John Rushby: The Interpretation and Evaluation of Assurance Cases

The Interpretation and Evaluation of Assurance Cases

John Rushby

Technical Report SRI-CSL-15-01, July 2015.

An overview of my papers on assurance cases

Abstract

Assurance cases are a method for providing assurance for a system by giving an argument to justify a claim about the system, based on evidence about its design, development, and tested behavior.

In comparison with assurance based on guidelines or standards (which essentially specify only the evidence to be produced), the chief novelty in assurance cases is provision of an explicit argument. In principle, this can allow assurance cases to be more finely tuned to the specific circumstances of the system, and more agile than guidelines in adapting to new techniques and applications.

The first part of this report (Chapters 1--4) provides an introduction to assurance cases. Although this material should be accessible to all those with an interest in these topics, the examples focus on software for airborne systems, traditionally assured using the DO-178C guidelines and its predecessors.

The second part (Chapters 5 and 6) considers the criteria, methods, and tools that may be used to evaluate whether an assurance case provides sufficient confidence that a particular system or service is fit for its intended use.

Note: this report is an expanded subset of NASA Report CR-2015-218802 entitled "Understanding and Evaluating Assurance Cases" developed by myself with Xidong Xu, Murali Rangarajan, and Thomas L. Weaver of Boeing. It consists of the parts that I wrote, with additional material and new sections on probabilistic topics (e.g., Sections 5.3 and 5.4). There are also numerous small changes of emphasis: the NASA report, rightly, strives to be even-handed, whereas this version reflects my personal opinions. In particular, I am more optimistic about, and supportive of, probabilistic methods. Missing from this version are an erudite discussion of Accident Causation Models by Xidong Xu, and a brief survey of some existing assurance cases; both of those can be found in the original NASA report. A more comprehensive survey of existing assurance cases is available in another NASA report that was developed in parallel with ours.

PDF

BibTeX Entry


@TECHREPORT{Rushby:Cases15,
	AUTHOR = {John Rushby},
	TITLE = {The Interpretation and Evaluation of Assurance Cases},
	INSTITUTION = {Computer Science Laboratory, SRI International},
	YEAR = 2015,
	NUMBER = {SRI-CSL-15-01},
	ADDRESS = {Menlo Park, CA},
	MONTH = jul,
	NOTE = {Available at \url{http://www.csl.sri.com/users/rushby/papers/sri-csl-15-1-assurance-cases.pdf}}
}

Having trouble reading our papers?
Return to John Rushby's bibliography page
Return to the Formal Methods Program home page
Return to the Computer Science Laboratory home page