Robustness (computer science)

Last updated

In computer science, robustness is the ability of a computer system to cope with errors during execution [1] [2] and cope with erroneous input. [2] Robustness can encompass many areas of computer science, such as robust programming, robust machine learning, and Robust Security Network. Formal techniques, such as fuzz testing, are essential to showing robustness since this type of testing involves invalid or unexpected inputs. Alternatively, fault injection can be used to test robustness. Various commercial products perform robustness testing of software analysis. [3]

Introduction

In general, building robust systems that encompass every point of possible failure is difficult because of the vast quantity of possible inputs and input combinations. [4] Since all inputs and input combinations would require too much time to test, developers cannot run through all cases exhaustively. Instead, the developer will try to generalize such cases. [5] For example, imagine inputting some integer values. Some selected inputs might consist of a negative number, zero, and a positive number. When using these numbers to test software in this way, the developer generalizes the set of all reals into three numbers. This is a more efficient and manageable method, but more prone to failure. Generalizing test cases is an example of just one technique to deal with failure—specifically, failure due to invalid user input. Systems generally may also fail due to other reasons as well, such as disconnecting from a network.

Regardless, complex systems should still handle any errors encountered gracefully. There are many examples of such successful systems. Some of the most robust systems are evolvable and can be easily adapted to new situations. [4]

Challenges

Programs and software are tools focused on a very specific task, and thus aren't generalized and flexible. [4] However, observations in systems such as the internet or biological systems demonstrate adaptation to their environments. One of the ways biological systems adapt to environments is through the use of redundancy. [4] Many organs are redundant in humans. The kidney is one such example. Humans generally only need one kidney, but having a second kidney allows room for failure. This same principle may be taken to apply to software, but there are some challenges. When applying the principle of redundancy to computer science, blindly adding code is not suggested. Blindly adding code introduces more errors, makes the system more complex, and renders it harder to understand. [6] Code that doesn't provide any reinforcement to the already existing code is unwanted. The new code must instead possess equivalent functionality, so that if a function is broken, another providing the same function can replace it, using manual or automated software diversity. To do so, the new code must know how and when to accommodate the failure point. [4] This means more logic needs to be added to the system. But as a system adds more logic, components, and increases in size, it becomes more complex. Thus, when making a more redundant system, the system also becomes more complex and developers must consider balancing redundancy with complexity.

Currently, computer science practices do not focus on building robust systems. [4] Rather, they tend to focus on scalability and efficiency. One of the main reasons why there is no focus on robustness today is because it is hard to do in a general way. [4]

Areas

Robust programming

Robust programming is a style of programming that focuses on handling unexpected termination and unexpected actions. [7] It requires code to handle these terminations and actions gracefully by displaying accurate and unambiguous error messages. These error messages allow the user to more easily debug the program.

Principles

Paranoia
When building software, the programmer assumes users are out to break their code. [7] The programmer also assumes that their own written code may fail or work incorrectly. [7]
Stupidity
The programmer assumes users will try incorrect, bogus and malformed inputs. [7] As a consequence, the programmer returns to the user an unambiguous, intuitive error message that does not require looking up error codes. The error message should try to be as accurate as possible without being misleading to the user, so that the problem can be fixed with ease.
Dangerous implements
Users should not gain access to libraries, data structures, or pointers to data structures. [7] This information should be hidden from the user so that the user doesn't accidentally modify them and introduce a bug in the code. When such interfaces are correctly built, users use them without finding loopholes to modify the interface. The interface should already be correctly implemented, so the user does not need to make modifications. The user therefore focuses solely on their own code.
Can't happen
Very often, code is modified and may introduce a possibility that an "impossible" case occurs. Impossible cases are therefore assumed to be highly unlikely instead. [7] The developer thinks about how to handle the case that is highly unlikely, and implements the handling accordingly.

Robust machine learning

Robust machine learning typically refers to the robustness of machine learning algorithms. For a machine learning algorithm to be considered robust, either the testing error has to be consistent with the training error, or the performance is stable after adding some noise to the dataset. [8] Recently, consistently with their rise in popularity, there has been an increasing interest in the robustness of neural networks. This is particularly due their vulnerability to adverserial attacks. [9]

Robust network design

Robust network design is the study of network design in the face of variable or uncertain demands. [10] In a sense, robustness in network design is broad just like robustness in software design because of the vast possibilities of changes or inputs.

Robust algorithms

There exist algorithms that tolerate errors in the input. [11]

See also

Related Research Articles

Computer programming is the process of performing particular computations, usually by designing and building executable computer programs. Programming involves tasks such as analysis, generating algorithms, profiling algorithms' accuracy and resource consumption, and the implementation of algorithms. The source code of a program is written in one or more languages that are intelligible to programmers, rather than machine code, which is directly executed by the central processing unit. To produce machine code, the source code must either be compiled or transpiled. Compiling takes the source code from a low-level programming language and converts it into machine code. Transpiling on the other hand, takes the source-code from a high-level programming language and converts it into bytecode. This is interpreted into machine code. The purpose of programming is to find a sequence of instructions that will automate the performance of a task on a computer, often for solving a given problem. Proficient programming thus usually requires expertise in several different subjects, including knowledge of the application domain, specialized algorithms, and formal logic.

Software testing is the act of examining the artifacts and the behavior of the software under test by validation and verification. Software testing can also provide an objective, independent view of the software to allow the business to appreciate and understand the risks of software implementation. Test techniques include, but are not necessarily limited to:

<span class="mw-page-title-main">Software bug</span> Error, flaw, failure, or fault in a computer program or system

A software bug is an error, flaw or fault in the design, development, or operation of computer software that causes it to produce an incorrect or unexpected result, or to behave in unintended ways. The process of finding and correcting bugs is termed "debugging" and often uses formal techniques or tools to pinpoint bugs. Since the 1950s, some computer systems have been designed to deter, detect or auto-correct various computer bugs during operations.

Regression testing is re-running functional and non-functional tests to ensure that previously developed and tested software still performs as expected after a change. If not, that would be called a regression.

Defensive programming is a form of defensive design intended to develop programs that are capable of detecting potential security abnormalities and make predetermined responses. It ensures the continuing function of a piece of software under unforeseen circumstances. Defensive programming practices are often used where high availability, safety, or security is needed.

In computer programming, unit testing is a software testing method by which individual units of source code—sets of one or more computer program modules together with associated control data, usage procedures, and operating procedures—are tested to determine whether they are fit for use. It is a standard step in development and implementation approaches such as Agile.

<span class="mw-page-title-main">Crash (computing)</span> When a computer program stops functioning properly and self-terminates

In computing, a crash, or system crash, occurs when a computer program such as a software application or an operating system stops functioning properly and exits. On some operating systems or individual applications, a crash reporting service will report the crash and any details relating to it, usually to the developer(s) of the application. If the program is a critical part of the operating system, the entire system may crash or hang, often resulting in a kernel panic or fatal system error.

A game programmer is a software engineer, programmer, or computer scientist who primarily develops codebases for video games or related software, such as game development tools. Game programming has many specialized disciplines, all of which fall under the umbrella term of "game programmer". A game programmer should not be confused with a game designer, who works on game design.

Test-driven development (TDD) is a software development process relying on software requirements being converted to test cases before software is fully developed, and tracking all software development by repeatedly testing the software against all test cases. This is as opposed to software being developed first and test cases created later.

<span class="mw-page-title-main">Race condition</span> When a systems behavior depends on timing of uncontrollable events

A race condition or race hazard is the condition of an electronics, software, or other system where the system's substantive behavior is dependent on the sequence or timing of other uncontrollable events. It becomes a bug when one or more of the possible behaviors is undesirable.

Game programming, a subset of game development, is the software development of video games. Game programming requires substantial skill in software engineering and computer programming in a given language, as well as specialization in one or more of the following areas: simulation, computer graphics, artificial intelligence, physics, audio programming, and input. For multiplayer games, knowledge of network programming is required. In some genres, e.g. fighting games, advanced network programming is often demanded, as the netcode and its properties are considered by players and critics to be some of the most important metrics of the game's quality. For massively multiplayer online games (MMOGs), even further knowledge of database programming and advanced networking programming are required. Though often engaged in by professional game programmers, there is a thriving scene of independent developers who lack a relationship with a publishing company.

Hard coding is the software development practice of embedding data directly into the source code of a program or other executable object, as opposed to obtaining the data from external sources or generating it at runtime.

<span class="mw-page-title-main">Fuzzing</span> Automated software testing technique

In programming and software development, fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks. Typically, fuzzers are used to test programs that take structured inputs. This structure is specified, e.g., in a file format or protocol and distinguishes valid from invalid input. An effective fuzzer generates semi-valid inputs that are "valid enough" in that they are not directly rejected by the parser, but do create unexpected behaviors deeper in the program and are "invalid enough" to expose corner cases that have not been properly dealt with.

Fault tolerance is the property that enables a system to continue operating properly in the event of the failure of one or more faults within some of its components. If its operating quality decreases at all, the decrease is proportional to the severity of the failure, as compared to a naively designed system, in which even a small failure can cause total breakdown. Fault tolerance is particularly sought after in high-availability, mission-critical, or even life-critical systems. The ability of maintaining functionality when portions of a system break down is referred to as graceful degradation.

In computer science, fault injection is a testing technique for understanding how computing systems behave when stressed in unusual ways. This can be achieved using physical- or software-based means, or using a hybrid approach. Widely studied physical fault injections include the application of high voltages, extreme temperatures and electromagnetic pulses on electronic components, such as computer memory and central processing units. By exposing components to conditions beyond their intended operating limits, computing systems can be coerced into mis-executing instructions and corrupting critical data.

Stress testing is a software testing activity that determines the robustness of software by testing beyond the limits of normal operation. Stress testing is particularly important for "mission critical" software, but is used for all types of software. Stress tests commonly put a greater emphasis on robustness, availability, and error handling under a heavy load, than on what would be considered correct behavior under normal circumstances.

In computer programming and software development, debugging is the process of finding and resolving bugs within computer programs, software, or systems.

Chaos engineering is the discipline of experimenting on a system in order to build confidence in the system's capability to withstand turbulent conditions in production.

This article discusses a set of tactics useful in software testing. It is intended as a comprehensive list of tactical approaches to Software Quality Assurance (more widely colloquially known as Quality Assurance and general application of the test method.

This glossary of computer science is a list of definitions of terms and concepts used in computer science, its sub-disciplines, and related fields, including terms relevant to software, data science, and computer programming.

References

  1. "A Model-Based Approach for Robustness Testing" (PDF). Dl.ifip.org. Retrieved 2016-11-13.
  2. 1 2 1990. IEEE Standard Glossary of Software Engineering Terminology, IEEE Std 610.12-1990 defines robustness as "The degree to which a system or component can function correctly in the presence of invalid inputs or stressful environmental conditions"
  3. Baker, Jack W.; Schubert, Matthias; Faber, Michael H. (2008). "On the assessment of robustness" (PDF). Structural Safety. 30 (3): 253–267. doi:10.1016/j.strusafe.2006.11.004 . Retrieved 2016-11-13.
  4. 1 2 3 4 5 6 7 Gerald Jay Sussman (January 13, 2007). "Building Robust Systems an essay" (PDF). Groups.csail.mit.edu. Retrieved 2016-11-13.
  5. Joseph, Joby (2009-09-21). "Importance of Making Generalized Testcases - Software Testing Club - An Online Software Testing Community". Software Testing Club. Retrieved 2016-11-13.
  6. Agents on the wEb : Robust Software. "Building Robust Systems an essay" (PDF). Cse.sc.edu. Retrieved 2016-11-13.
  7. 1 2 3 4 5 6 "Robust Programming". Nob.cs.ucdavis.edu. Retrieved 2016-11-13.
  8. El Sayed Mahmoud. "What is the definition of the robustness of a machine learning algorithm?" . Retrieved 2016-11-13.
  9. Li, Linyi; Xie, Tao; Li, Bo (9 September 2022). "SoK: Certified Robustness for Deep Neural Networks". arXiv: 2009.04131 [cs.LG].
  10. "Robust Network Design" (PDF). Math.mit.edu. Retrieved 2016-11-13.
  11. Carbin, Michael; Rinard, Martin C. (12 July 2010). "Automatically identifying critical input regions and code in applications" (PDF). Proceedings of the 19th international symposium on Software testing and analysis - ISSTA '10. ACM. pp. 37–48. doi:10.1145/1831708.1831713. ISBN   9781605588230. S2CID   1147058.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.