Robustness (computer science)

(Redirected from Robustness of software)

In computer science, robustness is the ability of a computer system to cope with errors during execution[1][2] and cope with erroneous input.[2] Robustness can encompass many areas of computer science, such as robust programming, robust machine learning, and Robust Security Network. Formal techniques, such as fuzz testing, are essential to showing robustness since this type of testing involves invalid or unexpected inputs. Alternatively, fault injection can be used to test robustness. Various commercial products perform robustness testing of software analysis.[3]

Introduction

edit

In general, building robust systems that encompass every point of possible failure is difficult because of the vast quantity of possible inputs and input combinations.[4] Since all inputs and input combinations would require too much time to test, developers cannot run through all cases exhaustively. Instead, the developer will try to generalize such cases.[5] For example, imagine inputting some integer values. Some selected inputs might consist of a negative number, zero, and a positive number. When using these numbers to test software in this way, the developer generalizes the set of all reals into three numbers. This is a more efficient and manageable method, but more prone to failure. Generalizing test cases is an example of just one technique to deal with failure—specifically, failure due to invalid user input. Systems generally may also fail due to other reasons as well, such as disconnecting from a network.

Regardless, complex systems should still handle any errors encountered gracefully. There are many examples of such successful systems. Some of the most robust systems are evolvable and can be easily adapted to new situations.[4]

Challenges

edit

Programs and software are tools focused on a very specific task, and thus are not generalized and flexible.[4] However, observations in systems such as the internet or biological systems demonstrate adaptation to their environments. One of the ways biological systems adapt to environments is through the use of redundancy.[4] Many organs are redundant in humans. The kidney is one such example. Humans generally only need one kidney, but having a second kidney allows room for failure. This same principle may be taken to apply to software, but there are some challenges. When applying the principle of redundancy to computer science, blindly adding code is not suggested. Blindly adding code introduces more errors, makes the system more complex, and renders it harder to understand.[6] Code that does not provide any reinforcement to the already existing code is unwanted. The new code must instead possess equivalent functionality, so that if a function is broken, another providing the same function can replace it, using manual or automated software diversity. To do so, the new code must know how and when to accommodate the failure point.[4] This means more logic needs to be added to the system. But as a system adds more logic, components, and increases in size, it becomes more complex. Thus, when making a more redundant system, the system also becomes more complex and developers must consider balancing redundancy with complexity.

Currently, computer science practices do not focus on building robust systems.[4] Rather, they tend to focus on scalability and efficiency. One of the main reasons why there is no focus on robustness today is because it is hard to do in a general way.[4]

Areas

edit

Robust programming

edit

Robust programming is a style of programming that focuses on handling unexpected termination and unexpected actions.[7] It requires code to handle these terminations and actions gracefully by displaying accurate and unambiguous error messages. These error messages allow the user to more easily debug the program.

Principles

edit
Paranoia
When building software, the programmer assumes users are out to break their code.[7] The programmer also assumes that their own written code may fail or work incorrectly.[7]
Stupidity
The programmer assumes users will try incorrect, bogus and malformed inputs.[7] As a consequence, the programmer returns to the user an unambiguous, intuitive error message that does not require looking up error codes. The error message should try to be as accurate as possible without being misleading to the user, so that the problem can be fixed with ease.
Dangerous implements
Users should not gain access to libraries, data structures, or pointers to data structures.[7] This information should be hidden from the user so that the user does not accidentally modify them and introduce a bug in the code. When such interfaces are correctly built, users use them without finding loopholes to modify the interface. The interface should already be correctly implemented, so the user does not need to make modifications. The user therefore focuses solely on their own code.
Can't happen
Very often, code is modified and may introduce a possibility that an "impossible" case occurs. Impossible cases are therefore assumed to be highly unlikely instead.[7] The developer thinks about how to handle the case that is highly unlikely, and implements the handling accordingly.

Robust machine learning

edit

Robust machine learning typically refers to the robustness of machine learning algorithms. For a machine learning algorithm to be considered robust, either the testing error has to be consistent with the training error, or the performance is stable after adding some noise to the dataset.[8] Recently, consistently with their rise in popularity, there has been an increasing interest in the robustness of neural networks. This is particularly due their vulnerability to adverserial attacks.[9]

Robust network design

edit

Robust network design is the study of network design in the face of variable or uncertain demands.[10] In a sense, robustness in network design is broad just like robustness in software design because of the vast possibilities of changes or inputs.

Robust algorithms

edit

There exist algorithms that tolerate errors in the input.[11]

See also

edit

References

edit
  1. ^ "A Model-Based Approach for Robustness Testing" (PDF). Dl.ifip.org. Retrieved 2016-11-13.
  2. ^ a b 1990. IEEE Standard Glossary of Software Engineering Terminology, IEEE Std 610.12-1990 defines robustness as "The degree to which a system or component can function correctly in the presence of invalid inputs or stressful environmental conditions"
  3. ^ Baker, Jack W.; Schubert, Matthias; Faber, Michael H. (2008). "On the assessment of robustness" (PDF). Structural Safety. 30 (3): 253–267. doi:10.1016/j.strusafe.2006.11.004. Retrieved 2016-11-13.
  4. ^ a b c d e f g Gerald Jay Sussman (January 13, 2007). "Building Robust Systems an essay" (PDF). Groups.csail.mit.edu. Retrieved 2016-11-13.
  5. ^ Joseph, Joby (2009-09-21). "Importance of Making Generalized Testcases - Software Testing Club - An Online Software Testing Community". Software Testing Club. Retrieved 2016-11-13.
  6. ^ Agents on the wEb : Robust Software. "Building Robust Systems an essay" (PDF). Cse.sc.edu. Retrieved 2016-11-13.
  7. ^ a b c d e f "Robust Programming". Nob.cs.ucdavis.edu. Retrieved 2016-11-13.
  8. ^ El Sayed Mahmoud. "What is the definition of the robustness of a machine learning algorithm?". Retrieved 2016-11-13.
  9. ^ Li, Linyi; Xie, Tao; Li, Bo (9 September 2022). "SoK: Certified Robustness for Deep Neural Networks". arXiv:2009.04131 [cs.LG].
  10. ^ "Robust Network Design" (PDF). Math.mit.edu. Retrieved 2016-11-13.
  11. ^ Carbin, Michael; Rinard, Martin C. (12 July 2010). "Automatically identifying critical input regions and code in applications" (PDF). Proceedings of the 19th international symposium on Software testing and analysis - ISSTA '10. ACM. pp. 37–48. doi:10.1145/1831708.1831713. ISBN 9781605588230. S2CID 1147058.