Software Assurance Using Structured Assurance Case Models
نویسندگان
چکیده
Software assurance is an important part of the software development process to reduce risks and ensure that the software is dependable and trustworthy. Software defects and weaknesses can often lead to software errors and failures and to exploitation by malicious users. Testing, certification and accreditation have been traditionally used in the software assurance process to attempt to improve software trustworthiness. In this paper, we examine a methodology known as a structured assurance model, which has been widely used for assuring system safety, for its potential application to software assurance. We describe the structured assurance model and examine its application and use for software assurance. We identify strengths and weaknesses of this approach and suggest areas for further investigation and testing.
منابع مشابه
Acquisition of Software - Reliant Capabilities
To improve the security of software systems, we need to improve the software development processes used to produce them. Software security assurance cases have been proposed as a way of establishing security properties of software at different phases of the software development lifecycle; however, these assurance cases are difficult to write, communicate and introduce into an already burdened s...
متن کاملAssurance and Assurance Cases
Assurance provides confidence that a system will work as required and not cause harm. Confidence is based on justified beliefs about the system and its environment, and justification can be developed and documented as an assurance case comprised of a structured argument grounded on evidence. For justification to be compelling, the argument must be indefeasible, meaning that we have so thoroughl...
متن کاملQuality Assurance of Textual Models within Eclipse using OCL and Model Transformations
Modern software development processes often use domainspecific modeling languages (DSMLs) combined with custom code generators and/or interpreters. Especially textual DSMLs as provided by Eclipse Xtext are becoming more and more popular. As a consequence, software quality assurance frequently leads back to quality assurance of the involved textual models. Here, various quality aspects have to b...
متن کاملReasoning About Confidence and Uncertainty in Assurance Cases: A Survey
Assurance cases are structured logical arguments supported by evidence that explain how systems, possibly software systems, satisfy desirable properties for safety, security or reliability. The confidence in both the logical reasoning and the underlying evidence is a factor that must be considered carefully when evaluating an assurance case; the developers must have confidence in their case bef...
متن کاملScale : System Development Challenges
The usage and characteristics of large systems or systems of systems can challenge many current development assumptions. Vulnerability analysis has typically concentrated on vulnerabilities induced by errors in coding or in the interfaces among components. System interactions can also be a seedbed for vulnerabilities, however. This article describes software assurance challenges inherent in net...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره 115 شماره
صفحات -
تاریخ انتشار 2010