1 / 14

The Systems Assurance Group

The Systems Assurance Group. Dr Jaspal Sagoo Systems Assurance Group QinetiQ Trusted Information Management Malvern Technology Centre. QinetiQ. Defence & Technology Security & Dual Use US . QTIM. The Systems Assurance Group. Dependability of systems: Safety , Security, fault tolerance

Jims
Download Presentation

The Systems Assurance Group

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Systems Assurance Group Dr Jaspal SagooSystems Assurance GroupQinetiQ Trusted Information ManagementMalvern Technology Centre

  2. QinetiQ • Defence & Technology • Security & Dual Use • US

  3. QTIM

  4. The Systems Assurance Group • Dependability of systems: • Safety , Security, fault tolerance • Provide assurance that systems are dependable • Formal modelling and analysis CSP, Z , Model Checking, Theorem Proving, Refinement • Assessment of systems Safety analysis techniques • Type of Work • Research • Project Support Defence Commercial

  5. Prof. Colin O'Halloran Business Group Manager Dr Clive Pygott Dr Philip Core Deputy Technical Strategy BGM Support Transport Sue Jones Howard Manning Operations John Evans Manager Project Mgt Team Nick Tudor Judy Beckett Business Development PA to BGM Manager Office Manager Project Support Assistant Dr Mike Hill Mark Adams Software Assessment Software Verification & Theorem Proving Capability Dr Sadie Creese Dr Jaspal Sagoo Dr Karen Stephenson Dr Clive Pygott Security Assurance Project safety Assurance Research & Application Model Based Assurance Nick Moffat Helen Roscoe Karen Barnett Andy Cole Dennis Carver Alf Smith Phil Clayton Richard Harrison Dr William Simmonds Anthony Smith Isobel Thompson Dr Simon Brown Liz Whiting Jamie Hodgkinson Tim Hawkins Gaius Wilson Alan Miao Iain Brown Dr Jeremy Hubbard Anthony Doggett Merlin March Mark Teasedale Patrick Godlonton Duncan Stuart Systems Assurance Group Structure

  6. Development and application of software analysis techniques • Language development • development of ‘safe’ language subsets • typically considers Ada and C • new languages like C++, Java, SOAR and JACK • Assessment tools • compliance analysis • Malporte analysis

  7. Software Analysis • Compliance analysis • shows ‘correctness’ of code wrt specification • translate informal spec into Z • refinement argument supported by formal proof assisted by a theorem prover

  8. SPARK Ada Z Spec Refinement Verification Conditions Discharge proof Overview of the Control Laws in Z (ClawZ) Process Simulink Refinement Script Generator Z Producer Compliance Notation Tool Supertac ProofPower

  9. Static code analysis • Malporte (MALvern Predictor Of Run-Time Errors) • statically checks for integrity properties such as: Run-time errors Undefined behaviour Run-time exceptions • Checks Ada, C, C++ code • Checks for error such as • Buffer over-runs • Divide by zero • Use of pointers and unions in C • Integer and floating point over/under flow

  10. Used on … • Numerours MoD projects such as Eurofighter Typhoon & Nimrod • Secure webserver application • Trial carried out with an automotive supplier • Security analysis of SendMail server

  11. Safety Assurance • Hazard identification and Safety case review • Generation of HAZOPs, PHA • Review of delivered safety evidence • Safety case methods • development and use of tools to manage the integration of evidence from diverse sources • compilation of safety cases • Modular safety cases • Advice to policy bodies on standards for safety critical systems • MoD’s review of standards • secretary of RTCA committee developing future Avionics standards • reports to the European Commission on the requirements for future air traffic management (Ariba) and healthcare standards • Advice to MoD projects on high integrity software

  12. Security Assurance • Security of Pervasive computing systems • FORWARD project funded by DTI • Authentication & key management • Securing blue tooth • Interoperability of devices • Quality of service • Quantum Cryptography • ESPIRIT Framework VI • Development of techniques to produce security arguments • Irish E-voting • MAFTIA (Malicious & Accidental Fault Tolerant Internet Applications) • ESPIRIT Framework V • Verifying security mechanisms/schemes

  13. Development and application of system analysis techniques • Formal modelling and analysis of communicating systems • verification of security and safety properties • can be applied to legacy and COTS products • Formal modelling and analysis techniques applied to digital hardware • verification of critical ASIC design • processor obsolescence issues • ASIC audits • Assessment of the impact of emerging technology on system safety • the impact of neural networks and agent technology on system safety • effect of move to IMA on certification • Robust System Of Systems (RSOS)

  14. Student recruitment • Firm foundations in traditional areas: • Computer Science • Formal techniques • Software Engineering

More Related