Society is increasingly requiring quantitative assessment of risk and associated dependability cases. Informally, a dependability case comprises some reasoning, based on assumptions and evidence, that supports a dependability claim at a particular level of confidence. In this paper we argue that a quantitative assessment of claim confidence is necessary for proper assessment of risk. We discuss the way in which confidence depends upon uncertainty about the underpinnings of the dependability case (truth of assumptions, correctness of reasoning, strength of evidence), and propose that probability is the appropriate measure of uncertainty. We discuss some of the obstacles to quantitative assessment of confidence (issues of composability of subsystem claims; of the multi-dimensional, multi-attribute nature of dependability claims; of the difficult role played by dependence between different kinds of evidence, assumptions, etc). We show that, even in simple cases, the confidence in a claim arising from a dependability case can be surprisingly low.
[1]
David Wright,et al.
The Use of Multilegged Arguments to Increase Confidence in Safety Claims for Software-Based Systems: A Study Based on a BBN Analysis of an Idealized Example
,
2007,
IEEE Transactions on Software Engineering.
[2]
Peter G. Bishop,et al.
A Methodology for Safety Case Development
,
2000,
SSS.
[3]
Peter G. Bishop,et al.
A conservative theory for long term reliability growth prediction
,
1996,
Proceedings of ISSRE '96: 7th International Symposium on Software Reliability Engineering.
[4]
D. M. Hunns,et al.
Software-based protection for Sizewell B: the regulator's perspective
,
1992
.
[5]
G. Apostolakis.
The concept of probability in safety assessments of technological systems.
,
1990,
Science.
[6]
Hoyt Lougee,et al.
SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION
,
2001
.
[7]
Stephen G. Cecchetti,et al.
Bank for International Settlements
,
1999
.