By Topic

Computer Assurance, 1991. COMPASS '91, Systems Integrity, Software Safety and Process Security. Proceedings of the Sixth Annual Conference on

24-27 June 1991

Filter Results

Displaying Results 1 - 23 of 23
  • COMPASS '91. Proceedings of the Sixth Annual Conference on Computer Assurance: Systems Integrity, Software Safety and Process Security (Cat. No.91CH3033-8)

    Publication Year: 1991
    Request permission for commercial reuse | PDF file iconPDF (136 KB)
    Freely Available from IEEE
  • Quality and security, they work together

    Publication Year: 1991, Page(s):165 - 171
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (500 KB)

    The authors describe the importance of considering computer security as part of software quality assurance practice. Many issues are raised which point to the need ultimately for integration of quality assurance and computer security disciplines. To address some of the issues raised, the NASA Automated Information Security (AIS) program is presented as a model which may be used for improving inter... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • NASA Langley's research program in formal methods

    Publication Year: 1991, Page(s):157 - 162
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (472 KB)

    An overview of NASA Langley's research program in formal methods is presented. Although the program is concerned with the application of formal methods to a wide range of aerospace designs, the focus of the work is on the design and verification of a fault-tolerant computing platform suitable for advanced flight control applications. The research team consists of NASA civil servants and contractor... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Interrelationships of problematic components of safety related automated information systems

    Publication Year: 1991, Page(s):53 - 62
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (220 KB)

    The author focuses on safety-related automated information systems and describes the interrelationships among system components. How safety-related information system failures can often be caused by problems in more than one system component and how, in other cases, problems in one system component can create problems in others are discussed. The author describes the interrelated problems causing ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Developing implementations of Estelle specifications using the PEDS toolkit

    Publication Year: 1991, Page(s):141 - 147
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (508 KB)

    Estelle is used to formally specify communication protocols and distributed systems with the intent of removing ambiguities. The author describes the PEDS toolkit, based on the NBS prototype Estelle compiler, which automatically creates distributed implementations from Estelle specifications. He describes a mapping of Estelle semantics to BSD Unix system primitives and a development environment fo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Certification of production-representative/production software-intensive systems for dedicated test and evaluation

    Publication Year: 1991, Page(s):47 - 52
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (560 KB)

    Fundamental issues in the certification of readiness for dedicated test and evaluation of software-intensive systems are discussed. The issues are: what is production-representative or production software, what are the effects of the software on dedicated system operational test readiness, how should software effects be considered in the certification process and what are the retest/recertificatio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Specifying and verifying real-time systems using time Petri nets and real-time temporal logic

    Publication Year: 1991, Page(s):135 - 140
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (448 KB)

    A method of integrating time predicate transition nets (a class of high-level Petri nets) and real-time first-order temporal logic is developed for specifying and verifying real-time systems. The integration of time predicate transition nets with real-time temporal logic is based on previous work (X. He and J.A.N. Lee, 1990) with the extension of time features so that not only concurrent systems b... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Training, career development and registration for safety critical software systems specialists

    Publication Year: 1991, Page(s):29 - 35
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (476 KB)

    The focus is on a career development program for information systems practitioners currently being used widely by employers in the UK and now becoming available in North America. The performance standards underpinning the program (the British Computer Society Industry Structure Model) have been thoroughly updated and include material specific to the development, maintenance and management of softw... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Continuing education and certification for improved computer assurance

    Publication Year: 1991, Page(s):41 - 43
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (300 KB)

    The issues discussed are: should continuing education be required for safety critical systems designers and programmers, do current course offerings satisfy the needs for continuing education of safety critical systems designers and programmers, should certification be required for safety critical systems software designers and programmers, should certification be required for the safety critical ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Design strategy for a formally verified reliable computing platform

    Publication Year: 1991, Page(s):125 - 133
    Cited by:  Papers (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (740 KB)

    A high-level design is given for a reliable computing platform for real-time control applications. The design tradeoffs and analysis related to the development of a formally verified reliable computing platform are discussed. The design strategy advocated requires the use of techniques that can be completely characterized mathematically as opposed to more powerful or more flexible algorithms whose... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using correctness results to verify behavioral properties of microprocessors

    Publication Year: 1991, Page(s):99 - 106
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (532 KB)

    An alternative method is given for verifying behavioral properties of computer systems using a correctness result. It is shown that the correctness result can be useful in establishing these properties by proving two important properties for a microprocessor called AVM-1. The author briefly describes the general techniques used in verifying a microprocessor. An informal description of architecture... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Some results from DRIVE

    Publication Year: 1991, Page(s):17 - 26
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (724 KB)

    Interim results that have come from the work of the V1051 project Procedure for Safety Submissions for Road Transport Informatics in the DRIVE research and development program are discussed. The DRIVE program involves the application of information technology to problems of improving road safety, decreasing road congestion and decreasing environmental pollution caused by road transport. Programmab... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • High assurance computing software technology requirements

    Publication Year: 1991, Page(s):87 - 88
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (236 KB)

    An overview of the technology needed to support the development of high-assurance software is given. The discussion is based on extending methods and tools that have been used successfully to construct systems which enforce a confidentiality property. Experience has shown that the use of formal methods, highly structured designs and rigorous testing in combination can result in systems that can en... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Data collection and descriptive analysis: a first step for developing quality software

    Publication Year: 1991, Page(s):173 - 179
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (536 KB)

    Software measurement activities can be partitioned into the descriptive, decision support and method effectiveness assessment phases, which parallel the defined, managed, and optimized levels of the US Department of Defense Software Engineering Institute's (SEI's) software maturity framework. The authors describe the descriptive phase of software measurement and give an example of the measurement ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A case-study of security policy for manual and automated systems

    Publication Year: 1991, Page(s):63 - 68
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (444 KB)

    It is argued that predisposed assumptions in security policy models can leave holes in the security aspects of the information systems that are based on them. In particular, information systems based only on the Bell-LaPadula model (D.E. Bell and L.J. LaPadula, 1976) pose potential problems by allowing new threats to be built in them because the policies are incomplete. A comparison of manual and ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The computer-related risk of the year: weak links and correlated events

    Publication Year: 1991, Page(s):5 - 8
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (380 KB)

    There has been much innovative work in designing computer and communication systems that can dependably attain certain stringent requirements such as multilevel security, very high availability, or functional correctness. However, significant risks may remain if such a system fails to operate as expected. A variety of causes must be considered. A confluence of unrelated or seemingly unrelated even... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Trends that must be addressed in quality assurance education

    Publication Year: 1991, Page(s):37 - 40
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (300 KB)

    The study presented is based primarily on authoring and serving as one of a group of fifteen instructors for a course in software quality assurance and testing. The author starts by describing the basic nature and critical needs of a typical group of students; next, she identifies the student objectives that are being met. A separate section delineates student desires that cannot be met. In additi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Estella; a facility for specifying behavioral constraint assertions in real-time rule-based systems

    Publication Year: 1991, Page(s):107 - 123
    Cited by:  Papers (11)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (848 KB)

    The authors have developed a powerful and efficient analysis methodology for a large class of rule-based EQL programs to determine whether a program in this class has bounded response time. In particular, the authors identified several sets of general behavioral constraint assertions: an EQL program which satisfies all constraints in one of these sets of assertions is guaranteed to have bounded re... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Report on the formal specification and partial verification of the VIPER microprocessor

    Publication Year: 1991, Page(s):91 - 98
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (816 KB)

    VIPER (verifiable integrated processor for enhanced reliability) is a 32-b microprocessor architecture. The claim that the gate level of the VIPER microprocessor is mathematically verified is examined. Although a great deal of effort has been expended on the formal specification and verification of VIPER, there is not sufficient evidence to substantiate the claim that the VIPER gate-level specific... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fault locator and weighting system

    Publication Year: 1991, Page(s):181 - 189
    Cited by:  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (824 KB)

    Detailed software analysis requires a manageable and exhaustive problem solving technique. An approach, the fault locator and weighting system (FLAWS), is described. FLAWS is coupled with a software tool, the data structure analysis system (DSAS), to facilitate techniques for detailed software analysis. DSAS reads the target system code from source files and builds an exhaustive database of the ta... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Safety criteria and model for mission-critical embedded software systems

    Publication Year: 1991, Page(s):69 - 73
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (420 KB)

    A set of safety criteria for mission-critical embedded process control software systems is suggested, and a preliminary mathematical model of a safe system based on the criteria is described. The criteria are properties that, when possessed by an embedded process control software system, will support a safety requirement. The mathematical model uses a finite state machine representation to formali... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Computer software in civil aircraft

    Publication Year: 1991, Page(s):10 - 16
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (616 KB)

    The topics discussed are: risk management; technological change and risk reduction; environmental software and application areas; aviation system design for safety; airborne software design; the contribution of software to risk reduction; software requirements; system safety analysis; software standards; the level of software to be used; critical system software and an example demonstrating use; d... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A case study on isolation of safety-critical software

    Publication Year: 1991, Page(s):75 - 83
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (760 KB)

    In the case study presented, a series of problems affecting safety that were identified in a large, real-time control system that contained both safety-critical and non-safety-critical functions were examined. The study identified those errors whose safety impact was caused, at least in part, by problems in parts of the software that had been determined not to be safety-critical. Methods to isolat... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.