Liability issues in software engineering: the use of formal methods to reduce legal uncertainties

Authors:
Daniel Le Métayer;Manuel Maarek;Eduardo Mazza;Marie-Laure Potet;Stéphane Frénot;Valérie Viet Triem Tong;Nicolas Craipeau;Ronan Hardouin
Affiliations:
INRIA, Grenoble Rhône-Alpes, France;INRIA, Grenoble Rhône-Alpes, France;University of Grenoble, France;University of Grenoble, France;INRIA, Grenoble Rhône-Alpes, and INSA, Lyon, France;SSIR, Supélec Rennes, France;University of Caen, France;University of Versailles, Saint-Quentin, France
Venue:
Communications of the ACM
Year:
2011

Citing 17
Cited 1

Secure audit logs to support computer forensics

ACM Transactions on Information and System Security (TISSEC)
Two Views on Security Software Liability: Let the Legal System Decide

IEEE Security and Privacy
Precise Service Level Agreements

Proceedings of the 26th International Conference on Software Engineering
Compliance checking between business processes and business contracts

EDOC '06 Proceedings of the 10th IEEE International Enterprise Distributed Object Computing Conference
The monitorability of service-level agreements for application-service provision

WOSP '07 Proceedings of the 6th international workshop on Software and performance
Security benchmarks of OSGi platforms: toward Hardened OSGi

Software—Practice & Experience
A Formal Privacy Management Framework

Formal Aspects in Security and Trust
A formal language for electronic contracts

FMOODS'07 Proceedings of the 9th IFIP WG 6.1 international conference on Formal methods for open object-based distributed systems
Service-Level Agreements for Electronic Services

IEEE Transactions on Software Engineering
Liability in software engineering: overview of the LISE approach and illustration on a case study

Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Designing Log Architectures for Legal Evidence

SEFM '10 Proceedings of the 2010 8th IEEE International Conference on Software Engineering and Formal Methods
Causality analysis in contract violation

RV'10 Proceedings of the First international conference on Runtime verification
A formal framework for specifying and analyzing logs as electronic evidence

SBMF'10 Proceedings of the 13th Brazilian conference on Formal methods: foundations and applications
A temporal logic-based model for forensic investigation in networked system security

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Accountability for Perfection

IEEE Security and Privacy
Analyzing multiple logs for forensic evidence

Digital Investigation: The International Journal of Digital Forensics & Incident Response
Preparing evidence for court

Digital Investigation: The International Journal of Digital Forensics & Incident Response

Formal methods as a link between software code and legal rules

SEFM'11 Proceedings of the 9th international conference on Software engineering and formal methods

Quantified Score

Hi-index	48.23

Visualization

Abstract

This paper reports on the results of a multidisciplinary project involving lawyers and computer scientists with the aim to put forward a set of methods and tools to (1) define software liability in a precise and unambiguous way and (2) establish such liability in case of incident. The overall approach taken in the project is presented through an electronic signature case study. The case study illustrates a situation where, in order to reduce legal uncertainties, the parties wish to include in the contract specific clauses to define as precisely as possible the share of liabilities between them for the main types of failures of the system.