Skip to main content
SpringerLink
Log in

Contractual specification of reliable software

  • Chapter
High-Integrity Software

Part of the book series: Software Science and Engineering ((SSEN))

  • 54 Accesses

Abstract

Within the context of this chapter, high-integrity software will be taken as meaning software which must satisfy the integrity requirements of an external body: this could be an aviation authority for safety-critical software in an aircraft, security authorities for software protecting classified data, or the safety boards in the various industries where computers are used to control hazardous processes. Procedures in these various fields are far from being fixed, let alone standardized, but inevitably there are factors which are common to the production of approved software for no matter what application. In particular, the roles played by the interested parties will be similar. As we are concerned with the contractual situation, there will always be a procurer and an implementor for the software. For high-integrity software, there must always be an approver who is responsible for allowing the system to be used. In most situations, neither the procurer nor the approver will have enough detailed knowledge about a system to decide whether it is trustworthy or not. Consequently, from the contractual point of view, the problem is not so much a question of producing high-integrity software as of demonstrating its integrity to the approver. The system must not only be trustworthy, but must be seen to be trustworthy in the approver’s eyes. In cases where the public is at risk from the incorrect operation of software, accountability requires that approvers should be able to demonstrate their mechanisms of approval and the evidence on which a given approval was based.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bell, D. E. and LaPadula, L. J., Secure Computer System: Unified Exposition and Multics Interpretation, Technical Report ESD-TR-75-306, Mitre Corporation, Bedford, Massachusetts, USA (March 1976).

    Google Scholar 

  2. Clark, D. D. and Wilson, D. R., “A comparison of commercial and military computer security policies”, Proc. 1987 IEEE Symposium on Security and Privacy, Oakland, California, USA.

    Google Scholar 

  3. Goguen, J. A. and Meseguer, J., “Security policies and security models”, Proc. 1982 Berkeley Conference on Computer Security, IEEE Computer Society Press (1982).

    Google Scholar 

  4. Goguen, J. A. and Meseguer, J., “Unwinding and inference control”, Proc. 1984 IEEE Symposium on Security and Privacy, Oakland, California, USA.

    Google Scholar 

  5. Hayes, I. Specification Case Studies, Prentice Hall (1987).

    Google Scholar 

  6. Karger, P. A. and Herbert, A. J., “An augmented capability architecture to support lattice security and traceability of access”, Proc. 1984 IEEE Symposium on Security and Privacy, Oakland, California, USA.

    Google Scholar 

  7. Landwehr, C. E., “Formal models for computer security”, Computing Surveys, 13, 247 (1981).

    Article  Google Scholar 

  8. Morris, R. and Thompson, K., “Password security: a case history”, Comm. ACM, 22, 11, 594 (1979).

    Article  Google Scholar 

  9. Neely, R. B. and Freeman, J. W., “Structuring systems for formal verification”, Proc. 1985 IEEE Symposium on Security and Privacy, Oakland, California, USA.

    Google Scholar 

  10. Rushby, J. M. and Randell, B., “A distributed secure system”, IEEE Computer, 16, pp. 55–67 (1983).

    Article  Google Scholar 

  11. Sufrin, B., “Formal system specification—notation and examples”, Tools and Notations for Program Construction” (Ed. Neel), Cambridge University Press (1983).

    Google Scholar 

  12. Wiseman, S. R., “A secure capability computer system”, Proc. 1986 IEEE Symposium on Security and Privacy, Oakland, California, USA.

    Google Scholar 

  13. Wood, H. M., “The use of passwords for controlling access to remote computer systems and services”, Proc. 1977 National Computer Conference, AFIPS Press (June 1977).

    Google Scholar 

  14. Wood, J., “A practical distributed secure system”, Proc. 2nd International Conference on Secure Communications Systems, IEE, London (October 1986).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Royal Signals and Radar Establishment, UK

    C. T. Sennett

Authors
  1. C. T. Sennett
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Royal Signals and Radar Establishment, Malvern, UK

    C. T. Sennett

Rights and permissions

Reprints and permissions

Copyright information

© 1989 Crown Copyright

About this chapter

Cite this chapter

Sennett, C.T. (1989). Contractual specification of reliable software. In: Sennett, C.T. (eds) High-Integrity Software. Software Science and Engineering. Springer, Boston, MA. https://doi.org/10.1007/978-1-4684-5775-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-1-4684-5775-9_12

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4684-5777-3

  • Online ISBN: 978-1-4684-5775-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation