Fortunately, just such a checklist already exists. Roy Maxion and Bob Olszewski at Carnegie Mellon created a structured list of exceptional conditions to consider when designing a robust system in the form of a fishbone diagram (click on the diagram to see the full detail in a new window).
(Source: Maxion & Olszewski, Improving Software Robustness with Dependability Cases, FTCS, June 1998.)
The way to read this diagram is that an exception failure could be caused by any of the general causes listed in the boxes at the end of the fish-bone segments, and the arrows into each fishbone are more specific examples of those types of problems.
If you don't have the picture handy, a way to remember the main branches is:
C - Computational problem
H - Hardware problem
I - I/O and file problem
L - Library function problem
D - Data input problem
R - Return value problem
E - External user/client problem (in embedded systems this may include control network exceptions)
N - Null pointer or memory problems
There isn't a silver bullet for exception handling -- getting it right takes attention to detail and careful work. But, this fishbone diagram does help developers avoid missing exception vulnerabilities. You can read more about the idea and the human subject experiments showing its effectiveness in the free on-line copy of their conference paper: Improving Software Robustness with Dependability Cases,
You can read more detail in the (non-free unless you have a subscription) journal paper:
Eliminating exception handling errors with dependability cases: a comparative, empirical study, IEEE Transactions on Software paper, Sept. 2000. http://dx.doi.org/10.1109/32.877848
0 nhận xét:
Đăng nhận xét