Assurance Carrying Code for Software Supply Chain

被引：1

作者：

Matsuno, Yutaka ^{[1
]}

Yamagata, Yoriyuki ^{[2
]}

Nishihara, Hideaki ^{[2
]}

Hosokawa, Yuichiro ^{[3
]}

机构：

[1] Nihon Univ, Coll Sci & Technol, Tokyo, Japan

[2] Natl Inst Adv Ind Sci & Technol, Cyber Phys Secur Res Ctr, Tokyo, Japan

[3] Gunma Prefectural Womens Univ, Dept Liberal Arts, Tamamura, Gunma, Japan

来源：

2021 IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSREW 2021) | 2021年

关键词：

assurance cases; proof carrying code; formal languages; lambda; -calculus;

D O I：

10.1109/ISSREW53611.2021.00077

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Modern software systems are composed of software components supplied by a software supply chain, and it has become difficult to maintain the dependability of the software supply chain. To address this problem, we introduce assurance carrying code, a framework in which every software component in a software supply chain has its own assurance case. When integrating a software component into a supply chain, the stakeholders check (manually or automatically) the assurance case to determine whether or not the software component is dependable for the supply chain. We introduce a pattern language for Goal Structuring Notation (GSN) formalized by lambda-calculus, which is used in a theory of functional programming languages theory.

引用

页码：276 / 277

页数：2

共 13 条

[1]

Alexander R., 2007, SAFETY CASES ADV CON

[2]

[Anonymous], 1990, ESSAYS COMBINATORY L

[3]

Boyens J., 2015, NIST Special publication, V800, P32, DOI 10.6028/NIST.SP.800-161

[4]

Denney Ewen, 2013, Computer Safety, Reliability and Security. 32nd International Conference, SAFECOMP 2013. Proceedings: LNCS 8153, P21, DOI 10.1007/978-3-642-40793-2_3

[5]

Johnson C.W., 2016, GUIDE CYBER THREAT I

[6]

JSOF, RIPPL 20 19 ZER DAY

[7]

Kelly T., 1998, Arguing safety-a systematic approach to managing safety cases

[8]

Kelly T. P., 1997, SAFECOMP 97. 16th International Conference on Computer Safety, Reliability and Security, P55

[9]

Matsuno Y, LNCS

[10] A Design and Implementation of an Assurance Case Language [J].

Matsuno, Yutaka .

2014 44TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN), 2014, :630-641

← 1 2 →