trusted components€¦ · chair of software engineering standish group, 1998 18 chair of software...
TRANSCRIPT
1
Ch
air
of
Soft
ware
En
gin
eeri
ngTru
sted
Co
mp
on
en
ts
Bert
ran
d M
eyer
ETH
Zü
rich
/ E
iffe
l S
oft
ware
2
Ch
air
of
Soft
ware
En
gin
eeri
ng
My
bac
kgro
und
�Sin
ce 2
001:
Profe
ssor
of
Soft
war
e Engin
eering a
tETH
Zürich
�Sin
ce 1
985:
Founder
(now
Chie
f Arc
hitec
t) o
fEiffe
l Soft
war
e, in S
anta
Bar
bar
a. P
roduce
s Eiffe
lto
ols
and s
ervi
ces
�Als
o a
dju
nct
pro
fess
or
at M
onas
h U
niv
ersi
ty in
Aust
ralia
(si
nce
1998)
3
Ch
air
of
Soft
ware
En
gin
eeri
ng
Sco
pe
of
our
work
at
ETH
�H
elp m
ove
soft
war
e te
chnolo
gy
to t
he
nex
t le
vel
thro
ugh
�Tru
sted
Com
ponen
ts�
Adva
nce
d O
-O t
echniq
ues
�Tea
chin
g (
incl
udin
g intr
oduct
ory
)
�Appro
aches
of
spec
ial in
tere
st�
Eiffe
l�
.NET
�B
4
Ch
air
of
Soft
ware
En
gin
eeri
ng
Oth
er a
ctiv
itie
s
�Jo
urn
al o
f O
bje
ct T
echnolo
gy
JOT
ww
w.j
ot.
fm
�N
um
erous
work
shops
and c
onfe
rence
s
�LA
SER S
um
mer
Sch
ool (A
pplie
d S
oft
war
eEngin
eering),
sta
rtin
g S
epte
mber
2004
5
Ch
air
of
Soft
ware
En
gin
eeri
ng
For
num
erous
pap
ers
and o
ther
info
htt
p:/
/ww
w.inf.
ethz.
ch/~
mey
er
htt
p:/
/se.
inf.
ethz.
ch
6
Ch
air
of
Soft
ware
En
gin
eeri
ng
Proposi
tion
Majo
r pro
gre
ss in s
oftw
are
engin
eering
requir
es
switch
ing
to
the
syst
emat
icpro
duct
ion a
nd u
se o
f co
mponen
ts o
fguar
ante
ed q
ual
ity.
7
Ch
air
of
Soft
ware
En
gin
eeri
ng
John H
ennes
sy,
Sta
nfo
rd
�“M
ost
of
the
impro
vem
ent
in t
he
relia
bili
ty o
fco
mpute
r sy
stem
s has
com
e fr
om
im
pro
vem
ent
inth
e bas
ic c
om
ponen
ts”
�“Y
ou’ll
see
eve
r in
crea
sing p
ort
ions
of
the
effo
rtdev
ote
d t
o d
esig
n a
nd v
erific
atio
n”
8
Ch
air
of
Soft
ware
En
gin
eeri
ng
The
chal
lenge
�W
hat
does
it
take
to b
ring s
oft
war
e en
gin
eering t
oth
e nex
t le
vel?
9
Ch
air
of
Soft
ware
En
gin
eeri
ng
Soft
war
e “e
ngin
eering”
�The
build
ing o
f qual
ity
soft
war
e
10
Ch
air
of
Soft
ware
En
gin
eeri
ng
Way
s to
qual
ity
�Tes
ting,
valid
atio
n,
acce
pta
nce
pro
cedure
s�W
hite-
box
test
ing
�Sta
tic
anal
ysis
�Pro
ofs
(of
exis
ting
pro
gra
ms)
A p
ost
eri
ori
�Use
r in
volv
emen
t�E
xecu
tive
support
�Educa
tion (
engin
eers
,m
anag
ers.
..)
�Des
ign m
ethods
�O-O
�Pro
gra
mm
ing
languag
e ch
oic
e�F
orm
al d
evel
opm
ent
A p
rio
ri
Man
ag
em
en
tTech
nic
al
11
Ch
air
of
Soft
ware
En
gin
eeri
ng
Obst
acle
s to
ach
ievi
ng t
op q
ual
ity
�In
dust
ry h
as n
ot
bee
n t
hat
exc
ited
(not
wort
h t
he
inve
stm
ent)
(exc
ept
secu
rity
)
�Anti-i
nte
llect
ual
att
itude
e.g.
form
al m
ethods
“Wors
e is
bet
ter”
Fad e
ffec
ts
�Aca
dem
ia is
not
that
inte
rest
ed e
ither
(har
d t
o p
ublis
h)
12
Ch
air
of
Soft
ware
En
gin
eeri
ng
Al D
avis
, IE
EE C
om
pute
r, M
arch
2003
“
At
a la
rge
tele
com
munic
atio
ns
com
pan
y, a
noper
atin
g d
ivis
ion h
ad c
onta
cted
us
about
a pro
ject
.The
pro
ject
man
ager
anal
yzed
the
job a
nd
concl
uded
that
it
could
be
done
in 1
2 m
onth
s. T
he
cust
om
er w
ante
d it
in 9
month
s.
W
e co
uld
sim
ply
tel
l th
e cu
stom
er t
hat
it
could
n’t b
edone.
Or
we
could
agre
e to
9 m
onth
s. A
fter
all,
it
was
not
imposs
ible
, ju
st e
xtre
mel
y im
pro
bab
le..
.”
13
Ch
air
of
Soft
ware
En
gin
eeri
ng
Sec
urity
T
he
new
obse
ssio
n w
ith s
ecurity
may
be
the
bes
tth
ing t
hat
hap
pen
ed t
o s
oft
war
e en
gin
eering
Exa
mple
: Buff
er o
verf
low
s (a
gai
n las
t w
eek
with
Bla
ster
...)
B
ut
view
poin
ts a
re d
iffe
rent:
�Rel
iabili
ty e
ngin
eer:
it
should
n’t c
rash
�Sec
urity
engin
eer:
if
it c
rash
es,
we’re
safe
14
Ch
air
of
Soft
ware
En
gin
eeri
ng
Buff
er o
verf
low
�Fin
d a
pro
gra
m t
hat
pu
ts i
t arg
um
en
t in
to a
fin
ite-s
ize b
uff
er
an
d d
oesn
’t c
heck
th
at
the
arg
um
en
t fi
ts�
Use
a b
ig e
no
ug
h a
rgu
men
t�
Overw
rite
retu
rn a
dd
ress
...
15
Ch
air
of
Soft
ware
En
gin
eeri
ng
Buff
er o
verf
low
�A s
oft
war
e en
gin
eering iss
ue:
�M
ethodolo
gy
�Pr
ogra
mm
ing lan
guag
es�
Ver
ific
atio
n
�Rev
eale
d t
hro
ugh s
ecurity
pro
ble
ms
16
Ch
air
of
Soft
ware
En
gin
eeri
ng
Good idea
: Pro
cess
model
s
CM
M,
ISO
...
�G
ood:
forc
e a
syst
emat
ic p
roce
ss
�But:
conce
ntr
ate
on f
orm
, not
subst
ance
17
Ch
air
of
Soft
ware
En
gin
eeri
ng
Sta
ndis
h G
roup,
1998
18
Ch
air
of
Soft
ware
En
gin
eeri
ng
Good idea
: eX
trem
e Pro
gra
mm
ing
“Agile
” m
ethods,
ref
acto
ring,
test
-bas
ed d
evel
opm
ent
�G
ood:
rehab
ilita
tes
the
act
of
pro
gra
mm
ing
�But:
tes
ts a
re n
ot
spec
s!
19
Ch
air
of
Soft
ware
En
gin
eeri
ng
Good idea
: Fo
rmal
met
hods
B,
Abst
ract
Sta
te M
achin
es
�G
ood:
ben
efit f
rom
mat
hem
atic
s(I
F a
ccom
pan
ied w
ith p
roofs
!)
�But:
exp
ensi
ve
20
Ch
air
of
Soft
ware
En
gin
eeri
ng
Good idea
: open
sourc
e
GN
U,
Linux.
..
�G
ood:
ener
gy,
enth
usi
asm
, co
llabora
tion
�But:
qual
ity
not
centr
al c
once
rn
21
Ch
air
of
Soft
ware
En
gin
eeri
ng
Today
’s s
oft
war
e is
oft
en g
ood e
nough
Ove
rall:
�W
ork
s m
ost
of
the
tim
e�
Does
n’t k
ill t
oo m
any
peo
ple
�N
egat
ive
effe
cts,
esp
. finan
cial
, ar
e diffu
se
Sig
nific
ant
impro
vem
ents
sin
ce e
arly
yea
rs:
�Bet
ter
languag
es�
Bet
ter
tools
�Bet
ter
pra
ctic
es (
configura
tion m
anag
emen
t)
22
Ch
air
of
Soft
ware
En
gin
eeri
ng
From
“good e
nough”
to g
ood?
�Bey
ond “
good e
nough”,
qual
ity
is e
conom
ical
ly b
ad�
He
who p
erfe
cts,
die
s
Act
ual
Optim
al
Qual
ity
12
34
Tim
e
Rel
ease
23
Ch
air
of
Soft
ware
En
gin
eeri
ng
From
“good e
nough”
to g
ood?
�Bey
ond “
good e
nough”,
qual
ity
is e
conom
ical
ly b
ad�
He
who p
erfe
cts,
die
s
Act
ual
Optim
al
Qual
ity
12
34Rel
ease
Tim
e
24
Ch
air
of
Soft
ware
En
gin
eeri
ng
The
econom
ic a
rgum
ent
�Sta
ble
sys
tem
:�
Sum
of in
div
idual
optim
a =
Glo
bal
optim
um
�N
on-c
om
ponen
t-bas
ed d
evel
opm
ent:
�In
div
idual
optim
um
= “
Good E
nough S
oft
war
e”
�Im
pro
vem
ents
: I
am r
esponsi
ble
!
�Com
ponen
t-bas
ed d
evel
opm
ent:
�In
tere
st o
f both
consu
mer
and p
roduce
r: B
ette
rco
mponen
ts�
Impro
vem
ents
: Pr
oduce
r does
the
job
25
Ch
air
of
Soft
ware
En
gin
eeri
ng
Qual
ity
thro
ugh r
euse
�The
good n
ews:
Reu
se s
cale
s up e
very
thin
g
26
Ch
air
of
Soft
ware
En
gin
eeri
ng
Qual
ity
thro
ugh r
euse
�The
good n
ews:
Reu
se s
cale
s up e
very
thin
g
�The
bad
new
s:
Reu
se s
cale
s up e
very
thin
g
27
Ch
air
of
Soft
ware
En
gin
eeri
ng
Tru
sted
com
ponen
ts
�Confluen
ce o
f
�Q
ual
ity
engin
eering
�Reu
se
28
Ch
air
of
Soft
ware
En
gin
eeri
ng
Hen
nes
sy
�“M
ost
of
the
impro
vem
ent
in t
he
relia
bili
ty o
fco
mpute
r sy
stem
s has
com
e fr
om
im
pro
vem
ent
inth
e bas
ic c
om
ponen
ts”
�“Y
ou’ll
see
eve
r in
crea
sing p
ort
ions
of
the
effo
rtdev
ote
d t
o d
esig
n a
nd v
erific
atio
n”
29
Ch
air
of
Soft
ware
En
gin
eeri
ng
Soft
war
e des
ign in t
he
futu
re
Com
ponen
t-bas
ed f
or
�G
uar
ante
ed q
ual
ity
�Fa
ster
tim
e to
mar
ket
�Eas
e of m
ainte
nan
ce�
Sta
ndar
diz
atio
n o
f so
ftw
are
pra
ctic
es�
Pres
erva
tion o
f kn
ow
-how
30
Ch
air
of
Soft
ware
En
gin
eeri
ng
Com
ponen
t qual
ity:
the
inev
itab
le iss
ue
�The
key
issu
e
�Bad
-qual
ity
com
ponen
ts a
re m
ajor
risk
Def
icie
nci
es s
cale
up,
too
�H
igh-q
ual
ity
com
ponen
ts
could
tr
ansf
orm
th
est
ate
of
the
soft
war
e in
dust
ry (
if it
wan
ted t
o —
curr
ently
does
n’t)
31
Ch
air
of
Soft
ware
En
gin
eeri
ng
Wher
e to
focu
s ef
fort
?
Co
mp
iler
s, o
per
atin
g s
yste
ms
Bas
ic c
om
po
nen
ts
Ap
pli
cati
on
s
Sp
ecia
lize
d c
om
po
nen
ts
32
Ch
air
of
Soft
ware
En
gin
eeri
ng
Perf
ectionis
m
�Com
ponen
t des
ign s
hould
be
Form
ula
-1 r
acin
g o
fso
ftw
are
“engin
eering”.
�In
com
ponen
t dev
elopm
ent,
per
fect
ionis
m is
good.
33
Ch
air
of
Soft
ware
En
gin
eeri
ng
What
exa
ctly
is
a co
mponen
t?
Work
ing d
efin
itio
n:
Progra
m e
lem
ent
such
that
:
�It
may
be
use
d b
y oth
er p
rogra
m e
lem
ents
(not
just
hum
ans,
or
non-s
oft
war
e sy
stem
s).
Thes
e el
emen
ts w
ill b
e ca
lled “
clie
nts
”
�It
s au
thors
nee
d n
ot
know
about
the
clie
nts
.
�Clie
nts
’ au
thors
nee
d o
nly
know
what
the
com
ponen
t’s
auth
or
tells
them
.
34
Ch
air
of
Soft
ware
En
gin
eeri
ng
Cla
ssifyi
ng c
om
ponen
ts b
y...
Life
cycl
e ro
le:
•Anal
ysis
•Des
ign
•Im
ple
men
tation
Flex
ibili
ty:
•Sta
tic
•Dyn
amic
•Rep
lace
able
Form
of
use
:•I
nte
rfac
e only
•Sourc
e only
•Sourc
e +
hid
ing
Eco
nom
ics:
•Fre
e•P
urc
has
ed•R
ente
d
Abst
ract
ion lev
el:
•Funct
ional
(su
bro
utine)
•Cas
ual
(pac
kage)
•Dat
a (c
lass
)•C
lust
er (
fram
ework
)•S
yste
m (
bin
ary
com
p.)
35
Ch
air
of
Soft
ware
En
gin
eeri
ng
This
is
a bro
ad v
iew
of
com
ponen
ts
�Enco
mpas
ses
pat
tern
s an
d f
ram
ework
s
�Soft
war
e, e
spec
ially
with o
bje
ct t
echnolo
gy,
per
mits
“plu
ggab
le”
com
ponen
ts (
“don’t c
all us,
we’ll
cal
l yo
u),
wher
e cl
ient
pro
gra
mm
ers
can
inse
rt t
hei
r ow
n m
echan
ism
s.
�Support
s co
mponen
t fa
mili
es
36
Ch
air
of
Soft
ware
En
gin
eeri
ng
From
pat
tern
s to
com
ponen
ts
�Pa
tter
ns
are
both
one
of
the
gre
ates
t ad
vance
s in
soft
war
e en
gin
eering,
and a
ste
p b
ackw
ards
from
the
push
for
reuse
thro
ugh o
bje
ct t
echnolo
gy
�W
e sh
ould
try
to t
urn
succ
essf
ul pat
tern
s in
toco
mponen
ts!
�Sys
tem
atic
eff
ort
in p
rogre
ss a
t ETH
(Kar
ine
Arn
out)
37
Ch
air
of
Soft
ware
En
gin
eeri
ng
Our
exper
ience
: Eiffe
lbas
e
�Colle
ctio
n c
lass
es (
“Knuth
war
e”)
�Consi
sten
cy p
rinci
ple
�Str
ict
des
ign p
rinci
ple
s: c
om
man
d-q
uer
yse
par
atio
n,
oper
and-o
ption s
epar
atio
n,
taxo
nom
y,uniform
acc
ess.
..
�Str
ict
inte
rfac
e an
d s
tyle
rule
s
38
Ch
air
of
Soft
ware
En
gin
eeri
ng
Eiffe
lbas
e hie
rarc
hy
CONTAINER
BOX
FINITE
INFINITE
BOUNDED
UNBOUNDED
FIXED
RESIZABLE
COLLECTION
BA
GS
ET
TA
BL
EA
CT
IVE
SU
BS
ET
DISPENSER
INDEXABLE
CURSOR_
STRUCTURE
SEQUENCE
TRAVERSABLE
HIERAR_
CHICAL
LINEAR
BILINEAR
*
**
*
**
*
*
**
**
**
**
**
**
**
COUNTABLE
*
39
Ch
air
of
Soft
ware
En
gin
eeri
ng
How
to g
et t
her
e
�Lo
w r
oad
:�
Com
ponen
t Cer
tifica
tion
� C
om
ponen
t Cer
tifica
tion C
ente
r�
Com
ponen
t Q
ual
ity
Model
�H
igh r
oad
:�
Proofs
of
corr
ectn
ess
40
Ch
air
of
Soft
ware
En
gin
eeri
ng
A C
om
ponen
t Cer
tifica
tion C
ente
r
�Pr
inci
ple
s
�M
ethods
and p
roce
sses
�Sta
ndar
ds:
Com
ponen
t Q
ual
ity
Model
�Ser
vice
s fo
r co
mponen
t pro
vider
s an
d c
om
ponen
tco
nsu
mer
s
41
Ch
air
of
Soft
ware
En
gin
eeri
ng
Com
ponen
t Q
ual
ity
Model
A:
Acc
epta
nce
B:
Beh
avio
r
C:
Const
rain
ts
D:
Des
ign
E:
Ext
ensi
on
42
Ch
air
of
Soft
ware
En
gin
eeri
ng
Com
ponen
t Q
ual
ity
Model
A:
Acc
epta
nce
B:
Beh
avio
r
C:
Const
rain
ts
D:
Des
ign
E:
Ext
ensi
on
A.1
S
ome
reus
e at
test
edA
.2
Pro
duce
r re
puta
tion
A.3
P
ublis
hed
eval
uatio
ns
43
Ch
air
of
Soft
ware
En
gin
eeri
ng
Com
ponen
t Q
ual
ity
Model
A:
Acc
epta
nce
B:
Beh
avio
r
C:
Const
rain
ts
D:
Des
ign
E:
Ext
ensi
on
B.1
E
xam
ples
B.2
U
sage
doc
umen
tatio
nB
.3
Pre
cond
ition
edB
.4
Som
e po
stco
nditi
ons
B.5
F
ull p
ostc
ondi
tions
B.6
O
bser
vabl
e in
varia
nts
44
Ch
air
of
Soft
ware
En
gin
eeri
ng
Com
ponen
t Q
ual
ity
Model
A:
Acc
epta
nce
B:
Beh
avio
r
C:
Const
rain
ts
D:
Des
ign
E:
Ext
ensi
on
C.1
P
latfo
rm s
pec
C.2
E
ase
of u
seC
.3
Res
pons
e tim
eC
.4
Mem
ory
occu
patio
nC
.5
Ban
dwid
thC
.6
Ava
ilabi
lity
C.7
S
ecur
ity
45
Ch
air
of
Soft
ware
En
gin
eeri
ng
Contr
act
leve
ls
��Typ
e
��Fu
nct
ional
spec
ific
atio
n
��Pe
rform
ance
spec
ific
atio
n
��Q
ual
ity
of
Ser
vice (S
ourc
e: J
ézéq
uel
, M
ingin
s et
al.)
46
Ch
air
of
Soft
ware
En
gin
eeri
ng
Com
ponen
t Q
ual
ity
Model
A:
Acc
epta
nce
B:
Beh
avio
r
C:
Const
rain
ts
D:
Des
ign
E:
Ext
ensi
on
E.1
P
orta
ble
acro
ss p
latfo
rms
E.2
M
echa
nism
s fo
r ad
ditio
nE
.3
Mec
hani
sms
for
rede
finiti
onE
.4
Use
r ac
tion
plug
gabi
lity
47
Ch
air
of
Soft
ware
En
gin
eeri
ng
Com
ponen
t Q
ual
ity
Model
A:
Acc
epta
nce
B:
Beh
avio
r
C:
Const
rain
ts
D:
Des
ign
E:
Ext
ensi
on
D.1
P
reci
se d
epen
denc
y do
cD
.2
Con
sist
ent A
PI r
ules
D.3
S
tric
t des
ign
rule
sD
.4
Ext
ensi
ve te
st c
ases
D.5
S
ome
prov
ed p
rope
rtie
sD
.6
Pro
ofs
of p
reco
nditi
ons,
post
cond
ition
s &
inva
riant
s
48
Ch
air
of
Soft
ware
En
gin
eeri
ng
The
hig
h r
oad
: to
war
ds
pro
ofs
?
A:
Acc
epta
nce
B:
Beh
avio
r
C:
Const
rain
ts
D:
Des
ign
E:
Ext
ensi
on
D.1
P
reci
se d
epen
denc
y do
cD
.2
Con
sist
ent A
PI r
ules
D.3
S
tric
t des
ign
rule
sD
.4
Ext
ensi
ve te
st c
ases
D.5
S
ome
prov
ed p
rope
rtie
sD
.6
Pro
ofs
of p
reco
nditi
ons,
post
cond
ition
s &
inv
aria
nts
49
Ch
air
of
Soft
ware
En
gin
eeri
ng
Proof te
chnolo
gy
and form
al m
ethods
�Const
ant
adva
nce
s in
rec
ent
year
s
�PV
S,
Isab
elle
, Coq,
...
�B (
met
hod a
nd t
ool)
�M
ost
applic
atio
ns:
life-
critic
al s
yste
ms
intr
ansp
ort
atio
n,
def
ense
etc
. Exa
mple
: se
curity
syst
em o
f Pa
ris
Met
ro M
ETEO
R lin
e
50
Ch
air
of
Soft
ware
En
gin
eeri
ng
Form
al m
ethods
and r
euse
�Com
ponen
ts s
hould
be
good
�Pr
oofs
should
be
econom
ical
!
51
Ch
air
of
Soft
ware
En
gin
eeri
ng
“Pro
ving c
lass
es”
E
iffe
lBas
e lib
raries
(fu
ndam
enta
l dat
a st
ruct
ure
san
d a
lgorith
ms)
:
�Cla
sses
are
equip
ped
with c
ontr
acts
�“P
rovi
ng a
cla
ss”
mea
ns
pro
ving t
hat
the
imple
men
tation s
atis
fies
the
contr
acts
52
Ch
air
of
Soft
ware
En
gin
eeri
ng
Hen
nes
sy
�“M
ost
of
the
impro
vem
ent
in t
he
relia
bili
ty o
fco
mpute
r sy
stem
s has
com
e fr
om
im
pro
vem
ent
inth
e bas
ic c
om
ponen
ts”
�“Y
ou’ll
see
eve
r in
crea
sing p
ort
ions
of
the
effo
rtdev
ote
d t
o d
esig
n a
nd v
erific
atio
n”
53
Ch
air
of
Soft
ware
En
gin
eeri
ng
Ongoin
g w
ork
on p
roofs
�Sem
antic
theo
ry f
or
full
O-O
lan
guag
e (E
iffe
l)�
Gen
eral
str
ateg
y fo
r pro
ving c
ontr
act-
equip
ped
clas
ses
�M
athem
atic
al b
asis
: par
tial
funct
ions
�Build
a m
odel
for
each
str
uct
ure
�N
o n
eed t
o e
xten
d a
sser
tion lan
guag
e�
Sta
rt f
rom
obje
ct s
truct
ure
s, incl
udin
g p
oin
ters
�Cal
culu
s of
Obje
ct S
truct
ure
s
54
Ch
air
of
Soft
ware
En
gin
eeri
ng
Rel
ated
work
: co
mponen
ts
�Contr
acts
in n
on-E
iffe
l lib
raries
�The
“Clo
set
Contr
act
Conje
cture
”�
Anal
ysis
of.
NET C
olle
ctio
n lib
rary
(Kar
ine
Arn
out)
�Poss
ible
auto
mat
ion?
�Contr
act-
bas
ed t
est
gen
erat
ion
�Tru
sted
Reu
sable
Com
ponen
ts�
Des
ign P
atte
rns
vs.
Reu
sable
com
ponen
ts�
Eiffe
l Eve
nt
Libra
ry
55
Ch
air
of
Soft
ware
En
gin
eeri
ng
Rel
ated
work
: Concu
rren
cy
�SCO
OP
model
�Sim
ple
lan
guag
e ex
tensi
on s
upport
ing m
any
diffe
rent
form
s of
concu
rren
cy a
nd d
istr
ibution
�Res
earc
h d
irec
tions
�Acc
ess
contr
ol
�Rea
l-tim
e ap
plic
atio
ns
�Im
ple
men
tation f
or
.NET m
ultithre
adin
g
56
Ch
air
of
Soft
ware
En
gin
eeri
ng
Tea
chin
g
�In
troduct
ion t
o P
rogra
mm
ing (
star
ting F
all 03)
�“I
nve
rted
curr
iculu
m”:
outs
ide-
in�
Bas
ed o
n r
euse
and im
itat
ion;
giv
e st
uden
ts h
eaps
of
code
�U
se E
iffe
l, D
esig
n b
y Contr
act
�U
se lib
raries
fro
m t
he
star
t�
Exc
itin
g a
pplic
atio
n d
om
ain
�G
ive
studen
ts h
eaps
of
code
�Fr
om
consu
mer
s to
pro
duce
r (o
uts
ide-
in)
�Abst
ract
ion:
teac
h,
don’t p
reac
h
�Tex
tbook:
“Touch
of
Cla
ss”
�O
ngoin
g p
roje
ct,
mai
ling lis
t, inst
ruct
or’
s m
anual
57
Ch
air
of
Soft
ware
En
gin
eeri
ng
Som
e of
the
chal
lenges
ahea
d
Gen
eral
:�
Convi
nce
the
soft
war
e en
gin
eering c
om
munity
�Convi
nce
indust
ry (
pro
duce
rs,
consu
mer
s)�
Def
ine
ambitio
us,
fea
sible
obje
ctiv
es�
Ach
ieve
bal
ance
bet
wee
n h
igh a
nd low
road
“Hig
h r
oad
”:�
Finis
h u
p t
he
theo
ry�
Produce
mec
han
ized
pro
ofs
“Low
road
”:�
Def
ine
stan
dar
d t
erm
inolo
gy
�G
et t
he
econom
ics
right
58
Ch
air
of
Soft
ware
En
gin
eeri
ng
Proposi
tion
The
big
ges
t hope
and c
hal
lenge
for
the
soft
war
e in
dust
ry is
at t
he
confluen
ce o
fqual
ity
engin
eering (
espec
ially
form
al m
ethods)
and r
euse
.
“Tru
sted
Com
ponen
ts”
Now
is
the
tim
e to
do it.
59
Ch
air
of
Soft
ware
En
gin
eeri
ng
For
num
erous
pap
ers
and o
ther
info
htt
p:/
/se.
inf.
ethz.
ch
htt
p:/
/ww
w.inf.
ethz.
ch/~
mey
er