Comparative Conformance Cases for Monitoring Multiple Implementations of Critical Requirements

The paper presents the concept and the mechanism of comparative conformance cases which support conformance monitoring in situations where a standard or other set of requirements are being implemented at multiple sites. The mechanism is enabled by NOR-STA services which implement the TRUST-IT methodology and are deployed in the cloud in accordance with the SaaS model. In the paper we introduce the concept of comparative conformance cases, explain the software services used to implement them and present a case study of monitoring the implementation of the EC Regulation No. 994/2010, related to risk management of gas supply infrastructures across Europe.

[1]  Lukasz Cyra,et al.  Support for argument structures review and assessment , 2011, Reliab. Eng. Syst. Saf..

[2]  Lukasz Cyra,et al.  Supporting Compliance with Security Standards by Trust Case Templates , 2007, 2nd International Conference on Dependability of Computer Systems (DepCoS-RELCOMEX '07).

[3]  James Inge Defence Standard 00-56 Issue 4: Safety Management Requirements for Defence Systems , 2007 .

[4]  David Clark,et al.  Safety and Security Analysis of Object-Oriented Models , 2002, SAFECOMP.

[5]  Jakub Miler,et al.  Validation of Services Supporting Healthcare Standards Conformance , 2012 .

[6]  Ł. Cyra,et al.  Supporting compliance with safety standards by trust case templates , 2008 .

[7]  S. Rahman Reliability Engineering and System Safety , 2011 .

[8]  Tim Kelly,et al.  Argument-based approach to computer system safety engineering , 2012, Int. J. Crit. Comput. Based Syst..

[9]  Ibrahim Habli,et al.  Assurance of Automotive Safety - A Safety Case Approach , 2010, SAFECOMP.

[10]  Janusz Górski Trust Case—A Case for Trustworthiness of IT Infrastructures , 2005 .

[11]  Jakub Miler,et al.  Supporting Assurance by Evidence-Based Argument Services , 2012, SAFECOMP Workshops.

[12]  Ann Miller,et al.  Assurance Cases for Security: The Metrics Challenge , 2007, 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'07).

[13]  Rafal Leszczyna,et al.  Trust case: justifying trust in an IT solution , 2005, Reliab. Eng. Syst. Saf..

[14]  Glenn Shafer,et al.  A Mathematical Theory of Evidence , 2020, A Mathematical Theory of Evidence.