CVT Qualification Support Project

Activities in addition to those required by verification tool qualification are being performed in order to gain increased confidence in the completeness and correctness of the CVTs used on/by the SEPDS_Program.

The SEPDS team is using the our CVTs in a manner unique with respect to all other users. Namely, the CVTs will be the only check for correctness of most configuration binary files used on/in the embedded target, due to the fact that data in these files will be specific to a given A-380 (i.e., tail number specific). Consequently, activities in addition to those required by verification tool qualification are being performed in order to gain increased confidence in the completeness and correctness of the CVTs used on/by the SEPDS_Program.

• 2006-06-20: "A380 Looming Software Problems Part 5" Teleconference held with Tim King, Bill Cronk and Dave Chandler. Bill & Tim had some bad news today. The CVT effort is bigger than expected. 11Approx. one man-month additional effort required. This will push completion from June 28 to July 14th. Bill & Tim will go back & look at 2 things: 1. OT. Look at opportunities to increase OT; & 2. re-planning/re-prioritizing the detailed tasks to pull schedule to the left. Regarding PDMI: HTSL will send their plan to Bill tomorrow; July 19th is the “best guess” completion date if the effort starts Monday, June 26 (pending HTSL plan tomorrow); and This would be a huge improvement over Aug.11th.

• 2006-05-11: "Tool Acceptance Review" via 'NetMeeting' with Airbus in order to communicate current status of tasks listed below as well as review CVT artifacts.

• 2006-04-14: Meeting at Airbus with EASA to determine what, in additional to verification tool qualification activities, is required to gain necessary confidence in the context of the CVT's usage by the SEPDS_Program. Results captured below.

Initial Budget: $41,910

YTD: $100,584

Current ETC: $0

Current EAC: $100,584

• Activities 'Once for All' CVTs Used by SEPDS

• AFDX Device Driver CVT Reviews

• AFDX Driver CONFIG 6.2.0 Release

• Qualified AFDX Driver CVT Release

• IOI CVT Reviews

• Qualified IOI CVT Release

• AFDX Device Library CVT

• Qualified AFDX Library CVT Release

Code reviews of the CVTs are being performed with the following fault scenario in consideration:

A configuration tool contains a function N = f(x) on XML input data, but the configuration tool erronously writes !N in the binary configuration file. The CVT then reads the binary file and finds !N, but erronously causes N to appear in the regenerated XML.

We already know by user review that once data is in a database, that the regeneration of the XML will be correct. We need to ensure that once data is extracted from the binary that it is properly sent to the database (where properly is the inverse of f(x)).

The objective is to ensure no data item in the binary file is unintentionally unchecked by the CVT.

By reviewing the component source code, ensure each TQD reference actually exists in the TQD.

Each TQD contains a rules section for the "requirement", and a Verification Plan section, which serves as the test cases. Qualified tools are required to have "requirements" and a test plan, which of course includes test cases and procedures.

For this task, is it well known that the test cases are generally lacking robustness, and in some cases, even lacking coverage of the "requirement".

As a reviewer performing this task, you must ensure the test case robustly covers the "requirement", and that the test procedure accurately implements the test case. In places where the test cases are incorrect or weak, use your engineering judgement to decide whether to identify the defect in a PCR, or just fix the problem in the SGML file in SVN -- do whatever will end up being the shortest task. If there are many defects, its likely making the change to the SGML file will be shorter.

Then, in all cases, ensure the test procedure robustly tests the "requirement" (meaning we can tolerate weak test cases).

NOTE: Airbus has encountered the "weak test case" on SFS and is now sensitive to it -- if we can show that we have addressed that weakness in the TQDs, they will be less likely to conclude Honeywell has a systemic problem.

NOTE: Completeness of testing is implicit as Requirements Review (combined with the traceability analysis) ensures each data item has some associated TQD tag.

NOTE: Potential outcomes of this review include:

• Detection of incorrectly tested TQD tags
• Detection of TQD tags that are not tested robustly.
• Weak test cases

In all of these cases, a PCR will be written with the corrective steps. These PCRs will be implemented and the qualification test suite re-run against the *existing* CVTs to ensure their correctness.

Each CVT has a small number (like 1 in most cases) of tests related to processing a valid configuration file and ensuring the regenerated inputs are correct. For robustness, we want to use a larger number of valid configuration files. The best source of these valid configuation files is the components run-for-score tests, which are used for structural coverage and correctness of the component.

This task includes:

• writing a PCR against the CVT to include the components test configuration files in the tool qualification suite.
• using the SEPDS versions (latest versions) of the CONFIG and CVT tools from the public FTP site to generate and validate the configuration files used in the components' run-for-score.

Put evidence of tasks here.

Note: For now, record time here: Deployment_and_Support_time_keeping

See Timesite_Codes