An approach for understanding and testing third party software components

In this paper we present an approach to mitigating software risk by understanding and testing third party, or commercial-off-the-shelf (COTS), software components. Our approach, based on the notion of software wrapping, gives system integrators an improved understanding of how a COTS component behaves within a particular system. Our approach to wrapping allows the data flowing into and out of the component at the public interface level to be intercepted. Using our wrapping approach, developers can apply testing techniques such as fault injection, data collection and, assertion checking to components whose source code is unavailable. We have created a methodology for using software wrapping in conjunction with data collection, fault injection, and assertion checking to test the interaction between a component and the rest of the application. The methodology seeks to identify locations in the program where the system's interaction with COTS components could be problematic. Furthermore, we have developed a prototype that implements,our methodology for Java applications. The goal of this process is to allow the developers to identify scenarios where the interaction between COTS software and the system could result in system failure. We believe that the technology we have developed is an important step towards easing the process of using COTS components in the building and maintenance of software systems.

[1]  Jeffrey M. Voas,et al.  Inoculating software for survivability , 1999, CACM.

[2]  David S. Rosenblum Towards A Method Of Programming With Assertions , 1992, International Conference on Software Engineering.

[3]  Bertrand Meyer,et al.  Advances in object-oriented software engineering , 1992 .

[4]  W. Morven Gentleman Effective Use of COTS (Commercial-Off-the-Shelf) Software Components in Long Lived Systems , 1997, Proceedings of the (19th) International Conference on Software Engineering.

[5]  John McHugh,et al.  Architectural Approaches to Information Survivability , 1997 .

[6]  Christine L. Braun,et al.  A lifecycle process for the effective reuse of commercial off-the-shelf (COTS) software , 1999, SSR '99.

[7]  Jeffrey M. Voas,et al.  Software testability: an experiment in measuring simulation reusability , 1995, SSR '95.

[8]  Stephen H. Edwards,et al.  A framework for detecting interface violations in component-based software , 1998, Proceedings. Fifth International Conference on Software Reuse (Cat. No.98TB100203).

[9]  Bill Venners,et al.  Inside the Java Virtual Machine , 1997 .

[10]  Mark R. Vigder,et al.  An architectural approach to building systems from COTS software components , 1997, CASCON.

[11]  Markus Dahm,et al.  Byte Code Engineering , 1999, Java-Informations-Tage.

[12]  David Flanagan,et al.  Java in a Nutshell , 1996 .

[13]  Gregory M. Kapfhammer,et al.  An Approach to Identifying and Understanding Problematic COTS Components , 2004 .

[14]  Jeffrey M. Voas,et al.  Putting assertions in their place , 1994, Proceedings of 1994 IEEE International Symposium on Software Reliability Engineering.

[15]  Gary McGraw,et al.  Software fault injection: inoculating programs against errors , 1997 .