A component-based development process for trustworthy systems

This paper introduces a new process for a rigorous component-centered development of trustworthy systems. The rationale for our perspective of the process is two-fold. The activities prescribed in a conventional software engineering development process are neither suitable nor sufficient for developing component-based systems. Component-based development methods that are currently practised do not support the explicit specification of trustworthiness properties, and are not based on rigorous principles. Hence they are not suitable for developing trustworthy systems. Trustworthiness is regarded as a composite nonfunctional property comprising the four attributes safety, security, availability, and reliability. They must be rigorously defined for components and systems composed from them. It is essential that the process enforces a direct evidence of trustworthiness in the systems that are developed following the process. Consequently, the development process, in addition to being reuse oriented, component-oriented, and rigorous in all phases of system lifecycle, should maintain the chain of evidence that the trustworthiness properties are preserved in every activity of every phase of system development. The proposed process includes several parallel interrelated tracks including component development, component assessment, component reuse, and component-based system development and prescribes specific activities and tools for ensuring trustworthiness in all activities.