John Rushby: Recent Papers

The Interpretation and Evaluation of Assurance Cases

John Rushby

Technical Report SRI-CSL-15-01.

Abstract

Assurance cases are a method for providing assurance for a system by giving an argument to justify a claim about the system, based on evidence about its design, development, and tested behavior.

In comparison with assurance based on guidelines or standards (which essentially specify only the evidence to be produced), the chief novelty in assurance cases is provision of an explicit argument. In principle, this can allow assurance cases to be more finely tuned to the specific circumstances of the system, and more agile than guidelines in adapting to new techniques and applications.

The first part of this report (Chapters 1--4) provides an introduction to assurance cases. Although this material should be accessible to all those with an interest in these topics, the examples focus on software for airborne systems, traditionally assured using the DO-178C guidelines and its predecessors.

The second part (Chapters 5 and 6) considers the criteria, methods, and tools that may be used to evaluate whether an assurance case provides sufficient confidence that a particular system or service is fit for its intended use.

Note: this report is an expanded subset of a NASA report titled "Understanding and Evaluating Assurance Cases" developed by myself with Xidong Xu, Murali Rangarajan, and Thomas L. Weaver of Boeing. It consists of the parts that I wrote, with additional material and new sections on probabilistic topics (e.g., Sections 5.3 and 5.4). There are also numerous small changes of emphasis: the NASA report, rightly, strives to be even-handed, whereas this version reflects my personal opinions. In particular, I am more optimistic about, and supportive of, probabilistic methods. Missing from this version are an erudite discussion of Accident Causation Models by Xidong Xu, and a survey of some existing assurance cases; both of those can be found in the original NASA report. The NASA report includes a survey of existing assurance cases but it was not a main focus of our work and a more comprehensive survey of existing assurance cases is available in another NASA report.

PDF

BibTeX Entry


@TECHREPORT{Rushby:Cases15,
	AUTHOR = {John Rushby},
	TITLE = {The Interpretation and Evaluation of Assurance Cases},
	INSTITUTION = {Computer Science Laboratory, SRI International},
	YEAR = 2015,
	NUMBER = {SRI-CSL-15-01},
	ADDRESS = {Menlo Park, CA},
	MONTH = jun,
	NOTE = {Available at \url{http://www.csl.sri.com/users/rushby/papers/sri-csl-15-1-assurance-cases.pdf}}
}

Having trouble reading our papers?
Return to John Rushby's bibliography page
Return to the Formal Methods Program home page
Return to the Computer Science Laboratory home page