Quantify Assurance from a Negative Perspective

Z. Liu and P. Wang (USA)


: Software assurance, assurance quantification, untrustworthy components, trustworthy systems


Commodity software components are intrinsically untrustworthy and it is highly insecure to use them directly in mission critical systems. The trustworthiness of a system can be only vaguely specified or achieved without a quantifi able level of assurance measurement of the components used in the system. While large amounts of research efforts have been devoted to establishing a certain quantifiable level of assurance, none has been successful. This position paper introduces a new perspective of the assurance concept such that quantitative assurance for software component can be systematically specified. We discuss the background, our new assurance perspective, assurance specification and quantification from the new perspective, and their applica tions in system security.

Important Links:

Go Back