skip to main content
research-article

Resolute: an assurance case language for architecture models

Published:18 October 2014Publication History
Skip Abstract Section

Abstract

Arguments about the safety, security, and correctness of a complex system are often made in the form of an assurance case. An assurance case is a structured argument, often represented with a graphical interface, that presents and supports claims about a system's behavior. The argument may combine different kinds of evidence to justify its top level claim. While assurance cases deliver some level of guarantee of a system's correctness, they lack the rigor that proofs from formal methods typically provide. Furthermore, changes in the structure of a model during development may result in inconsistencies between a design and its assurance case. Our solution is a framework for automatically generating assurance cases based on 1) a system model specified in an architectural design language, 2) a set of logical rules expressed in a domain specific language that we have developed, and 3) the results of other formal analyses that have been run on the model. We argue that the rigor of these automatically generated assurance cases exceeds those of traditional assurance case arguments because of their more formal logical foundation and direct connection to the architectural model.

References

  1. Adelard. ASCE. http://www.adelard.com/asce/ .Google ScholarGoogle Scholar
  2. N. Basir, E. Denney, and B. Fischer. Deriving safety cases for hierarchical structure in model-based development. In E. Schoitsch, editor, Proceedings of the 2010 International Conference on Computer Safety, Reliability, and Security (SAFECOMP), volume 6351 of Lecture Notes in Computer Science, pages 68--81. Springer, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. P. Bishop, R. Bloomfield, and L. Cyra. Combining testing and proof to gain high assurance in software. In ISSRE 2013, November 2013.Google ScholarGoogle Scholar
  4. Boeing. Unmanned Little Bird. http://www.boeing.com/boeing/rotorcraft/military/ulb/.Google ScholarGoogle Scholar
  5. D. D. Cofer, A. Gacek, S. P. Miller, M. W. Whalen, B. LaValley, and L. Sha. Compositional verification of architectural models. In A. E. Goodloe and S. Person, editors, Proceedings of the 4th NASA Formal Methods Symposium (NFM 2012), volume 7226, pages 126--140, Berlin, Heidelberg, April 2012. Springer-Verlag. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. S. Cruanes, G. Hamon, S. Owre, and N. Shankar. Tool integration with the evidential tool bus. In R. Giacobazzi, J. Berdine, and I. Mastroeni, editors, Verification, Model Checking, and Abstract Interpretation, volume 7737 of Lecture Notes in Computer Science, pages 275--294. Springer Berlin Heidelberg, 2013.Google ScholarGoogle Scholar
  7. L. Cyra and J. Górski. Supporting compliance with security standards by trust case templates. In 2007 International Conference on Dependability of Computer Systems (DepCoS-RELCOMEX 2007), June 14-16, 2007, Szklarska Poreba, Poland, pages 91--98. IEEE Computer Society, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Defense Advanced Research Projects Agency. High-Assurance Cyber Military Systems. http://www.darpa.mil/Our_Work/I2O/Programs/High-Assurance_Cyber_Military_Systems_(HACMS).aspx.Google ScholarGoogle Scholar
  9. E. Denney and G. Pai. Evidence arguments for using formal methods in software certification. In IEEE International Workshop on Software Certification (WoSoCer 2013), November 2013.Google ScholarGoogle ScholarCross RefCross Ref
  10. E. Denney and G. Pai. A formal basis for safety case patterns. In Proceedings of the 2013 International Conference on Computer Safety, Reliability and Security (SAFECOMP), September 2013.Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. E. Denney, G. Pai, and J. Pohl. AdvoCATE: An assurance case automation toolset. In Proceedings of the 2012 International Conference on Computer Safety, Reliability, and Security (SAFECOMP), pages 8--21, Berlin, Heidelberg, 2012. Springer-Verlag. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. P. H. Feiler and D. P. Gluch. Model-Based Engineering with AADL: An Introduction to the SAE Architecture Analysis & Design Language. Addison-Wesley Professional, 1st edition, 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. O. Gilles and J. Hugues. Expressing and enforcing user-defined constraints of AADL models. Engineering of Complex Computer Systems, IEEE International Conference on, 0:337--342, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. J. Goodenough, C. Weinstock, and A. Klein. Toward a theory of assurance case confidence. Technical Report Carnegie Mellon University/SEI-2012-TR-002, Software Engineering Institute, Carnegie Mellon University, September 2012.Google ScholarGoogle ScholarCross RefCross Ref
  15. P. Graydon, J. Knight, and E. Strunk. Assurance based development of critical systems. In 2007 International Symposium on Dependable Systems and Networks (DSN), June 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. W. Greenwell, J. Knight, C. M. Holloway, and J. Pease. A taxonomy of fallacies in system safety arguments. In 24th International System Safety Conference, August 2006.Google ScholarGoogle Scholar
  17. GSN. GSN community standard version 1. http://www.goalstructuringnotation.info/documents/GSN_Standard.pdf, November 2011.Google ScholarGoogle Scholar
  18. R. Hawkins, K. Clegg, R. Alexander, and T. Kelly. Using a software safety argument pattern catalogue: Two case studies. In Proceedings of the 2011 International Conference on Computer Safety, Reliability and Security (SAFECOMP), September 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. R. Hawkins, I. Habli, T. Kelly, and J. McDermid. Assurance cases and prescriptive software safety certification: A comparative study. Safety Science, 59:55--71, 2013.Google ScholarGoogle ScholarCross RefCross Ref
  20. R. D. Hawkins and T. P. Kelly. A Systematic Approach for Developing Software Safety Arguments. In Proceedings of the 2009 International System Safety Conference (ISSC), 2009.Google ScholarGoogle Scholar
  21. T. Kelley. Concepts and principles of compositional safety case construction. Technical Report COMSA/2001/1/1, The University of York, 2001.Google ScholarGoogle Scholar
  22. T. Kelly. Arguing Safety - A Systematic Approach to Managing Safety Cases. PhD thesis, University of York, 1998.Google ScholarGoogle Scholar
  23. T. Kelly and J. McDermid. Safety case construction and reuse using patterns. In Proceedings of the 1997 International Conference on Computer Safety, Reliability, and Security (SAFECOMP), 1997.Google ScholarGoogle ScholarCross RefCross Ref
  24. T. Kelly and R. Weaver. The goal structuring notation - a safety argument notation. In Proceedings of the Dependable Systems and Networks 2004 Workshop on Assurance Cases, July 2004.Google ScholarGoogle Scholar
  25. G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. seL4: Formal verification of an OS kernel. In Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, SOSP '09, pages 207--220, New York, NY, USA, 2009. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Y. Matsuno, H. Takamura, and Y. Ishikawa. A dependability case editor with pattern library. In HASE, pages 170--171. IEEE Computer Society, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. S. P. Miller, M. W. Whalen, and D. D. Cofer. Software model checking takes off. Commun. ACM, 53(2):58--64, Feb. 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. NASA. Certware. http://nasa.github.io/CertWare/.Google ScholarGoogle Scholar
  29. Rockwell Collins. Resolute. https://github.com/smaccm/smaccm.Google ScholarGoogle Scholar
  30. Software Engineering Institute, Carnegie Mellon University. OSATE. http://www.aadl.info/aadl/currentsite/tool/osate.html.Google ScholarGoogle Scholar
  31. L. Sun, O. Lisagor, and T. Kelly. Justifying the validity of safety assessment models with safety case patterns. In Proceedings of the 6th IET System Safety Conference, September 2011.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Resolute: an assurance case language for architecture models

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image ACM SIGAda Ada Letters
            ACM SIGAda Ada Letters  Volume 34, Issue 3
            HILT '14
            December 2014
            93 pages
            ISSN:1094-3641
            DOI:10.1145/2692956
            Issue’s Table of Contents
            • cover image ACM Conferences
              HILT '14: Proceedings of the 2014 ACM SIGAda annual conference on High integrity language technology
              October 2014
              116 pages
              ISBN:9781450332170
              DOI:10.1145/2663171

            Copyright © 2014 ACM

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 18 October 2014

            Check for updates

            Qualifiers

            • research-article

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!