Results

RESAFE 2009 was characterized by several high-quality presentations and papers (see below) from a number of different disciplines and areas of research. Bill Frakes has created a word cloud from the papers/presentations.

Program

27 September 2009

Enhancing Safety in Component-Based Systems [Presentation]
Oliver Hummel and Colin Atkinson, University of Mannheim

Reusing existing components in new applications has always been a “two edged” sword. On the one hand, mature, tried-and-tested components can provide high-quality implementations of significant parts of an application with much reduced effort, but on the other hand, there is a risk that the behaviour of a reused component will not match that expected by the rest of the system, with undesired behaviour emerging as a result. This can affect a system’s ability to meet any of its non-functional requirements, such as reliability, availability etc., but the consequences are most significant in the case of safety. The key to addressing the issue of contract misunderstanding between components and systems is to insist on precisely defined specifications of the contracts that govern their interaction, and precisely documented tests that capture the degree to which components and systems adhere to these contracts. This in turn requires test specification and documentation techniques that are closely tied to contract specifications and that can be applied to interacting components in-situ (i.e. in a deployment scenario). The talk will introduce a novel test description technique and will show how it can be used to capture a component’s specification and thus to assess and improve its suitability in a specific context.

Safety Design for Compositional Reuse
Jorly Metzger, Virginia Tech

We have seen the advantages of reuse negated by safety accidents traceable to software reuse. With the prevalence of software safety standards and sound engineering practices, why are we still seeing these accidents? This presentation discusses the results of an ongoing study that examines the current attitudes and approaches toward safety in software reuse, both in industry and in academia.

Safety, Security, and Software Reuse: A Model-Based Approach [Paper] [Presentation]
John Favaro, Intecs; Olaf Kath, ikv++; Rudolf Schreiner, ObjectSecurity

With the move to distributed, component based systems involving reuse of components and services, emergent, system-wide properties, including safety and security in particular, are becoming increasingly difficult to guarantee. Model based techniques constitute a promising approach to guarantee safety and security in systems built with reusable components. The key elements in this approach are correctness and certifiability by construction, and separation of concerns. A development process compliant to the ISO DIS 26262 standard for automotive safety is presented. A model driven approach to security accreditation of service-oriented architectures is also presented.

Reuse and Safety: Formal Aspects [Presentation]
William B. Frakes, Virginia Tech

At RESAFE-2006 the need for clear formal definitions of terms related to reuse and safety was rated as the second most important of 20 items by the group. In this paper, I examine the problem of reuse and safety by considering their formal definitions. SETL and prolog are used as meta-languages for formalizing reuse and safety concepts.

Supporting Reusable Software Safety Analysis with PLFaultCAT [Presentation]
Josh Dehlinger, Towson University; Robyn R. Lutz, Iowa State University and Jet Propulsion Lab / Caltech

Safety-critical product lines are being developed without a full range of safety analysis techniques and tools to analyze, manage and enable the reuse of safety analysis assets. Product-line software fault tree analysis (PL-SFTA) and its automated tool, PLFaultCAT, provide the technique and tool support for the safety analysis of safety-critical product lines and allow for the identification of new safety requirements and the analysis of safety-critical requirements and requirement interactions. The use of a Software Failure Modes, Effects and Criticality Analysis (SFMECA) supports the derivation of a safety analysis asset using system specifications and allows for the identification of possible hazard scenarios. Using these assets, Bi-Directional Safety Analysis (BDSA) aids in checking the completeness of PL-SFTA and SFMECA, verifies the safety properties and strengthens the safety case when safety compliance to safety standards. This talk will illustrate how PLFaultCAT can support the reuse, automated analysis of a PL-SFTA and the derivation of product-line member fault trees in the context of agent-oriented software engineering. Further, we will present the results of the use of PLFaulCAT in an application to a large, multi-agent system product line (MAS-PL) that indicates this technique, in conjunction with SFMECA and BDSA, is feasible, reusable and efficient.

Mahalanobis-Taguchi Strategy (MTS) for Software Safety [Presentation]
Reghu Anguswamy and William B. Frakes, Virginia Tech

Mahalanobis-Taguchi Strategy (MTS) is a discriminatory analysis strategy for decision making. MTS is widely used as a pattern recognition tool for various applications that deal with data classification. MTS is a combination of the Mahalanobis distance (MD) and the Taguchi method (using Taguchi’s Orthogonal Arrays). MD method is used for constructing a measurement scale while the Taguchi method is used to optimize the system and make it robust by choosing the right number of parameters required for decision making. Most applications based on MTS normally differentiate the normal group from the abnormal group, for example, healthy people from unhealthy ones. MTS methodology can also be further extended for classification within the abnormal group. This is extremely useful where there are multiple failure modes to be detected. In this paper we explore the feasibility of using the MTS as a tool for differentiating safe and unsafe components in software engineering.

An Initial Software Component Quality Framework [Presentation]
Alexandre Alvaro, Reuse in Software Engineering (RiSE);
Eduardo Santana de Almeida, Federal University of Bahia;
Silvio Romero de Lemos Meira, Federal University of Pernambuco

One of the major problems with Component-Based Software Engineering (CBSE) is the quality of the components used in a system. The reliability of a component-based software system depends on the reliability of the components that is made of. In CBSE, the proper search, selection and evaluation process of components is considered the cornerstone for the development of any effective component-based system. So far, the software industry was concentrated on the functional aspects of components, leaving aside the difficult task of assessing their quality. In this way, we propose an initial software component quality framework to evaluate the quality of software components in an efficient way.

Software Reliability, Safety, and Reuse [Presentation]
Mike Tortorella, Assured Networks, LLC; Bill Frakes, Virginia Tech

The nexus of reliability, safety, and reuse for software is complicated by incomplete expression of the connections among these attributes at the primitive level. This workshop session will address an ontology of software reliability, safety, and reuse in an attempt to discover deeper connections. Along the way, we explore the dynamics of software reliability as informed by the control variables – noise variables formulation of Taguchi’s robust design technology. Participants will discuss a software creation chronology, explore places where failure-causing faults may be introduced, consider whether safety may be viewed as another requirement in light of the difference of degree in severity between safety failures and other software failures, explore how software reuse may affect reliability and safety at the most basic level, and determine a sensible path forward. Possible experiments to acquire additional data will be suggested and discussed.

Towards Systematic Software Reuse in Certifiable Safety-Critical Systems [Presentation]
Rikard Land, Mälardalen University; Mikael Åkerholm, CC Systems

Safety-critical systems and subsystems are often developed as a new generation of a previous system, or as a variant of a system already developed and put into operation. However, in our experience, even in such cases, where large parts of the systems are actually reused, organizations implement very much the same heavy processes as for new development. This is partly because during a safety assessment the evidence needed to motivate the desired level of system safety calls for coherent documentation of the complete system development project. We believe the reuse process can be adapted to be more efficient, while still being compatible with safety standards, by adopting a state-of-the-art structured component-based reuse approach incorporating the specific safety activities that the standards mandate. This position paper outlines our planned research, which will consist of two parts: the first part is an interview study of industrial cases, in order to identify good practices to employ and pitfalls to avoid. In the second part we will implement the most promising practices in suitable industrial projects for evaluation.