Deviational Analyses for Validating Regulations on Real Systems

Deviational analysis is a traditional way of exploring the safety of systems. The results of deviational analysis contribute to traditional safety cases and safety arguments. We extend deviational analysis to other aspects of dependability, notably security. We discuss how the evidence of deviational analysis can contribute to the validation of regulations, in the sense of their application of regulations to real systems. Keyword: deviational analysis, dependability, regulation validation

[1]  John A. Clark,et al.  Writing Effective Security Abuse Cases , 2004 .

[2]  Bruce Powell Douglass,et al.  Real-time UML (2nd ed.): developing efficient objects for embedded systems , 1997 .

[3]  Tim Kelly A Systematic Approach to Safety Case Management , 2004 .

[4]  Thitima Srivatanakul,et al.  Security Analysis with Deviational Techniques , 2005 .

[5]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2000, Proceedings 37th International Conference on Technology of Object-Oriented Languages and Systems. TOOLS-Pacific 2000.

[6]  Tim Kelly,et al.  Planes , Trains and Automobiles — An Investigation into Safety Policy for Systems of Systems , 2005 .

[7]  Tim Kelly,et al.  Deriving safety requirements using scenarios , 2001, Proceedings Fifth IEEE International Symposium on Requirements Engineering.

[8]  John P. McDermott,et al.  Abuse-case-based assurance arguments , 2001, Seventeenth Annual Computer Security Applications Conference.

[9]  tim. kelly Extending the Safety Case Concept to Address Dependability , 2004 .

[10]  John A. Clark,et al.  Effective Security Requirements Analysis: HAZOP and Use Cases , 2004, ISC.

[11]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.