Pub Date : 1988-06-27DOI: 10.1109/CMPASS.1988.9631
P. Neumann
The defensive technology required to combat the threats represented by computer attacks, especially upon computer-based systems intended to meet such requirements as human safety, reliability, guaranteed availability, and real-time responsiveness, is discussed. Three fundamental gaps between what computer security actually enforces and the way computer systems are used are identified and discussed: technological (computer mechanism versus computer policy), sociotechnological (computer policy) versus social policy, and sociological (social policy versus antisocial behavior). The potential for computer attacks is discussed, along with ways to defend against computer system misuses.<>
{"title":"The computer-related risk of the year: computer abuse","authors":"P. Neumann","doi":"10.1109/CMPASS.1988.9631","DOIUrl":"https://doi.org/10.1109/CMPASS.1988.9631","url":null,"abstract":"The defensive technology required to combat the threats represented by computer attacks, especially upon computer-based systems intended to meet such requirements as human safety, reliability, guaranteed availability, and real-time responsiveness, is discussed. Three fundamental gaps between what computer security actually enforces and the way computer systems are used are identified and discussed: technological (computer mechanism versus computer policy), sociotechnological (computer policy) versus social policy, and sociological (social policy versus antisocial behavior). The potential for computer attacks is discussed, along with ways to defend against computer system misuses.<<ETX>>","PeriodicalId":224212,"journal":{"name":"Computer Assurance, 1988. COMPASS '88","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134022926","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1988-06-27DOI: 10.1109/CMPASS.1988.9645
J. Dobbins
An approach to life-cycle management of software safety, continuing into the operational phases, is discussed. It is based on defect prevention, early-defect detection and removal, and critical-path analysis, with continuous measurement, analysis and evaluation taking place throughout the life cycle. This approach also takes into account the possibility that those responsible for software safety might not have strong software-analysis backgrounds nor the time to perform all of the software safety-related activities themselves.<>
{"title":"Software safety management","authors":"J. Dobbins","doi":"10.1109/CMPASS.1988.9645","DOIUrl":"https://doi.org/10.1109/CMPASS.1988.9645","url":null,"abstract":"An approach to life-cycle management of software safety, continuing into the operational phases, is discussed. It is based on defect prevention, early-defect detection and removal, and critical-path analysis, with continuous measurement, analysis and evaluation taking place throughout the life cycle. This approach also takes into account the possibility that those responsible for software safety might not have strong software-analysis backgrounds nor the time to perform all of the software safety-related activities themselves.<<ETX>>","PeriodicalId":224212,"journal":{"name":"Computer Assurance, 1988. COMPASS '88","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124551909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1988-06-27DOI: 10.1109/CMPASS.1988.9637
J. McLean, C. Meadows
A system that supports experimentation by specification writers with the consequences of their specifications, by automatically translating trace specifications into Prolog programs, is described. An introduction to trace specifications and Prolog is provided. An implementation-free semantics for a subset of Prolog that allows characterization of the class of specifications that can be mechanically translated into complete programs is developed. A grammar for a subset of translatable specifications is also described.<>
{"title":"The reliable specification of software","authors":"J. McLean, C. Meadows","doi":"10.1109/CMPASS.1988.9637","DOIUrl":"https://doi.org/10.1109/CMPASS.1988.9637","url":null,"abstract":"A system that supports experimentation by specification writers with the consequences of their specifications, by automatically translating trace specifications into Prolog programs, is described. An introduction to trace specifications and Prolog is provided. An implementation-free semantics for a subset of Prolog that allows characterization of the class of specifications that can be mechanically translated into complete programs is developed. A grammar for a subset of translatable specifications is also described.<<ETX>>","PeriodicalId":224212,"journal":{"name":"Computer Assurance, 1988. COMPASS '88","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121595459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1988-06-27DOI: 10.1109/CMPASS.1988.9648
D. Santel, C. Trautmann, W. Liu
The increasing application of software-based systems to safety-critical processes has necessitated the integration of safety into the software-development process. An example from the cardiac pacemaker industry of this safety-oriented software design methodology is provided. Safety considerations begin on product description with the hazard analysis, whereby potential hazards are classified according to their criticality and qualitative probability of occurrence. The completed hazard analysis determines the software safety requirements, which specify what the system will not do. A system hazard cross-check matrix is defined that serves to direct the design team to those areas requiring more scrutiny. Finally, traceability matrices provide a verifiable link from safety requirements through design to the actual code. This methodology should serve to minimize hazards in the final software product.<>
{"title":"Formal safety analysis and the software engineering process in the pacemaker industry","authors":"D. Santel, C. Trautmann, W. Liu","doi":"10.1109/CMPASS.1988.9648","DOIUrl":"https://doi.org/10.1109/CMPASS.1988.9648","url":null,"abstract":"The increasing application of software-based systems to safety-critical processes has necessitated the integration of safety into the software-development process. An example from the cardiac pacemaker industry of this safety-oriented software design methodology is provided. Safety considerations begin on product description with the hazard analysis, whereby potential hazards are classified according to their criticality and qualitative probability of occurrence. The completed hazard analysis determines the software safety requirements, which specify what the system will not do. A system hazard cross-check matrix is defined that serves to direct the design team to those areas requiring more scrutiny. Finally, traceability matrices provide a verifiable link from safety requirements through design to the actual code. This methodology should serve to minimize hazards in the final software product.<<ETX>>","PeriodicalId":224212,"journal":{"name":"Computer Assurance, 1988. COMPASS '88","volume":"43 2-3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114011000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1988-03-01DOI: 10.1109/CMPASS.1988.9642
D. Janson, Luqi
Computer-aided prototyping assists the software designer during the design and specification stages for hard real-time or embedded systems. Automated prototyping of these systems benefits from an execution support system (ESS) which validates software design before development of production software. Pioneering efforts to implement the static schedule are described, using worst-case timing information, i.e. guaranteeing that all critical timing constraints are met at run time. The tools and algorithms required, at a minimum, to implement the static scheduler and to integrate it within the ESS, are outlined.<>
{"title":"A static scheduler for the computer aided prototyping system","authors":"D. Janson, Luqi","doi":"10.1109/CMPASS.1988.9642","DOIUrl":"https://doi.org/10.1109/CMPASS.1988.9642","url":null,"abstract":"Computer-aided prototyping assists the software designer during the design and specification stages for hard real-time or embedded systems. Automated prototyping of these systems benefits from an execution support system (ESS) which validates software design before development of production software. Pioneering efforts to implement the static schedule are described, using worst-case timing information, i.e. guaranteeing that all critical timing constraints are met at run time. The tools and algorithms required, at a minimum, to implement the static scheduler and to integrate it within the ESS, are outlined.<<ETX>>","PeriodicalId":224212,"journal":{"name":"Computer Assurance, 1988. COMPASS '88","volume":"243 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1988-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133670582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: