High Assurance Computer Systems: A Research Agenda

Abstract : As computers and their supporting communication networks have become increasingly enmeshed in our national technological fabric, we have become increasingly dependent on high assurance computer systems, i.e., computer systems for which compelling evidence is required that the system delivers its services in a manner that satisfies certain critical properties. Obvious examples of high assurance systems include military systems (e.g., weapon systems, C4I systems, etc), flight programs for both commercial and military aircraft, air traffic control systems, financial and commerce systems, medical systems (including medical databases and medical equipment), etc. Less obvious examples are the various components of the information infrastructure that supports such systems and their communications (e.g., the NII). These systems are extremely complicated and the science and engineering principles that underlie them are yet to be completely worked out. Nevertheless, our national well-being depends upon these systems satisfying certain critical properties including: * security properties, which prevent unauthorized disclosure, modification, and withholding of sensitive information, even when under attack by a hostile agent; * safety properties, which prevent unintended events that result in death, injury, illness, or damage to or loss of property;

[1]  John J. Marciniak,et al.  Encyclopedia of Software Engineering , 1994, Encyclopedia of Software Engineering.