Diversity in the software development process

Various methods have been proposed for building fault-tolerant software in an effort to provide substantial improvements in software reliability for critical applications, such as flight control, air-traffic control, patient monitoring or power plant monitoring. The two best-known methods of building fault-tolerant software are n-version programming and recovery blocks. To tolerate faults, both of these techniques rely on design diversity, i.e. the availability of multiple implementations of a specification. Software engineers assume that the different implementations use different designs and, thereby, it is hoped, contain different faults. Our study uses a novel method of incorporating diversity in the development of one version of the software. We term this approach the pipeline method of software development. Its purpose is to eliminate as many software faults as possible before the testing phase. The method was applied to the specification of a real, automatic airplane-landing problem. The results of the pipeline development method are presented