Trustworthiness Assessment Framework for Net-Centric Systems

  • Raymond Paul
  • Jing Dong
  • I-Ling Yen
  • Farokh Bastani


Modern applications are becoming increasingly large-scale and network-centric, involving a variety of different types of system entities. Also, the assurance requirements for these systems are evolving due to the continuing emergence of new threats from new operational environments. To assure the trustworthiness of these systems to a sufficiently high degree of confidence is a challenging task. Most existing methods require different specialized assessment techniques for not only different types of system entities but also different trustworthiness aspects. Also, most existing techniques lack consideration of the overall system trustworthiness assessment from an integrated system perspective or fail to provide a holistic view. To address these problems, we develop an ontology-based approach to provide systematic guidelines for net-centric system assessment. The ontology-based approach captures evolving system trustworthiness aspects and effectively models their relationships and correlations. It can also organize system entities and associate appropriate assessment techniques for each class of system entities and their integrations.


Assessment Technique Software Reliability System Entity Computer Platform Unauthorized User 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Mark S. Ackerman, Lorrie Faith Cranor, Joseph Reagle, “Privacy in e-commerce: examining user scenarios and privacy preferences,” Proceedings of the 1st ACM conference on Electronic commerce, Denver, Colorado, 1999, pp. 1-8.Google Scholar
  2. 2.
    T. Anderson, Resilient Computing Systems, John-Wiley, New York, 1985.Google Scholar
  3. 3.
    A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, “Basic concepts and taxonomy of dependable and secure computing,” IEEE Trans. on Dependable and Secure Computing, Vol. 1, No. 1, Jan.-Mar. 2004, pp. 11-33.CrossRefGoogle Scholar
  4. 4.
    F. B. Bastani and A. Pasquini, “Assessment of a sampling method for measuring safety-critical software reliability,” Proceedings of 5th International Symposium on Software Reliability Engineering, November 1994, pp. 93-102.Google Scholar
  5. 5.
    A.M.K. Cheng, Real-Time Systems: Scheduling, Analysis, and Verification, Wiley Interscience, 2002.Google Scholar
  6. 6.
    Mike Chen, Emre Kıcıman, Eugene Fratkin, Eric Brewer, and Armando Fox, “Pinpoint: Problem determination in large, dynamic Internet services,” Dependable Systems and Networks, 2002.Google Scholar
  7. 7.
    Julie E. Cohen, “DRM and privacy,” Communications of the ACM (Special issue on digital rights management and fair use by design), Vol. 46, No. 4, April 2003, pp. 46-49Google Scholar
  8. 8.
    Riccardo Focardi, Fabio Martinelli, “A uniform approach for the definition of security properties,” World Congress on Formal Methods, 1999.Google Scholar
  9. 9.
    B.J. Fogg and H. Tseng, “The elements of computer credibility,” Proc. 1999 SIGCHI Conf. on Human Factors in Computing Systems, Pittsburgh, PA, 1999, pp. 80-87.Google Scholar
  10. 10.
    T.F. Lawrence, “The quality of service model and high assurance,” Proc. 1997 IEEE High-Assurance Systems Engineering Workshop, Washington, DC, Aug. 1997, pp. 38-39.Google Scholar
  11. 11.
    E. A. Lee and S. Edwards., “Precision Timed (PRET) Computation in Cyber-Physical System”, National Workshop on High Confidence Software Platforms for Cyber-Physical Systems: Research Needs and Roadmap, November, 2006.Google Scholar
  12. 12.
    N. Leveson, Software: System Safety and Computers, Addison Wesley, New York, 1995.Google Scholar
  13. 13.
    H.F. Lipson and D.A. Fisher, ”Survivability -A new technical and business perspective on security,” Proc. 1999 workshop on New security Paradigms, Caledon Hills, Ontario, Canada, 1999, pp. 33-39.Google Scholar
  14. 14.
    B. Littlewood and L. Strigini, “Software reliability and dependability: A roadmap,” Proceedings of the 22nd International Conference on Software Engineering, Limerick, Ireland, A. Finkelstein (ed), June 2000, pp. 177-188.Google Scholar
  15. 15.
    J.W.S. Liu, Real-Time Systems, Prentice Hall, 2000.Google Scholar
  16. 16.
    J. McDermott, "Attack-potential-based survivability modeling for high-consequence systems," 2005. Proc. 3rd IEEE Intl. Work. on Information Assurance (IWIA'05), March 2005, pp. 119-130.Google Scholar
  17. 17.
    R. A. Paul, “DoD towards software services,” Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems, February 2005, pp. 3-6.Google Scholar
  18. 18.
    G. Vecellio and W. M. Thomas, "Issues in the assurance of component-based software," Proc. 2000 IEEE Intl. Work.on Component-Based Software Engineering, Limerick, Ireland, Jun. 2000.Google Scholar
  19. 19.
    J. Voas, “Certifying software for high-assurance environments,” IEEE Software, Vol. 16, No. 4, Jul./Aug. 1999, pp. 48-54.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag US 2009

Authors and Affiliations

  • Raymond Paul
    • 1
  • Jing Dong
    • 2
  • I-Ling Yen
    • 2
  • Farokh Bastani
    • 2
  1. 1.Department of DefenseUSA
  2. 2.University of Texas at DallasRichardsonUSA

Personalised recommendations