formal techniques and tools for software health management
play

Formal Techniques and Tools For Software Health Management John - PowerPoint PPT Presentation

Sep 10, 2023 •286 likes •364 views

Formal Techniques and Tools For Software Health Management John Rushby (for N. Shankar) Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Formal Tools and Techniques For SWHM 1 Introduction New project,

  1. Formal Techniques and Tools For Software Health Management John Rushby (for N. Shankar) Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Formal Tools and Techniques For SWHM 1

  2. Introduction • New project, just a few weeks old • PI is Shankar, but he’s at a conference in Korea ◦ I’m a Co-Investigator, • I was a member of the NRC Committee whose report ”Sufficient Evidence” is cited in the NRA • Report mentions Assurance/Dependability/Safety Cases • I will talk about these tomorrow in IRAC track at 8am • But, briefly. . . John Rushby, SR I Formal Tools and Techniques For SWHM 2

  3. Assurance Cases • Intellectual basis for all assurance surely rests on ◦ Claims or Goals, Evidence, Argument • Standards-based assurance (e.g., DO-178B) specifies only the evidence to be produced ◦ Claims and argument are largely implicit • Assurance case: make all three items explicit ◦ And also your confidence in each John Rushby, SR I Formal Tools and Techniques For SWHM 3

  4. Our Project, Generalities • Health monitoring implies online checking • We know how to do this (cf. Grigore Rosu) • But what (source of) properties to monitor? • Low Level SW requirements unlikely to be useful ◦ DO-178B ensures these are implemented correctly • Similarly with High Level SW requirements • Most likely it’s the requirements that are in error • We need an independent source of properties to monitor • Aha: the Assurance Case John Rushby, SR I Formal Tools and Techniques For SWHM 4

  5. Our Project, Particularities • Derive monitors from formalized assurance cases • Also monitor SW against its own history ◦ Cf. anomaly detection ◦ Identifies untested/novel scenarios • Diagnosis: classical model-based • Recovery/repair: first, use existing redundancy • Then, controller synthesis against the model ◦ With explicit cognitive models of human operators • Can do this because we have enormously powerful deductive systems ◦ SMT solvers and their kin • For more details, Google my paper “Runtime Certification” John Rushby, SR I Formal Tools and Techniques For SWHM 5

  6. Two Big Questions • Architectural principles • Composability (specifically, compositional certification) • Profound insight (Tim Kelly): ◦ The assurance case may not decompose along architectural lines • So what is an architecture? • A good one supports and enforces the assurance case • Cf. MILS approach to security: next week at DASC ◦ Explicitly compositional ◦ Relates to IMA John Rushby, SR I Formal Tools and Techniques For SWHM 6

  7. Guarding the Guardians • Fault tolerance is immensely hard • Homespun solutions generally make things worse • Our stuff will only kick in when existing fault tolerance and the certification process have failed • So, we should have some humility • Cf. AA 903 (1997): EFIS rebooted because roll rate was considered implausible ◦ But pilots were attempting recovery from major upset ◦ Loss of all instruments jeopardized this • OTOH, A340 fuel emergency (2005), and 777 (2005) and A330 (2008) ADIRU incidents near Perth probably could have been mitigated by good SWHM • Link to the assurance case seems the strongest guardian John Rushby, SR I Formal Tools and Techniques For SWHM 7

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Formal Specification Techniques Knowledge of typical approaches to formal software specification

Formal Specification Techniques Knowledge of typical approaches to formal software specification

Goals Understanding of the motivation of mathematical approaches to software specification Formal Specification Techniques Knowledge of typical approaches to formal software specification CAS 707 and verification McMaster University, Winter

106 views • 6 slides
Ants, Mutants and Beyond Combining formal and stochastic techniques to improve software

Ants, Mutants and Beyond Combining formal and stochastic techniques to improve software

Nature-inspired Computing Search Based Software Engineering Genetic Improvement Automatic Improvement References References Ants, Mutants and Beyond Combining formal and stochastic techniques to improve software jerry.swan@york.ac.uk

487 views • 26 slides
SMT-based model checking techniques for formal software verification of synchronous dataflow

SMT-based model checking techniques for formal software verification of synchronous dataflow

An insight into SMT-based model checking techniques for formal software verification of synchronous dataflow programs Jonathan Laurent Ecole Normale Sup erieure, National Institute of Aerospace, NASA Langley Research Center August 11 th ,

1.01k views • 67 slides
Chapter 9 Chapter 9 Formal Specification Learning Objective ... Techniques for the unambiguous

Chapter 9 Chapter 9 Formal Specification Learning Objective ... Techniques for the unambiguous

Chapter 9 Chapter 9 Formal Specification Learning Objective ... Techniques for the unambiguous specification of software . Frederick T Sheldon Assistant Professor of Computer Science Washington State University CS 422 Software Engineering

457 views • 10 slides
Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011

Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011

Tools for Software Projects Massimo Felici Massimo Felici Tools for Software Projects 2011 c 1 Automating Drudgery Most of the techniques we will talk about can benefit from automated tools , and some would be totally impractical

451 views • 28 slides
Ti e Voice of Reason We have all of these tools and techniques, but are we any better?

Ti e Voice of Reason We have all of these tools and techniques, but are we any better?

And Ti e Voice of Reason We have all of these tools and techniques, but are we any better? PRESENT Modern Software Development Anti-Patterns Reconciliation by Scot A Harvest Note the lack of flu fg y animals in this talk - that's right

349 views • 34 slides
Software Verification/Validation Methods and Tools . . . or Practical Formal Methods John Rushby

Software Verification/Validation Methods and Tools . . . or Practical Formal Methods John Rushby

Software Verification/Validation Methods and Tools . . . or Practical Formal Methods John Rushby Computer Science Laboratory SRI International Menlo Park, CA John Rushby, SR I Practical Formal Methods: 1 Need: Growing Importance and Cost of

278 views • 12 slides
WASDeTT-3 3rd Workshop on Academic/Advanced Software Development Tools and Techniques WASDeTT-3,

WASDeTT-3 3rd Workshop on Academic/Advanced Software Development Tools and Techniques WASDeTT-3,

WASDeTT-3 3rd Workshop on Academic/Advanced Software Development Tools and Techniques WASDeTT-3, Antwerp, Belgium September 20, 2010 This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

431 views • 19 slides
Automating Drudgery Most of the techniques in this course can benefit from Project Management

Automating Drudgery Most of the techniques in this course can benefit from Project Management

Automating Drudgery Most of the techniques in this course can benefit from Project Management Tools automated tools, and some would be totally impractical without them (e.g. the continual code changes in XP). Dr. James A. Bednar Discussing all

167 views • 4 slides
Curriculum on Health Wellness Techniques Wellness Techniques Agenda B1. Stress Management

Curriculum on Health Wellness Techniques Wellness Techniques Agenda B1. Stress Management

California Cadet Corps Curriculum on Health Wellness Techniques Wellness Techniques Agenda B1. Stress Management B2. Do Yoga or Tai Chi B3. Meditate B4. Aerobic Exercise B5. Declutter and Organize B6. Manage

788 views • 74 slides
Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien Signoles 2 1 TrustInSoft 2 CEA LIST, Software Reliability and Security Laboratory LOPSTR 2017, Namur, Belgium 1 Code Analysis Tools Effective enough

575 views • 35 slides
Formal software engineering for computational modelling Formal software engineering Focus on

Formal software engineering for computational modelling Formal software engineering Focus on

Formal software engineering for computational modelling Formal software engineering Focus on the formal, mathematical side of software Ex. Algebra Three problems What are the concepts that have to be used for the construction of

110 views • 7 slides
Trust in programming tools: the formal verification of compilers and static analysers Xavier

Trust in programming tools: the formal verification of compilers and static analysers Xavier

Trust in programming tools: the formal verification of compilers and static analysers Xavier Leroy Inria Paris Verified trustworthy software systems, April 2016 X. Leroy (Inria) Trust in tools 2016-04-05 1 / 35 Tool-assisted formal

731 views • 52 slides
CISC836: Models in Software Development: Methods, Techniques and Tools Languages: UML-RT I

CISC836: Models in Software Development: Methods, Techniques and Tools Languages: UML-RT I

CISC836: Models in Software Development: Methods, Techniques and Tools Languages: UML-RT I Juergen Dingel Jan, 2017 UML-RT CISC836, Winter 2017 1 Modeling Modelica Languages Physical systems Equation-based Simulink

744 views • 41 slides
Anticipatory Management: Tools and Techniques for Effective Decision Making in a Turbulent World

Anticipatory Management: Tools and Techniques for Effective Decision Making in a Turbulent World

Anticipatory Management: Tools and Techniques for Effective Decision Making in a Turbulent World James L. Morrison Professor Emeritus of Educational Leadership The University of North Carolina at Chapel Hill http:/ /horizon.unc.edu

316 views • 16 slides
Developing monitoring techniques and management tools to understand the conflict between the blue

Developing monitoring techniques and management tools to understand the conflict between the blue

Developing monitoring techniques and management tools to understand the conflict between the blue crab ( Callinectes sapidus ) fishery and diamondback terrapin ( Malaclemys terrapin macrospilota ) populations in Florida Ryan Gandy , Eric Suarez

448 views • 34 slides
One step is enough David Ripley Monash University http://davewripley.rocks/docs/osie-slides.pdf

One step is enough David Ripley Monash University http://davewripley.rocks/docs/osie-slides.pdf

One step is enough David Ripley Monash University http://davewripley.rocks/docs/osie-slides.pdf ST ST Language Propositional language with , , , , ST is is 1 is is Models 0 is Strong kleene models with values { 1 ,

831 views • 62 slides
Multi Layer Performance Based PCE Enhancements to ONOS Controller for SD WAN Packet Optical

Multi Layer Performance Based PCE Enhancements to ONOS Controller for SD WAN Packet Optical

Multi Layer Performance Based PCE Enhancements to ONOS Controller for SD WAN Packet Optical Integration David Altstaetter , CALIENT Technologies Raghu Gangi , ADARA Networks What is Multi-Layer Convergence? Bringing the physical Layer into the

504 views • 13 slides
CMPSC443 - Introduction to Computer and Network Security Module: Routing Security Professor

CMPSC443 - Introduction to Computer and Network Security Module: Routing Security Professor

414 views • 24 slides
Routing Security* CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring 2008 *

Routing Security* CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring 2008 *

859 views • 23 slides
A (VERY) Brief Introduction to Machine Learning for ITOA Toufic Boubez, PhD VP Engineering,

A (VERY) Brief Introduction to Machine Learning for ITOA Toufic Boubez, PhD VP Engineering,

A (VERY) Brief Introduction to Machine Learning for ITOA Toufic Boubez, PhD VP Engineering, Machine Learning Splunk Inc. Disclaimer During the course of this presentation, we may make forward looking statements regarding future events or the

1.35k views • 98 slides
1 (First two from last weekend...) 1. I become more effective and productive as a

1 (First two from last weekend...) 1. I become more effective and productive as a

The God Life p.7: Holding On To The Eternal Ticket 05.27.12 Scripture: 2 Peter 1:10-11 Video: Charlie Gets The Golden Ticket [3:00] from Willy Wonka Fundamental Question: Been debated for 2,000 years - is our salvation assured or do we

396 views • 4 slides
Cooks Theorem 1 Cook showed that SATISFIABILITY is NP-complete. The terms used to specify it

Cooks Theorem 1 Cook showed that SATISFIABILITY is NP-complete. The terms used to specify it

The Theory of NP-Completeness Peter Cappello Department of Computer Science University of California, Santa Barbara Santa Barbara, CA 93106 cappello@cs.ucsb.edu Please read the corresponding chapter before attending this lecture.

531 views • 20 slides
Testing LDAP Implementations Emmanuel Lcharny Do who need tests anyway ? OSS projects don't

Testing LDAP Implementations Emmanuel Lcharny Do who need tests anyway ? OSS projects don't

Testing LDAP Implementations Emmanuel Lcharny Do who need tests anyway ? OSS projects don't need it... We have users ! We have users ! LDAP project phases Initial analysis Development + tests Costs Conformance tests Tests are

501 views • 27 slides

More recommend