Thomas Rhodes, Frederick Boland, Elizabeth Fong, Michael Kass
{"title":"Software Assurance Using Structured Assurance Case Models.","authors":"Thomas Rhodes, Frederick Boland, Elizabeth Fong, Michael Kass","doi":"10.6028/jres.115.013","DOIUrl":null,"url":null,"abstract":"<p><p>Software assurance is an important part of the software development process to reduce risks and ensure that the software is dependable and trustworthy. Software defects and weaknesses can often lead to software errors and failures and to exploitation by malicious users. Testing, certification and accreditation have been traditionally used in the software assurance process to attempt to improve software trustworthiness. In this paper, we examine a methodology known as a structured assurance model, which has been widely used for assuring system safety, for its potential application to software assurance. We describe the structured assurance model and examine its application and use for software assurance. We identify strengths and weaknesses of this approach and suggest areas for further investigation and testing.</p>","PeriodicalId":17039,"journal":{"name":"Journal of Research of the National Institute of Standards and Technology","volume":null,"pages":null},"PeriodicalIF":1.5000,"publicationDate":"2010-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.6028/jres.115.013","citationCount":"32","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Research of the National Institute of Standards and Technology","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.6028/jres.115.013","RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2010/5/1 0:00:00","PubModel":"Print","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 32
Abstract
Software assurance is an important part of the software development process to reduce risks and ensure that the software is dependable and trustworthy. Software defects and weaknesses can often lead to software errors and failures and to exploitation by malicious users. Testing, certification and accreditation have been traditionally used in the software assurance process to attempt to improve software trustworthiness. In this paper, we examine a methodology known as a structured assurance model, which has been widely used for assuring system safety, for its potential application to software assurance. We describe the structured assurance model and examine its application and use for software assurance. We identify strengths and weaknesses of this approach and suggest areas for further investigation and testing.
期刊介绍:
The Journal of Research of the National Institute of Standards and Technology is the flagship publication of the National Institute of Standards and Technology. It has been published under various titles and forms since 1904, with its roots as Scientific Papers issued as the Bulletin of the Bureau of Standards.
In 1928, the Scientific Papers were combined with Technologic Papers, which reported results of investigations of material and methods of testing. This new publication was titled the Bureau of Standards Journal of Research.
The Journal of Research of NIST reports NIST research and development in metrology and related fields of physical science, engineering, applied mathematics, statistics, biotechnology, information technology.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
