Building confidence in a computerized world
Reducing risk in critical computer-based systems by using assurance cases
How do you demonstrate acceptable risks in critical computer systems? Can evidence used to improve risk assessment in IT systems be analysed more effectively? Can we improve how to predict IT system failures?
City, University of London researchers are helping protect critical facilities where the failure of computer systems could result in death, injury, financial loss and damage to the environment.
What did we explore and how?
The focus of the work undertaken at City's Centre for Software Reliability (CSR) has been to develop a broadly applicable "assurance case" that can demonstrate that the risks posed by computer systems operating in a variety of industries are acceptably low.
Research undertaken in the CSR at City, University of London highlighted the importance of taking into account disparate sources of evidence and marshalling them in a rational and structured way. Such justifications are designed to be open to review and audit (e.g., by regulators and by company safety departments)
This new approach is described as a "claims, arguments, evidence" (CAE) structure since it takes account of a range of evidence sources and uses rigorous arguments to assess claims made about the trustworthiness of an IT system. The overall approach also incorporates a rigorous critique of unsound practices in assessing software-based systems, and there are associated models that enable long-term reliability prediction for a system.
These systems have been keeping vital checks on computer technology used in the operation of nuclear power plants, healthcare and UK finance . . .
Benefits and influence of the research
When failure of critical computer systems could have such an impact, it is vital that we have confidence that the risks posed are understood and tolerable. The contribution of City's assurance work has led to the evolution of regulations and procedures across a variety of sectors, leading to significant and wide-ranging improvements in practice and in the safety and security of industry and the public.
The CAE approach, and supporting analytical models, have been adopted by the nuclear, aviation and medical sectors. It has also become standard practice within several key industry sectors, benefiting both the industries concerned and the public using the services of those industries.
The basic concepts of this research have been incorporated within international standards, the UK Ministry of Defence standards for software-based system safety and the Civil Aviation Authority's safety assurance for air traffic services equipment.
In the United States, the Food and Drugs Administration specifically asked for a new CAE approach to assurance by manufacturers of vital medical devices, and CSR staff are now working with the federal regulator to develop templates for use on medical devices.
Professor Robin Bloomfield has since been elected a Fellow of the Royal Academy of Engineering in recognition of his international leadership on safety critical computer systems.
- Professor Robin Bloomfield (Principal Investigator)
- Professor Peter Bishop (Principal Investigator)
- Professor Bev Littlewood (Co-Investigator)
- Professor Lorenzo Strigini (Co-Investigator)
More about this research
- School of Mathematics, Computer Science and Engineering
- Status: Completed
- Topics: Computer science and informatics
- Industry/sector: Software and the internet
- Funder: ESRC, Leverhulme Trust
- Publication link: External link