C A L L F O R P A P E R S
ASE'05(Automated Software Engineering 2005) Workshop on
Software Certificate Management (SoftCeMent)
http://ti.arc.nasa.gov/sc05/
November 8, 2005
Long Beach, California
Software certification demonstrates the reliability, safety, or
security of software systems in such a way that it can be checked by
an independent authority with minimal trust in the techniques and
tools used in the certification process itself. It can build on
existing validation and verification (V&V) techniques but introduces
the notion of explicit certificates, which contain all the information
necessary for an independent assessment of the demonstrated
properties. A software certificate management system combines
functionalities of a database (e.g., storing and retrieving
certificates) and a make-tool (e.g., incremental re-certification). It
can also maintain links between system artifacts (e.g., design
documents, engineering data sets, or programs) and different varieties
of certificates, check the validity of certificates, provide access to
explicit audit trails, enable browsing of certification histories, and
enforce system-wide certification and release policies. It can at any
time provide current information about the certification status of
each component in the system, check whether certificates have been
audited, compute which certificates remain valid after a system
modification, or even automatically start an incremental
recertification.
The main goal of this workshop is to explore new technologies,
underlying principles, and general methodologies for supporting
software certificate management.
Topics of interest include, but are not limited to:
* Formalisms and Concepts
- Techniques for reasoning about certificate hierarchies and
dependencies, authorities, properties, policies, or
certification services
- Formalized process models incorporating certification activities
- Ontologies for concepts and metadata to describe structure and
dependencies in developments
* Tool support
- Representation methods for certificates
- Certificate databases
- Integration of existing V&V tools in certificate management systems
- Certification environments
- Security infrastructure
- Certification services
- Certificate construction, editing, and revocation
- Certificate maintenance and system recertification
- Auditing
- Applications
- Integration into safety-critical development processes
(e.g., DO-178B)
- Specific forms of certification
- Software and system reconfiguration
More details can be found on the workshop webpage
http://ti.arc.nasa.gov/sc05. Authors are welcome to contact the
organizers to discuss the suitability of potential topics.
Submission:
Authors are invited to submit a position paper describing their
research background and current work or interest in the workshop
topics. Short descriptions of implemented relevant systems are
acceptable as alternative. Authors of accepted system descriptions are
expected to demonstrate their systems during the workshop.
Submissions are restricted to 2000 words or approximately 4
pages. Electronic submissions are mandatory. Preferred formats are PDF
or PostScript. Please email your submission to
[EMAIL PROTECTED] Reviews and written feedback from the program
committee will be returned to the participants.
Important Dates:
Submission: August 19, 2005
Notification: September 19, 2005
Camera-ready: October 15, 2005
Organizers:
Ewen Denney RIACS/NASA Ames
Bernd Fischer RIACS/NASA Ames
Mark Jones OGI/OSHU
Dieter Hutter DFKI
Program Committee:
Sophia Guerra Adelard
Kelly Hayhurst NASA Langley
Andrew Ireland Heriot-Watt University
Christoph Lueth University of Bremen
William B. Martin National Security Agency
Viswa (Vdot) Santhanam Boeing
_________________________________________________________________________________
mozart-users mailing list
[email protected]
http://www.mozart-oz.org/mailman/listinfo/mozart-users
