| Lockheed
C130J (continued) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| | Lockheed
used a good design process |
||||||||||||
| | Semi-formal
specifications |
||||||||||||
| | Prototyping
for high-risk areas |
||||||||||||
| | Templates
to avoid repetitive code |
||||||||||||
| | Impressive
results |
||||||||||||
| | Significant,
potentially safety-critical errors were found |
||||||||||||
| by
static analysis |
|||||||||||||
| | Cut
costs by factor of four |
||||||||||||
| | Cut
bugs found by factor of ten |
||||||||||||
