Scribd
Upload
81 views3 pages

Answer All Questions. 1 Mark Per Question: Chapter 15: Dependability and Security Assurance

Formal specification and verification cannot guarantee reliability because the specification may not reflect real user requirements, proofs may contain errors, and proofs may assume incorrect usage patterns. Automated static analysis examines source code for possible anomalies without program execution. Reliability testing has four stages: establishing an operational profile, designing test data sets matching the profile, testing and counting failures, and computing reliability after observing statistically significant failures. An operational profile specifies input classes and occurrence probabilities. Security is difficult to assess because you can never prove a system is completely secure, and an ingenious attacker may find a new vulnerability, no matter how many tests are run. Complementary security checking approaches include experience-based testing against known attacks, tiger teams contracted to find flaws

Uploaded by

­­­­­Trọng Nguyễn ­­­­­Tuyên
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
81 views3 pages

Answer All Questions. 1 Mark Per Question: Chapter 15: Dependability and Security Assurance

Formal specification and verification cannot guarantee reliability because the specification may not reflect real user requirements, proofs may contain errors, and proofs may assume incorrect usage patterns. Automated static analysis examines source code for possible anomalies without program execution. Reliability testing has four stages: establishing an operational profile, designing test data sets matching the profile, testing and counting failures, and computing reliability after observing statistically significant failures. An operational profile specifies input classes and occurrence probabilities. Security is difficult to assess because you can never prove a system is completely secure, and an ingenious attacker may find a new vulnerability, no matter how many tests are run. Complementary security checking approaches include experience-based testing against known attacks, tiger teams contracted to find flaws

Uploaded by

­­­­­Trọng Nguyễn ­­­­­Tuyên
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Chapter 15: Dependability and security assurance

Your name:

Answer all questions. 1 mark per question

1. Why do formal specification and verification not guarantee reliability in


use?

The specification may not reflect the real requirements of users,


The proof may contain errors,
The proof may assume a usage pattern which is incorrect.

2. What is automated static analysis?

A process where an analysis program examines the source code looking


for possible anomalies in the code. These are drawn to the inspectorʼs
attention as they may represent faults in the program. There is no need to
execute the program to detect errors.

3. What are the four stages of reliability testing?

Establish an operational profile


Design test data sets matching that profile
Test the system and count system failures
After observing a statistically significant number of failures, compute the
reliability
4. What is an operational profile?

A specification of the different classes of input processed by a system


and the probability of their occurrence.

5. Why is the security of a system difficult to assess?

It is impossible to prove a negative so you can never demonstrate that a


system is completely security. Irrespective of how many tests you run,
an ingenious attacker can devise a new strategy that may compromise
the system.

6. What are four complementary approaches to security checking?

Experience-based testing, where the system is analyzed against


known types of attack.
Tiger teams, where an external team is contracted to discover security
flaws in a system.
Tool-based testing, where tools are used to exhaustively test some
features of a system, such as the strength of passwords.
Formal verification, where a system is formally verified against a
formal security specification.

7. What safety assurance activities might be included in a critical systems


development process?

Creation of a hazard logging and monitoring system,


Appointment of a project safety engineer,
Extensive use of safety reviews,
Creation of a safety certification system
Use of detailed configuration management.
8. What is a safety case?

A documented body of evidence that provides a convincing and valid


argument that a system is adequately safe for a given application in a
given environment.

9. What evidence might be included in a safety case to demonstrate the


safety of a system?

A hazard and risk analysis for the system


An analysis of the design and architecture of the system
Test cases and test results
Results of static analysis
Evidence that QA processes have been properly carried out.

10. Why is it easier to create structured safety arguments than proofs of


program correctness.

Safety arguments need only focus on unsafe behaviour and show that
it does not occur. Whether or not the system operates correctly is not
considered.

You might also like