Software Certification: where is Confidence Won and Lost?

摘要

Given that we cannot prove the safety of software (in a system context) we are forced to wrestle with the issue of confidence in software certification. Some draw confidence from compliance with software assurance standards and believe this is sufficient, yet we do not have consensus in these standards. Some establish confidence through the process of constructing and presenting a software assurance case, but ignore the experience and 'body of knowledge' provided by standards. Some (sensibly) use a combination of these approaches. Using a framework of 4+1 principles of software safety assurance, this paper discusses where and how in current safety-critical software development and assessment approaches confidence is typically won and lost. Based on this assessment, we describe how the activity and structure of an assurance case should best be targeted to explicitly address issues of confidence.