Each of the failures described in Section 3.4 is caused by a defect that violates these
rules.
Considered against our design rules, the defects in this little program are obvious.
But in general, reviews and inspections are time-consuming, subjective, and fallible.
This little example is based on our experience with a program that has about a
hundred handlers and a hundred variables, where the defects were not so obvious.
It is possible to create a program that automates some of the checking of design
rules that human reviewers do, removing the tedium and subjectivity. This automated
checking of source code is called static analysis, and can be viewed as an extension
of the checking already performed by compilers and style checkers. Static analysis
is a promising research area, but it is not the approach we teach in this book.
3.7 Model-based analysis reveals the design errors
Model-based analysis reveals the design errors in our controller program. We write
a model program that expresses the design, and then use our mpv (Model Program
Viewer) tool to explore, search, and display the finite state machine (FSM) that
expresses the model program??™s behaviors (Figure 3.8). (It is not necessary to read
the details in this figure now.) Reading the messages written by mpv, or inspecting
this display while using mpv to highlight features of interest, reveals each defect.
Pages:
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87