CS 444A, Software Design for Critical Systems
Fall 99

• Instructors/Logistics
• Grading/Background
• Syllabus (including required readings) and useful links
• Supplementary readings
• Slides (see syllabus for pointers to which slides accompany which lectures)
• Notes from student scribes
• Assignments: Assignment 1, Assignment 2, Assignment 3, Assignment 4 (including "solutions")
• Project

Last modified: $Date: 2001/04/24 22:50:25 $

Announcements

Blurb

Software is an increasingly important part of all kinds of critical systems.  In the class of "critical systems" we include safety-critical systems, such as avionics, air traffic control, and lifesaving equipment, as well as mission-critical systems that serve the economies of major industrial powers, such as financial/trading systems, information and communications (e.g. data and telephony networks).  Software has been a double-edged sword for such systems.  On the one hand, its tremendous flexibility has enabled the deployment of systems featuring a degree of complexity, sophistication, and automation that would otherwise have been impossible; this is even more true with the increasing sophistication of COTS (commercial off-the-shelf) components that can be used as powerful building blocks, as demonstrated by the success of the Mars Pathfinder mission.  On the other hand, software is complex and brittle, often exhibits failure modes that are poorly understood or even appear nondeterministic, and is subject to market and evolutionary pressures that may outstrip the ability of human programmers to keep up with.

In this course we explore the design of software for critical systems from two perspectives.  The traditional methodologies perspective brings time-tested ideas and methodologies from practitioners in building actual critical systems: formal verification, requirements specification, hazard analysis.  The systems perspective reflects the experience gained from building "Internet scale" networks and services; it consists of design philosophy/techniques, formal algorithms, and a nontrivial collection of "folklore".  The goal of the course is to expose students from each background to the ideas of the others, and by this cross-pollination to seed a new research agenda in the design of critical infrastructure software.

Instructors and Venue

• Prof. David Dill, 344 Gates, dill@cs.stanford.edu
  Office hours: TBA
• Prof. Armando Fox, 446 Gates, fox@cs.stanford.edu
  Office hours: Mon. 11:15-12:30 (after class), or by appointment
• With guest lectures from:
  George Candea, candea@cs.stanford.edu
  Other guest speakers to be announced
• TA: TBA
• Venue: Gates 100, MW 10:00-11:15 AM
• Number of units: 3

Grading, Background, Workload

Readings for the course will consist of the lecture slides, the occasional handout, and on-line readings from the literature.  For each lecture topic, there will be one or two required readings and several optional readings for students wishing to explore a topic in greater depth.

Background assumed:

• Undergraduate background: operating systems, networks, software engineering, logic
• Proficiency in programming in one or more languages, including C or C++

Approximate grading structure, in order of weighting:

• Course project.  Working in small groups (3-5), students will analyze, design, or implement a nontrivial critical system with respect to one or more of the design techniques/methodologies covered in the course.  A list of project suggestions will be supplied, or students may choose their own.  Students are especially encouraged to take on projects that incorporate material from both the "systems world" and the "traditional methodologies world".
• Short (1-2 week) homework assignments may include fault analysis, short programming assignments, and essay-type assignments based on course readings.
• Class discussion, participation, and possible student presentation of readings.

fox@cs.stanford.edu