An acceptability envelope is a region of imperfect but acceptable software systems surrounding a given perfect system. Explicitly targeting the acceptability envelope during development (rather than attempting to minimize the number of errors, as is the current practice) has several potential benefits. Specifically, leaving acceptable errors in the system eliminates the risks and costs associated with attempting to repair the errors; investing fewer resources in less critical regions of the program and more resources in more critical regions may increase acceptability and reduce the overall investment of development resources. To realize these benefits, the acceptability envelope must be both sizable and accessible. We present several case studies that explore the acceptability envelopes of the Pine email client and the SurePlayer MPEG decoder. These studies show that both Pine and SurePlayer can tolerate the addition of many off-by-one errors without producing unacceptable behavio...
Martin C. Rinard, Cristian Cadar, Huu Hai Nguyen