J Shanghai Jiaotong Univ Sci ›› 2024, Vol. 29 ›› Issue (3): 579-587.doi: 10.1007/s12204-022-2515-5

• Automation & Computer Technologies • Previous Articles     Next Articles

Reasoning about Software Trustworthiness with Derivation Trees

基于推导树模型的软件可信性推理

DENG Yuxin1* (邓玉欣),CHEN Zezhong1 (陈泽众),WANG Yang1(汪洋), DU Wenjie2(杜文杰),MAO Bifei3(毛碧飞), LIANG Zhizhang 3(梁智章), LIN Qiushi3(林秋诗),LI Jinghui3(李静辉)   

  1. (1. Shanghai Key Laboratory of Trustworthy Computing, East China Normal University, Shanghai 200062, China; 2. Shanghai Normal University, Shanghai 200233, China; 3. Trustworthiness Theory Research Center, Huawei Technologies Co., Ltd., Shenzhen 518129, Guangdong, China)
  2. (1.华东师范大学 上海市高可信计算重点实验室,上海200062;2. 上海师范大学,上海200233;3. 华为技术有限公司 可信理论、技术与工程实验室,广东 深圳 518129)
  • Received:2021-12-15 Accepted:2021-12-27 Online:2024-05-28 Published:2024-05-28

Abstract: In order to analyze the trustworthiness of complex software systems, we propose a model of evidencebased software trustworthiness called trustworthiness derivation tree (TDT). The basic idea of constructing a TDT is to refine main properties into key ingredients and continue the refinement until basic facts such as evidences are reached. The skeleton of a TDT can be specified by a set of rules, which are convenient for automated reasoning in Prolog. We develop a visualization tool that can construct the skeleton of a TDT by taking the rules as input, and allow a user to edit the TDT in a graphical user interface. In a software development life cycle, TDTs can serve as a communication means for different stakeholders to agree on the properties about a system in the requirement analysis phase, and they can be used for deductive reasoning so as to verify whether the system achieves trustworthiness in the product validation phase. We have piloted the approach of using TDTs in more than a dozen real scenarios of software development. Indeed, using TDTs helped us to discover and then resolve some subtle problems.

Key words: trustworthiness, refinement, evidence, visualization

摘要: 为分析复杂软件系统的可信性,提出了一个基于证据的软件可信模型,可信推导树(TDT)。构造一棵可信推导树的基本思想是把主要属性分解为关键要素,继续精化直至到达基本事实,比如证据。一个TDT的框架可以由一个规则的集合描述,便于在Prolog中实现自动化推理。开发了一个可视化工具,不仅能够通过输入规则自动构建TDT框架,还允许用户通过图形界面进行编辑。在软件开发生命周期中,TDT可作为一种沟通手段,为不同利益相关方在需求分析阶段就系统属性达成共识,并在产品验证阶段通过演绎推理验证系统是否达到可信性。在十多个实际软件开发场景中,试用了TDT方法。使用TDT能帮助我们发现并解决一些微妙的问题。

关键词: 可信性,精化,证据,可视化

CLC Number: