National Academies Press: OpenBook
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

Summary of a Workshop on Software Certification and Dependability

Committee on Certifiably Dependable Software Systems

Computer Science and Telecommunications Board

Division on Engineering and Physical Sciences

NATIONAL RESEARCH COUNCIL OF THE NATIONAL ACADEMIES

THE NATIONAL ACADEMIES PRESS
Washington, D.C.
www.nap.edu

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

THE NATIONAL ACADEMIES PRESS
500 Fifth Street, N.W. Washington, DC 20001

NOTICE: The project that is the subject of this report was approved by the Governing Board of the National Research Council, whose members are drawn from the councils of the National Academy of Sciences, the National Academy of Engineering, and the Institute of Medicine. The members of the committee responsible for the report were chosen for their special competences and with regard for appropriate balance.

Support for this project was provided by the National Science Foundation, the National Security Agency, and the Office of Naval Research. Any opinions, findings, conclusions, or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsor.

International Standard Book Number 0-309-09429-1 (Book)

International Standard Book Number 0-309-54619-2 (PDF)

Cover designed by Jennifer M. Bishop.

Additional copies of this report are available from: The
National Academies Press
500 Fifth Street, N.W., Lockbox 285 Washington, DC 20055 800/624-6242 202/334-3313 (in the Washington metropolitan area) http://www.nap.edu

Copyright 2004 by the National Academy of Sciences. All rights reserved.

Printed in the United States of America

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

THE NATIONAL ACADEMIES

Advisers to the Nation on Science, Engineering, and Medicine

The National Academy of Sciences is a private, nonprofit, self-perpetuating society of distinguished scholars engaged in scientific and engineering research, dedicated to the furtherance of science and technology and to their use for the general welfare. Upon the authority of the charter granted to it by the Congress in 1863, the Academy has a mandate that requires it to advise the federal government on scientific and technical matters. Dr. Bruce M. Alberts is president of the National Academy of Sciences.

The National Academy of Engineering was established in 1964, under the charter of the National Academy of Sciences, as a parallel organization of outstanding engineers. It is autonomous in its administration and in the selection of its members, sharing with the National Academy of Sciences the responsibility for advising the federal government. The National Academy of Engineering also sponsors engineering programs aimed at meeting national needs, encourages education and research, and recognizes the superior achievements of engineers. Dr. Wm. A. Wulf is president of the National Academy of Engineering.

The Institute of Medicine was established in 1970 by the National Academy of Sciences to secure the services of eminent members of appropriate professions in the examination of policy matters pertaining to the health of the public. The Institute acts under the responsibility given to the National Academy of Sciences by its congressional charter to be an adviser to the federal government and, upon its own initiative, to identify issues of medical care, research, and education. Dr. Harvey V. Fineberg is president of the Institute of Medicine.

The National Research Council was organized by the National Academy of Sciences in 1916 to associate the broad community of science and technology with the Academy’s purposes of furthering knowledge and advising the federal government. Functioning in accordance with general policies determined by the Academy, the Council has become the principal operating agency of both the National Academy of Sciences and the National Academy of Engineering in providing services to the government, the public, and the scientific and engineering communities. The Council is administered jointly by both Academies and the Institute of Medicine. Dr. Bruce M. Alberts and Dr. Wm. A. Wulf are chair and vice chair, respectively, of the National Research Council.

www.national-academies.org

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

COMMITTEE ON CERTIFIABLY DEPENDABLE SOFTWARE SYSTEMS

DANIEL JACKSON,

Massachusetts Institute of Technology,

Chair

JOSHUA BLOCH,

Google, Inc.

MICHAEL DEWALT,

Certification Services, Inc.

REED GARDNER,

University of Utah

PETER LEE,

Carnegie Mellon University

STEVEN B. LIPNER,

Microsoft Corporation

CHARLES PERROW,

Yale University

JON PINCUS,

Microsoft Research

JOHN RUSHBY,

SRI International

LUI SHA,

University of Illinois at Urbana-Champaign

MARTYN THOMAS,

Engineering and Physical Sciences Research Council

SCOTT WALLSTEN,

AEI/Brookings Joint Center and American Enterprise Institute

DAVID WOODS,

Ohio State University

Staff

LYNETTE I. MILLETT, Study Director and Program Officer

PHIL HILLIARD, Research Associate (through May 2004)

PENELOPE SMITH, Senior Program Assistant (February 2004 through July 2004)

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD

DAVID LIDDLE,

U.S. Venture Partners,

Co-Chair

JEANNETTE M. WING,

Carnegie Mellon University,

Co-Chair

ERIC BENHAMOU

Global Ventures, LLC

DAVID D. CLARK,

Massachusetts Institute of Technology,

CSTB Member Emeritus

WILLIAM DALLY,

Stanford University

MARK E. DEAN,

IBM Systems Group

DEBORAH ESTRIN,

University of California, Los Angeles

JOAN FEIGENBAUM,

Yale University

HECTOR GARCIA-MOLINA,

Stanford University

KEVIN KAHN,

Intel Corporation

JAMES KAJIYA,

Microsoft Corporation

MICHAEL KATZ,

University of California, Berkeley

RANDY H. KATZ,

University of California, Berkeley

WENDY A. KELLOGG,

IBM T.J. Watson Research Center

SARA KIESLER,

Carnegie Mellon University

BUTLER W. LAMPSON,

Microsoft Corporation,

CSTB Member Emeritus

TERESA H. MENG,

Stanford University

TOM M. MITCHELL,

Carnegie Mellon University

DANIEL PIKE,

GCI Cable and Entertainment

ERIC SCHMIDT,

Google Inc.

FRED B. SCHNEIDER,

Cornell University

WILLIAM STEAD,

Vanderbilt University

ANDREW J. VITERBI,

Viterbi Group, LLC

CHARLES N. BROWNSTEIN, Director

KRISTEN BATCH, Research Associate

JENNIFER M. BISHOP, Program Associate

JANET BRISCOE, Manager, Program Operations

JON EISENBERG, Senior Program Officer

RENEE HAWKINS, Financial Associate

MARGARET MARSH HUYNH, Senior Program Assistant

HERBERT S. LIN, Senior Scientist

LYNETTE I. MILLETT, Program Officer

JANICE SABUDA, Senior Program Assistant

BRANDYE WILLIAMS, Staff Assistant

For more information on CSTB, see its Web site at <http://www.cstb.org>, write to CSTB, National Research Council, 500 Fifth Street, N.W., Washington, DC 20001, call (202) 334-2605, or e-mail the CSTB at cstb@nas.edu.

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

This page intentionally left blank.

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

Preface

Systems on which the safety or security of individuals may depend are frequently subject to certification: a formal assurance that the system has met relevant technical standards, designed to give confidence that it has some specific properties—for example, that it will not unduly endanger the public. Today, certification of the dependability of a software-based system frequently relies at least as heavily on assessments of the process used to develop it as it does on the system's observable properties. While these assessments can be useful, few would dispute that direct evaluation of the artifact ought to provide a stronger kind of assurance than the credentials of its production methods could hope to provide. Yet the complexity of software systems, as well as their discrete nature, makes them extremely difficult to analyze unless great care has been taken with their structure and maintenance.

To further understand these and related issues, the High Confidence Software and Systems Program at the National Coordination Office for Information Technology Research and Development initiated discussions with the Computer Science and Telecommunications Board (CSTB) of the National Research Council (NRC). These discussions resulted in agreement to undertake a study to assess the current state of certification in dependable systems, with the goal of recommending areas for improvement. Initial funding for the project was obtained from the National Science Foundation, the National Security Agency, and the Office of Naval Research. The Committee on Certifiably Dependable Software Systems was appointed to conduct the study.

The task of the committee is to identify the kinds of system properties for which certification is desired, describe how that certification is obtained today, and, most important, determine what design and development methods, as well as methods for establishing evidence of trustworthiness, could lead to systems structures that are more easily certified.

To accomplish its mission, the committee divided this study into two phases: a framing phase and an assessment phase. This report is the outcome of the first phase, the framing phase, which included a public workshop organized by the committee and attended by members of industry, government, and academia. Held on April 19-20, 2004, the workshop featured a variety of participants invited to present their views on issues surrounding certification and dependability (see Appendix A for the workshop agenda). Six panels were organized, and each panelist gave a short presentation that addressed the theme of the panel. The workshop panelists are listed in Appendix B. Each panel session was followed by an extensive discussion involving all of the workshop participants and moderated by one or two committee members. The committee met three times: once to plan the workshop, then to hold the workshop, and, last, to distill information from the workshop and develop the report. This report is the committee’s summary of the panelists’ presentations and the discussions that followed.

Page viii Cite
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

Although the summary is based on presentations and discussion at the workshop, the participants’ comments do not necessarily reflect the views of the committee, nor does the summary present findings or recommendations of the National Research Council. In fact, the committee took care in writing this report simply to summarize the discussions, and to avoid any bias or appearance of bias in favor of one opinion or another. Because it did not seem sensible to attempt a distillation across panels, the committee tried to record something of the spirit of each individual panel session. Nor is this report intended to be complete; topics that were not discussed at the workshop are not mentioned, however important they might be.

In the second phase of the study, the committee will analyze the information gathered in the workshop and summarized here, along with information and input it gathers from other experts and related studies. This assessment phase will deliver a final report (planned for release in 2005) with findings and recommendations from the committee.

The Committee on Certifiably Dependable Software Systems consists of 13 members from industry and academia who are experts in different aspects of systems dependability, including software engineering, software testing and evaluation, software dependability, embedded systems, human-computer interaction, systems engineering, systems architecture, accident theory, standards setting, key applications domains, economics, and regulatory policy (see Appendix C for committee and staff biographies).

The committee thanks the many individuals who contributed to its work. It appreciates the panelists’ willingness to address the questions posed to them and is grateful for their insights. The study’s sponsors at the National Science Foundation, the National Security Agency and the Office of Naval Research have been most supportive and responsive in helping the committee to do its work. The reviewers of the draft report provided insightful and constructive comments that contributed significantly to its clarity.

The committee is particularly grateful to the CSTB staff: Lynette Millett, program officer, who as the study director for this project has provided excellent advice and assistance throughout; Phil Hilliard, research associate, whose work in note-taking and summarizing discussions, and in obtaining and organizing materials for the committee, has been invaluable; and Penelope Smith, senior program assistant, who deftly handled all kinds of administrative issues, including most of the arrangements for the workshop and associated meetings. The success of the workshop is a testament to their commitment and hard work. Susan Maurizi from the Division on Engineering and Physical Sciences’ editorial staff and Cameron Fletcher made significant editorial contributions to the final manuscript.

Daniel Jackson, Chair

Committee on Certifiably Dependable Software Systems

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

Acknowledgment of Reviewers

This report has been reviewed in draft form by individuals chosen for their diverse perspectives and technical expertise, in accordance with procedures approved by the National Research Council’s (NRC’s) Report Review Committee. The purpose of this independent review is to provide candid and critical comments that will assist the institution in making the published report as sound as possible and to ensure that the report meets institutional standards for objectivity, evidence, and responsiveness to the study charge. The review comments and draft manuscript remain confidential to protect the integrity of the deliberative process. We wish to thank the following individuals for their review of this report:

Anthony Hall, Independent Consultant

John C. Knight, University of Virginia

William Scherlis, Carnegie Mellon University

William Stead, Vanderbilt University

Jeannette Wing, Carnegie Mellon University

Although the reviewers listed above have provided many constructive comments and suggestions, they were not asked to endorse the conclusions or recommendations, nor did they see the final draft of the report before its release. The review of this report was overseen by Daniel P. Siewiorek, Carnegie Mellon University. Appointed by the National Research Council, he was responsible for making certain that an independent examination of this report was carried out in accordance with institutional procedures and that all review comments were carefully considered. Responsibility for the final content of this report rests entirely with the authoring committee and the institution.

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

This page intentionally left blank.

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

This page intentionally left blank.

Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R1
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R2
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R3
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R4
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R5
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R6
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R7
Page viii Cite
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R8
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R9
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R10
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R11
Suggested Citation:"Front Matter." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page R12
Next: 1 Overview of Workshop Discussions »
Summary of a Workshop on Software Certification and Dependability Get This Book
×
Buy Paperback | $29.00 Buy Ebook | $23.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Certification of critical software systems (e.g., for safety and security) is important to help ensure their dependability. Today, certification relies as much on evaluation of the software development process as it does on the system’s properties. While the latter are preferable, the complexity of these systems usually makes them extremely difficult to evaluate. To explore these and related issues, the National Coordination Office for Information technology Research and Development asked the NRC to undertake a study to assess the current state of certification in dependable systems. The study is in two phases: the first to frame the problem and the second to assess it. This report presents a summary of a workshop held as part of the first phase. The report presents a summary of workshop participants’ presentations and subsequent discussion. It covers, among other things, the strengths and limitations of process; new challenges and opportunities; experience to date; organization context; and cost-effectiveness of software engineering techniques. A consensus report will be issued upon completion of the second phase.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!