Runtime Certification

نویسنده

  • John M. Rushby
چکیده

Software often must be certified for safety, security, or other critical properties. Traditional approaches to certification require the software, its systems context, and all their associated assurance artifacts to be available for scrutiny in their final, completed forms. But modern development practices often postpone the determination of final system configuration from design time to integration time, load time, or even runtime. Adaptive systems go beyond this and modify or synthesize functions at runtime. Developments such as these require an overhaul to the basic framework for certification, so that some of its responsibilities also may be discharged at integration-, loador runtime. We outline a suitable framework, in which the basis for certification is changed from compliance with standards to the construction of explicit goals, evidence, and arguments (generally called an “assurance case”). We describe how runtime verification can be used within this framework, thereby allowing certification partially to be performed at runtime or, more provocatively, enabling “runtime certification.”

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Draft of January 2007 . Just - in - Time Certification ∗

Traditional, standards-based approaches to certification are hugely expensive, of questionable credibility when development is outsourced, and a barrier to innovation. This paper is a call and a manifesto for new approaches to certification. We start by advocating a goal-based approach in which unconditional claims delivered by formal methods are combined with other evidence in multi-legged cas...

متن کامل

Precise Documentation of Requirements and Executable Specifications

We propose a format for precise documentation of requirements to drive the development of dependable software products and to provide evidence for their certification. Requirements are elicited from customers and expressed informally as atomic English descriptions. To analyze the consistency of the requirements, we translate them into a software specification consisting of model contracts and t...

متن کامل

Runtime Verification of Remotely Executed Code using Probabilistically Checkable Proof Systems

In this paper we consider the verification and certification of computations that are done remotely. We investigate the use of probabilistically checkable proof (PCP) systems for efficiently certifying such computations. This model can also be applied to verifying security proofs of software downloads. To make the use of PCPs more practical, a new version of Cook’s Theorem is given for the RAM ...

متن کامل

The Ravenscar Tasking Profile – Experience Report

The Ravenscar Profile was defined at the 8 International Real-Time Ada Workshop as a simple subset of the tasking features of Ada, in order to support efficient, high integrity applications that need to be analysed for their timing properties. Ada compiler vendor Aonix subsequently implemented the Profile via its Raven product line, and is currently engaged in producing the formal certification...

متن کامل

Cheko : Aspect-Oriented Runtime Monitor Certification via Model-Checking (Extended Version)

In-lining runtime monitors into untrusted binary programs via aspectweaving is an increasingly popular technique for efficiently and flexibly securing untrusted mobile code. However, the complexity of the monitor implementation and in-lining process in these frameworks can lead to vulnerabilities and low assurance for code-consumers. This paper presents a machine-verification technique for aspe...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008