| Objective: ||Develop tools which provide a measure of the risks inherent in the system, ie. provide the level of software trustworthiness.
|| Description: ||The Air Force is becoming ever more dependent on the reliable, secure, and accurate operation and interaction of software. Tools which provide an empirical software engineering evaluation/development processes are needed. In particular, this topic is looking for tools which will provide an objective measure of the risks inherent in a system due to the software composition of the system. Such a tool might provide the Air Force a measure that the operational system is:
1. Hacker-proof and free of embedded trojan-horses, an issue as more software is developed via out-source methods.
2. Robust in the face of interaction with multiple software applications. The Air Force needs to have confidence that a fault in one piece of software does not introduce spurious, unintended paths in a set of integrated software components.
3. Verifiable, given the often sparse level of software specification accessability.
4. Trustworthy from a whole-system perspective, integration of trusted components does not necessarily yield a trusted system.
|| ||PHASE I: Survey industry and technology roadmaps, determine feasibility, develop preliminary design, estimate costs and develop a program plan.
|| || ||PHASE II: Build and test computational prototype.
|| ||DUAL USE COMMERCIALIZATION: Military application: The work developed under this effort will potentially be useful in many types of military combat and mission support information systems. Commercial application: The concept will potentially also be useful for non-military applications in communications and software development as well.
|| References: ||1. Trustworthy Software Systems Study (http://www.comsoc.org/e-news/2005/apr/larry1.pdf), Larry Bernstein, Industry Research Professor, Stevens Institute of Technology
2. Computers at Risk: Safe Computing in the Information Age (1991), Computer Science and Telecommunications Board (http://books.nap.edu/books/0309043883/html)
|Keywords: ||software trustworthiness, reliability, metrics|