Sufficient Evidence? Building Certifiably Dependable Systems
National Academy Of Sciences, Washington DC
Investigators
Abstract
Blumenthal Systems on which the safety or security of individuals may depend are frequently subject to certification: a formal assurance that the system has met relevant technical standards designed to assure it will not unduly endanger the public. Today, certification of the dependability of a computer-based system frequently relies at least as heavily on assessments of the process used to develop it or of the qualifications of those who produced it, as it does on the system's observable properties. While these assessments can be useful, few would dispute that direct observation of the artifact ought to provide a stronger kind of assurance than the credentials of its production methods or producers could hope to do. Yet the complexity of software systems, as well as their discrete nature, renders them extremely difficult to analyze unless great care has been taken with their structure and maintenance. Indeed, where extremely high assurance of specific functions is required, simple but inflexible hardware components are sometimes used to limit the damage that essential, but less predictable, software may cause. The goal of this study is to identify the kinds of system properties for which certification is desired, how that certification is obtained today, and, most important, what design and development methods, including methods for establishing evidence of trustworthiness, could lead to future systems structures that are more easily certified. Where these methods cannot be identified, the study would identify a research agenda that would lead to their discovery. Issues relating to system development processes, product qualities, and testing, evaluation, and certification practice will be addressed. Building on inputs and committee deliberations, a report with findings and conclusions will be produced, subject to NRC review processes, and disseminated. This project concept arose from discussions with members of the High Confidence Software and Systems program component area of the Interagency Working Group on Networking and Information Technology R&D.
View original record on NSF Award Search →