1 / 9

Critical Systems Validation

Critical Systems Validation. Need to verify & validate:. Reliability How likely that system behaves correctly?. Safety How likely is system to cause damage?. Security How likely can system defend against accidental or deliberate intrusion?.

cid
Download Presentation

Critical Systems Validation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Critical Systems Validation Need to verify & validate: • Reliability • How likely that system behaves correctly? • Safety • How likely is system to cause damage? • Security • How likely can system defend against accidental or deliberate intrusion? Ch.21 - Critical Systems Validation

  2. Critical Systems ValidationFormal Methods • Goal: prove implementation correct • Problems: • Requires specialized skills (programmers are not mathematicians) [see Chapter 9] • Doesn’t scale well Ch.21 - Critical Systems Validation

  3. Critical Systems ValidationFormal Methods • Goal: prove implementation correct • Problems: • Proof may contain errors (automated theorem provers helping with this) • Specification might not reflect actual requirements • Proof may make incorrect assumptions about usage patterns Ch.21 - Critical Systems Validation

  4. Validating reliability Idealized approach: • Identify operational profiles • Probabilistic mix of classes of inputs • Based on profile of existing, similar systems • Prepare test data • Manual and generated • Apply tests • Wait for statistically significant number of failures; compute observed reliability Ch.21 - Critical Systems Validation

  5. Validating reliability (con’t) But… • Operational profiles may be inaccurate • Particularly difficult for new systems • Test data generation may be expensive(automatic test generation can help) • Higher reliability standard • more accurate statistics • more failures • longer and longer runs Ch.21 - Critical Systems Validation

  6. Safety assurance • Cheap form of formal proof • Demonstrate that program cannot arrive at unsafe state • Proof by contradiction • For each hazard condition • Assume the unsafe state • Backtrack through program, demonstrating that post-conditions of each path contradict the pre-conditions of the unsafe state Ch.21 - Critical Systems Validation

  7. Insulin delivery code // The insulin dose to be delivered is a function of blood sugar // level, the previous dose delivered and the time of delivery // of the previous dose currentDose = computeInsulin(); // Safety check - adjust currentDose if necessary if (previousDose == 0) // if statement 1 { if (currentDose > 16) currentDose = 16; } else if (currentDose > (previousDose * 2)) currentDose = previousDose * 2; if (currentDose < minimumDose) // if statement 2 currentDose = 0; // then branch else if (currentDose > maxDose) // else branch currentDose = maxDose; administerInsulin(currentDose); Ch.21 - Critical Systems Validation

  8. Run-time safety checking • Defensive programming • Insert inline assertions to catch dangerous faults • Can reduce runtime efficiency Ch.21 - Critical Systems Validation

  9. Assessing system security • Experience-based validation • Apply well-known exploits • Tool-based validation • E.g., password checkers • Tiger teams • Ad-hoc attacks • Formal verification • Not widely used Ch.21 - Critical Systems Validation

More Related