss some of the recent progress that has been made in the area
of software validation and verification. Validation implies that the software has been
shown to be acceptable to the customer and is correct, while verification implies that
the software is properly developed from the requirements and abides to the specifica-
tions given. Both development process and test process experts have been investing in
software methodologies and tools to improve these areas.
We have described several software processes, leading into the currently popular itera-
tive and incremental Agile process of Scrum (see Chapter 5). In the Agile processes, soft-
ware is developed in small increments by small teams. Thus, with Agile processes, there is
frequent unit testing of the completed code to ensure that what is developed is of good
quality and satisfies the customer/user needs. In Chapter 10, we introduced Test-driven
development (TDD) with
JUnit
tool. A more recent approach to improving unit testing
is the usage of formal assertions with a run-time assertion checker to decide whether the
coded software methods are working correctly. This new approach to unit testing uses a
combination of formal specification language called Java Modeling Language (JML) and
the
JUnit
testing framework (Cheon and Leavens 2004).
JML is heavily influenced by the Eiffel language and the concept of “programming by
contract” professed by Bertrand Meyer (1988). The key to this approach is using the tra-
ditional notion in program correctness proofs by specifying precondition, postcondition,
and the invariant characteristics of the software to help in unit testing. JML is a language
that allows one to specify the pre-, post-, and invariant conditions without requiring the
deep formalism in past specification languages such as Z or Larch. A tool called JMLUnit
generates
JUnit
test classes from these JML specifications. During execution, the tool
checks that if the specified preconditions for a software method hold, the specified post-
conditions for that method will also hold. Clearly, with JML and the associated tools, the
better the person who specifies these conditions, the more effective the methodology
and the more valuable the tool will be. Although JML is tailored to Java programming
development, which is fairly easy to use for Java programmers, it still requires technically
sophisticated people to develop these pre-, post-, and invariant assertions. Through
checking the assertions and ensuring that the pre- and postconditions match and that
the invariant condition holds, this relatively new approach provides a marked improve-
ment in software verification. Refer to Chalin et al. (2006) and Burdy et al. (2005) in the
Suggested Readings section for more on JML and the associated tools.
A similar approach to improving unit testing in the Agile process environment, origi-
nating directly from the test-driven development methodology, is the behavior-driven
development (BDD) approach. BDD was first introduced by Dan North in 2006. The basic
idea here is to use the language of the business domain, as opposed to technical speci-
fications in JML, and involve the users and the stakeholders of the software.
Involving
the stakeholders and users during unit testing and ensuring that the delivered software
functionality is acceptable to them is an excellent way to validate the software. Thus
BDD moves unit testing closer to validation of software functionality beyond software
verification. The natural language of the users is used to express the features and func-
tionalities through scenarios. A scenario is just a set of natural language assertions that
14.3 Software Validation and Verification Methodologies and Tools
299
91998_CH14_Tsui.indd 299 1/10/13 12:14:37 PM