Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235756
C. Klingler, M. Nevaiser, A. Marmor-Squires, C. Lott, H. D. Rombach
The authors conducted a case study within TRW which involved the creation of formal process specifications and designs using MVP-L, an existing process notation. The goals of the overall study were aimed at understanding the various steps in representing processes and evaluating notations for each process-representation step. These goals were consistent with the vision of a process-driven, reuse-based, technology-supported paradigm for the development of software-intensive systems. The study, the lessons learned about process representation in general, and the lessons learned about the language MVP-L are described in detail.<>
{"title":"A case study in process representation using MVP-L","authors":"C. Klingler, M. Nevaiser, A. Marmor-Squires, C. Lott, H. D. Rombach","doi":"10.1109/CMPASS.1992.235756","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235756","url":null,"abstract":"The authors conducted a case study within TRW which involved the creation of formal process specifications and designs using MVP-L, an existing process notation. The goals of the overall study were aimed at understanding the various steps in representing processes and evaluating notations for each process-representation step. These goals were consistent with the vision of a process-driven, reuse-based, technology-supported paradigm for the development of software-intensive systems. The study, the lessons learned about process representation in general, and the lessons learned about the language MVP-L are described in detail.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123702457","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235761
A. Cheng, C.-H. Chen
It is required not only to verify the logical correctness of a real-time expert system but also to determine whether the computation time required to compute a logically correct decision in each monitor-decide cycle is within the imposed timing constraint. A principal concept in the analysis methodology is that of a special form of rules. A set of rules satisfying all behavioral constraint assertions of a special form is guaranteed to have bounded response time. The authors present efficient algorithms for computing tight response time bounds for rule sets with bounded response time. These algorithms use techniques which do not involve checking the state-space graph corresponding to the rule sets.<>
{"title":"Efficient response time bound analysis of real-time rule-based systems","authors":"A. Cheng, C.-H. Chen","doi":"10.1109/CMPASS.1992.235761","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235761","url":null,"abstract":"It is required not only to verify the logical correctness of a real-time expert system but also to determine whether the computation time required to compute a logically correct decision in each monitor-decide cycle is within the imposed timing constraint. A principal concept in the analysis methodology is that of a special form of rules. A set of rules satisfying all behavioral constraint assertions of a special form is guaranteed to have bounded response time. The authors present efficient algorithms for computing tight response time bounds for rule sets with bounded response time. These algorithms use techniques which do not involve checking the state-space graph corresponding to the rule sets.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129350127","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235760
R. Mead
A specification for the control processes that constitute the Advanced Train Control System (ATCS) is considered. The process of validating the logic contained in those control processes is addressed. The evolution of the specifications describing the control processes in the ATCS has been from a high-level, operational view of railroad operations to a detailed logical description of a transaction-based event-response system. That process has required much functional decomposition and evaluation of design approaches. A description is given of a validation process that is feasible because the system logic exists in the compilable Ada PDL language used. In this approach, the specifications themselves become the engine for their own validation.<>
{"title":"The use of Ada PDL as the basis for validating a system specified by control flow logic","authors":"R. Mead","doi":"10.1109/CMPASS.1992.235760","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235760","url":null,"abstract":"A specification for the control processes that constitute the Advanced Train Control System (ATCS) is considered. The process of validating the logic contained in those control processes is addressed. The evolution of the specifications describing the control processes in the ATCS has been from a high-level, operational view of railroad operations to a detailed logical description of a transaction-based event-response system. That process has required much functional decomposition and evaluation of design approaches. A description is given of a validation process that is feasible because the system logic exists in the compilable Ada PDL language used. In this approach, the specifications themselves become the engine for their own validation.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"944 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133945972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235766
N. Amla, P. Ammann
The application of specification-based test methods to informal functional specifications requires considerable analysis on the part of the test engineer. The authors hypothesize that a large portion of this analysis is already present in formal functional specifications. They examine this hypothesis by analyzing a particular variety of formal specifications, namely Z specifications, in the context of a general specification-based testing method known as category partition testing. General guidelines are presented to derive category partition test specifications from Z functional specifications. The relationship between a Z specification and steps in the category partition method is broadly defined and illustrated with an example.<>
{"title":"Using Z specifications in category partition testing","authors":"N. Amla, P. Ammann","doi":"10.1109/CMPASS.1992.235766","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235766","url":null,"abstract":"The application of specification-based test methods to informal functional specifications requires considerable analysis on the part of the test engineer. The authors hypothesize that a large portion of this analysis is already present in formal functional specifications. They examine this hypothesis by analyzing a particular variety of formal specifications, namely Z specifications, in the context of a general specification-based testing method known as category partition testing. General guidelines are presented to derive category partition test specifications from Z functional specifications. The relationship between a Z specification and steps in the category partition method is broadly defined and illustrated with an example.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122518494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235759
J. Michael, E. Addy, S. Fortier, B. Junk, J. McHugh
A panel session regarding the economics of building or retrofitting safety into software systems is summarized. The issues discussed include cost benefit analysis of security systems; investment in safety-related activities; a definition of software safety; economic analysis methodology; the measurement of the economic utility of software systems, and the safety-related attributes of a system and the software life cycle; the level of formality that should be attempted in developing economic models of safety-critical software systems; and traditional cost-benefit analysis approaches for making investment decisions concerning safety-critical systems.<>
{"title":"Software safety and economics","authors":"J. Michael, E. Addy, S. Fortier, B. Junk, J. McHugh","doi":"10.1109/CMPASS.1992.235759","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235759","url":null,"abstract":"A panel session regarding the economics of building or retrofitting safety into software systems is summarized. The issues discussed include cost benefit analysis of security systems; investment in safety-related activities; a definition of software safety; economic analysis methodology; the measurement of the economic utility of software systems, and the safety-related attributes of a system and the software life cycle; the level of formality that should be attempted in developing economic models of safety-critical software systems; and traditional cost-benefit analysis approaches for making investment decisions concerning safety-critical systems.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"176 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123569743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235763
L. Russell
A probabilistic framework for decision-making is developed. It is based on the recognition that if it is impossible to consider every case in which security might be comprised, at the least a rational method of controlling estimated risk is desirable. Multilevel secure databases are considered. The author describes several principle aggregation and inference problems, and shows how the solutions are externalized to the database designer. These externalized problems are reformulated in a context of approximate reasoning or probability. An overview of probability issues is provided and classified into two orthogonal approaches. These concepts are applied to the database design problem, and policies are provided that can be used to control decision-making for controlling in turn the probability of database inference.<>
{"title":"A probabilistic approach to assurance of database design","authors":"L. Russell","doi":"10.1109/CMPASS.1992.235763","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235763","url":null,"abstract":"A probabilistic framework for decision-making is developed. It is based on the recognition that if it is impossible to consider every case in which security might be comprised, at the least a rational method of controlling estimated risk is desirable. Multilevel secure databases are considered. The author describes several principle aggregation and inference problems, and shows how the solutions are externalized to the database designer. These externalized problems are reformulated in a context of approximate reasoning or probability. An overview of probability issues is provided and classified into two orthogonal approaches. These concepts are applied to the database design problem, and policies are provided that can be used to control decision-making for controlling in turn the probability of database inference.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124523364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235765
S. Prasad
The author describes how asymptotic correctness verifications of numerical programs are performed by using the Penelope Ada verification system. The intuitive notion of closeness underlying the notion of asymptotic correctness and how the notion of asymptotic correctness is supported in Penelope are discussed. A brief description of the Penelope system followed by a discussion of how the Ada real number model is incorporated into it are included. The special mathematical operations introduced for asymptotic correctness are described. The techniques developed for asymptotic correctness proofs are illustrated by an example verification of a program for computing square roots by the Newton iteration method.<>
{"title":"Verification of numerical programs using Penelope/Ariel","authors":"S. Prasad","doi":"10.1109/CMPASS.1992.235765","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235765","url":null,"abstract":"The author describes how asymptotic correctness verifications of numerical programs are performed by using the Penelope Ada verification system. The intuitive notion of closeness underlying the notion of asymptotic correctness and how the notion of asymptotic correctness is supported in Penelope are discussed. A brief description of the Penelope system followed by a discussion of how the Ada real number model is incorporated into it are included. The special mathematical operations introduced for asymptotic correctness are described. The techniques developed for asymptotic correctness proofs are illustrated by an example verification of a program for computing square roots by the Newton iteration method.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123140215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235758
J. Friend
The author reviews the basics of software engineering, applicable safety and quality assurance standards, and how to use these standards. Included is a discussion of structured programming, verification and validation of completed program code, and testing. The software life cycle phases are highlighted with a description of how each commercial and government standard relates to a particular phase. The difference between software safety and quality assurance is a major focus. The US Department of Defense safety standard is described, and the tasks within the standard which relate to software safety are detailed. Specific recommendations for changes in Department of the Navy requirements for the use of software standards are outlined.<>
{"title":"A review of computer controlled systems safety and quality assurance concerns for acquisition managers","authors":"J. Friend","doi":"10.1109/CMPASS.1992.235758","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235758","url":null,"abstract":"The author reviews the basics of software engineering, applicable safety and quality assurance standards, and how to use these standards. Included is a discussion of structured programming, verification and validation of completed program code, and testing. The software life cycle phases are highlighted with a description of how each commercial and government standard relates to a particular phase. The difference between software safety and quality assurance is a major focus. The US Department of Defense safety standard is described, and the tasks within the standard which relate to software safety are detailed. Specific recommendations for changes in Department of the Navy requirements for the use of software standards are outlined.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121443125","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235762
J. Mcdermid, Q. Shi
The authors discuss security issues and consider the extent to which internal relations among entities in a system should be taken into account when carrying out security analysis. They present a concrete and flexible security model expressed in terms of the internal relations in the system, rather than abstract state machines. Based on this model, security analysis can be carried out by decomposing the analysis of the whole system into analyses of subsets of the relations, and the security property of the whole system can be derived by composition of these secure relation subsets.<>
{"title":"A formal approach for security evaluation","authors":"J. Mcdermid, Q. Shi","doi":"10.1109/CMPASS.1992.235762","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235762","url":null,"abstract":"The authors discuss security issues and consider the extent to which internal relations among entities in a system should be taken into account when carrying out security analysis. They present a concrete and flexible security model expressed in terms of the internal relations in the system, rather than abstract state machines. Based on this model, security analysis can be carried out by decomposing the analysis of the whole system into analyses of subsets of the relations, and the security property of the whole system can be derived by composition of these secure relation subsets.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116699049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1992-06-15DOI: 10.1109/CMPASS.1992.235764
C. Marceau, W. Polak
Modular verification of Ada library units enables programmers to write and verify small program units and to compose them with minimal additional effort into larger correct programs. Penelope is a prototype verification environment for Ada that supports separate verification of program units and their composition. The authors have extended Penelope to enable verification of larger Ada programs, consisting of multiple compilation units. They discuss two major issues that arise from the composition of program modules. The first is ensuring that the composition itself is correct, that is, that assumptions made by one module about another indeed hold. The elaboration of Ada packages poses new problems, which are described along with the solution adopted. A novel technique for reducing the amount of annotation required from the user is described. The second issue is maintaining consistency between the various modules without incurring excessive overhead. The way in which a set of modules is kept consistent depends on the structure of the language. The method, called separate verification, is closely modeled on the technique of separate compilation used in Ada. How Ada techniques can be adapted for a verification environment is discussed.<>
{"title":"Modular verification of Ada library units","authors":"C. Marceau, W. Polak","doi":"10.1109/CMPASS.1992.235764","DOIUrl":"https://doi.org/10.1109/CMPASS.1992.235764","url":null,"abstract":"Modular verification of Ada library units enables programmers to write and verify small program units and to compose them with minimal additional effort into larger correct programs. Penelope is a prototype verification environment for Ada that supports separate verification of program units and their composition. The authors have extended Penelope to enable verification of larger Ada programs, consisting of multiple compilation units. They discuss two major issues that arise from the composition of program modules. The first is ensuring that the composition itself is correct, that is, that assumptions made by one module about another indeed hold. The elaboration of Ada packages poses new problems, which are described along with the solution adopted. A novel technique for reducing the amount of annotation required from the user is described. The second issue is maintaining consistency between the various modules without incurring excessive overhead. The way in which a set of modules is kept consistent depends on the structure of the language. The method, called separate verification, is closely modeled on the technique of separate compilation used in Ada. How Ada techniques can be adapted for a verification environment is discussed.<<ETX>>","PeriodicalId":153913,"journal":{"name":"COMPASS `92 Proceedings of the Seventh Annual Conference on Computer Assurance","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1992-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131225831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: