#Yazılım #Mühendisliği - Ders 13: Güvenilirlik Mühendisliği, Güvenilir Sistem Mimarileri #334
FurkanGozukara
announced in
Tutorials
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
#Yazılım #Mühendisliği - Ders 13: Güvenilirlik Mühendisliği, Güvenilir Sistem Mimarileri
Full tutorial: https://www.youtube.com/watch?v=2tL0ylDPtgo
#Ücretsiz #Ders #Kurs #Eğitim
İyi bir yazılım programlamak sadece kodlama değil aynı zamanda bir mühendislik sürecidir. Büyük ölçekli gerçek hayat sistemleri, kodlanmaya başlamadan önce iyi planlanmalı ve organize edilmelidir. Böylesine büyük ölçekli bir projede başarıya ulaşmak için, fikirden nihai ürünün teslimatına kadar, projenin tüm aşamalarının iyi bir şekilde dokümente edilmesi ve belirlenen kurallara uyulması gerekir. Bu derste kod yazmaktan ziyade nasıl daha iyi bir yazılım mühendisi olacağınız öğretilecektir.
Bilgisayar Becerileri dersi oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffsk7Rfb3OPCTnDdfKV3cNl5l
Dersin GitHub Depo Adresi : https://github.com/FurkanGozukara/Yazilim-Muhendisligi-IT522-2021
Dersin Discord kanalı bağlantı adresi : https://discord.gg/6Mrb8MwteQ
Discord nasıl çalışır / kullanılır : https://youtu.be/AEwPtYiLvsQ
Bu dersi almak için herhangi bir ön şart gerekmemektedir.
Eğer programlama öğrenmek istiyorsanız veya kendinizi geliştirmek istiyorsanız aşağıdaki derslerimizi de takip edebilirsiniz:
[1] C# ile Programlamaya Giriş dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffskoSXySh0MdiayPJsBZ7m2o
[2] C# ile İleri Programlama dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffslHaBdS3RUW26RKzSjkl8m4
[3] C# ile Nesne Tabanlı Programlama dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffsnH3XJb66FDIHh1yHwWC26I
[4] C# ile ASP.NET Core MVC tabanlı BootStrap ile responsive web tasarımı : https://www.youtube.com/playlist?list=PL_pbwdIyffsnAWtgk4ja3HN3xgMKF7BOE
[5] Yapay Zeka ve Makine Öğrenmesi (örnek programlar C# dilinde) dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffskVschrADCL6KEnL_nqDtgD
[6] Yazılım Mühendisliği dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffslgxMVyXhnHiSn_EWTvx1G-
[7] Bilgi Sistemlerinin Güvenliği dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffslM_o92NwkaUzD7C6Fekx26
[8] Bilgisayar Becerileri dersi ders videoları oynatma listesi : https://www.youtube.com/playlist?list=PL_pbwdIyffsmyE2e909ea1MXLcMb8MenG
Video Transcription
00:00:03 Hello everyone,
00:00:08 welcome to our 13th software engineering course today.
00:00:13 The topics covered in the software engineering section are as follows: redundancy and diversity.
00:00:16 redundancy and diversity. Basic approaches to achieving fault tolerance.
00:00:18 Basic approaches to achieving fault tolerance. Reliable processes are given.
00:00:21 Reliable processes are given. How processes can be used to perform tasks in systems.
00:00:24 How processes can be used to perform tasks in systems. System architectures.
00:00:28 System architectures. Architectural models for software fault tolerance
00:00:30 Architectural models for software fault tolerance are given.
00:00:34 are given. Programming guidelines for preventing errors
00:00:38 Programming guidelines for preventing errors were given. Software can be trusted.
00:00:41 were given. Software can be trusted. Generally, software customers
00:00:44 Generally, software customers generally expect all written
00:00:47 generally expect all written software to be secure.
00:00:49 software to be secure. If
00:00:50 If you're buying software or
00:00:53 you're buying software or writing it from scratch, you expect this section to be secure.
00:00:55 writing it from scratch, you expect this section to be secure. However, for non-critical applications,
00:00:58 However, for non-critical applications, some system errors
00:01:00 some system errors may be acceptable. This is quite possible.
00:01:03 may be acceptable. This is quite possible. Some applications have
00:01:06 Some applications have high security
00:01:08 high security requirements, not critical systems, and
00:01:11 requirements, not critical systems, and special software engineering
00:01:13 special software engineering techniques can be used to achieve this. So, in which
00:01:16 techniques can be used to achieve this. So, in which critical systems is this necessary? Why is this necessary in
00:01:18 critical systems is this necessary? Why is this necessary in medical systems? Because if an error occurs,
00:01:21 medical systems? Because if an error occurs, human life and health are at stake.
00:01:24 human life and health are at stake. Telecommunications and power systems. If
00:01:27 Telecommunications and power systems. If communication is interrupted or power
00:01:29 communication is interrupted or power is cut off, it can cause very serious problems.
00:01:33 is cut off, it can cause very serious problems. Even electricity, for example,
00:01:35 Even electricity, for example,
00:01:41 can cause fires and other things. If space systems fail and a critical error occurs, it
00:01:42 systems fail and a critical error occurs, it
00:01:50 will be quite difficult to fix it. Because it's quite difficult to intervene in space, as you know,
00:01:53 quite difficult to intervene in space, as you know, sometimes they do spacewalks or
00:01:56 sometimes they do spacewalks or there's no battery station. And an autonomous system, you
00:01:59 there's no battery station. And an autonomous system, you
00:02:03 will never have the opportunity for physical intervention. In this way,
00:02:08 this way, let's see in which cases the reliability success is
00:02:12 let's see in which cases the reliability success is successful. If we pay the same error prevention, it is
00:02:15 successful. If we pay the same error prevention, it is a success you can trust.
00:02:17 a success you can trust. This system has been developed to avoid human error
00:02:20 This system has been developed to avoid human error and thus
00:02:22 and thus minimize system failures.
00:02:25 minimize system failures. This way, errors occur
00:02:27 This way, errors occur
00:02:34 during the development process. It is designed to detect and repair system failures before they are delivered to the customer. In other words,
00:02:42 we will organize the development process in such a way that we will detect
00:02:43 we will detect errors and correct them before they are delivered to the customer.
00:02:46 errors and correct them before they are delivered to the customer. Another element is fault detection,
00:02:49 Another element is fault detection, verification, and validation. Here, what is
00:02:54 verification, and validation. Here, what is Validation? Byndo application.
00:03:00 Validation? Byndo application. And what should we say here before, what we said is
00:03:16 verification and validation. Now, verification and validation techniques are used to detect and eliminate
00:03:19 verification and validation techniques are used to detect and eliminate errors in a system before they are implemented. This is
00:03:21 errors in a system before they are implemented. This is
00:03:30 a fault tolerance system. This system is always
00:03:32 always
00:03:39 designed so that errors in the software from the slime will not cause system failures. So, for example, you add a global error detection system to the
00:03:41 error detection system to the system.
00:03:44 system. Even if a failure occurs, this
00:03:46 Even if a failure occurs, this minimizes grease. This is both fishy. In other words, the system
00:03:52 minimizes grease. This is both fishy. In other words, the system
00:03:58 uses LO without causing a message crash, and the system continues to work, restarts automatically.
00:03:59 restarts automatically. Think about it now. The
00:04:04 Think about it now. The increasing costs of troubleshooting are increasing.
00:04:07 increasing costs of troubleshooting are increasing. What does "failure" mean? Recep Rezil, the
00:04:11 What does "failure" mean? Recep Rezil, the rezil year error, that is,
00:04:17 rezil year error, that is, you detect the main failures, but
00:04:18 you detect the main failures, but if you want to detect such rare failures,
00:04:21 if you want to detect such rare failures, you can. What happens to us? Friends, the
00:04:25 you can. What happens to us? Friends, the cost of this increases. That's why,
00:04:29 cost of this increases. That's why, after a certain point, the cost increases very quickly and
00:04:30 after a certain point, the cost increases very quickly and very much, and from there, you no
00:04:34 very much, and from there, you no longer seek to fix subsequent errors.
00:04:36 longer seek to fix subsequent errors.
00:04:46 This means that if this error occurs, you take the risk of the consequences of the error. This means that we can add what the cost is,
00:04:51 we can add what the cost is, and even systems that are natural
00:04:55 and even systems that are natural critical systems are regulated systems,
00:04:58 critical systems are regulated systems, which means that their use must be approved by
00:05:01 which means that their use must be approved by an external regulator before entering service.
00:05:03 an external regulator before entering service.
00:05:08 For example, there are nuclear systems,
00:05:10 systems, but air traffic control systems, medical
00:05:12 but air traffic control systems, medical devices, 300
00:05:15 devices, 300 systems that directly affect human health. So,
00:05:19 systems that directly affect human health. So, these and systems that are
00:05:23 these and systems that are approved by a regulator
00:05:24 approved by a regulator
00:05:35 must be approved by the regulator. Therefore, we must establish a wing to claim that a critical system development system is
00:05:37 development system is reliable, safe, and secure.
00:05:39 reliable, safe, and secure.
00:05:50 That is, the regulator and the regulator. More precisely, the commission must be convinced that the system
00:05:54 More precisely, the commission must be convinced that the system is safe, reliable, and secure.
00:05:56 is safe, reliable, and secure. That's why the system should be
00:05:58 That's why the system should be developed in this way.
00:06:02 developed in this way. If it can be included, a nice reporting of your voices
00:06:05 If it can be included, a nice reporting of your voices and the results
00:06:08 and the results you add here. This is famous.
00:06:10 you add here. This is famous. This trust, reliability, success,
00:06:13 This trust, reliability, success, what can we say? Methods that increase mother.
00:06:17 what can we say? Methods that increase mother. Isn't it my fault? It already has rules like fault detection and error detection.
00:06:20 Isn't it my fault? It already has rules like fault detection and error detection. Because
00:06:23 Because it's a system that's built here,
00:06:25 it's a system that's built here, you have to follow those rules. Diversity and
00:06:29 you have to follow those rules. Diversity and redundancy are critical. Let's combine them and
00:06:34 redundancy are critical. Let's combine them and have multiple versions ready.
00:06:36 have multiple versions ready. So, if one fails, it
00:06:38 So, if one fails, it can be used somewhere.
00:06:40 can be used somewhere. We've said before, for example, there are multiple systems in airplanes. There are
00:06:43 We've said before, for example, there are multiple systems in airplanes. There are two main systems,
00:06:46 two main systems, then subsystems, emergency
00:06:48 then subsystems, emergency systems, and these are developed independently of each other.
00:06:50 systems, and these are developed independently of each other.
00:06:55 If one doesn't work, the other one takes over. For example, if an airplane's engine fails, the
00:06:58 For example, if an airplane's engine fails, the blades
00:07:01 blades are designed to land with the other engine. These are all redundancy,
00:07:06 are designed to land with the other engine. These are all redundancy, diversity, and diversity. These provide the same functionality in different
00:07:08 diversity, and diversity. These provide the same functionality in different ways. So, they
00:07:10 ways. So, they don't fail at the same time. I
00:07:15 don't fail at the same time. I mentioned this. For example, the airplane's main system
00:07:18 mentioned this. For example, the airplane's main system was developed in two copies, but the second copy is developed
00:07:20 was developed in two copies, but the second copy is developed by a different team using a different
00:07:22 by a different team using a different programming language and different algorithms.
00:07:25 programming language and different algorithms. However, adding diversity and
00:07:28 However, adding diversity and redundancy is complex, and this can
00:07:31 redundancy is complex, and this can increase the risk. Of
00:07:33 increase the risk. Of course, what are the different things that come with this?
00:07:37 course, what are the different things that come with this? There are risks, and there may be dangers. Some
00:07:41 There are risks, and there may be dangers. Some engineers advocate for simplicity and comprehensive
00:07:43 engineers advocate for simplicity and comprehensive validation. Verification, or rather, validation, is
00:07:45 validation. Verification, or rather, validation, is
00:07:54 a more effective way to achieve software security. I need to do both. This means both
00:07:56 need to do both. This means both redundancy, diversity, and
00:07:59 redundancy, diversity, and verification. For Validation, diversity, redundancy,
00:08:02 verification. For Validation, diversity, redundancy, and redundancy are examples of diversity and redundancy. For
00:08:05 and redundancy are examples of diversity and redundancy. For example, in critical locations where it can be used,
00:08:07 example, in critical locations where it can be used, for example, in e-commerce systems.
00:08:09 for example, in e-commerce systems. This can also be used. The system must
00:08:13 also be used. The system must be constantly online. Why? Because
00:08:15 be constantly online. Why? Because if it's not online, it can have a significant economic cost.
00:08:18 if it's not online, it can have a significant economic cost. Companies normally
00:08:22 Companies normally maintain backup servers, and if a failure
00:08:24 maintain backup servers, and if a failure occurs, they automatically
00:08:26 occurs, they automatically switch to them. This also applies to hospital systems.
00:08:29 switch to them. This also applies to hospital systems. Why? Because, for example,
00:08:33 Why? Because, for example, during busy hours. If the hospital management
00:08:35 during busy hours. If the hospital management system crashes, it needs to have a server
00:08:38 system crashes, it needs to have a server
00:08:41 to process patient transactions.
00:08:47 Backups can be made immediately, and money can be collected periodically. However, this
00:08:49 be collected periodically. However, this needs to be maintained instantly.
00:08:52 needs to be maintained instantly. So, what needs to be a live server? It
00:08:54 So, what needs to be a live server? It
00:08:59 needs to be activated immediately. This is what redundancy diversity is. Different results can be applied using
00:09:02 redundancy diversity is. Different results can be applied using different operating
00:09:04 different operating systems, such as Windows and Linux, to provide some protection against external attacks.
00:09:06 systems, such as Windows and Linux, to provide some protection against external attacks.
00:09:10 This is for a different critical system.
00:09:13 for a different critical system. For example, if you're using a system vulnerable to attack,
00:09:17 For example, if you're using a system vulnerable to attack, you might have two servers.
00:09:20 you might have two servers. But one is a different operating system.
00:09:22 But one is a different operating system. So, it
00:09:26 So, it
00:09:31 would be more reasonable to use both redundancy and diversity simultaneously. Think about it this way.
00:09:37 Think about it this way. Process
00:09:39 Process activities like time variations and redundancy verification should be
00:09:41 activities like time variations and redundancy verification should be tied to a single approach, such as testing to verify the system.
00:09:43 tied to a single approach, such as testing to verify the system. Instead, multiple different
00:09:46 Instead, multiple different process activities complement each other, and
00:09:49 process activities complement each other, and I'll write about process errors that can lead to errors.
00:09:51 I'll write about process errors that can lead to errors. To prevent cross-checking,
00:09:53 To prevent cross-checking, tomorrow we also allow it here, for example, in
00:09:57 tomorrow we also allow it here, for example, in Artificial Intelligence, we are changing it to Cross Validation.
00:09:59 Artificial Intelligence, we are changing it to Cross Validation. What is it used for? It's
00:10:01 What is it used for? It's not all just for Artificial Intelligence. This
00:10:04 not all just for Artificial Intelligence. This song isn't essential for AI. If
00:10:08 song isn't essential for AI. If there's no AI,
00:10:10 there's no AI, what does it do in this method anyway? Friends, we develop an algorithm
00:10:12 what does it do in this method anyway? Friends, we develop an algorithm on different data sets,
00:10:15 on different data sets, and
00:10:18 and this is averaged. In other words,
00:10:21 this is averaged. In other words, a cross-validation is performed. In this way,
00:10:26 a cross-validation is performed. In this way,
00:10:38 you test whether the AI you developed has memorized or whether you know what you can teach a general AI. The goal in Artificial Intelligence is to achieve generalized intelligence.
00:10:41 goal in Artificial Intelligence is to achieve generalized intelligence.
00:10:51 We can give a 100% accurate algorithm model on what is trained and on the training set, or rather, on what it is. But when it comes to
00:10:53 on the training set, or rather, on what it is. But when it comes to data it hasn't seen before, it
00:10:56 data it hasn't seen before, it
00:11:02 will fail because it memorizes a pill. But if it had done general learning,
00:11:03 But if it had done general learning, applying it would have a much higher probability.
00:11:06 applying it would have a much higher probability. That's how
00:11:10 That's how I allow software to ensure errors.
00:11:13 I allow software to ensure errors.
00:11:17 Why is it repeatable? And as long as the third is written,
00:11:20 repeatable? And as long as the third is written, what is a living system that
00:11:23 what is a living system that needs to constantly evolve and progress?
00:11:25 needs to constantly evolve and progress? Therefore, the process will
00:11:27 Therefore, the process will need to be repeated. A well-defined,
00:11:30 need to be repeated. A well-defined, repeatable process is
00:11:32 repeatable process is a process that is not entirely dependent on individual skills.
00:11:34 a process that is not entirely dependent on individual skills. Rather, it
00:11:37 Rather, it can be animated by different people. Because a
00:11:40 can be animated by different people. Because a person can have a well-defined, repeatable process. Regulators use information about the process to verify whether good
00:11:43 person can have a well-defined, repeatable process. Regulators use information about the process to verify whether good software engineering practices
00:11:45 software engineering practices are being used.
00:11:47 are being used.
00:11:53 Of course, the regulator won't be constantly monitoring it. What will they do?
00:11:55 will they do? I'll look at the processes you go through. It's
00:11:58 I'll look at the processes you go through. It's
00:12:06 clear that significant effort must be dedicated to verification and validation of the process activities. So, don't give it away. Validation is the
00:12:10 away. Validation is the most reliable process. The characteristics of the processes, the
00:12:15 most reliable process. The characteristics of the processes, the process characteristics, and the
00:12:17 process characteristics, and the description. There must be a sampling. It can
00:12:20 description. There must be a sampling. It can be documented. Why? Because the
00:12:22 be documented. Why? Because the regulatory system will review the
00:12:24 regulatory system will review the documentation.
00:12:27 documentation. Therefore, the methods you follow must
00:12:29 Therefore, the methods you follow must be documentable. The process must have a defined process model that outlines
00:12:33 be documentable. The process must have a defined process model that outlines the activities in the process and the documents
00:12:35 the activities in the process and the documents to be produced during these activities.
00:12:36 to be produced during these activities.
00:12:48 A comprehensive set of standards must be developed for standardized software production and documentation.
00:12:49 set of standards must be developed for standardized software production and documentation. This is an auditable
00:12:57 This is an auditable process. The process must be understandable to people other than participants,
00:12:59 process. The process must be understandable to people other than participants, allowing for verification of compliance and making
00:13:01 allowing for verification of compliance and making recommendations for process improvement.
00:13:04 recommendations for process improvement.
00:13:15 Various auditable processes include redundancy and various verification and validation
00:13:16 and various verification and validation activities. What does this
00:13:20 activities. What does this increase? Is it a
00:13:23 increase? Is it a robust process that
00:13:27 robust process that
00:13:31 can recover from the failures of individual processes? So, an individual's error should not undermine your entire
00:13:35 So, an individual's error should not undermine your entire process. It should not destroy it.
00:13:38 process. It should not destroy it. Such a process is impossible. Error 11
00:13:41 Such a process is impossible. Error 11
00:13:47 Think of these verification activities as requirements
00:13:52 these verification activities as requirements reviews.
00:13:54 reviews. But what is this verification activity?
00:13:56 But what is this verification activity? Requirements management, formal specifications,
00:14:00 Requirements management, formal specifications, system models, design and code
00:14:03 system models, design and code review, static analysis, test planning
00:14:07 review, static analysis, test planning and management. Change management, discussed in Lesson 25,
00:14:09 and management. Change management, discussed in Lesson 25, is not important, but
00:14:11 is not important, but Lesson 25 is not the subject of this period. Rock fault
00:14:17 Lesson 25 is not the subject of this period. Rock fault tolerance. Software
00:14:21 tolerance. Software systems must be fault-tolerant in critical situations.
00:14:23 systems must be fault-tolerant in critical situations. Because errors can also be the same,
00:14:26 Because errors can also be the same, what happens in the Web-based games I developed? What
00:14:30 what happens in the Web-based games I developed? What happens in me and polishing the server? If the
00:14:34 happens in me and polishing the server? If the server software encounters an error at the global level,
00:14:37 server software encounters an error at the global level, I and the
00:14:40 I and the columns of the application are running differently.
00:14:42 columns of the application are running differently.
00:14:47 What happens in this process? The application restarted, and since
00:14:50 The application restarted, and since it runs in these, multiple
00:14:52 it runs in these, multiple users can use it. I can run it. RAM memory does
00:14:54 users can use it. I can run it. RAM memory does
00:14:57 this, but there is only one shared database, so what happens if there is an error in the database?
00:14:59 so what happens if there is an error in the database? Vestel needs to stay.
00:15:01 Vestel needs to stay.
00:15:07 Of course, I'm not actually providing the entire ceiling for the error, but I
00:15:14 can increase fault tolerance by running columns in other static parts of the database. So, when writing, look at a common. More
00:15:22 So, when writing, look at a common. More precisely, a technology is needed, even if it's the latest,
00:15:24 precisely, a technology is needed, even if it's the latest, static data will be read without memory.
00:15:27 static data will be read without memory. Bre fault tolerance,
00:15:32 Bre fault tolerance, highest availability.
00:15:34 highest availability.
00:15:42 It's necessary in places where there are high requirements or the costs of system failure are very high. Fault tolerance
00:15:48 means that the system can continue to function despite software failure. So, how do you do this? If you
00:15:53 have a Windows application and an error occurs, you
00:15:57 can't catch it. If you haven't anticipated it before, your application might give an error and
00:16:01 you haven't anticipated it before, your application might give an error and stop working.
00:16:03 stop working.
00:16:10 You've probably seen errors like "stop working." So, what can you do
00:16:12 can you do to prevent this from stopping? For example, by adding a global error-
00:16:15 to prevent this from stopping? For example, by adding a global error- catching method to the software,
00:16:19 catching method to the software,
00:16:25 you can increase the error-recovery function. In this case, you can ensure that the application
00:16:29 continues to function in a different way.
00:16:35 This is the mother of this. If you start the methods and functions in the programming language
00:16:44 as subtasks, since errors won't occur in the main task you're writing, the
00:16:46 errors won't occur in the main task you're writing, the errors in the subtasks
00:16:49 errors in the subtasks won't prevent the main software from running. You can
00:16:53 won't prevent the main software from running. You can restart that subtask when an error occurs.
00:16:55 restart that subtask when an error occurs. This also
00:16:59 This also raises the bar. Even if the system is proven to comply with the specifications, it
00:17:03 raises the bar. Even if the system is proven to comply with the specifications, it
00:17:16 must be fault-tolerant, as specification errors may occur or validation may be incorrect. A
00:17:21 reliable system architecture is used in situations where error detection is necessary.
00:17:23 in situations where error detection is necessary. These architectures are generally
00:17:27 These architectures are generally redundant and have different types. What are
00:17:29 redundant and have different types. What are cloning and cloning, plus the difference?
00:17:35 cloning and cloning, plus the difference? Do I offer this diversity?
00:17:38 Do I offer this diversity? Examples of situations where these situations are used are
00:17:40 Examples of situations where these situations are used are
00:17:46 flight control systems, where a system failure can threaten the safety of travel. Reactor systems, where a control system failure
00:17:48 control system failure
00:17:54 can lead to a chemical or nuclear emergency, require 24/7 availability.
00:17:56 require 24/7 availability. Telecommunication systems, protection
00:18:02 Telecommunication systems, protection systems, a system specific to
00:18:05 systems, a system specific to another control system that can provide emergency response when a malfunction occurs. A
00:18:07 another control system that can provide emergency response when a malfunction occurs. A
00:18:15 system that stops the train if it passes a red light, but is independent of the temperature and pressure. A system that shuts down the train at night is very loud.
00:18:17 pressure. A system that shuts down the train at night is very loud.
00:18:21 These licenses also control the system. Independent protection systems monitor the
00:18:25 Independent protection systems monitor the controlled system and the environment independently.
00:18:27 controlled system and the environment independently. It is important to be independent because
00:18:30 It is important to be independent because if it is dependent, it may not be activated because it will be
00:18:32 if it is dependent, it may not be activated because it will be activated when a malfunction occurs in the system to which it is dependent. If
00:18:34 activated when a malfunction occurs in the system to which it is dependent. If
00:18:40 a problem is detected, it takes emergency action to shut down the system or to avoid a disaster. It
00:18:43 shut down the system or to avoid a disaster. It
00:18:48 gives commands. What does the protection system give this command? What is the protection system architecture?
00:18:54 this command? What is the protection system architecture? Friends, look at what is there.
00:18:56 Friends, look at what is there. There is a system, so the system works in common.
00:19:00 There is a system, so the system works in common. This is the only one. Now, you are SOS, meaning it
00:19:02 This is the only one. Now, you are SOS, meaning it will provide protection. You are the questions themselves.
00:19:05 will provide protection. You are the questions themselves. What is under that? There is a
00:19:07 What is under that? There is a protexion system based on sensor data.
00:19:09 protexion system based on sensor data. What is a protexion system? It is an activity, meaning the
00:19:13 What is a protexion system? It is an activity, meaning the physical elements that will perform that protection process.
00:19:15 physical elements that will perform that protection process. For example, if
00:19:17 For example, if we sewed the temperature, it could be a simple electronic circuit system that turns off the colors if it is very high.
00:19:21 we sewed the temperature, it could be a simple electronic circuit system that turns off the colors if it is very high. What is the system that starts?
00:19:23 What is the system that starts?
00:19:30 For example, we gave an example of a dam. There might be a system that opens the dam gates.
00:19:32 might be a system that opens the dam gates. Think about it all. Isn't there this control addition at the bottom?
00:19:37 Think about it all. Isn't there this control addition at the bottom?
00:19:44 What are the controlled tools and equipment? They're connected to sensors and
00:19:48 They're connected to sensors and sending them. More precisely, on the right,
00:19:50 sending them. More precisely, on the right, there are sensors. There's already
00:19:53 there are sensors. There's already a control system from the questions. It
00:19:54 a control system from the questions. It continues in the same way.
00:19:59 continues in the same way. There's a protection system like this. The sensor on the right is the
00:20:02 There's a protection system like this. The sensor on the right is the protected system. The sensor on the left is the system that protects the sensors.
00:20:06 protected system. The sensor on the left is the system that protects the sensors. The sensors are
00:20:16 a protection system. The functionality of the protection systems is unnecessary because they include
00:20:19 systems is unnecessary because they include
00:20:24 monitoring and control capabilities that replicate those in the control software.
00:20:36 Look carefully here. I think the meaning of the unnecessary base is that it's not functional right now. Let's
00:20:38 I think the meaning of the unnecessary base is that it's not functional right now. Let's see, let's say it's
00:20:55 see, let's say it's not unnecessary. What is it redundant? Why? Because the
00:21:02 not unnecessary. What is it redundant? Why? Because the protection system already
00:21:05 protection system already
00:21:09 includes the features in our current system. It doesn't provide us with any extra benefit other than protecting how much protection is protected. In other words, it
00:21:13 than protecting how much protection is protected. In other words, it
00:21:19 's actually a non-functional feature. Protection systems should be diverse and control systems should use at least different
00:21:21 should be diverse and control systems should use at least different technologies.
00:21:26 technologies. Since they are more than the control system,
00:21:27 Since they are more than the control system,
00:21:31 more effort can be spent on verification. This hole assurance is a goal to ensure
00:21:35 can be spent on verification. This hole assurance is a goal to ensure a low probability of failure on demand for the protection system.
00:21:37 a low probability of failure on demand for the protection system. Here,
00:21:47 Here, on demand. What happened, friends?
00:21:51 on demand. What happened, friends? When an unexpected situation occurs, it just
00:21:53 When an unexpected situation occurs, it just kicks in. It doesn't work continuously. It
00:21:56 kicks in. It doesn't work continuously. It doesn't want anything that isn't added.
00:21:59 doesn't want anything that isn't added.
00:22:07 Subscribe to self-monitoring architectures. This system monitors its own processes
00:22:16 This system monitors its own processes and detects these inconsistencies.
00:22:19 and detects these inconsistencies. Because multi-channel
00:22:21 Because multi-channel architectures, the same calculations are made on each channel
00:22:25 architectures, the same calculations are made on each channel and the results are compared. If
00:22:28 and the results are compared. If the results are the same, also if the subway
00:22:30 the results are the same, also if the subway system worked correctly, see
00:22:32 system worked correctly, see what's going on here.
00:22:39 what's going on here. For example, there are two sensors
00:22:42 For example, there are two sensors coming from two of them. Think of it as three sensors. If the results
00:22:45 coming from two of them. Think of it as three sensors. If the results from two of the three are the same, it continues
00:22:47 from two of the three are the same, it continues or decides on it. If
00:22:50 or decides on it. If the results are different, a failure is
00:22:52 the results are different, a failure is assumed and a failure exception
00:22:55 assumed and a failure exception occurs. This is a self-
00:22:58 occurs. This is a self- monitoring system from us. Hacer, self-monitoring
00:23:01 monitoring system from us. Hacer, self-monitoring Architect, look like this: there's an input, the
00:23:03 Architect, look like this: there's an input, the input is divided into two. Channel 1, Channel 2,
00:23:06 input is divided into two. Channel 1, Channel 2, Channel 1,
00:23:07 Channel 1, the results from this country
00:23:09 the results from this country are compared. If they're the same,
00:23:12 are compared. If they're the same, I said okay, the system is working correctly. If
00:23:14 I said okay, the system is working correctly. If they're different, there's an error in the system.
00:23:16 they're different, there's an error in the system. These self-monitoring
00:23:21 These self-monitoring systems require different hardware on each channel to prevent common mode hardware failures from
00:23:25 systems require different hardware on each channel to prevent common mode hardware failures from producing the same results.
00:23:26 producing the same results.
00:23:31 This is very important. There will be no picket clones on channels because
00:23:35 There will be no picket clones on channels because an error or vulnerability in one will
00:23:38 an error or vulnerability in one will also be transmitted to the other. If it's used, it's assumed there's a failure.
00:23:41 also be transmitted to the other. If it's used, it's assumed there's a failure.
00:23:46 There should be variety in their writings. Otherwise, the same software error will affect the manual channel. That is, both the
00:23:48 error will affect the manual channel. That is, both the hardware and the software must be written differently so that it
00:23:50 hardware and the software must be written differently so that it works. This way, both
00:23:55 works. This way, both software and hardware are
00:23:58 software and hardware are prevented from failing simultaneously with the same error. Because there
00:24:01 prevented from failing simultaneously with the same error. Because there is diversity, if high availability is
00:24:04 is diversity, if high availability is required, you can use a few
00:24:07 required, you can use a few self-monitoring systems in parallel.
00:24:09 self-monitoring systems in parallel. This is the approach used
00:24:13 This is the approach used for flight control systems in the Erva Hot family.
00:24:15 for flight control systems in the Erva Hot family. Because there is
00:24:19 Because there is both redundancy and diversity.
00:24:21 both redundancy and diversity. Look, we will see now. If the main flight
00:24:25 Look, we will see now. If the main flight control system Cave has an input,
00:24:28 control system Cave has an input, friends, the input
00:24:31 friends, the input is transmitted to all systems. The same input is compared to the
00:24:34 is transmitted to all systems. The same input is compared to the main flight
00:24:37 main flight control system.
00:24:39 control system.
00:24:50 There are two more channels. These are backup systems. They can also
00:24:54 These are backup systems. They can also process the input and produce the result if necessary.
00:24:59 process the input and produce the result if necessary. Then there is a second-hand
00:25:03 Then there is a second-hand flight system. The second Rüstem also
00:25:06 flight system. The second Rüstem also
00:25:13 has that self-monitoring system. Now we will see in more detail. If the
00:25:17 Now we will see in more detail. If the main architecture discussion. If you look, TCS
00:25:20 main architecture discussion. If you look, TCS
00:25:28 has five separate computers that can run any control software. 5 of them, and only one of them actually performs its flight. Various
00:25:30 actually performs its flight. Various types are
00:25:31 types are used extensively. What are
00:25:34 used extensively. What are these first systems, which have
00:25:39 these first systems, which have a different processor than their systems?
00:25:41 a different processor than their systems?
00:25:48 The software in each channel is developed by different teams in different programming languages. The
00:26:13 different programming languages
00:26:19 used in the first and second systems are different. Thus, the probability of
00:26:30 two teams making the same algorithmic design error is greatly
00:26:33 error is greatly reduced.
00:26:34 reduced. Subscribe.
00:26:36 Subscribe. Key points in this section are as
00:26:38 Key points in this section are as follows: reliability in a program is
00:26:41 follows: reliability in a program is preventing errors from occurring. By
00:26:44 preventing errors from occurring. By detecting and eliminating errors before system deployment, the system provides
00:26:47 detecting and eliminating errors before system deployment, the system provides comfortable land
00:26:50 comfortable land opportunities. We can
00:26:54 opportunities. We can
00:27:02 also say that reliability can be achieved by including hardware, software processes, and software
00:27:05 hardware, software processes, and software systems. Using redundancy and diversity
00:27:07 systems. Using redundancy and diversity
00:27:13 is essential for developing systems. It is crucial to minimize system failures by using a
00:27:15 minimize system failures by using a well-defined, repeatable
00:27:18 well-defined, repeatable process.
00:27:21 process. Secure system architectures
00:27:24 Secure system architectures are system architectures designed for error management.
00:27:27 are system architectures designed for error management. See fault tolerance. This error is
00:27:32 See fault tolerance. This error is between 80 architectures and styles. Protection
00:27:35 between 80 architectures and styles. Protection systems.
00:27:36 systems. O self-monitoring exchanges and the most
00:27:38 O self-monitoring exchanges and the most difficult version of programming. Find the most difficult programming.
00:27:40 difficult version of programming. Find the most difficult programming.
00:27:48 Yes, we continue in section 2. The most reliable program. Multiple versions of a software system
00:27:51 program. Multiple versions of a software system perform the same calculations.
00:27:54 perform the same calculations. There should be an odd number of computers within the work.
00:27:56 There should be an odd number of computers within the work. Typically, 3. So, from an odd number,
00:27:59 Typically, 3. So, from an odd number, results like 35 to 59
00:28:03 results like 35 to 59 are compared using a voting system, and the majority
00:28:05 are compared using a voting system, and the majority result is taken as the correct result. The
00:28:07 result is taken as the correct result. The voting approach we gave is the
00:28:10 voting approach we gave is the triple modular concept used in hardware systems. It
00:28:12 triple modular concept used in hardware systems. It is now produced according to the concept of Banan
00:28:17 is now produced according to the concept of Banan fault tolerance. Models are
00:28:19 fault tolerance. Models are redundant. TMR depends on trimo. Dur
00:28:26 redundant. TMR depends on trimo. Dur Rivers can be. Tiribolulu. We saw it
00:28:32 Rivers can be. Tiribolulu. We saw it in English. Let's look at them right away.
00:28:36 in English. Let's look at them right away. xDrive. Modern residence. Yes, redundancy is the
00:28:39 xDrive. Modern residence. Yes, redundancy is the same. Comparing the input and output fields, there
00:28:42 same. Comparing the input and output fields, there
00:28:46 are 33 components. If an output is different, it's ignored and component
00:28:48 is different, it's ignored and component failure is considered present. Instead of design errors,
00:28:51 failure is considered present. Instead of design errors, you'll know that
00:28:53 you'll know that most errors resulting from failures, or simultaneous
00:28:55 most errors resulting from failures, or simultaneous component failures, are
00:28:57 component failures, are based on the fact that the majority of these errors are considered. When this happens,
00:29:02 based on the fact that the majority of these errors are considered. When this happens, of course, the output of the majority is accepted.
00:29:06 of course, the output of the majority is accepted. Here, you see the multitude of programs, there
00:29:09 Here, you see the multitude of programs, there are different versions. You see, the
00:29:10 are different versions. You see, the majority of these are accepted as outputs.
00:29:13 majority of these are accepted as outputs. We'll add them, sometimes it hurts.
00:29:17 We'll add them, sometimes it hurts. I have your program. It was designed and implemented
00:29:20 I have your program. It was designed and implemented by teams in the park for different system versions.
00:29:22 by teams in the park for different system versions. Look, there
00:29:24 Look, there 's an important nuance here. It's assumed that the
00:29:28 's an important nuance here. It's assumed that the same errors are unlikely to occur by different teams.
00:29:31 same errors are unlikely to occur by different teams. Naturally, the
00:29:33 Naturally, the algorithms used should be different,
00:29:36 algorithms used should be different, but they might not be different. Here,
00:29:41 but they might not be different. Here, they also use different programming languages.
00:29:43 they also use different programming languages. This
00:29:46 This reduces the probability of algorithmic errors. There's some empirical evidence that teams often
00:29:50 reduces the probability of algorithmic errors. There's some empirical evidence that teams often misinterpret specifications in the same way
00:29:52 misinterpret specifications in the same way and choose the same algorithms in their systems.
00:29:54 and choose the same algorithms in their systems.
00:30:00 Yes, this can happen, but the
00:30:03 this can happen, but the probability is very low.
00:30:05 probability is very low. When this happens,
00:30:09 When this happens, there are various methods to reduce this. We
00:30:11 there are various methods to reduce this. We 'll explain them within the software types. We'll discuss
00:30:14 'll explain them within the software types. We'll discuss approaches to software errors within the
00:30:17 approaches to software errors within the same software specification. So,
00:30:19 same software specification. So, you say, for example, when 05 pressure
00:30:23 you say, for example, when 05 pressure is measured, here's a head tree. So, I
00:30:31 is measured, here's a head tree. So, I 'm giving a random example here, or when
00:30:32 'm giving a random example here, or when blood sugar is measured, there
00:30:35 blood sugar is measured, there 's this much dose. What is this? The software
00:30:39 's this much dose. What is this? The software specification defines the task. But the algorithms and programming language that determine
00:30:42 specification defines the task. But the algorithms and programming language that determine how this task will be performed
00:30:43 how this task will be performed
00:30:52 depend entirely on the developer. This means that the program code can be written in many different ways,
00:30:55 can be written in many different ways,
00:31:01 depending on the hardware and programming language to be used. This specification here
00:31:06 will intentionally fail in different ways. It depends on the software types, it is independent of the applications, and
00:31:10 is independent of the applications, and
00:31:15 it is assumed that it does not contain common errors. Strategies for achieving diversity include different programming
00:31:17 Strategies for achieving diversity include different programming languages, different design methods and
00:31:19 languages, different design methods and tools, and clear specification of different algorithms.
00:31:22 tools, and clear specification of different algorithms.
00:31:28 After doing all of this, the difference is that different applications will make the same mistake,
00:31:31 applications will make the same mistake, and it will take very little time.
00:31:35 and it will take very little time. Problems related to design types are
00:31:38 Problems related to design types are not different in terms of team culture.
00:31:40 not different in terms of team culture. Therefore, what is the action of addressing problems in the same way?
00:31:42 Therefore, what is the action of addressing problems in the same way?
00:31:46 Yes, this also applies to how teams are selected when forming teams,
00:31:54 team members, and Bekir's subordinates will also make a significant difference. Everyone
00:31:56 subordinates will also make a significant difference. Everyone comes from the same or similar environments and
00:31:59 comes from the same or similar environments and makes the same mistake. What can we say?
00:32:04 makes the same mistake. What can we say? It can lead to a predisposition to characteristic errors.
00:32:07 It can lead to a predisposition to characteristic errors. Different teams make the same mistakes.
00:32:10 Different teams make the same mistakes. Some parts of an application make the same mistakes
00:32:12 Some parts of an application make the same mistakes later than others. Therefore, all
00:32:14 later than others. Therefore, all teams tend to make mistakes in the same place.
00:32:15 teams tend to make mistakes in the same place. What are characteristic attacks in terms of
00:32:17 What are characteristic attacks in terms of specification errors? If the
00:32:20 specification errors? If the specification is faulty, the
00:32:23 specification is faulty, the team will make mistakes. There's nothing I can do about it.
00:32:25 team will make mistakes. There's nothing I can do about it. If there's a mistake in the specification, it will
00:32:28 If there's a mistake in the specification, it will either heat up all applications. Because mold, even
00:32:32 either heat up all applications. Because mold, even if it's with different teams. They
00:32:35 if it's with different teams. They have to monitor and implement that specification. They
00:32:38 have to monitor and implement that specification. They have to develop it. This can also be done to
00:32:41 have to develop it. This can also be done to some extent using multiple features.
00:32:42 some extent using multiple features.
00:32:49 Yes, specification dependency
00:32:52 dependency
00:32:57 is open to specification errors with both approaches to software redundancy. If the specification is incorrect, the system can fail.
00:32:59 is incorrect, the system can fail. This is also a hardware-related
00:33:03 This is also a hardware-related issue. However, software features are
00:33:04 issue. However, software features are generally more complex than hardware features
00:33:06 generally more complex than hardware features and are more difficult to verify.
00:33:10 and are more difficult to verify. So, in hardware,
00:33:12 So, in hardware, errors can arise from specification dependency.
00:33:14 errors can arise from specification dependency. This has sometimes been addressed by developing
00:33:17 This has sometimes been addressed by developing separate software specifications for the same user specification. In
00:33:19 separate software specifications for the same user specification. In
00:33:24 some cases, they've even said, "Let's make the specification different, so
00:33:28 even said, "Let's make the specification different, so
00:33:35 let's try to eliminate the possibility of thinking about the same error." But of course, there's a very extreme case.
00:33:39 But of course, there's a very extreme case. So, how are practical and applied
00:33:40 So, how are practical and applied improvements made? If the principle
00:33:43 improvements made? If the principle is that interoperability and independence can be achieved,
00:33:46 and independence can be achieved, multi-version programming can lead to
00:33:49 multi-version programming can lead to significant improvements in reliability and usability. The
00:33:50 significant improvements in reliability and usability. The
00:33:56 improvements observed in practice are much less significant, and only the approach achieves a reliability improvement between 5 and 9 times.
00:33:59 significant, and only the approach achieves a reliability improvement between 5 and 9 times.
00:34:04 Looking at the observed improvements in practice, we can say that the observed improvements in practice are much less significant.
00:34:07 observed improvements in practice, we can say that the observed improvements in practice are much less significant. Because these errors
00:34:11 Because these errors don't happen all the time,
00:34:13 don't happen all the time, but when they do, they can lead to very Behçet results.
00:34:16 but when they do, they can lead to very Behçet results. So,
00:34:20 So, there's very little benefit in monitoring. We can observe what we've done,
00:34:21 there's very little benefit in monitoring. We can observe what we've done, but
00:34:25 but since the error is prevented from ever occurring, we can
00:34:27 since the error is prevented from ever occurring, we can actually observe how much has been gained.
00:34:29 actually observe how much has been gained. So, think about it this way. The
00:34:32 So, think about it this way. The key question is, we won't say that such improvements don't cost
00:34:36 key question is, we won't say that such improvements don't cost significant extra development for programming multiple versions. Of
00:34:38 significant extra development for programming multiple versions. Of
00:34:43 course, another question is that the difference and improvement
00:34:47 the difference and improvement will bring a very serious cost. So,
00:34:50 will bring a very serious cost. So, only if it's worth it and sustainable. You
00:34:53 only if it's worth it and sustainable. You
00:35:00 can make a sustainable Sancak in terms of cost and profit, otherwise we won't make that software at all. So, if the
00:35:02 we won't make that software at all. So, if the profit and loss ratio doesn't meet the cost,
00:35:07 profit and loss ratio doesn't meet the cost, reliable programming programs
00:35:10 reliable programming programs
00:35:13 help reduce the frequency of errors. These programming practices can
00:35:14 These programming practices can be identified. This program
00:35:17 be identified. This program supports the following: error
00:35:20 supports the following: error detection. We will do these. We've already seen these
00:35:23 detection. We will do these. We've already seen these in a section.
00:35:35 Let's look at the recommendations for the most reliable program. Why are reliable programming
00:35:37 Why are reliable programming guidelines? Limit the visibility of information in a program,
00:35:40 guidelines? Limit the visibility of information in a program,
00:35:47 that is, unnecessary information should not be visible.
00:35:51 should not be visible. Check the validity of all inputs. This is always,
00:35:54 Check the validity of all inputs. This is always, always, what a software
00:35:57 always, what a software engineer should do. You
00:36:02 engineer should do. You should never trust any input. You should never trust the message.
00:36:04 should never trust any input. You should never trust the message. String in experience. You expect a fig. Are you
00:36:07 String in experience. You expect a fig. Are you expecting a strip? Are you expecting that
00:36:08 expecting a strip? Are you expecting that city to be as you expect?
00:36:11 city to be as you expect?
00:36:20 Provide a handler for all exceptions. So, if it happens in Istanbul, that exception will be on its own. It shouldn't be left open,
00:36:23 exception will be on its own. It shouldn't be left open, and that exception should be managed in a way that
00:36:27 and that exception should be managed in a way that minimizes its use,
00:36:30 minimizes its use, making it error-prone. It provides restart capabilities.
00:36:32 making it error-prone. It provides restart capabilities. Restarting is
00:36:34 Restarting is crucial because its homework can cause errors, and the only
00:36:36 crucial because its homework can cause errors, and the only solution is restarting. And your
00:36:39 solution is restarting. And your software should be able to do this. Check the array boundaries. If
00:36:42 software should be able to do this. Check the array boundaries. If you're using an array, you
00:36:46 you're using an array, you
00:36:55 should be careful about the boundaries there. If you're manipulating elements in our indexes, you should be careful about the boundaries. When we're looking for external components, it should also be opened from time to time.
00:36:57 also be opened from time to time. Why? Because the external component
00:37:01 Why? Because the external component doesn't have control over its existence. Its response isn't in your hands. You'll
00:37:03 doesn't have control over its existence. Its response isn't in your hands. You'll
00:37:08 have to give it instructions, otherwise you might have to wait forever.
00:37:10 might have to wait forever.
00:37:17 Name all constants that represent real-world values. So, when you define a variable,
00:37:23 don't give it meaningless names like a, b, c, d, but what does it do? What does it do? It's
00:37:25 What does it do? It's something. My name is something. Then,
00:37:28 something. My name is something. Then,
00:37:34 variable naming is very important. It's very important to see information in a program.
00:37:36 see information in a program. Now, we
00:37:38 Now, we 'll explore these techniques more closely. Program
00:37:40 'll explore these techniques more closely. Program components should only be allowed to
00:37:43 components should only be allowed to access the data they need for these applications.
00:37:45 access the data they need for these applications. This means that
00:37:48 This means that some parts of the program state shouldn't be
00:37:50 some parts of the program state shouldn't be accidentally corrupted by these components.
00:37:52 accidentally corrupted by these components. We can control the data
00:37:55 We can control the data presentation using abstract data
00:37:58 presentation using abstract data types where data is specific and visible
00:38:01 types where data is specific and visible only. We can control the data
00:38:05 only. We can control the data beforehand using predefined data types like get and put. Do
00:38:06 beforehand using predefined data types like get and put. Do you allow access with defined operations?
00:38:10 you allow access with defined operations? Of course, more advanced programming is needed.
00:38:13 Of course, more advanced programming is needed. How to do this
00:38:15 How to do this can vary depending on different programming languages. All
00:38:18 can vary depending on different programming languages. All
00:38:28 programs check all inputs for validity. This is a lot of people. All programs take input from their environment and make assumptions about these inputs.
00:38:31 and make assumptions about these inputs. However, program
00:38:35 However, program features are kept secret with these assumptions.
00:38:38 features are kept secret with these assumptions. Otherwise, they define what to do.
00:38:40 Otherwise, they define what to do. Consequently, many programs
00:38:44 Consequently, many programs
00:38:49 behave unpredictably when presented with external inputs, and sometimes these are threats to system security. For
00:38:51 these are threats to system security. For example,
00:38:54 example, you will investigate this. If
00:38:57 you will investigate this. If
00:39:02 you do not verify the inputs you receive from the user, they can easily add them to our database. Oh, they even
00:39:05 add them to our database. Oh, they even know you completely, you are always standing still.
00:39:08 know you completely, you are always standing still. Here is all the information about this minced meat has
00:39:10 Here is all the information about this minced meat has been stolen. These are generally caused by not checking the locations and ensuring
00:39:14 been stolen. These are generally caused by not checking the locations and ensuring adequate control.
00:39:16 adequate control. Wars. As a result,
00:39:20 Wars. As a result,
00:39:23 according to the assumptions made about these inputs, you should check this before processing the process. That is, you will not
00:39:30 say "Input is correct." You will always think that the user is a malicious hacker.
00:39:33 a malicious hacker. We will check the valid
00:39:37 We will check the valid checks, such as the interval checks.
00:39:40 checks, such as the interval checks. Check the 16 known inputs of your
00:39:43 Check the 16 known inputs of your mother. We said, for example, a water
00:39:47 mother. We said, for example, a water treatment system, a chemical, for example, that
00:39:51 treatment system, a chemical, for example, that allows our hand to be entered, which is
00:39:53 allows our hand to be entered, which is harmful to human health. So,
00:39:56 harmful to human health. So, whether it is quoted or not, but Check You will
00:39:58 whether it is quoted or not, but Check You will
00:40:05 check that the game controls do not open the maximum size and open the Love size. For example, if our database
00:40:09 our database supports a maximum of 40 characters for a horse, and you
00:40:10 supports a maximum of 40 characters for a horse, and you allow a character, this will cause a database error. If you allow a character, this will
00:40:12 allow a character, this will cause a database error. If you allow a character, this will
00:40:17 cause a failure of five. Nurse controls check that the initiative representation
00:40:20 controls check that the initiative representation
00:40:23 does not contain characters that should not be part of it. It should not contain numbers. For example,
00:40:27 should not contain numbers. For example, no name in Türkiye can contain numbers.
00:40:29 no name in Türkiye can contain numbers. Then you will check this.
00:40:31 Then you will check this. Bağkurlu controls use the information about the back to
00:40:35 Bağkurlu controls use the information about the back to check that it is reasonable rather than an excessive value.
00:40:37 check that it is reasonable rather than an excessive value.
00:40:43 This will of course change the situation. A control that
00:40:47 change the situation. A control that provides a handler for all exceptions. A program
00:40:50 provides a handler for all exceptions. A program exception is an error or
00:40:52 exception is an error or some unexpected event, such as a power outage.
00:40:53 some unexpected event, such as a power outage. Exception handling structures
00:40:58 Exception handling structures
00:41:05 allow for the handling of such events without the need for continuous status checking to detect exceptions. This allows for the
00:41:09 use of normal checking to detect exceptions.
00:41:14 This requires many additional expressions to be added to the program. This is a significant shortcoming and potentially open to error. Bre
00:41:19 and potentially open to error. Bre exception handling. See what Kot Seleks's
00:41:21 exception handling. See what Kot Seleks's normal floof control is.
00:41:23 normal floof control is. This normal flow is
00:41:27 This normal flow is what it does when an error is detected. See what it does here, what it
00:41:29 what it does when an error is detected. See what it does here, what it acts as below, what this
00:41:31 acts as below, what this exception process is, that is, the error handling
00:41:35 exception process is, that is, the error handling here. Hatay processes Korkmaz: Of course,
00:41:39 here. Hatay processes Korkmaz: Of course, we can no longer perform normal exits. When an error
00:41:41 we can no longer perform normal exits. When an error occurs, our error-handling code runs,
00:41:44 occurs, our error-handling code runs, and what do you do next?
00:41:46 and what do you do next? Normal flow
00:41:49 Normal flow is disrupted, as is the case with the exception process. The exception process
00:41:54 is disrupted, as is the case with the exception process. The exception process has a strategy of requesting three exceptions. It
00:41:56 has a strategy of requesting three exceptions. It
00:42:01 notifies a calling component that an exception has occurred and provides information about the exception type, meaning it
00:42:05 provides information about the exception type, meaning it provides information about who called the method.
00:42:07 provides information about who called the method. Some alternative actions are performed to the process where the exception occurred.
00:42:10 Some alternative actions are performed to the process where the exception occurred. This is
00:42:13 This is only possible if the Istan handler
00:42:16 only possible if the Istan handler
00:42:21 has sufficient information to overcome the problem. In the case of an "excuse me," there
00:42:23 In the case of an "excuse me," there is a need to know which exception event
00:42:26 is a need to know which exception event occurred and to identify
00:42:28 occurred and to identify it. We need to predict it. I can
00:42:31 it. We need to predict it. I can write an alternative process
00:42:33 write an alternative process to celebrate it. For this, I can pass control to
00:42:36 to celebrate it. For this, I can pass control to a runtime support
00:42:38 a runtime support system to handle it more uniquely. Exception handling is
00:42:42 system to handle it more uniquely. Exception handling is a mechanism that provides some kind of ceremony for this
00:42:48 a mechanism that provides some kind of ceremony for this error. This minimizes the use of explicit structures.
00:42:50 error. This minimizes the use of explicit structures. Which structures
00:42:53 Which structures can be vulnerable to Kahta? Program errors are often
00:42:55 can be vulnerable to Kahta? Program errors are often the result of human error. This is because
00:42:58 the result of human error. This is because programmers lose
00:43:01 programmers lose track of the relationships between different parts of the system.
00:43:03 track of the relationships between different parts of the system. This is inherently complex,
00:43:09 This is inherently complex, or the ability to control errors
00:43:11 or the ability to control errors in programming languages like Hatay
00:43:13 in programming languages like Hatay is exacerbated by explicit structures.
00:43:16 is exacerbated by explicit structures. Therefore, when programming,
00:43:18 Therefore, when programming,
00:43:23 you should try to avoid explicit structures or at least minimize their use. Error structures also go unconditionally.
00:43:28 Error structures also go unconditionally. So, without any conditions, we
00:43:32 So, without any conditions, we say, "Go directly to this line in this code." This is
00:43:36 say, "Go directly to this line in this code." This is not recommended at all. You should avoid this in programming.
00:43:39 not recommended at all. You should avoid this in programming.
00:43:45 Floating-point numbers are very difficult to express 100%.
00:43:47 very difficult to express 100%. For example, it's very difficult to click on a number like this in Word.
00:43:51 For example, it's very difficult to click on a number like this in Word.
00:43:57 Then, let me show you from there. Then, like this, like this, like this.
00:43:59 Then, like this, like this, like this. You can't express it exactly. That's why this
00:44:03 You can't express it exactly. That's why this rounding occurs.
00:44:05 rounding occurs. For example, if you compare this exactly, imagine this
00:44:07 For example, if you compare this exactly, imagine this database example is stored like this.
00:44:09 database example is stored like this. Now,
00:44:12 Now, when you encounter these two numbers, the same number doesn't come out.
00:44:14 when you encounter these two numbers, the same number doesn't come out. So, using floating-point numbers can
00:44:18 So, using floating-point numbers can lead to invalid comparisons.
00:44:22 lead to invalid comparisons. Comparing these two numbers
00:44:23 Comparing these two numbers will yield good results. But this number and
00:44:26 will yield good results. But this number and OK, it may be stored like this. This is
00:44:29 OK, it may be stored like this. This is
00:44:38 related to the size of the data type used with bits and bands, the precision of the data top, and pointers have signs. That is, pointers
00:44:41 pointers have signs. That is, pointers
00:44:46 can corrupt data from the sign under the wrong memory areas. A little bit can make it difficult to understand the program's operation,
00:44:49 little bit can make it difficult to understand the program's operation, taxing it, and changing it.
00:44:51 taxing it, and changing it. Dynamic memory allocation can
00:44:54 Dynamic memory allocation can cause memory overflows at runtime.
00:44:58 cause memory overflows at runtime. This can also cause errors. This can be very pleasing. Open structures,
00:45:03 This can also cause errors. This can be very pleasing. Open structures, parallelism, unforeseen interactions between parallel processes,
00:45:06 parallelism, unforeseen interactions between parallel processes,
00:45:10 can cause subtle errors. So, it's a very serious error. Synchronization is
00:45:12 So, it's a very serious error. Synchronization is required in parallel programming.
00:45:15 required in parallel programming.
00:45:22 Understanding recursion functions is very difficult, and testing them is very difficult and
00:45:23 very difficult and complicated. Errors in self-renewal
00:45:26 complicated. Errors in self-renewal
00:45:31 can cause program overflows, but sometimes they make your job much easier. Does he know that
00:45:32 make your job much easier. Does he know that writing a self-referential program requires serious
00:45:35 writing a self-referential program requires serious experience.
00:45:39 experience. Interrupts can terminate a critical process
00:45:42 Interrupts can terminate a critical process and make a program
00:45:44 and make a program difficult to understand.
00:45:46 difficult to understand. A legacy of Hades Kot could not
00:45:51 A legacy of Hades Kot could not be placed. Why? Because
00:45:54 be placed. Why? Because you're making code in another class,
00:45:57 you're making code in another class, you're stuck. You say these
00:46:00 you're stuck. You say these changes were made, and unexpected
00:46:02 changes were made, and unexpected behavior can cause problems. I don't understand the code.
00:46:04 behavior can cause problems. I don't understand the code. So,
00:46:08 So, if a change is made to the pot you inherited, it can affect code in a very different class. You
00:46:10 if a change is made to the pot you inherited, it can affect code in a very different class. You can break
00:46:14 can break it. Love made by Ali Ay Sing.
00:46:18 it. Love made by Ali Ay Sing.
00:46:23 How can using multiple horses to refer to the same state variable in Turkish change this? This
00:46:37 means aliasing. Yes, no signal processing. Think about it. This conversation depends
00:46:39 Think about it. This conversation depends on the concept used. Unlimited arrays.
00:46:43 on the concept used. Unlimited arrays. If there is no bound control in arrays, buffer
00:46:46 If there is no bound control in arrays, buffer overflow errors can occur.
00:46:48 overflow errors can occur. Default input processing and input
00:46:51 Default input processing and input independence. Is an input action occurring in a
00:46:53 independence. Is an input action occurring in a default action degree transferring the program to
00:46:56 default action degree transferring the program to another location. This
00:47:00 another location. This can cause problems when a program restarts, which can trigger incorrect and
00:47:01 can cause problems when a program restarts, which can trigger incorrect and deliberately malicious
00:47:03 deliberately malicious program pain.
00:47:08 program pain.
00:47:17 For systems that provide capabilities and require long processes or user interaction, you should always start from
00:47:23 a starting point that allows users to restart everything they do without having to redo everything.
00:47:27 For example, if the power goes out and there is no power supply and the
00:47:31 goes out and there is no power supply and the process is very long,
00:47:34 process is very long, starting over from the beginning can be very
00:47:37 starting over from the beginning can be very time-consuming and costly.
00:47:41 time-consuming and costly. Of course, if an error
00:47:45 Of course, if an error occurs, a restart is necessary. This
00:47:48 occurs, a restart is necessary. This also has the advantage of
00:47:51 also has the advantage of being a restart system. This means that the system
00:47:53 being a restart system. This means that the system stores copies of the forms connected to the system.
00:47:56 stores copies of the forms connected to the system. This way,
00:47:58 This way, they don't have to refill the problem.
00:47:59 they don't have to refill the problem. For example, this is a type of periodic
00:48:03 For example, this is a type of periodic saving and restarting from the saved state.
00:48:05 saving and restarting from the saved state. This is a second situation.
00:48:10 This is a second situation. We check the boundaries of the
00:48:12 We check the boundaries of the array. Some programming languages, such as Erce,
00:48:15 array. Some programming languages, such as Erce, do not listen to the
00:48:17 do not listen to the array declaration. In some programming languages, an array
00:48:20 array declaration. In some programming languages, an array declaration is outside the allowed range. This
00:48:22 declaration is outside the allowed range. This address is outside the allowed range.
00:48:23 address is outside the allowed range. You are using the Republic today. This
00:48:29 You are using the Republic today. This attackers
00:48:32 attackers
00:48:37 can deliberately take the code beyond the best of us by writing it into memory. This
00:48:42 leads to a security vulnerability. If one of you doesn't include bounded checking, that is, your programming language.
00:48:46 doesn't include bounded checking, that is, your programming language. Therefore, always
00:48:48 Therefore, always checking whether an array is within the bounds of the array
00:48:49 checking whether an array is within the bounds of the array
00:48:55 can also lead to these vulnerabilities. When searching for external components, include the time portions of the external components.
00:48:58 include the time portions of the external components. In a distributed system,
00:49:01 In a distributed system, a remote computer failure can occur silently,
00:49:03 a remote computer failure can occur silently, without you ever knowing about it. Programs
00:49:05 without you ever knowing about it. Programs waiting for a service from that computer never receive
00:49:07 waiting for a service from that computer never receive that service or
00:49:09 that service or any indication of a failure.
00:49:11 any indication of a failure. So,
00:49:15 So, they can wait forever, not forever. To avoid this,
00:49:18 they can wait forever, not forever. To avoid this,
00:49:27 you can always open a time window for all calls made to external components. After a defined period of time has passed without a response, you can create
00:49:30 has passed without a response, you can create a web page that appears to be in front of
00:49:32 a web page that appears to be in front of you. If the result
00:49:34 you. If the result doesn't respond, you'll have to wait a few seconds.
00:49:36 doesn't respond, you'll have to wait a few seconds. If you're the one who assumes the failure is real, you'll need to consider the error.
00:49:39 If you're the one who assumes the failure is real, you'll need to consider the error.
00:49:43 Hello friends. So, what will the website say? If it
00:49:48 doesn't respond, I'll throw the correct Time at error. So, you open the error.
00:50:01 Name all constants that represent real-world values. Instead of using numerical values, always
00:50:04 Instead of using numerical values, always
00:50:09 give constants that reflect real-world values, such as tax rates. We always assign them by name and
00:50:11 always assign them by name and find them. When using at instead of value, you're less likely to
00:50:15 find them. When using at instead of value, you're less likely to make mistakes and avoid typing incorrect things.
00:50:16 make mistakes and avoid typing incorrect things. Especially
00:50:19 Especially if you have a compile-time check,
00:50:23 if you have a compile-time check, this greatly reduces
00:50:27 this greatly reduces the probability of error.
00:50:30 the probability of error. This is another advantage.
00:50:33 This is another advantage. Of course, these times are not truly constant. So, you
00:50:37 Of course, these times are not truly constant. So, you only
00:50:39 only need to make the change in one place in your program. Because
00:50:43 need to make the change in one place in your program. Because you always called that name, you changed it, your charge
00:50:45 you always called that name, you changed it, your charge named, instead of that variable containing ms-100,
00:50:47 named, instead of that variable containing ms-100, you didn't write a hundred. Look at it as a number. The
00:50:50 you didn't write a hundred. Look at it as a number. The key points for Hello are
00:50:53 key points for Hello are difficult to access software varieties. Because it's
00:50:55 difficult to access software varieties. Because it's
00:50:59 almost impossible to ensure that each version of the software is truly independent. For the reasons I've explained, it relies on the inclusion of
00:51:02 For the reasons I've explained, it relies on the inclusion of
00:51:09 too many got statements in a program to safely check the validity of programming inputs and the values of program variables.
00:51:16 So, dive somewhere. Jump. Pointers, pointers, recursion,
00:51:19 Pointers, pointers, recursion, birkosit English, blind. You're left with
00:51:22 birkosit English, blind. You're left with
00:51:27 some programming structures and techniques like floating point, these simpoint numbers,
00:51:30 by nature, we made mistakes. In terms of the prayer back, whatever programming language
00:51:32 prayer back, whatever programming language you use,
00:51:34 you use,
00:51:40 you should try to avoid these structures when developing security systems. Yes, friends, let's create a fesi
00:51:43 create a fesi and hopefully you're right.
00:51:53 and hopefully you're right. We'll see you in the last lesson. You'll learn 14. We've
00:51:58 We'll see you in the last lesson. You'll learn 14. We've reached the end of our lesson.
00:52:02 reached the end of our lesson. Thank you for listening. Take care. Let's
00:52:45 Yes, friends. Hopefully, see you next week.
Beta Was this translation helpful? Give feedback.
All reactions