Software Certification: Methods and Tools

Motivation

Software certification, also known as, "licensing", "device approval", etc., has historically been based upon indirect evidence of software quality, namely the process used to produce the software. Academics, regulators, and industry are increasingly viewing process oriented certification as inadequate in light of well documented software intensive system failures. This seminar will examine the current state of the art in methods and tools that can be used in product-focused certification of software intensive systems, working to identify gaps in the current methods and supporting tool infrastructure that need to be filled to facilitate cost effective certification of software intensive systems based upon direct evidence. An important theme will be how tools to produce product focused evidence for certification can be integrated into the forward development process in a way that improves developer productivity rather than becoming an additional burden.

The seminar will address the relationship between how software is developed and, how we collect and use evidence about software to certify it is "fit for use". This includes the pros and cons of the recent trend towards the use of assurance-cases in regulatory regimes. The relationship between assurance-cases and software standards will be a major focus of the seminar. A defining factor in the degree of dependability that can be achieved is the complexity of the system. In order to facilitate software certification we will investigate ways in which we system complexity, including human computer interfaces.

The seminar organizers hope to achieve the following goals:

• Identification and development of industry relevant challenge problems for certification researchers
• Identification of key issues for regulators evaluating software intensive systems
• Determine methods to remove uncertainty currently experienced by industry in the typical certification process
• Determine promising academic research on methods, metrics and processes for certification of critical software, including analytic tools, and human computer interfaces.
• Provide a comparison on the basis of a common case study on the methods and tools ready for industrial use in the certification process.
• Investigate product-focused certification processes and the role of tools