While certification is widely recognized as a means to increase system trustworthiness and reduce uncertainty in decision making, it faces severe challenges preventing a wider adoption thereof. Certification is not adequately planned and integrated within the development process, leading to suboptimal scenarios where certification introduces the need to further modify the developed system with high costs. We propose a methodology that bridges the gap between software development and certification processes. Our methodology automatically produces the certification requirements driving all steps of the development process, and maximizes the strength of certificates while taking costs under control. We formalize the above problem as a multi-objective mathematical program and solve it through a genetic algorithm. The proposed approach is tested in a real-world, cloud-based financial scenario at CaixaBank and its performance and quality is evaluated in a simulated scenario.
Bridging the Gap between Certification and Software Development / C.A. Ardagna, N. Bena, R.M. De Pozuelo - In: ARES '22: Proceedings[s.l] : ACM, 2022. - ISBN 9781450396707. - pp. 1-10 (( Intervento presentato al 2022. convegno International Conference on Availability, Reliability and Security tenutosi a Wien nel Austria [10.1145/3538969.3539012].
Bridging the Gap between Certification and Software Development
C.A. Ardagna;N. Bena;
2022
Abstract
While certification is widely recognized as a means to increase system trustworthiness and reduce uncertainty in decision making, it faces severe challenges preventing a wider adoption thereof. Certification is not adequately planned and integrated within the development process, leading to suboptimal scenarios where certification introduces the need to further modify the developed system with high costs. We propose a methodology that bridges the gap between software development and certification processes. Our methodology automatically produces the certification requirements driving all steps of the development process, and maximizes the strength of certificates while taking costs under control. We formalize the above problem as a multi-objective mathematical program and solve it through a genetic algorithm. The proposed approach is tested in a real-world, cloud-based financial scenario at CaixaBank and its performance and quality is evaluated in a simulated scenario.
| File | Dimensione | Formato | |
|---|---|---|---|
|
ABP.ARES2022.pdf
accesso aperto
Tipologia:
Post-print, accepted manuscript ecc. (versione accettata dall'editore)
Dimensione
994.46 kB
Formato
Adobe PDF
|
994.46 kB | Adobe PDF | Visualizza/Apri |
|
ABP.ARES2022.pdf
accesso riservato
Tipologia:
Publisher's version/PDF
Dimensione
994.46 kB
Formato
Adobe PDF
|
994.46 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
