600.436
High-Assurance Systems
Fall 01/Introduction
8
Comments on
Assurance Process
¨Assurance process is
important, because it will shortly define accepted professional standards of practice, and therefore
liability
–Professional standards
happen with you or to you.
–Click-wrap will lead
to software liability
–No more: “if it
breaks, you get to keep both pieces” licenses!
¨Process is never a
substitute for competence
–We don’t have a
science here yet
–Guideline, not
requirement
¨Problem:
–No team of sufficient size to satisfy the nominal documentation requirements for a high assurance system has ever
succeeded in producing such a system
under any standard using the recommended process – all successful efforts to date have built the evidence post hoc.