KIDS: A Semiautomatic Program Development System
IEEE Transactions on Software Engineering
Safeware: system safety and computers
Safeware: system safety and computers
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Validation of HOL Proofs by Proof Checking
Formal Methods in System Design
Generative programming: methods, tools, and applications
Generative programming: methods, tools, and applications
On the Requirements of High-Integrity Code Generation
HASE '99 The 4th IEEE International Symposium on High-Assurance Systems Engineering
The KIV-Approach to Software Verification
KORSO - Methods, Languages, and Tools for the Construction of Correct Software
Deductive Composition of Astronomical Software from Subroutine Libraries
CADE-12 Proceedings of the 12th International Conference on Automated Deduction
Issues for the Automatic Generation of Safety Critical Software
ASE '00 Proceedings of the 15th IEEE international conference on Automated software engineering
Automating the implementation of Kalman filter algorithms
ACM Transactions on Mathematical Software (TOMS)
Overview of existing safeguarding techniques for automatically generated code
SEAS '05 Proceedings of the second international workshop on Software engineering for automotive systems
Software certificate management (SoftCeMent'05)
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
Annotation Inference for Safety Certification of Automatically Generated Code (Extended Abstract)
ASE '06 Proceedings of the 21st IEEE/ACM International Conference on Automated Software Engineering
Proceedings of the 5th international conference on Generative programming and component engineering
Certifiable program generation
GPCE'05 Proceedings of the 4th international conference on Generative Programming and Component Engineering
Deriving safety cases for hierarchical structure in model-based development
SAFECOMP'10 Proceedings of the 29th international conference on Computer safety, reliability, and security
Hi-index | 0.00 |
Formal methods can in principle provide the highest levels of assurance of code safety by providing formal proofs as explicit evidence for the assurance claims. However, the proofs are often complex and difficult to relate to the code, in particular if it has been generated automatically. They may also be based on assumptions and reasoning principles that are not justified. This causes concerns about the trustworthiness of the proofs and thus the assurance claims. Here we present an approach to systematically construct safety cases from information collected during a formal verification of the code, in particular from the construction of the logical annotations necessary for a formal, Hoare-style safety certification. Our approach combines a generic argument that is instantiated with respect to the certified safety property (i.e., safety claims) with a detailed, program-specific argument that can be derived systematically because its structure directly follows the course the annotation construction takes through the code. The resulting safety cases make explicit the formal and informal reasoning principles, and reveal the top-level assumptions and external dependencies that must be taken into account. However, the evidence still comes from the formal safety proofs. Our approach is independent of the given safety property and program, and consequently also independent of the underlying code generator. Here, we illustrate it for the AutoFilter system developed at NASA Ames.