Prospects for Evidence -Based Software Assurance: Models and Analysis

Abstract

The project addresses the challenge of software assurance in the presence of rich supply chains. As a consequence of the focus on supply chains, the project addresses two broad technical questions: First, what are the elements of an evidence - based approach, relying on both formal and informal evidence that can support assurance judgments that are effective and rapid? Second, How can these ideas support composition of judgments about the many separate software components, libraries, and frameworks that are typically required for larger software projects? Progress on these two questions is intended to inform a broader question of great significance to DoD, which is what are forms of a software deliverable that are more effective in support both acceptance evaluation (OT&E) and also ongoing evolution as part of the process of sustainment and modernization. The idea is that a useful body of evidence can link deliverable code and documentation with requirements, architecture, and quality models. Additionally, these models and traceability links can support agile-style evolution in a code.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2015
Accession Number
ADA621648

Entities

People

  • William Scherlis

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Biomedical
  • C4I
  • Cyber
  • Engineered Resilient Systems
  • Ground and Sea Platforms
  • Space

DTIC Thesaurus Topics

  • Air Force
  • Application Software
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cybersecurity
  • Cyberspace Operations
  • Information Systems
  • Operating Systems
  • Programming Languages
  • Software Development
  • Test And Evaluation
  • Test Methods
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Software Engineering.
  • Theoretical Analysis.