David Parnas

David Parnas
Middle Road Software

Dr. h.c. (mult), Ph.d,. M.S,, , B.Sc,

About

302
Publications
99,880
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
19,736
Citations
Citations since 2016
8 Research Items
2236 Citations
20162017201820192020202120220100200300
20162017201820192020202120220100200300
20162017201820192020202120220100200300
20162017201820192020202120220100200300

Publications

Publications (302)
Article
Ongoing efforts to make software development an engineering discipline will fail until we have legislation requiring that creators of certain types of software be licensed, establishing a licensing authority, and detailing the capabilities that a licensed developer must possess.
Article
Full-text available
ion. Precision. Planning for change. Reviewability; (automated) analyzability. Continuous validation. Support for testing. Support for achieving consistency and completeness. Variation of depth and precision to accommodate the cost and risk of the problemA selection of techniquesRequirements engineers need a collection of effective techniques for e...
Article
In the half century since Edsger Dijkstra published “The Structure of the ‘THE’-Multiprogramming System,” it has become clear that the ability to design a software system’s structure is at least as important as the ability to design efficient algorithms or write code in a particular programming language. Although the word “structure” appeared in th...
Article
Incidents from the early days of AI research are instructive in the current AI environment.
Article
This paper discusses third-level educational programmes that are intended to prepare their graduates for a career building systems in which software plays a major role. Such programmes are modelled on traditional Engineering programmes but have been tailored to applications that depend heavily on software. Rather than describe knowledge that should...
Article
Full-text available
This paper presents the segregated failures model (SFM) of availability of fault- tolerant computer systems with several recovery procedures. This model is compared with a Markov chain model and its advantages are explained. The basic model is then extended for the situation when the coverage factor is unknown and the failure escalation rates must...
Article
Full-text available
The use of mathematics for documenting, inspecting, and testing software is explained and illustrated. Three measures of software quality are described and discussed. Then three distinct complementary approaches to software quality assurance are presented. A case study, the testing and inspection of a safety-critical system, is discussed in detail.
Article
Full-text available
Tabular expressions have been proposed as a notation to document mathematically precise but readable software specifications. One of the many roles of such documentation is to guide testers. This paper 1) explores the application of four testing strategies (the partition strategy, decision table-based testing, the basic meaningful impact strategy,...
Article
Although a huge number of articles have been written about software development and many interesting ideas have been proposed, researchers and practitioners have failed to create a new engineering discipline focused on building software-intensive systems.
Conference Paper
For many decades, computer science researchers have predicted that the “Formal Methods” that they develop and advocate would bring about a drastic improvement in the quality and cost of software. That improvement has never materialized. This talk explain the difference between the methods and notations that constitute “Formal Methods” and the mathe...
Article
Full-text available
Good software design is never easy, but stopping too soon makes the job more difficult.
Conference Paper
A brief description of the early days of "Software Engineering" precedes a discussion of the various meanings that have been proposed for that term. The differences between Software Engineering and Programming are described by discussing the tasks beyond programming that are expected to be performed by Software Engineers. Legislators and Educators...
Article
Mathematical expressions in tabular form (also called “tabular expressions” or “tables”) have been shown to be useful for documenting and analysing software systems. They are usually easier to read than conventional mathematical expressions but are no less precise. They can be used wherever mathematical expressions are used. To avoid misunderstandi...
Article
We describe a prototype framework for a family of individualized-advice systems (IAS). The purpose of an individualized-advice system is to select the most relevant material from a large set of potentially useful documents and present the documents selected to someone seeking advice.IAS systems should not be viewed as applications of artificial int...
Article
Full-text available
An illustration of the problems caused by a lack of discipline in software development and our failure to apply what is known in the field.
Article
This paper presents an approach to the problem of documenting the design of a network of components and verifying that its structure is complete and consistent, (i.e., that the components, functioning together, will satisfy the requirements of the complete product), before the components are implemented. Our approach differs from others in that bot...
Conference Paper
This paper discusses the importance of requirements documents and the reasons that the requirements documentation methods commonly applied in industrial software development are inadequate. The use of functional methods and tabular expressions for producing precise requirements documentation is explained and illustrated. This includes: • An explana...
Conference Paper
Full-text available
The prime cause of the sorry ``state of the art'' in software development is our failure to produce good design documentation. Poor documentation is the cause of many errors and reduces efficiency in every phase of a software product's development and use. Most software developers believe that ``documentation'' refers to a collection of wordy, unst...
Conference Paper
During the self-adaptive software system design, one of the deficiencies of past research is that past behaviors are always applied to predict future behaviors. As the past is not always a good predictor of the future, such strategies may cause poor performance while the behavior changes. In this paper, we introduce a document-driven approach for d...
Article
The need for empirical research into the practicality and efficacy of software development methods is obvious but most published papers have inadequate experimental design. The assumption that what programmers do is "natural," and somehow right or practical, needs to be questioned seriously. Human beings haven't evolved by natural selection to be g...
Article
We must question the assumptions underlying the well-known current formal software development methods to see why they have not been widely adopted and what should be changed.
Article
A software development process can be considered rational if each design decision can be justified based on given facts and design decisions that were made, reviewed, and accepted earlier. This paper describes a set of documents that can serve as a “knowledge base” for more rational software development. Each of these documents can be viewed as a p...
Article
This paper presents the segregated failures model (SFM) of availability of fault-tolerant computer systems with several recovery procedures. This model is compared with a Markov chain model and its advantages are explained. The basic model is then extended for the situation when the coverage factor is unknown and the failure escalation rates must b...
Conference Paper
Full-text available
Tabular expressions have been used in industry for many years to precisely document software in a readable notation. In this paper, we propose a fault-based testing technique that traces the propagation of faults from the expression in each cell of a tabular expression to the output of the program under test. The technique has been formalized in th...
Conference Paper
Full-text available
This experience and research based paper discusses the reasons that software cannot be trusted and then explains how the use of greatly improved documentation can make software more trustworthy. It shows how tabular expressions can be used to prepare software documents that are both precise and easily used by developers, inspectors, and testers. Th...
Article
Full-text available
The views of David Lorge Parnas on the practice of counting publications without reading and judging them are discussed. The widespread practice of counting publications without reading and judging them is fundamentally flawed for a number of reasons. The practice encourages superficial research, overly large groups, repetition, and small and insig...
Conference Paper
Full-text available
Tabular expressions are a multidimensional structured notation for complex mathematical definitions of relations or functions. They have been found useful for documenting imperative programs by stating the function or relation that describes the black-box behaviour of those programs. Tools are needed to increase the practicality of this approach to...
Conference Paper
Full-text available
Tabular expressions were proposed as a documentation tool that can be used to document software precisely and unambiguously. This paper explores the applications of four testing strategies in tabular expression-based specifications and further compares the strategies on a mathematical basis. The full paper entitled "A comparison of tabular express...
Conference Paper
Anyone developing a Software Engineering curriculum is faced with several dilemmas: Should it emphasize fundamental principles or current technology? Should it teach about a wide variety of approaches or how to use a few important methods? When discussing how the software industry does things, should we teach that this is what to do or what not to...
Article
Full-text available
Article
Full-text available
In Russian: Часто возникают сомнения, можно ли доверять программному обеспечению в критических приложениях. Мы обсуждаем причины этого недоверия и предлагаем пути улучшения документации для повышения уровня доверия к программному обеспечению. Мы также показываем как табличные выражения могут быть использованы для создания точной программной докумен...
Conference Paper
Computer Scientists have been talking about the use of of object-orientation (under a variety of rubrics) to achieve "separation of concerns" for more than 40 years. In all that time, it has been taken for granted that it was the structure of the program text itself that mattered. Whenever it was felt that additional information was needed it was a...
Conference Paper
Full-text available
Twenty years after the paper No Silver Bullet: Essence and Accidents of Software Engineering by Frederick P. Brooks first appeared in IEEE Computer in April 1987 (following its 1986 publication in Information Processing, ISBN 0444-7077-3) does the premise hold that the complexity of software is not accidental? How have the "hopes for silver" which...
Conference Paper
The history of research on the development of program-families is briefly reviewed. Two distinct problems, configuration-management and family-design are identified. It is explained that, while software configuration-management is not fundamentally different from configuration- management for other products, in practice, inadequate attention to fam...
Conference Paper
Full-text available
This paper has illustrated why, a course on these topics should be required as part of the basic science component of a programme for engineers specialising in software intensive products
Conference Paper
Full-text available
This paper describes the application of the Trace Function Method to specify the requirements of a software component. We illustrate the method on a software component of a telecommunications system that was developed by Ericsson. Beginning with incomplete informal descriptions, we analysed the requirements of the system and wrote a description tha...
Conference Paper
For at least 4 decades, managers, customers, and anyone else who wanted to acquire software, has bemoaned our inability to specify exactly what is required when we want software built. Those who maintain software or use software complain about the lack of a precise description of what it does. Numerous specification methods, none of which have been...
Article
Full-text available
non-peer-reviewed This paper presents a method of estimating the availability of fault-tolerant computer systems with several recovery procedures. A segregated failures model has been proposed recently for this purpose. This paper provides further analysis and extension of this model. The segregated failures model is compared with a Markov chain mo...
Article
The ever-changing nature of technology contributes to the problems encountered by experts when collecting and preparing digital evidence for courtroom presentation.
Conference Paper
The movement to integrate mathematically based software development methods is a predictable response to the fact that none of the many methods available seems sufficient to do the whole job (whatever that may be) on its own. This talk argues that integrating separately developed methods is not the most fruitful possible approach. Instead we propos...
Conference Paper
Full-text available
The use of several distinct recovery procedures is one of the techniques that can be used to ensure high availability and fault-tolerance of computer systems. This method has been applied to telecommunications systems and usually uses redundant hardware and special recovery software to restore the system after hardware and software failures. We pro...
Article
Full-text available
Software Engineering as a discipline emerged in response to the software crisis perceived by the industry. It is a well known fact that at the beginning of any project, the software industry needs to know how much will it cost to develop and what would ...
Article
Full-text available
non-peer-reviewed We consider the problem of generating a set of test cases from a black box specification. We focus on stress testing, i.e. picking test cases that seem most likely to reveal program bugs. Our approach assumes that so-called interesting points, i.e. points in a function’s domain where properties change, e.g. maxima, are likely to r...
Conference Paper
Full-text available
We describe our experience applying tabular mathematical approaches to software specifications. Our purpose is to show alternative approaches to writing tabular specifications and to help practitioners who want to apply such methods by allowing them to pick the best one for their problem. The object for the case study is software used by Dell Produ...
Conference Paper
Full-text available
It is no accident that the branches of engineering are called "disciplines". Every properly educated engineer has learned that the design of quality products requires discipline and a willingness to follow standard procedures. Engineers understand that they must produce a specified set of documents and perform a variety of analyses whose results mu...
Article
In the spirit of making resolutions for betterment in the New Year, ten distinguished individuals in the software quality field offer their recommendations on how organizations can improve software quality In the spirit of making resolutions for betterment in the New Year, ten distinguished individuals in the software quality field offer their reco...
Conference Paper
Full-text available
non-peer-reviewed Software is devilishly hard to inspect. Serious errors can escape attention for years. Consequently, many are hesitant to employ software in safety-critical applications and developers and users are finding the correction of software errors to be an increasingly burdensome cost. This talk describes a procedure for inspecting softw...
Article
Software Engineering is discussed as a branch of Engineering specialising in software intensive products. The process of developing good software is discussed and it is argued that writing programs, though obviously an essential step in the process, is only a small part of Software Engineering.
Article
Full-text available
Due to the complexity of the code, software is released with many errors. In response, both software practitioners and software researchers need to improve the reputation of the software. Inspection is the only way to improve the quality of software. Inspection methods can be more effective but success depends on having a sound and systematic proce...
Article
Full-text available
This issue contains the Proceedings of the First International Workshop on Relational Methods in Software (RelMiS 2001). The Workshop was held in Genova, Italy, on April 7 and 8, 2001, as a satellite event to ETAPS 2001.
Article
Full-text available
Before designing safety- or mission-critical real-time systems, a specification of the required behavior of the system should be produced and reviewed by domain experts. After the system has been implemented, it should be thoroughly tested to ensure that it behaves correctly. This is best done using a monitor, a system that observes the behavior of...
Conference Paper
Some advocates of empirical studies of software engineering appear to be claiming that empirical studies alone can tell us how we should do software development. This paper argues that what can be learned from empirical studies, while important, is very limited. Mathematical studies and empirical studies must be seen as mutually supportive ways to...
Article
Full-text available
This article focuses on the licensing of software engineers in Canada. All Canadian provinces, and most U.S. states, have regulatory bodies charged with making sure that qualified engineers are easy to identify making sure that licensed engineers remain qualified, and regulatory bodies removing the license of engineers who violate laws or codes of...
Article
Full-text available
This paper discusses the work of the software architect by describing a software architect's concerns and the documents that a software architect should produce. It proposes a definition of software architecture and discusses archtectural design criteria based on the idea that every architecture is expected to meet a specified set of goals. We star...
Article
Full-text available
Before designing safety- or mission-critical real-time systems, a specification of the required behaviour of the system should be produced and reviewed by domain experts. After the system has been implemented, it should be thoroughly tested to ensure that it behaves correctly. This is best done using a monitor, a system that observes the behaviour...
Article
Full-text available
Programs for use by Scientists and Engineers are usually embodiments of mathematical models of physical phenomena. Complete and accurate models are usually quite complex because they must deal with the wide-variety of situations that can arise in the real-world.
Article
The concept of "information-hiding" as a software design principle is widely accepted in academic circles. Many successful designs can be seen as successful applications of abstraction or information hiding. On the other hand, most industrial software developers do not apply the idea and many consider it unrealistic. This paper describes how the id...
Article
This paper discusses the technical problems that arise from the need to coordinate many people in the construction of families of similar, but not identical, programs. The problems discussed include using documentation as a software design medium: writing software requirements documents that are complete and precise; the meaning of 'structure' in s...
Conference Paper
Computer Assisted Barter Systems (CABS) are computer systems designed to facilitate barter. They provide an opportunity to exchange goods and services without attaching dollar prices to them. Unlike traditional barter, trade may proceed without identifying pairs of traders as trading partners. A person wishing to do business enters one or more prop...
Conference Paper
In May of 1985 I was asked by the Strategic Defense Initiative Organization, the group within the Office of the U.S. Secretary of Defense that is responsible for the “Star Wars” program, to serve on a $1000/day advisory panel, the Sdio Panel on Computing in Support of Battle Management. The panel was to make recommendations about a research and dev...
Article
Predicting the long-term effects of computers is both difficult and easy: we won’t get it right, but we won’t see ourselves proven wrong. Rather than try, we present some alternatives allowing readers to make their own predictions.
Article
Full-text available
The use of relations, represented as tables, for documenting the requirements and behaviour of software is motivated and explained. A formal model of tabular expressions, defining the meaning of a large class of tabular forms, is presented. Finally, we discuss the transformation of tabular expressions from one form to another, and illustrate some u...
Conference Paper
A summary form only given. When writing a requirements document, it is almost impossible to know when you are done. If one works with a list of assertions (whether formal or informal) checking for completeness and consistency is almost impossible. This tutorial explains how an application of the Four Variable Model and Tabular Notation allows one t...
Article
Full-text available
The basic mathematical laws of relations can be presented and verified using compact abstract notation. However, descriptions of specific relations, such as those that arise in describing software, must be done in terms of a a state representation. When conventional notation is used, the expressions can be complex and hard to use. This tutorial pre...
Conference Paper
In the verification community it is assumed that one has a specification of the program to be proven correct. In practice this is never true. Moreover, specifications for realistic software products are often unreadable when formalised. This talk will present and discuss more practical formal notation for software documentation and the role of such...
Conference Paper
The software challenges of the new millennium include more mature users expecting functioning software, more critical technical and business applications requiring dependable software, globalization requiring distributed development teams, and paradigm clashes between new and old economy firms. Software engineering has to be evaluated anew in terms...
Article
An abstract is not available.
Article
Full-text available
The ongoing debate about who is qualified to develop critical software deals with two dis- tinct issues: First, under what circumstances should a software developer be required to be licensed or certified before taking responsibility for a software product? Second, what knowledge should be required of those who are licensed or certified to develop...
Article
Full-text available
This paper discusses the organization of software that is inherently complex because there are very many arbitrary details that must be precisely right for the software to be correct. We show how the software design technique known as information hiding or abstraction can be supplemented by a hierarchically-structured document, which we call a modu...
Article
Full-text available
We know that a small backward error given by a backward error analysis of a numerical method ensures the stability of the method. In this paper, we show, through examples, that a large backward error or non-existence of backward error does not imply instability. In fact, a method can be stable and deliver accurate results although the backward erro...
Conference Paper
Full-text available
Before designing safety- or mission-critical real-time systems, a specification of the required behaviour of the system should be produced and reviewed by domain experts. After the system has been implemented, it should be thoroughly tested to ensure that it behaves correctly. This is best done using a monitor, a system that observes the behaviour...
Conference Paper
There is a startling contrast between classical engineering disciplines and Software Engineering. Electrical, Mechanical, and Civil Engineers learn a lot of mathematics and they actively use that mathematics when designing new products or processes. In contrast, most software developers see mathematics as nearly irrelevant to their work and some ed...
Conference Paper
Engineering educators have long recognised that it is their obligation to prepare students for a professional career that may last 40 years in rapidly changing fields. Good engineering educators know that they must focus on fundamental ideas and teach students how to apply those ideas. Thus, although I studied Electrical Engineering at a time when...

Network

Cited By