Abstract
High-assurance software is often used in safety- and mission-critical systems where loss of functionality can lead to loss of life or property. Naturally, such systems need to be certified before use and several technologies have been developed to support such efforts. The techniques build structured assurance arguments to justify the safety and performance of the system. Most frequently, software is certified as part of a larger system where that larger system changes rather infrequently. However, this contradicts the current practice of rapid software evolution, where the need for new functionality is addressed by a software upgrade. As a consequence, assurance arguments often lag behind, leading to delays in implementing new capabilities. Hence, there is a clear need for the rapid re-analysis and re-evaluation of the assurance arguments. This paper argues that assurance arguments are a special kind of software documentation that need to be tightly integrated with the implementation, and their construction and managed evolution are critical to the safety and performance of software-integrated systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
We use the term ‘high-assurance’ instead of the more conventional ‘safety-critical’ to emphasize that these systems are required to be certified by some independent authority before operational use.
References
Assurance-based learning-enabled CPS. https://assured-autonomy.isis.vanderbilt.edu/. Accessed 30 May 2022
Microsoft Visual Studio Code. https://code.visualstudio.com/. Accessed 30 May 2022
Agile Alliance: Agile practices. https://www.agilealliance.org/agile101/subway-map-to-agile-practices/. Accessed 30 May 2022
Astels, D.: Test Driven Development: A Practical Guide. Prentice Hall Professional Technical Reference (2003)
Beck, K., et al.: Manifesto for agile software development (2001)
Boßelmann, S., Neubauer, J., Naujokat, S., Steffen, B.: Model-driven design of secure high assurance systems: an introduction to the open platform from the user perspective. In: The 2016 International Conference on Security and Management (SAM 2016). Special Track “End-to-End Security and Cybersecurity: From the Hardware to Application, pp. 145–151 (2016)
Cârlan, C., Nigam, V., Voss, S., Tsalidis, A.: Explicitcase: tool-support for creating and maintaining assurance arguments integrated with system models. In: 2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), pp. 330–337. IEEE (2019)
Cassano, V., Maibaum, T.S.E., Grigorova, S.: Towards making safety case arguments explicit, precise, and well founded. In: Ait-Ameur, Y., Nakajima, S., Méry, D. (eds.) Implicit and Explicit Semantics Integration in Proof-Based Developments of Discrete Systems, pp. 227–258. Springer, Singapore (2021). https://doi.org/10.1007/978-981-15-5054-6_11
Colgren, R.: Basic MATLAB®, Simulink®, and Stateflow®. American Institute of Aeronautics and Astronautics (2006)
Committee on National Security Systems Glossary Working Group and Others: National Information Assurance Glossary (2010)
Cruanes, S., Hamon, G., Owre, S., Shankar, N.: Tool integration with the evidential tool bus. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 275–294. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35873-9_18
Group, A.C.W., et al.: Goal structuring notation community standard version 2, January 2018 (2018). http://www.goalstructuringnotation.info
Groza, A., Letia, I.A., Goron, A., Zaporojan, S.: A formal approach for identifying assurance deficits in unmanned aerial vehicle software. In: Selvaraj, H., Zydek, D., Chmaj, G. (eds.) Progress in Systems Engineering. AISC, vol. 366, pp. 233–239. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-08422-0_35
Habli, I., Kelly, T.: Balancing the formal and informal in safety case arguments. In: VeriSure: Verification and Assurance Workshop, Co-located with Computer-Aided Verification (CAV) (2014)
Hartsell, C., et al.: Model-based design for CPS with learning-enabled components. In: Proceedings of the Workshop on Design Automation for CPS and IoT, DESTION@CPSIoTWeek 2019, Montreal, QC, Canada, pp. 1–9, April 2019. https://doi.org/10.1145/3313151.3313166
Johnson, L.A.: Do-178b. Software Considerations in Airborne Systems and Equipment Certification, Crosstalk Magazine (1998)
Kelly, T., Weaver, R.: The goal structuring notation - a safety argument notation. In: Proceedings of Dependable Systems and Networks 2004 Workshop on Assurance Cases (2004)
Kramer, D.: API documentation from source code comments: a case study of Javadoc. In: Proceedings of the 17th Annual International Conference on Computer Documentation, pp. 147–153 (1999)
Maróti, M., et al.: Next generation (meta) modeling: web-and cloud-based collaborative tool infrastructure. In: MPM@ MoDELS 1237, pp. 41–60 (2014)
Moore, S., Bohm, H., Jensen, V., Johnston, N.: Underwater robotics. Science, Design and Fabrication. Marine Advanced Technology Education Center (MATE), Monterrey CA, USA (2010)
Safety-Critical Systems Club: Goal Structuring Notation (GSN) standard, Version 2. http://scsc.uk/gsn. Accessed 30 May 2022. Standard licensed under the Creative Commons Attribution 4.0 International License
Stojcsics, D., Boursinos, D., Mahadevan, N., Koutsoukos, X., Karsai, G.: Fault-adaptive autonomy in systems with learning-enabled components. Sensors 21(18), 6089 (2021)
Tran, H.-D., et al.: NNV: the neural network verification tool for deep neural networks and learning-enabled cyber-physical systems. In: Lahiri, S.K., Wang, C. (eds.) CAV 2020. LNCS, vol. 12224, pp. 3–17. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-53288-8_1
Van Heesch, D.: Doxygen: source code documentation generator tool (2008). http://www.doxygen.org
Willners, J.S., et al.: From market-ready ROVs to low-cost AUVs. In: OCEANS 2021: San Diego-Porto, pp. 1–7. IEEE (2021)
Zampetti, F., Geremia, S., Bavota, G., Di Penta, M.: CI/CD pipelines evolution and restructuring: a qualitative and quantitative study. In: 2021 IEEE International Conference on Software Maintenance and Evolution (ICSME), pp. 471–482. IEEE (2021)
Acknowledgments
The work was supported by the Defense Advance Research Projects Agency (DARPA), under its Assured Autonomy program, and the Air Force Research Laboratory (AFRL). Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of DARPA or AFRL.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Karsai, G., Balasubramanian, D. (2022). Assurance Provenance: The Next Challenge in Software Documentation. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Software Engineering. ISoLA 2022. Lecture Notes in Computer Science, vol 13702. Springer, Cham. https://doi.org/10.1007/978-3-031-19756-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-19756-7_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-19755-0
Online ISBN: 978-3-031-19756-7
eBook Packages: Computer ScienceComputer Science (R0)