Paul E. Black
National Institute of Standards and Technology (NIST)
1st Talk: Static Analysis and Static Analyzers in Software Development
Quality must be designed into and built into software. Nevertheless testing (dynamic analysis) and static analyzers have roles in delivering excellent software. Dr. Black will describe what static analysis is (and isn't) and compare it in general with testing. Then he will talk about the dimensions of static analysis: universality, rigor, and subject matter, and concepts related to static analysis and their results. Dr. Black will also share his views of the state of the art in static analyzers, citing results from the 2008, 2009, and 2010 Static Analysis Tool Expositions and other work. Finally he will end with suggestions on how best static analysis might be incorporated into software development. Somewhere along the way he will tell you a little about what NIST is, what it's like to work there, and possible opportunities for YOU.
2nd Talk: Combinatorial Testing
Studies suggest that nearly all software errors are triggered by the interaction of no more than six parameters. If so, testing all n-way combinations of parameters should provide high confidence that nearly all faults have been discovered. This combinatorial testing is already used by dozens of companies. Dr. Black will explain what combinatorial testing is and how to apply it to different situations. Given 10 binary variables, can you exercise all triples with fewer than 20 tests? He refers to free software available to generate such "covering arrays" for combinations of parameter values. He will also talk about approaches to the testing oracle problem which automatic test generation raises.Bio: