A CONSERVATIVE THEORY FOR LONG-TERM RELIABILITY-GROWTH PREDICTION

This paper describes a different approach to reliability growth modeli ng which enables long term predictions. Using relatively common assump tions, it is shown that the average value of the failure rate of the p rogram, after a particular use-time, t, is bounded by N/(e . t), where N is the initial number of faults. This is conservative since it plac es a worst-case bound on the reliability rather than making a best est imate. The predictions might be relatively insensitive to assumption v iolations over the longer term. The theory offers the potential for ma king long-term software reliability growth predictions based solely on prior estimates of the number of residual faults. The predicted bound appears to agree with a wide range of industrial & experimental relia bility data. Less pessimistic results can be obtained if additional as sumptions are made about the failure rate distribution of faults. This prediction depends on some relatively common assumptions: a stable in put distribution, perfect diagnosis, and perfect correction; but we sh ow that the predictions might be relatively insensitive to assumption violations over the long term. The empirical data from field experienc e seem to support the general I results of the theory, but much of the data are taken from high-volume industrial systems where the assumpti ons are most likely to apply. Further work is desirable to check the a pplicability of the model assumptions and the theory. The worst case b ound prediction can be unduly pessimistic, possibly by as much as a fa ctor of 10. Less pessimistic, long-term bound predictions can be made by assuming Gamma-distributed failure rates and including a measuremen t of the initial failure rate. This extension to the simple bound theo ry seems consistent with the empirical field data and estimates bounds within a factor of 3. By its very nature, a theory that makes a bound ing estimate is always less accurate than a conventional reliability-g rowth model over the short term. However the general approach of incor porating prior knowledge about the software is powerful, and, unlike c onventional reliability-growth theories, can make conservative predict ions of reliability growth over the long term (eg, 100s of use-years). Another attractive feature of the theory is that it quantitatively li nks the number-of-faults and reliability, and numerically justifies th e conventional wisdom encapsulated in existing standards for high inte grity software, which seeks to minimize faults by implementing high qu ality production methods and by restricting software complexity.