Software fault injection is a form of dynamic software testing that allows developers and testers to observe how the software will behave under a variety of anomalous conditions.  These conditions can be the result of simulated internal software defects or simulated external/environmental stimuli. The end result of a better of way to predict how the software will behave when such events occur. Software testing, on the other hand, allows for predictions of how the software will behave under normal, 

expected operating conditions.  Therefore the knowledge derived from these different types of dynamic assessment is unique, but when combined, result in a more thorough prediction of how the software will behave under a wide variety of nominal and off-nominal circumstances. This offers a more complete definition of “software assurance.”

 

This 1 hour talk will compare and contrast these assessment methods, and will also explore how software fault injection can be used to assess the fault hiding ability of code due to the lack of three key ingredient required for failure: execution, infection, and propagation.  By doing so, we can more realistically predict how much testing is needed in order to detect actual faults of different densities as well as deal with issues such as where to insert assertions and how to quantify fault tolerance.

 

And if time permits, the often referenced “black balls and urn” model for why software testing is a probabilistic game will be explained. Students often learn a lot about why software testing “is a gamble” from this simple probability model.