Assurance in high-integrity software

  • John McDermid
Part of the Software Science and Engineering book series (SSEN)


This book is concerned with the production and assessment of software for high-integrity systems. Many of these systems, for example nuclear reactor and flight control systems, are subject to public enquiries or certification before they can be deployed. In general it is necessary to provide assurance to non-technical personnel of the safety or security of a system containing computers and software, and possibly involving sophisticated human-computer interaction. Thus we require techniques and measures which can be used to achieve and to demonstrate the security, integrity or safety of such systems; the measures must be accessible and convincing to laymen including the systems’ operators.


High Assurance Requirement Analysis Assurance Measure Dependable System Assurance Judgement 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Abdel-Ghaly 1986]
    A. A. Abdel-Ghaly, P. Y. Chan, and B. Littlewood, “Evaluation of Competing Software Reliability Predictions”, Transaction on Software Engineering SE-12(9), IEEE (1986).Google Scholar
  2. [Bell 1976]
    D. E. Bell and L. J. La Padula, “Secure Computer Systems: Unified Exposition and Multics Interpretation”, MTR-2997 Rev. 1, MITRE corporation, Bedford, Massachusetts (1976).Google Scholar
  3. [Bishop 1986]
    P. G. Bishop, D. G. Esp, M. Barnes, P. Humphreys, G. Dahll, and J. Lahti, “PODS—A Project on Diverse Software”, Transactions on Software Engineering SE-12(9), IEEE (1986).Google Scholar
  4. [Boehm 1981]
    B. W. Boehm, Software Engineering Economics, Prentice Hall (1981).Google Scholar
  5. [Bramson 1984]
    B. D. Bramson, “Malvern’s Program Analysers”, RSRE Research Review (1984).Google Scholar
  6. [Brewer 1987]
    D. F. C. Brewer and D. H. Roberts, Proceedings of an Invitational Workshop on Security Prerequisites, DTI Commercial Computer Security Centre (1987).Google Scholar
  7. [Carré 1986]
    B. A. Carré et al, “SPADE: Southampton Program Analysis or Development Environment”, Software Engineering Environments, Peter Peregrinus, Ltd. (1986).Google Scholar
  8. [Checkland 1981]
    P. Checkland, Systems Thinking, Systems Practice, J. Wiley & Sons (1981).Google Scholar
  9. [Clark 1987]
    D. D. Clark and D. R. Wilson, “A Comparison of Commercial and Military Computer Security Policies”, Proceedings of the 1987 Symposium of Security and Privacy, IEEE (1987).Google Scholar
  10. [Dix 1987]
    A. J. Dix, M. D. Harrison, C. Runciman, and H. W. Thimbleby, “Interaction Models and the Principled Design of Interactive Systems”, Proceedings of ESEC’ 87, Springer Verlag (1987).Google Scholar
  11. [DoD 1983]
    DoD, “Trusted Computer System Evaluation Criteria”, CSC-STD-001-83 (1983).Google Scholar
  12. [Goguen 1982]
    J. A. Goguen and J. Meseguer, “Security Policies and Security Models”, Proceedings of the 1982 Symposium of Security and Privacy, IEEE (1982).Google Scholar
  13. [Good 1984]
    D. Good, “Mechanical Proofs about Computer Programs”, Report No. 41, Institute for Computing Science, The University of Texas at Austin (1984).Google Scholar
  14. [Green 1984a]
    T. R. G. Green, S. J. Payne, D. J. Gilmore, and M. Mepham, “Predicting Expert Slips”, Proceedings of Interact’ 84, Elsevier (1984).Google Scholar
  15. [Green 1984b]
    T. R. G. Green and A. J. Cornah, “The Programmer’s Torch”, Proceedings of Interact’ 84, Elsevier (1984).Google Scholar
  16. [Halstead 1977]
    M. Halstead, Elements of Software Science, North Holland/Elsevier (1977).Google Scholar
  17. [Jahanian 1986]
    F. Jahanian and A. K. Mok, “Safety Analysis of Timing Properties in Real-Time Systems”, Transactions on Software Engineering SE-12(9), IEEE (1986).Google Scholar
  18. [Jones 1986]
    C. B. Jones, Systematic Software Development Using VDM, Prentice Hall (1986).Google Scholar
  19. [Kampe 1976]
    M. Kampe, C. Kline, G. Popek, and E. Walton, “The UCLA Data Secure Unix Operating System”, UCLA Technical Report, 9/76 (1976).Google Scholar
  20. [Kemeny 1979]
    J. Kemeny et al. Report of the President’s Commission on the Accident at Three Mile Island, Government Printing Office, Washington D.C. (1979).Google Scholar
  21. [Kitchenham 1986]
    B. A. Kitchenham and J. G. Walker, “The Meaning of Quality”, Software Engineering 86, ed. P. J. Brown and D. J. Barnes, Peter Peregrinus (1986).Google Scholar
  22. [Leveson 1983]
    N. G. Leveson and P. R. Harvey, “Analyzing Software Safety”, Transactions on Software Engineering SE-9(9), IEEE (1983).Google Scholar
  23. [Maibaum 1986]
    T. S. E. Maibaum, S. Khosla, and P. Jeremaes, “A Modal [Action] Logic for Requirements Specification”, Software Engineering 86, ed. P. J. Brown and D. J. Barnes, Peter Peregrinus (1986).Google Scholar
  24. [McCabe 1976]
    T. McCabe, “A Complexity Measure”, Transactions on Software Engineering SE-2(4), IEEE (1976).Google Scholar
  25. [McDermid 1984]
    J. A. McDermid and K. Ripken, Life Cycle Support in the Ada Environment, Cambridge University Press (1984).Google Scholar
  26. [McDermid 1987a]
    J. A. McDermid, “Assurance Metrics for Secure Computer System: Rationale”, C3158.27, Systems Designers (1987).Google Scholar
  27. [McDermid 1987b]
    J. A. McDermid, “Assurance Metrics for Secure Computer Systems”, C3158.15, Systems Designers (1987).Google Scholar
  28. [Monk 1986]
    A. Monk, “Mode errors: a user-centred analysis and some preventative measures using keying contingent sound”, International Journal of Man Machine Studies 24 (1986).Google Scholar
  29. [Mullery 1979]
    G. P. Mullery, “CORE—a Method for Controlled Requirements Specification”, Proceedings of 4th International Conference on Software Engineering, IEEE Computer Society Press (1979).Google Scholar
  30. [Neely 1985]
    R. B. Neely and J. W. Freeman, “Structuring Systems for Formal Verification”, Proceedings of the 1985 Symposium of Security and Privacy, IEEE (1985).Google Scholar
  31. [Norman 1984]
    D. A. Norman, “Four Stages of User Activities”, Proceedings of Interact’ 84, Elsevier (1984).Google Scholar
  32. [Pease 1980]
    M. Pease, R. Shostak, and L. Lamport, “Reaching Agreement in the Presence of Faults”, JACM 27(2) (1980).Google Scholar
  33. [Potts 1986]
    C. J. Potts and A. Finkelstein, “Structured Common Sense”, Software Engineering 86, ed. P. J. Brown and D. J. Barnes, Peter Peregrinus (1986).Google Scholar
  34. [Reason 1979]
    J. Reason, “Actions Not as Planned: The Price of Automatization”, Aspects of Consciousness, ed. G. Underwood and R. Stevens, Academic Press (1979).Google Scholar
  35. [Rouse 1981]
    W. B. Rouse, “Human-Computer Interaction in the Control of Dynamic Systems”, Computing Surveys 13(1), ACM (1981).Google Scholar
  36. [Runciman 1986]
    C. Runciman and N. Hammond, “User Programs: a way to match computer system design and human cognition”, People and Computers: Designing for Usability, ed. M. D. Harrison, A. F. Monk, Cambridge University Press (1986).Google Scholar
  37. [Rushby 1983]
    J. M. Rushby and B. Randell, “A Distributed Secure System”, Computer, IEEE (1983).Google Scholar
  38. [Scott 1984]
    R. K. Scott, J. W. Gault, D. F. McAllister, and J. Wiggs, “Experimental Validation of Six Fault-Tolerant Software Reliability Models”, Proceedings of FTCS-14, IEEE (1984).Google Scholar
  39. [Sennett 1987]
    C. T. Sennett, “The Development Environment for Secure Software”, Report No. 87015, RSRE (1987).Google Scholar
  40. [Sheil 1981]
    B. A. Sheil, “The Psychological Study of Programming”, Computing Surveys 13(1), ACM (1981).Google Scholar
  41. [Shooman 1983]
    M. L. Shooman, Software Engineering, McGraw Hill (1983).Google Scholar
  42. [Walston 1977]
    C. E. Walston and C. P. Felix, “A Method of Programming Measurement and Estimation”, Systems Journal, Vol. 16 No. 1, IBM (1977).Google Scholar
  43. [Woodward 1980]
    M. R. Woodward, D. Hedley, and M. R. Hennell, “Experience with path analysis and testing of programs”, Transactions on Software Engineering, IEEE (1980).Google Scholar

Copyright information

© Crown Copyright and Pitman Publishing 1989

Authors and Affiliations

  • John McDermid
    • 1
  1. 1.University of YorkUK

Personalised recommendations