NUREG/CR-6848, "Preliminary Validation of a Methodology for Assessing Software Quality"

This report summarizes the results of research conducted by the University of Maryland to validate a method for predicting software quality. The method is termed the Reliability Prediction System (RePS). The RePS methodology was initially presented in NUREG/GR-001 9. The current effort is a preliminary validation of the RePS methodology with respect to its ability to predict software quality (measured in this report and in NUREG/GR-001 9 in terms of software reliability) and, to a lesser extent, its usability when applied to relatively simple applications. It should be noted that the current validation effort is limited in scope to assess the efficacy of the RePS methodology for predicting software quality of the application under study for one phase of software development life cycle. As such, the results indicate that additional effort on a full scope" software development project is warranted. The application under validation, Personnel entry/exit ACcess System (PACS), is a simplified version of an automated personnel entry access system through a gate to provide privileged physical access to rooms/buildings, etc. This system shares some attributes of a reactor protection system, such as functioning in real-time to produce a binary output based upon inputs from a relatively simple human-machine interface with an end user/operator. This research gives preliminary evidence that the rankings of software engineering measures in the form of RePSs can be used for assessing the quality of software in safety critical applications. The rankings are based on expert opinion, as described in NUREG/GR-0019. Further validation effort is planned and will include data from the entire software development life cycle of a larger scale software product, preferably a highly reliable application of requisite complexity to demonstrate the efficacy of the RePS methodology to predict software quality of nuclear safety-related systems.