High Assurance Systems Engineering Symposium, 2007. HASE '07. 10th IEEE

14-16 Nov. 2007

Filter Results

Displaying Results 1 - 25 of 78
  • 10th IEEE High Assurance Systems Engineering Symposium - Cover

    Publication Year: 2007, Page(s): c1
    Request permission for reuse | PDF file iconPDF (60 KB)
    Freely Available from IEEE
  • 10th IEEE High Assurance Systems Engineering Symposium - Title page

    Publication Year: 2007, Page(s):i - iii
    Request permission for reuse | PDF file iconPDF (140 KB)
    Freely Available from IEEE
  • 10th IEEE High Assurance Systems Engineering Symposium - Copyright notice

    Publication Year: 2007, Page(s): iv
    Request permission for reuse | PDF file iconPDF (72 KB)
    Freely Available from IEEE
  • 10th IEEE High Assurance Systems Engineering Symposium - TOC

    Publication Year: 2007, Page(s):v - xi
    Request permission for reuse | PDF file iconPDF (240 KB)
    Freely Available from IEEE
  • Message from HASE 2007 General Co-chairs

    Publication Year: 2007, Page(s): xii
    Request permission for reuse | PDF file iconPDF (276 KB) | HTML iconHTML
    Freely Available from IEEE
  • Message from HASE 2007 Program Committee Chairs

    Publication Year: 2007, Page(s): xiii
    Request permission for reuse | PDF file iconPDF (279 KB) | HTML iconHTML
    Freely Available from IEEE
  • Committees

    Publication Year: 2007, Page(s):xiv - xv
    Request permission for reuse | PDF file iconPDF (296 KB)
    Freely Available from IEEE
  • External reviewers

    Publication Year: 2007, Page(s):xvi - xvii
    Request permission for reuse | PDF file iconPDF (282 KB)
    Freely Available from IEEE
  • TRUSTED ILLIAC: A Configurable Hardware Framework for a Trusted Computing Base

    Publication Year: 2007, Page(s): 3
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (443 KB) | HTML iconHTML

    Summary form only given. Trusted ILLIAC is a reliable and secure computing platform being built at the University of Illinois Coordinated Science Laboratory (CSL) and Information Trust Institute (ITI), involving faculty from Electrical and Computer Engineering and Computer Science Departments. The end goal is a large, demonstrably trustworthy enterprise-class computing system to support, what is v... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Goal-Oriented Patterns for UML-Based Modeling of Embedded Systems Requirements

    Publication Year: 2007, Page(s):7 - 14
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (557 KB) | HTML iconHTML

    Embedded systems are used for critical applications that must adhere to safety constraints. Developers of these systems face three key challenges when attempting to apply existing requirements analysis approaches: (1) declaratively specifying functional requirements, non-functional requirements, and constraints; (2) operationally modeling the required behavior; and (3) analyzing the requirements m... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrating Product-Line Fault Tree Analysis into AADL Models

    Publication Year: 2007, Page(s):15 - 22
    Cited by:  Papers (12)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (607 KB) | HTML iconHTML

    Fault tree analysis (FTA) is a safety-analysis technique that has been extended recently to accommodate product-line engineering. This paper describes a tool-supported approach for integrating product-line FTA with the AADL (architecture analysis and design language) models and associated AADL Error Models for a product line. The AADL plug-in we have developed provides some automatic pruning and a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Arguing safety with Problem Oriented Software Engineering

    Publication Year: 2007, Page(s):23 - 32
    Cited by:  Papers (9)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (606 KB) | HTML iconHTML

    Standards demand that assurance cases support safety critical developments. It is widely acknowledged, however, that the current practice of post-hoc assurance-that the product is built and only then argued for safety-leads to many engineering process deficiencies, extra expense, and poorer products. This paper argues how the problem oriented software engineering framework can be used in the concu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • CROWN-C: A High-Assurance Service-Oriented Grid Middleware System

    Publication Year: 2007, Page(s):35 - 44
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1641 KB) | HTML iconHTML

    Service-orientation is a highly useful means of developing flexible, agile, and dependable software systems, and is a paradigm that has been increasingly adopted into grid computing middleware. However, service-orientation brings with it new challenges in the fields of dependability and security that need to be addressed by the high assurance systems community in order to provide sufficient suppor... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Systems Architectures for Transactional Network Interface

    Publication Year: 2007, Page(s):45 - 52
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (547 KB) | HTML iconHTML

    Systems such as software transactional memory and some exception handling techniques use transactions. However, a typical limitation of such systems is that they do not allow system calls within transactions. This is particularly true for system calls that interact with file systems, devices, and the network. This paper describes systems architectures that can be used to extend a transactional sys... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Efficient Experimental Methodology for Configuring Search-Based Design Algorithms

    Publication Year: 2007, Page(s):53 - 62
    Cited by:  Papers (5)  |  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (558 KB) | HTML iconHTML

    Many problems in high assurance systems design are only tractable using computationally expensive search algorithms. For these algorithms to be useful, designers must be provided with guidance as to how to configure the algorithms appropriately. This paper presents an experimental methodology for deriving such guidance that remains efficient when the algorithm requires substantial computing resour... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Typed Compositional Language for Real-Time Systems

    Publication Year: 2007, Page(s):63 - 72
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (627 KB) | HTML iconHTML

    Real-time and embedded systems are becoming increasingly important nowadays and touch a large range of activities. However, due to their tight integration with the physical world, these systems come with a large variety of hardware platforms, making software integration difficultly achievable. To circumvent this problem, new programming abstractions are needed to handle efficiently complexity and ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • One in a baker's dozen: debugging debugging

    Publication Year: 2007, Page(s):75 - 81
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (475 KB) | HTML iconHTML

    In the work of Voas (1993), they outlined 13 major software engineering issues needing further research: (1) what is software quality? (2) what are the economic benefits behind existing software engineering techniques?, (3) does process improvement matter?, (4) can you trust software metrics and measurement?, (5) why are software engineering standards confusing and hard to comply with, (6) are sta... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Delegation-Based Security Model for Web Services

    Publication Year: 2007, Page(s):82 - 91
    Cited by:  Papers (11)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (674 KB) | HTML iconHTML

    Web service is the emerging standard that supports the seamless interoperation between different applications. While the interoperability, flexibility and automated composition are continuously enhanced, security is still the major hurdle. In recent years, lots of studies have been conducted in web service security and various security standards have been proposed. But most of these studies and st... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Model Validation using Automatically Generated Requirements-Based Tests

    Publication Year: 2007, Page(s):95 - 104
    Cited by:  Papers (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (584 KB) | HTML iconHTML

    In current model-based development practice, validation that we are building a correct model is achieved by manually deriving requirements-based test cases for model testing. Model validation performed this way is time consuming and expensive, particularly in the safety critical systems domain where high confidence in the model correctness is required. In an effort to reduce the validation effort,... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Coverage Relationship Model for Test Case Selection and Ranking for Multi-version Software

    Publication Year: 2007, Page(s):105 - 112
    Cited by:  Papers (11)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (755 KB) | HTML iconHTML

    Testing a group of software artifacts that implement the same specification can be time consuming, especially when the test case repository is large. In the meantime, some test cases may cover the same aspects in the software, thus it is not necessary to apply all the test cases. This paper proposes a model-based adaptive test (MAT) case selection and ranking technique to eliminate duplicate test ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Enhanced Traverse of Web Pages

    Publication Year: 2007, Page(s):113 - 122
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (610 KB) | HTML iconHTML

    Correct navigational behavior of a Web application is essential to its reliability. An effective means to improve our confidence in the correct behavior of a Web application is to test it by exploring the possible navigation among the Web pages at client side: The tester carries out the testing by consecutively clicking the hyperlinks along with some possible search parameters and checking whether... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • How can Previous Component Use Contribute to Assessing the Use of COTS?

    Publication Year: 2007, Page(s):123 - 130
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (586 KB) | HTML iconHTML

    The intuitive notion exists in industry and among regulators that successful use of a commercially available software-based component over some years and within different application environments must imply some affirmative statement about the quality of the component and - in terms of a safety-case - that it should provide evidence to support a specific safety claim for usage of the component in ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Placement in Dependable and Secure Peer-to-Peer Data Grids

    Publication Year: 2007, Page(s):133 - 140
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (661 KB) | HTML iconHTML

    In this paper, we consider combining replication and data partitioning schemes to assure data availability, confidentiality, and timely accesses for data grid applications. Data objects are partitioned into shares and shares and dispersed. The shares may be replicated to achieve better performance and availability. We develop models for assessing confidentiality, availability, and communication co... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Vulnerability Discovery in Multi-Version Software Systems

    Publication Year: 2007, Page(s):141 - 148
    Cited by:  Papers (12)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (627 KB) | HTML iconHTML

    The vulnerability discovery process for a program describes the rate at which the security vulnerabilities are discovered. Being able to predict the vulnerability discovery process allows developers to adequately plan for resource allocation needed to develop patches for them. It also enables the users to assess the security risks. Thus there is a need to develop a model of the discovery process t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Testing Security Rules with Decomposable Activities

    Publication Year: 2007, Page(s):149 - 155
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (507 KB) | HTML iconHTML

    Checking that a security policy has been correctly deployed over a network is a key issue for system administrators. Specification and testing of such policies constitute fundamental steps in the development of a secure system. To address both challenges, we propose a framework to describe how modalities such as permissions, prohibitions and obligations -involving decomposable activities- can be i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.