Dynamic Checks of Evidence Models for Assurance Projects in Eclipse OpenCert

Jabier Martinez*, Ángel Jesús Varela-Vaca

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The modelling of regulatory frameworks and industry standards, including their argumentation and expected evidence, are used during assurance processes to demonstrate the compliance of systems. However, this is handled mainly in a static fashion, and using these models for dynamic evidence checking along the system life-cycle, including operation (checking the model at runtime), is not yet mainstream. This preliminary work shows a tool-supported modelling method for the automatic and dynamic evaluation of evidence. The solution is supported by an Eclipse OpenCert tool extension where the capabilities of evidence models are extended with automatic checks. The user monitoring the assurance project receives alerts when evidence are unsatisfied. It also exports a continuous log of these checks using the XES standard to enable traceability and historical creation of passing and failing checks for analysis and auditing purposes. While some evidence checks are generic, the diversity of checking processes required our solution to be extensible.

Original languageEnglish
Title of host publicationComputer Safety, Reliability, and Security. SAFECOMP 2022 Workshops - DECSoS, DepDevOps, SASSUR, SENSEI, USDAI, and WAISE, Proceedings
EditorsMario Trapp, Erwin Schoitsch, Jérémie Guiochet, Friedemann Bitsch
PublisherSpringer Science and Business Media Deutschland GmbH
Pages158-165
Number of pages8
ISBN (Print)9783031148613
DOIs
Publication statusPublished - 2022
EventWorkshops on DECSoS, DepDevOps, SASSUR, SENSEI, USDAI, and WAISE, held in conjunction with the 41st International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2022 - Munich, Germany
Duration: 6 Sept 20229 Sept 2022

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13415 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceWorkshops on DECSoS, DepDevOps, SASSUR, SENSEI, USDAI, and WAISE, held in conjunction with the 41st International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2022
Country/TerritoryGermany
CityMunich
Period6/09/229/09/22

Keywords

  • Dynamic check
  • Reference frameworks
  • Safety
  • Security

Fingerprint

Dive into the research topics of 'Dynamic Checks of Evidence Models for Assurance Projects in Eclipse OpenCert'. Together they form a unique fingerprint.

Cite this