[an error occurred while processing this directive]

Trusted Components: Principles, Techniques, Standards

Bertrand Meyer, Winter semester 2001/2002

Announcements | Description | Schedule | Grading | Reading assignments | Other links | Report topics | Slides


[Posted Jan. 29] Last lecture is Wednesday, January 30. It will be a summary and assessment of the course, and a description of future work.

[Posted Jan. 22, 2002] New slides : corrected lecture 8 (conditional axiom) and added student presentation.

[Posted Jan. 9, 2002] New slides from student presentations added, as well as a book chapter on axiomatic semantics.

[Posted Dec. 4] Slides for lectures 5, 6 and 7 are available.

[Posted Dec. 1] Don't forget to send me the report abstracts.

[Posted Nov. 22.] The midterm exam will take place on next Wednesday.

[Posted Nov. 30] Make sure to attend the talk by David Chappell on Tuesday, December 4, 16:15 in the Auditorium Maximum. See the announcement.

[Posted Nov. 22.] The midterm exam will take place on next Wednesday, 28 November, normal class time, but only for the first hour: 14:15 to 15:15. It's a written exam; please bring paper and pen as needed. No notes, computers, internet connection or other devices. The questions will cover the material seen so far: software quality issues, Design by Contract and its applications, the talk by Erich Gamma, and our first foray into .NET.

No lecture this coming Tuesday (Nov. 27). Replaced by a lecture on Friday, Nov. 30, room F21, 11 to 13.

[Posted Nov. 22.] Abrial will guest-lecture in the course on Dec. 12, usual time and place (E42), before giving the Department seminar at 16:15 in A36. As part of the course you should attend both lectures. To prepare for the earlier one, please read the corresponding paper ahead of time; it's here.

[Posted Nov. 22.] Slides of current lecture now available in PDF form. Please go through them before next lecture.

[Posted Nov. 22.] It seems that now the room assignment for the Wednesday afternoon class is really, really, really final: E42.

[Posted Nov. 21] I have published the slides for the next set of lectures, about .NET. Note administrative announcements (midterm exam, change of time next week).

[Posted Nov. 15, updated Nov. 19] Next class, Nov. 20, will be a seminar by Erich Gamma of patterns fame. Usual time and place. See the seminar announcement.

[Posted Nov. 4] Don't forget to send me your choices for projects (deadline Nov. 9, next Friday). If you regularly use another email than the one in your message, please include it in the text; I am making up a list of students' email addresses for any urgent announcements. (I won't publicize your email addresses, even to other students.)

[Posted Nov. 4] I have now included here the list of possible report topics, plus a few not mentioned in class, and some keywords to help you start googling around.

[Posted Oct. 31] Make sure to read the new section about grading.

[Posted Oct. 31] As you may have noted, "Lecture 3" is already available (see below, Slides). It will in fact cover several course sessions. You are strongly encouraged to go over the slides in advance. This will make things more interesting for everyone.

[Posted Oct. 30] I have set up office hours: Tuesday 11:15-13 (right after class). (Time changed to 14:15 to 16 on Dec. 1 after change of class times.) Feel free to drop by at RZ-F1. Other times are possible by appointment (send me an email).

[Posted Oct. 30] On Wednesday, December 12, there will be a Department seminar at 16:15 by Jean-Raymond Abrial on the B formal method and tools. It is not announced yet on the official seminar schedule but will be. Attendance is required as part of this course.


Title and code

Trusted Components: principles, techniques, standards
Course code: 37-239

Time and place

Monday 09:00 - 11:00, IFW A32
Wednesday 10:00 - 12:00, IFW D42


The prospect of component-based development is one of the greatest hopes for the advancement of software engineering. But it assumes that the components are of high enough quality. Surprisingly, no real standards exist in this area. This course will explore the techniques available to guarantee that components can be trusted.


The course will start out as lectures but some topics will be handled through student presentations. Every student will be expected to choose a topic within the scope of the course and prepare a possible presentation on it.

Topics (provisional list)

Principles of reuse - Component technologies: COM, NET, CORBA, J2EE - Specifying components - Design by Contract - Techniques for testing components - Techniques for proving components - Component documentation - Towards a component quality standard.


Experience with O-O development and, preferably, a component model.

Final schedule

Note new schedule:

  • Tuesday 10.00 - 12.00, IFW A 32 (I think I have it right now (famous last words)).
  • Wednesday 14:00 - 16:00, IFW D 42

Office hours: Tuesday 14:15-16, or by appointment. RZ-F1.

No class during the first week because of the Microsoft Professional Conference; first class on Tuesday, Oct. 30.

Grading and deadlines

There will be no oral exam for this course. Grading will include two parts:

  • Written midterm exam November 28: 30% of the grade. Examinable material includes everything seen up to and including Nov. 21.
  • Report: 70% of the grade. Due January 22. (This date might move by a few days.)

About the report: A list of topics (extension of the one initially given during lecture 2) is now available here. You may suggest other topics.

Report deadlines: You must email me two topic suggestions (a primary one and an alternate) by Friday, November 9. Whenever possible I will assign you your primary choice but may choose the alternate to avoid too much duplication (it's more interesting if we cover many subjects). The final choices will be made by November 13. You must turn in a plan and a first overview (2 to 5 pages) by December 1st. This first submission will not be graded but it will enable me to give you early feedback, and help you make sure that you are headed in the right direction. Verbal presentations on the subjects of your reports will take place starting December 1st. Each should last about 30 minutes plus questions. Normally every student will be assigned such a presentation. The verbal presentation will not be graded except if it is outstanding, in which case it will boost your grade. Following a suggestion, I will try to schedule the student presentations on Wednesdays and my lectures on Tuesdays, but there may be exceptions depending on where I am in the progression of the course.

Reading assignments

You must read the papers listed here!


Citation here doesn't mean endorsement (neither does it means the reverse), simply that the paper or Web page discusses topics relevant to what we are covering, or was cited in class, and brings up interesting points.

Cited in class: Leonid Mikhajlov and Emil Sekerinski fragile base class paper. (Join the coalition to ban Postscript and Gzipped Postscript on Web pages!)

I don't know of any university course with the same topic as ours, but here is one paper that covers neighboring topics, by Bruce Weide at Ohio State.

Report topics

Here is a first list of project topics. For some of them I have included a few keywords or buzzwords; use them as googling start. You may also suggest your own topic but I have to approve it.
  • Design by contract in languages other than Eiffel (general survey).
    See recent book by Mitchell and McKim
  • Design by contract in a specific non-Eiffel language (pick one)
    See: Jawa, Jass, iContract, Biscotti, Nana, ...
  • OCL (UML's Object Constraint Language)
    See: Warmer, Kleppe
  • The COM component model and quality issues
  • The CORBA component model and quality issues
  • Extending COM IDL with contracts
  • Extending CORBA's IDL with contracts
    See: Watkins, Thompson
  • Extending the .NET component model with contracts
    See: metadata, custom attributes
  • The B tool and method
    See: Abrial, B, STERIA
  • The PVS proof tool
    ("PVM" on the slide was a typo.)
  • Testing components
    See: Binder (O-O testing, Addison-Wesley), Jézéquel, Elaine Weyuker
  • Component documentation
  • The Capability Maturity Model and its applicability to component development

Following ones are new:

  • An open source process for components, and its effect on quality
  • No religion please, just facts (or conjectures presented as such)
    See: Viega; August 2001 IEEE Software

Slides (PDF)

All links are to documents (PDF by default) and require a password. Only the first few links will work; the following ones are placeholders for documents to be added as we go.

Lecture 1
Lecture 2
Lecture 3
Lecture 4: HTML
Lecture 5 plus book chapter from "Introduction to the Theory of Programming Languages" (corrected!)
Lecture 6
Lecture 7
Lecture 8
Stefan Hilzinger's slides on EJB testing: Power Point
Thomas Eicher's slides on Design by Contract in Java: PDF
Antonino Leanza's slides on quality issues in COM: Power Point