Advertisement

Software Trustworthiness: Past, Present and Future

  • Mitra Nami
  • Witold Suryn
Part of the Communications in Computer and Information Science book series (CCIS, volume 320)

Abstract

Software controls an increasing number of complex technical systems, ranging from Internet-based e-health and e-government applications to embedded control systems in factories, cars, and aircrafts. Even though the quality assurance budgets of software makers are increasing, program failures happen quite often. The successful deployment of software systems depends on the extent to which we can justifiably trust them. Academia, government, and industry have conducted several efforts with the aim of providing a view of trustworthiness in software from system construction, evaluation and analysis. This paper investigates the previous and present activities that have been performed to achieve software trustworthiness and suggests some guidelines for future activities. The proposed approach uses the novel behaviouristic model for verifying software trustworthiness based on scenarios of interactions between the software and its users and environment [1].

Keywords

software trustworthiness quality security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Nami, M., Suryn, W.: From Requirements to Software Trustworthiness using Scenarios and Finite State Machine, Montreal (2012)Google Scholar
  2. 2.
    Rolland, C., et al.: A proposal for a scenario classification framework. Requirements Engineering Journal 3(1), 23–47 (1998)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Bordeleau, F., Corriveau, J.-P.: From Scenarios to Hierarchical State Machines: A Pattern based Approach. In: Proceedings of OOPSLA 2000 Workshop: Scenario Based Round-trip Engineering (October 2000)Google Scholar
  4. 4.
    Leue, S., Mehrmann, L., Rezai, M.: Synthesizing ROOM Models From Message Sequence Charts Specifications. In: Proc. 13th IEEE Conf. on Automated Software Engineering (1998)Google Scholar
  5. 5.
    Mäkinen, E., Systä, T.: An Interactive Approach for Synthesizing UML Statechart Diagrams from Sequence Diagrams. In: Proceedings of OOPSLA 2000 Workshop: Scenario Based Round-trip Engineering (October 2000)Google Scholar
  6. 6.
    Whittle, J., Schumann, J.: Generating Statechart Designs From Scenarios. In: Proceedings of OOPSLA 2000 Workshop: Scenario Based Round-trip Engineering, October 2000, Tampere University of Technology, Software Systems Laboratory, Report 20 (2000)Google Scholar
  7. 7.
    Behrens, H.: Requirements Analysis and Prototyping using Scenarios and Statecharts. In: Proceedings of ICSE 2002 Workshop: Scenarios and State Machines: Models, Algorithms, and Tools (2002)Google Scholar
  8. 8.
    DACS, Software Project Management for Software Assurance: A State-of-the-Art-Report (September 30, 2007) Google Scholar
  9. 9.
    DACS, and IATAC, Software Security Assurance: A State-of-the-Art-Report (July 31, 2007) Google Scholar
  10. 10.
    Department of Defence, National Computer Security Center, Trusted Computer System Evaluation Criteria. DOD 5200.28 STD (1985) Google Scholar
  11. 11.
    Parnas, D., et al.: Evaluation of safety-critical Software. UCA 4 33(6), 635–648 (1990)Google Scholar
  12. 12.
    ISO/IEC Standard No. 9126: Software engineering – Product quality; Parts 1–4. International Organization for Standardization (ISO) / International Electrotechnical Commission (IEC), Geneva, Switzerland (2001-2004)Google Scholar
  13. 13.
    Boland, T., et al.: Toward a Preliminary Framework for Assessing the Trustworthiness of Software. National Institute of Standards and Technology (November 2010)Google Scholar
  14. 14.
    Zheng, Z., et al.: Complexity of Software trustworthiness and its dynamical statistical analysis methods. Science in China Series F” - Information Sciences 52(9), 1651–1657 (2009), doi:10.1007/s11432-009-1043-4zbMATHCrossRefGoogle Scholar
  15. 15.
    Hertzum, M.: The importance of trust in software engineers’ assessment and choice of information sources. Information and Organization 12, 1–18 (2002)CrossRefGoogle Scholar
  16. 16.
    Bernstein, L.: Trustworthy software systems. SIGSOFT Software Engineering Notes 30, 4–5 (2005)CrossRefGoogle Scholar
  17. 17.
    Amoroso, E., Taylor, C., Watson, J., Weiss, J.: A process-oriented methodology for accessing and improving Software Trustworthy. In: Proceedings of the 2nd ACM Conference on Computer and Communication Security, Virginia, USA, pp. 39–50 (1994)Google Scholar
  18. 18.
    Dijkstra, E.W., Dahl, O.J., Hoare, C.A.R.: Structured programming. Academic Press (1972)Google Scholar
  19. 19.
    www.cnsoftware.org/nsg (visited on April 24, 2011)
  20. 20.
    Gill, H.: High Confidence Software and Systems: Cyber-Physical Systems Progress Report: Semantics Perspective. National Science Foundation, Second Workshop on Event-based Semantics (2008)Google Scholar
  21. 21.
    Avizienis, A., Laprie, J.-C., Randell, B.: Fundamental Concepts of Dependability, Technical Report 739., Department of Computing Science. University of Newcastle upon Tyne (2001)Google Scholar
  22. 22.
    De Lemos, R., Gacek, C., Romanovsky, A.: ICSE 2002 Workshop on Software Architectures for Dependable Systems (Workshop Summary). ACM Software Engineering Notes 28(5) (November 2003)Google Scholar
  23. 23.
    Oppliger, R., Rytz, R.: Does trusted computing remedy computer security problems? IEEE Security & Privacy 3(2), 16–19 (2005)CrossRefGoogle Scholar
  24. 24.
    Mundie, C., et al.: Trustworthy Computing. Microsoft White Paper (October 2002)Google Scholar
  25. 25.
    Safford, D.: The Need for TCPA, IBM Research (October 2002), http://www.ibm.com (last visited April 30, 2011)
  26. 26.
    Hurlbut, R.: A Survey of Approaches for Describing and Formalizing Use Cases, Technical Report 97-03, Department of Computer Science. Illinois Institute of Technology, USA (1997), http://www.iit.edu/~rhurlbut/xpt-tr-97-03.html
  27. 27.
    Hurlbut, R. R.: Managing Domain Architecture Evolution Through Adaptive Use Case and Business Rule Models” Ph.D. thesis. Illinois Institute of Technology, Chicago, USA (1998), http://www.iit.edu/~rhurlbut/hurl98.pdf (visited on May 10, 2012)
  28. 28.
    Suryn, W., Trudeau, P.O., Mazzetti, C.: Information Systems and their Relationship to Quality EngineeringGoogle Scholar
  29. 29.
    Security, Privacy and Trust in the Future Internet, Issues for discussion, http://www.future-internet.eu/fileadmin/documents/bled_documents/Issues_TSD_Future_Internet_-_08_03_02.pdf (visited on May 10, 2012)
  30. 30.
    Dept. of Homeland Security, A Roadmap for Cybersecurity Research (November 2009), http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf (visited on May 10, 2012)

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Mitra Nami
    • 1
  • Witold Suryn
    • 1
  1. 1.École de technologie supérieureMontréalCanada

Personalised recommendations