Cyber-physical systems design for runtime trustworthiness maintenance supported by tools

The trustworthiness of cyber-physical systems is a critical factor for establishing wide-spread adoption of these systems. Hence, especially the behavior of safety-critical software components needs to be monitored and managed during system operation. Runtime trustworthiness maintenance should be planned and prepared in early requirements and design phases. This involves the identification of threats that may occur and affect user’s trust at runtime, as well as related controls that can be executed to mitigate the threats. Furthermore, observable and measureable system quality properties have to be identified as indicators of threats, and interfaces for reporting these properties as well as for executing controls have to be designed and implemented. This paper presents a process model for preparing and designing systems for runtime trustworthiness maintenance, which is supported by several tools that facilitate the tasks to be performed by requirements engineers and system designer

A tool for monitoring and maintaining system trustworthiness at runtime

Trustworthiness of software systems is a key factor in their acceptance and effectiveness. This is especially the case for cyber-physical systems, where incorrect or even sub-optimal functioning of the system may have detrimental effects. In addition to designing systems with trustworthiness in mind, monitoring and maintaining trustworthiness at runtime is critical to identify issues that could negatively affect a system's trustworthiness. In this paper, we present a fully operational tool for system trustworthiness maintenance, covering a comprehensive set of quality attributes. It automatically detects, and in some cases mitigates, trustworthiness threatening events. The use of such a tool can enable complex software systems to support runtime adaptation and self-healing, thus reducing the overall upkeep cost and complexity

Maintaining trustworthiness of socio-technical systems at run-time

Trustworthiness of dynamical and distributed socio-technical systems is a key factor for the success and wide adoption of these systems in digital businesses. Different trustworthiness attributes should be identified and accounted for when such systems are built, and in order to maintain their overall trustworthiness they should be monitored during run-time. Trustworthiness monitoring is a critical task which enables providers to significantly improve the systems’ overall acceptance. However, trustworthiness characteristics are poorly monitored, diagnosed and assessed by existing methods and technologies. In this paper, we address this problem and provide support for semi-automatic trustworthiness maintenance. We propose a trustworthiness maintenance framework for monitoring and managing the system’s trustworthiness properties in order to preserve the overall established trust during run-time. The framework provides an ontology for run-time trustworthiness maintenance, and respective business processes for identifying threats and enacting control decisions to mitigate these threats. We also present use cases and an architecture for developing trustworthiness maintenance systems that support system provider

Combining risk-management and computational approaches for trustworthiness evaluation of socio-technical systems

The analysis of existing software evaluation techniques reveals the need for evidence-based evaluation of systems’ trustworthiness. This paper aims at evaluating trustworthiness of socio-technical systems during design-time. Our approach combines two existing evaluation techniques: a computational approach and a risk management approach. The risk-based approach identifies threats to trustworthiness on an abstract level. Computational approaches are applied to evaluate the expected end-to-end system trustworthiness in terms of different trustworthiness metrics on a concrete asset instance level. Our hybrid approach, along with a complementary tool prototype, support the assessment of risks related to trustworthiness as well as the evaluation of a system with regard to trustworthiness requirements. The result of the evaluation can be used as evidence when comparing different system configurations

Trust-aware process design

Longitudinal studies point to the global erosion of trust in institutions and their business processes. As a result, the provision of trusted processes has become a new design criterion that exceeds the traditional Business Process Management (BPM) goals of time, cost, and quality, and also goes beyond security and privacy concerns. The notion of trust, however, has rarely been studied in the context of BPM. This paper initiates the conceptualization of trust in BPM by providing two new artefacts, i.e. a four-stage model for the design of trusted processes and a related meta model. Both have been derived from relevant theories and existing, general trust conceptualizations. Two exploratory case studies and secondary data have facilitated the identification of an initial set of application scenarios and trust requirements