Experience and rationality in software development

Experience and rationality in software development

Read design original notes

 

The rational and empirical theories are typical theories of epistemology. These two types of ideas, from the past to the present, are opposite to each other, fight against each other, and affect each other and penetrate each other. Experienced people think that human knowledge originates from feeling and is based on understanding of feeling. Experience came from ancient Greece. It has a history of more than 2400 years. They believe that sensory experience can only generate opinions on the world of appearance. Because the appearance may render people blinded, this experience of observation is unreliable and cannot be recognized as knowledge. Empirical representatives include. bacon, Locke, Barclays, James, and Thomas, who are British philosophers, are often referred to as "British experience "; racism is represented mainly by Descartes of France, sinosa of the Netherlands, and laveniz of Germany. They are philosophers of Western European countries and are often referred to as "Continental racism ". The philosophers of the two schools did not have a clear wall on all issues, but on some major Cognitive issues at that time, especially on the origin of knowledge, there are indeed differences in basic points of view or main tendencies. For example, whether it comes from the question of sensory experience with scientific knowledge of universal inevitability. The philosophers of the two schools still have distinct points of view and have the greatest divergence.

Although the material world is different from the spiritual world, the material world can be known through human feelings. It is a bridge between communication and thinking. "Seriously starting from the feeling, through a step-by-step and well-established experiment process, we strive to develop and build a road for human reason." This is the belief of bacon, founder of the empirical School. The sense of reliability lays the foundation for rational reliability. Without feeling, people cannot communicate with each other. The second step is to unify the feeling and rational thinking, and promote the individual promotion of the feeling to the rational general. Only when these two capabilities are more closely combined with pure capabilities can our thinking grasp the "situation" in nature ", "people familiar with forms can grasp the unity of nature in different entities ".

What does software development follow? Can the software be correctly designed simply by careful consideration?

The reason is that it is feasible. The rational sees people as a perfect creature, which is inherently sound and excellent. People make mistakes, but they can constantly improve themselves through education. After proper education, mature experience, and a large amount of thinking, designers can design flawless software. Therefore, in the view of the rational, the task of software design methodology is to learn how to reach perfection.

Experienced people think that human beings are inherently not perfect. If they are defective, they will be tempted to make mistakes constantly. Most people think their ideas are perfect, and thus "Most people go wrong with enthusiasm and interest ." Therefore, the experiencer believes that the task of software design methodology is to learn how to identify flaws based on experiments, and to continuously iterate on the design so as to gradually approach perfection.

Carefully design the right software. In principle, this is possible. Because software is like mathematics, it is a combination of logic. But it is impossible for real people and software. First, the software writer must carefully check the code to detect any errors. A slight error may result in incorrect running results. Secondly, even if you make sure that your code is logically correct, can you ensure that your compiler and your operating system are also correct?

Today, computer programs are logical combinations and objects in the pure mathematical sense, rather than simply abstract objects in the mathematical sense. Unlike mathematics, it cannot be proved to ensure its correctness. It is impossible for us to design completely correct software through careful consideration, and then prove that the design is correct. The difficulty lies not in the design method, but in the designer itself. Humans must make mistakes, especially in software development. Even if the design is perfect, errors may occur during implementation. Defining objects, software architectures, algorithms, data structures, and code implementations may all produce errors. In the software industry, "there is no software without bugs, but you have not discovered it ." The essence of this sentence reveals that humans will inevitably make mistakes. Whether in a known environment or an unknown environment.

In the field of software engineering, people are constantly trying to verify correctness through strict formal methods. Perhaps this is because software is purely an idea like mathematics, so strict proof is feasible. This is different from other fields. Most of the most important results in the design field are physical implementation, and people cannot prove the principles related to raw materials, their defects, space, and their applicability.

What experience can ensure that the program is designed correctly? We have used formal proof methods to prove the correctness of the kernel design and implementation of the Secure Operating System. The technology is suitable for use in this case, and the formal proof ensures that our design is correct. Of course, this guarantee cannot reach 100%. In the history of mathematics, many people have accepted the proof that it was later found to be wrong. Formally prove that it is not a technology without errors. Its advantage lies in the fact that the reasoning in the formal proof is different from programming. Formal proof that redundant code implementation is not required, it only proves the design idea and design method. However, if implemented through a program, errors occurring in the process will obviously increase. And the design method is ideal, even if it is proved to pass, it cannot guarantee that the runtime is correct.

A famous example is the accident of the German hansha airline's 2904 flight. A fault occurred in the computer-controlled stop system, leading to the departure of the plane from the runway at Wassa airport. The code for stopping the system is written in accordance with the specifications. The specifications are strictly proven. However, the regulations still fail to properly cope with unexpected situations. This specification is as follows:

To ensure that reverse thrust systems and resistance boards are activated only when landing, the Software deployed on these systems must meet all of the following conditions:

1. Each major landing gear pillar must carry a load of more than 12 tons;

2. The rotation speed of Aircraft Wheels must reach 72;

3. The thrust lever must be in the reverse thrust position.

The first two conditions were not met for the Warsaw accident, so most of the effective braking systems were not activated. The first point is not satisfied, because the plane lands at a tilt to offset the possible wind direction. In this way, the sensor cannot be activated if the two landing gears reach less than 12 tons. The second point is not satisfied, because the wet runway produces water.

This example shows that the rational cannot use the perfect method of deduction to solve this "unexpected ".

In actual software development, we have produced a series of design methodologies, this includes design, prototyping, testing, iterative incremental implementation, testing using a large number of test cases, and regression testing after changes. These methods are based on experience.

Design fields outside of software engineering may not prove their correctness, but they have applied design verification extensively through numerous analysis and simulation techniques. Now scientists analyze the pressure, vibration, and acoustics of mechanical parts. With field visits and video analysis, architects and customers can simulate use cases on a designed building. Load pressure analysis and testing for heavy snow and strong winds. Computer hardware has undergone a lot of simulated tests at the circuit level, logic design and program execution level.

The inevitable result of a large amount of empirical analysis is that there are too many iterations in the design process. The more detailed the analysis is, the more accurate the degree to which necessary conditions are met and the degree to which constraints are followed.

I am a strong experiencer. Based on my industry background, I believe that no software is perfect and flawless. We must rely on a variety of tools to make up for design or implementation errors. We need good debugging methods and good debugging tools for continuous debugging. The debugging process is the adjustment process. It is based on sensory cognition and acknowledges that humans are full of flaws.

The same is true of agile development. The essence of agile development lies in the process of continuous development, continuous feedback, continuous iteration, and correction to achieve the convergence of software errors. If you fully believe in racism, you may go farther and farther on the wrong road and eventually fail completely.

Testing and iteration are essential. Complex objects cannot be correctly designed simply by careful consideration. The role of empirical theories in software development is unparalleled.