Formal Assurance Arguments: A Solution In Search of a Problem?

An assurance case comprises evidence and argument showing how that evidence supports assurance claims (e.g., about safety or security). It is unsurprising that some computer scientists have proposed formalizing assurance arguments: most associate formality with rigor. But while engineers can sometimes prove that source code refines a formal specification, it is not clear that formalization will improve assurance arguments or that this benefit is worth its cost. For example, formalization might reduce the benefits of argumentation by limiting the audience to people who can read formal logic. In this paper, we present (1) a systematic survey of the literature surrounding formal assurance arguments, (2) an analysis of errors that formalism can help to eliminate, (3) a discussion of existing evidence, and (4) suggestions for experimental work to definitively answer the question

Context Aware Web-Service Monitoring

Monitoring the correct behaviour of a service-based system is a necessity and a key challenge in Service Oriented Computing. Several efforts have been directed towards the development of approaches dealing with the monitoring activity of service-based systems. However, these approaches are in general not suitable when dealing with modifications in service-based systems. Furthermore, existing monitoring approaches do not take into consideration the context of the users and how this context may affect the monitor activity. Consequently, a holistic monitor approach, capable of dealing with the dynamic nature of service-based systems and of taking into consideration the user context, would be highly desirable. In this thesis we present a monitor adaptation framework capable of dealing with changes in a service-based system and different types of users interacting with it. More specifically, the framework obtains a set of monitor rules, necessary to verify the correct behaviour of a service-based system, for a particular user. Moreover, the monitor rules verifying the behaviour of a service-based system relate to properties of the context types defined for a user. The main contributions of our work include the general characterisation of a user interacting with a service-based system and the generation of suitable monitor rules.The proposed framework can be applied to any service composition without the need of further modifications. Our work complements previous research carried on in the area of web service monitoring. More specifically, our work generates a set of suitable monitor rules - related to the user context - which are deployed in a run-time monitor component. Our framework has been tested and validated in several cases considering different scenarios

Model-Based argument analysis for evolving security requirements

Software systems are made to evolve in response to changes in their contexts and requirements. As the systems evolve, security concerns need to be analysed in order to evaluate the impact of changes on the systems. We propose to investigate such changes by applying a meta-model of evolving security requirements, which draws on requirements engineering approaches, security analysis, argumentation and software evolution. In this paper, we show how the meta-model can be instantiated using a formalism of temporal logic, called the Event Calculus. The main contribution is a model based approach to argument analysis, supported by a tool which generates templates for formal descriptions of the evolving system. We apply our approach to several examples from an Air Traffic Management case study