Abstract

Assurance cases are often required to certify critical systems. The use of formal methods in assurance can improve automation, increase confidence, and overcome errant reasoning. However, assurance cases can never be fully formalised, as the use of formal methods is contingent on models that are validated by informal processes. Consequently, assurance techniques should support both formal and informal artifacts, with explicated inferential links between them. In this paper, we contribute a formal machine-checked interactive language, called Isabelle/SACM, supporting the computer-assisted construction of assurance cases compliant with the OMG Structured Assurance Case Meta-Model. The use of Isabelle/SACM guarantees well-formedness, consistency, and traceability of assurance cases, and allows a tight integration of formal and informal evidence of various provenance. In particular, Isabelle brings a diverse range of automated verification techniques that can provide evidence. To validate our approach, we present a substantial case study based on the Tokeneer secure entry system benchmark. We embed its functional specification into Isabelle, verify its security requirements, and form a modular security case in Isabelle/SACM that combines the heterogeneous artifacts. We thus show that Isabelle is a suitable platform for critical systems assurance.

Highlights

  • Assurance cases (ACs) are structured arguments, supported by evidence, intended to demonstrate that a system meets its requirements, such as safety or security, when applied in a particular operational context [WKD+19, Kel98]

  • We have presented Isabelle/Structured Assurance Case Metamodel (SACM), a framework for integrating formal proof into a unified and standardised form of assurance cases and for their computer-assisted construction

  • We showed how SACM is embedded into Isabelle as an ontology, and provided an interactive assurance language that guides its user in generating valid instances of this ontology

Read more

Summary

Introduction

Assurance cases (ACs) are structured arguments, supported by evidence, intended to demonstrate that a system meets its requirements, such as safety or security, when applied in a particular operational context [WKD+19, Kel98]. They are recommended by several international standards, such as ISO 26262 for automotive applications. Several AC notations exist, including the Goal Structuring Notation (GSN) [Kel98], Claims, Arguments, and Evidence (CAE) [BB98], and the Structured Assurance Case Metamodel (SACM) [Obj[20], WKD+19] These notations support the management of complex ACs via their hierarchical decomposition and modular representation [GC17]. There is a need for tools that can automate AC creation and evolution, whilst maintaining the integrity of the arguments and evidence

Objectives
Discussion
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.