This Article 
 Bibliographic References 
 Add to: 
Design by Contract to Improve Software Vigilance
August 2006 (vol. 32 no. 8)
pp. 571-586
Design by Contract is a lightweight technique for embedding elements of formal specification (such as invariants, pre and postconditions) into an object-oriented design. When contracts are made executable, they can play the role of embedded, online oracles. Executable contracts allow components to be responsive to erroneous states and, thus, may help in detecting and locating faults. In this paper, we define Vigilance as the degree to which a program is able to detect an erroneous state at runtime. Diagnosability represents the effort needed to locate a fault once it has been detected. In order to estimate the benefit of using Design by Contract, we formalize both notions of Vigilance and Diagnosability as software quality measures. The main steps of measure elaboration are given, from informal definitions of the factors to be measured to the mathematical model of the measures. As is the standard in this domain, the parameters are then fixed through actual measures, based on a mutation analysis in our case. Several measures are presented that reveal and estimate the contribution of contracts to the overall quality of a system in terms of vigilance and diagnosability.

[1] J.M. Voas and L. Kassab, “Using Assertions to Make Untestable Software More Testable,” Software Quality Professional, vol. 1, no. 4, 1999.
[2] D.S. Rosenblum, “A Practical Approach to Programming with Assertions,” IEEE Trans. Software Eng., vol. 21, no. 1, pp. 19-31, Jan. 1995.
[3] M. Carrillo-Castellon, J. Garcia-Molina, E. Pimentel, and I. Repiso, “Design by Contract in Smalltalk,” J. Object Oriented Programming, vol. 8, no. 7, pp. 23-38, 1996.
[4] R.B. Findler and M. Felleisen, “Contract Soudness for Object-Oriented Languages,” Proc. Object Oriented Programming, Systems, Languages, and Applications (OOPSLA '01), Oct. 2001.
[5] J.E. Nordby, M. Blom, and A. Brunstrom, “On the Relation between Design Contracts and Errors: A Software Development Strategy,” Proc. Int'l Conf. and Workshop Eng. of Computer-Based Systems (ECBS '02), Apr. 2002.
[6] B. Meyer, Object-Oriented Software Construction. Prentice Hall, 1992.
[7] B. Meyer, “Towards More Expressive Contracts,” J. Object Oriented Programming, pp. 39-43, 2000.
[8] J.-M. Jézéquel, D. Deveaux, and Y. Le Traon, “Reliable Objects: A Lightweight Approach Applied to Java,” IEEE Software, vol. 18, no. 4, pp. 76-83, July/Aug. 2001.
[9] B. Baudry, J.-M. Jézéquel, and Y. Le Traon, “Robustness and Diagnosability of Designed by Contracts OO Systems,” Proc. Software Metrics Symp. (Metrics '01), Apr. 2001.
[10] Y. Le Traon, F. Ouabdessalam, C. Robach, and B. Baudry, “From Diagnosis to Diagnosability: Axiomatization, Measurement and Application,” J. Systems and Software, vol. 65, no. 1, pp. 31-50, 2003.
[11] R. DeMillo, R. Lipton, and F. Sayward, “Hints on Test Data Selection: Help for the Practicing Programmer,” Computer, vol. 11, no. 4, pp. 34-41, Apr. 1978.
[12] J.-C. Laprie, Dependability: Basic Concepts and Terminology, 1992.
[13] J.-M. Jézéquel and B. Meyer, “Design by Contract: The lessons of Ariane,” Computer, vol. 30, no. 1, pp. 129-130, Jan. 1997.
[14] B. Meyer, “Applying Design by Contract,” Computer, vol. 25, no. 10, pp. 40-51, Oct. 1992.
[15] B. Liskov and J. Guttag, Abstraction and Specification in Program Development. MIT Press/Mc Graw Hill, 1986.
[16] OMG, Object Constraint Language Specification,, 2002.
[17] L. Briand, S. Morasca, and V.S. Basili, “Property-Based Software Engineering Measurement,” IEEE Trans. Software Eng., vol. 22, no. 1, pp. 68-86, Jan. 1996.
[18] N.E. Fenton and R.W. Whitty, “Axiomatic Approach to Software Metrication through Program Decomposition,” The Computer J., vol. 29, no. 4, pp. 330-339, 1986.
[19] B. Kitchenham, S.L. Pfleeger, and N. Fenton, “Towards a Framework for Software Measurement Validation,” IEEE Trans. Software Eng., vol. 21, no. 12, pp. 929-944, Dec. 1995.
[20] M. Shepperd and D. Ince, Derivation and Validation of Software Metrics. New York: Oxford Univ. Press, 1993.
[21] A.J. Offutt, J. Pan, K. Tewary, and T. Zhang, “An Experimental Evaluation of Data Flow and Mutation Testing,” Software Practice and Experience, vol. 26, no. 2, 1996.
[22] J.M. Voas and K. Miller, “The Revealing Power of a Test Case,” Software Testing, Verification, and Reliability, vol. 2, no. 1, pp. 25-42, 1992.
[23] Y.-S. Ma, Y.-R. Kwon, and A.J. Offutt, “Inter-Class Mutation Operators,” Proc. Int'l Symp. Software Reliability Eng. (ISSRE '02), Nov. 2002.
[24] B. Baudry, Y. Le Traon, J.-M. Jézéquel, and V.L. Hanh, “Trustable Components: Yet Another Mutation-Based Approach,” Proc. First Symp. Mutation Testing, Oct. 2000.
[25] L. Briand, Y. Labiche, and H. Sun, “Investigating the Use of Analysis Contracts to Support Fault Isolation in Object Oriented Code,” Proc. Int'l Symp. Software Testing and Analysis (ISSTA '02), June 2002.
[26] T. Jéron, J.-M. Jézéquel, Y. Le Traon, and P. Morel, “Efficient Strategies for Integration and Regression Testing of OO Systems,” Proc. Int'l Symp. Software Reliability Eng. (ISSRE '99), Nov. 1999.
[27] L.C. Briand, Y. Labiche, and H. Sun, “Investigating the Use of Analysis Contracts to Improve the Testability of Object Oriented Code,” Software Practice and Experience, vol. 33, no. 7, 2003.
[28] Y. Le Traon, F. Ouabdessalam, and C. Robach, “Software Diagnosability,” Proc. Int'l Symp. Software Reliability Eng. (ISSRE '98), Nov. 1998.
[29] B. Baudry, F. Fleurey, and Y. Le Traon, “Improving Test Suites for Efficient Fault Localization,” Proc. Int'l Conf. Software Eng. (ICSE '06), May 2006.
[30] V. Dallmeier, C. Lindig, and A. Zeller, “Lightweight Defect Localization for Java,” Proc.f European Conf. Object-Oriented Programming (ECOOP '05), July 2005.
[31] J.A. Jones and M.J. Harrold, “Empirical Evaluation of the Tarantula Automatic Fault Localization Technique,” Proc. Automated Software Eng. (ASE '05), Nov. 2005.
[32] M. Weiser, “Program Slicing,” IEEE Trans. Software Eng., vol. 10, no. 4, pp. 352-357, 1984.
[33] M. Weiser, “Programmers Use Slices when Debugging,” Comm. ACM, vol. 25, no. 7, pp. 446-452, 1982.
[34] M. Kamkar, “An Overview and Comparative Classification of Program Slicing Techniques,” J. Systems and Software, vol. 31, no. 3, pp. 197-214, 1995.
[35] B. Korel, “Computation of Dynamic Program Slices for Unstructured Programs,” IEEE Trans. Software Eng., vol. 23, no. 1, pp. 17-34, Jan. 1997.
[36] H. Agrawal, J. Horgan, S. London, and W. Wong, “Fault Localization Using Execution Slices and Dataflow Tests,” Proc. Int'l Symp. Software Reliability Eng. (ISSRE '95), Oct. 1995.
[37] P. Fenkam, H. Gall, and M. Jazayeri, “Constructing Corba-Supported Oracles for Testing: A Case Study in Automated Software Testing,” Proc. Automated Software Engi. (ASE '02), Sept. 2002.
[38] Y. Cheon and G.T. Leavens, “A Simple and Practical Approach to Unit Testing: The JML and JUnit Way,” Proc. European Conf. Object-Oriented Programming (ECOOP '02 ), June 2002.
[39] B. Meyer, “A Framework for Proving Contracts-Equipped Classes,” Proc. Int'l Workshop Abstract State Machines, Mar. 2003.
[40] Y. Hoskote, T. Kam, P.-H. Ho, and X. Zhao, “Coverage Estimation for Symbolic Model Checking,” Proc. 36th Ann. Conf. Design Automation (DAC '99), 1999.
[41] H. Chockler and O. Kupferman, “Coverage of Implementations by Simulating Specifications,” Proc. Theoretical Computer Science, Aug. 2002.

Index Terms:
Object-oriented design methods, programming by contract, diagnostics, metrics.
Yves Le Traon, Benoit Baudry, Jean-Marc J?z?quel, "Design by Contract to Improve Software Vigilance," IEEE Transactions on Software Engineering, vol. 32, no. 8, pp. 571-586, Aug. 2006, doi:10.1109/TSE.2006.79
Usage of this product signifies your acceptance of the Terms of Use.