SlideShare uma empresa Scribd logo

Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of Qualification” for an Alternative Software Safety Assurance Approach

AdaCore
AdaCore

From HIS 2019

Tecnologia
1 de 33
Baixar para ler offline
15 November 2019 © Crown copyright 2019 Dstl
Using Tiers of Assurance Evidence to Reduce the Tears! - Adopting the “Wheel of Qualification” for an Alternative Safety Assurance Approach Dr Mark Hadley CEng MIET & Mike Standish MSc CEng MBCS MINCOSE Dstl, Software and Systems Dependability Team DSTL/PUB118156. © Crown copyright (2019), Dstl. This material is licensed under the terms of the Open Government Licence except where otherwise stated. To view this licence, visit https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gsi.gov.uk. 15 November 2019 © Crown copyright 2019 Dstl
Disclaimer This presentation is an overview of UK MOD sponsored research and is released for informational purposes only. The contents of this presentation should not be interpreted as representing the views of the UK MOD, nor should it be assumed that they reflect any current or future UK MOD policy. The information contained in this presentation cannot supersede any statutory or contractual requirements or liabilities and is offered without prejudice or commitment. . 15 November 2019 © Crown copyright 2019 Dstl
Open Government Licence (OGL) • Content published under the OGL; see the title slide. OGL includes, but is not limited to, the following… • You are free to: – copy, publish, distribute and transmit the Information; – adapt the Information; – exploit the Information commercially and non-commercially for example, by combining it with other Information, or by including it in your own product or application. • You must (where you do any of the above): – acknowledge the source of the Information in your product or application by including or linking to any attribution statement specified by the Information Provider(s) and, where possible, provide a link to the licence. . 15 November 2019 © Crown copyright 2019 Dstl
What’s To Come . Problem Space What a Proposed Solution Offers Overview of the “Wheel of Qualification” Generating the Evidence Caveats to the Approach Putting the Approach into Practice Next Steps 15 November 2019 © Crown copyright 2019 Dstl
The Problem Space . 15 November 2019 © Crown copyright 2019 Dstl
Software Safety Assurance (MOD) Design and Airworthiness Requirements for Service Aircraft DS 00-970, Part 13, Issue 11, 1.7 Safety Related Programmable Elements Reqts for Safety of Programmable Elements (PE) in Defence Systems DS 00-55, Issue 4 MOD - Ministry of Defence DS - Defence Standard Reqt - Requirement ARP - Aerospace Recommended Practice CEH - Complex Electronic Hardware Safety Assessment process as per ARPs 4754A / 4761 Safety Assessment report as per DS 00-56, Issue 5 Cyber Security via RTCA DO-326A and RTCA DO-356 Safety Related Software via DO-178C (and supplements) Safety Related CEH via DO-254 acceptable Additional supporting standards as required (e.g. DO-200B Aeronautical Data) 15 November 2019 © Crown copyright 2019 Dstl Legacy systems can be legitimately qualified to prior standards/guidelines
You Can’t Always Get What You Want • There is a defined system for making judgements on qualitative and quantitative process evidence to determine if a software level has been achieved (e.g. DO- 178C). • However, not all scenarios allow for qualitative and quantitative process evidence to be judged by those that need to. This can be due to a multitude of reasons: • Systems of interest can be, but not be limited to: Military-Off-The-Shelf (MOTS), Commercial -Off-The-Shelf (COTS), Foreign Military Sales (FMS) equipment, or novel (i.e. not subject to previous certification). • Military systems may not be developed to standards/processes which are recognised by extant regulatory requirements. • Legacy systems may not have the availability of artefacts to be reviewed (but they may have in-service data!). • Limited access to information due to Intellectual Property Rights (IPR) and/or International Traffic in Arms Regulations (ITAR) (e.g. low-level firmware design). . 15 November 2019 © Crown copyright 2019 Dstl
The Focus of the Problem • “Brownfield” developments which have pre-existing systems with (or without) prior qualification. • Qualification of the overall platform from a software and CEH perspective. Focus is not to solely qualify an individual Line Replaceable Unit (LRU) but a collection of relevant LRUs (although there is a need to assess individual LRUs!). • Mitigation of shortfalls in the evidence against extant regulatory articles. However, there is a need to have a valid approach in its own right. • There is no “cookbook” for the differing assurance activities. Multiple levels of diversity is the strongest form of evidence and any qualification approach should embrace this concept. CEH - Complex Electronic Hardware 15 November 2019 © Crown copyright 2019 Dstl
A Proposed “Solution” . 15 November 2019 © Crown copyright 2019 Dstl
Principles • All evidence is of relevance although there will be different weightings. • Current approaches use quantitative and qualitative process artefacts to judge confidence to a defined software level. A revised approach is to use this evidence and to adopt a wider set of evidence. • Need to take a platform and system level perspective. The approach should adopt the wider system elements (e.g. integration testing, flight trials, life-cycle reviews). • Acknowledging the evidence of systems to create dialogue. An approach should create an open dialogue regarding the availability of evidence and any relative strengths. . 15 November 2019 © Crown copyright 2019 Dstl
Moving Away From “Labels” • Revised approach moves away from a “tick-box” compliancy process to a more engineering and independent assurance driven approach. Approach still includes the cornerstones of the regulatory articles (e.g. acceptable means of compliance such as DO-178C). • Not an objective based approach but is based upon Subject Matter Expert (SME) judgement. • Evidence can take many forms in the revised approach – this can create a complicated solution space. • The quantity and format of the evidence can be difficult to comprehend by stakeholders as an objective-by-objective approach is not adopted. . 15 November 2019 © Crown copyright 2019 Dstl
A Visualisation to Tell a Story • Need to inform stakeholders to allow the data to be made sense of. Being able to visualise data and tell stories with it is key to turning it into information that can be used to drive better decision making. • Any data visualisation needs to facilitate understanding*: – Perceiving. What does it show? – Interpreting. What does it mean? – Comprehension. What does it mean to me? • We’ve developed a stakeholder communication model to assist with getting across a more complicated assurance scenario which isn’t confined to a pure process-based approach. * Kirk, A. 2016. Data Visualisation: A Handbook for Data Driven Design. SAGE. . 15 November 2019 © Crown copyright 2019 Dstl
. 15 November 2019 © Crown copyright 2019 Dstl . 15 November 2019 © Crown copyright 2019 Dstl Wheel of Qualification (WoQ)
. 15 November 2019 © Crown copyright 2019 Dstl WoQ: Systems of Interest
. 15 November 2019 © Crown copyright 2019 Dstl WoQ: Tier 3 – Traditional Process Evidence
. 15 November 2019 © Crown copyright 2019 Dstl WoQ: Tier 2 – System Integrator Evidence
. 15 November 2019 © Crown copyright 2019 Dstl WoQ: Tier 1 – Government Acceptance Evidence
. 15 November 2019 © Crown copyright 2019 Dstl 1 2 4 5 3 6 WoQ: Linking the Systems to the Evidence
Generating the Evidence • Evidence to support the WoQ is developed via the review/analysis of existing life-cycle artefacts, development of in-service arguments, and dedicated one-to- one workshops to gather tier evidence. Key concept is to work with what already exists! • A number of outputs underpin the WoQ to ensure that the qualification strategy can be formally articulated to stakeholders: – Report detailing the justification and the argument for adopting the WoQ strategy. – Reports detailing the specific evidence for each system of interest. – Reports outlining the evidence and confidence gained from tiers 1 and 2 of the WoQ. – Report detailing any mitigations/shortfalls. • …all of the above reports are currently in development as the qualification strategies proceed. WoQ – Wheel of Qualification 15 November 2019 © Crown copyright 2019 Dstl
What the Visualisation Offers • Visualisation helps to hide the complexity of the assurance activities to assist the engagement with multiple stakeholders who have an interest in the qualification approach. • Simplifying the complicated solution space provides the ability to holistically view: the evidence, the evidence sources, the systems, and the relationships. • Stakeholders can make informed decisions on the evidence to be gathered/generated and to interpret the consequences of any shortfalls. . 15 November 2019 © Crown copyright 2019 Dstl
Caution! . 15 November 2019 © Crown copyright 2019 Dstl
Proceed With Caution • The approach needs to be underpinned by artefacts to support the qualification strategy. However, the visualisation acts as a “dashboard” to provide direct links to the artefacts and allows progress and confidence to be readily reviewed. • A revised approach does require a level of understanding and competency to develop/interpret the evidence. • The approach is very much SME based and is focussed on capturing judgements. There is a reliance on Suitably Qualified and Experienced Personnel (SQEP). • The approach is novel and therefore there is a risk to its acceptance. • The WoQ and the strategy is not an easier route to qualification than traditional approaches. SME – Subject Matter Expert WoQ – Wheel of Qualification15 November 2019 © Crown copyright 2019 Dstl
Strategy In Action . 15 November 2019 © Crown copyright 2019 Dstl
Putting it into Practice (1) • The revised qualification approach is the cornerstone of a current airborne platform qualification strategy which has had engagement with a range of relevant stakeholders. • Current qualification approach adopted for a platform with a range of software and CEH levels (A-E). • Approach is to be implemented within a number of future qualification strategies. In discussion with further DE&S Delivery Teams (DTs) to mitigate identified shortfalls in any evidence. CEH – Complex Electronic Hardware 15 November 2019 © Crown copyright 2019 Dstl
Putting it into Practice (2) • Engagement with UK MOD Military Aviation Authority (MAA). • Strategy has removed the need to conduct full level C process assessments due to the confidence gained via the oversight activities (i.e. tiers 1 & 2). • Includes process conformance (in keeping with extant standards) but also takes into account the properties of the system. • Takes a process and engineering approach. . 15 November 2019 © Crown copyright 2019 Dstl
Next Steps . 15 November 2019 © Crown copyright 2019 Dstl
Engagement and Refinement • Plan to present a fuller explanation of the strategy with case studies within a number of future conference papers (target is 2020). • Plan further refinement based upon lessons learnt from the current projects and to improve the underlying meta-model of the WoQ. • Implementation of the “dashboard” to provide direct access to the underpinning evidence. – Implemented via tooltips displayed to provide explanatory information and hyperlinks (to file directories, SharePoint, web pages etc.) – IP protection is ongoing. • Produce guidance for end users to adopt the WoQ. This will allow users to refine the segments and tiers to reflect specific projects of interest. 15 November 2019 © Crown copyright 2019 Dstl WoQ – Wheel of Qualification IP – Intellectual Property
To Wrap Up . 15 November 2019 © Crown copyright 2019 Dstl
Summary (1) • With existing approaches not all scenarios allow for evidence to be judged by those that need to. • Revised approach adopts a wide set of evidence which builds on the principles of using diverse evidence. Approach articulates the actual evidence to support the systems and creates open dialogue. Leads to an informed qualification assurance argument. • Moves away from a “tick-box” compliancy process to a more engineering and independent assurance driven approach. .15 November 2019 © Crown copyright 2019 Dstl
Summary (2) • Evidence can take many forms in the revised approach – this can create a complicated solution space. The visualisation provides the ability to holistically view: the evidence, the evidence sources, the systems, and the relationships. • A number of outputs underpin the WoQ to ensure that the qualification strategy can be formally articulated to stakeholders. Approach part of an existing strategy. • Approach and is not a panacea and there are a number of caveats to its adoption. WoQ – Wheel of Qualification15 November 2019 © Crown copyright 2019 Dstl
Any Questions? 15 November 2019 © Crown copyright 2019 Dstl
15 November 2019 © Crown copyright 2019 Dstl

Recomendados

The Future of Aerospace – More Software Please!
The Future of Aerospace – More Software Please!The Future of Aerospace – More Software Please!
The Future of Aerospace – More Software Please!AdaCore
 
Introducing the HICLASS Research Programme - Enabling Development of Complex ...
Introducing the HICLASS Research Programme - Enabling Development of Complex ...Introducing the HICLASS Research Programme - Enabling Development of Complex ...
Introducing the HICLASS Research Programme - Enabling Development of Complex ...AdaCore
 
Securing the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareSecuring the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareAdaCore
 
Spark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentSpark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentAdaCore
 
PM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defencePM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defenceDefence and Security Accelerator
 
27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposal27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposalDefence and Security Accelerator
 
8 July 2015: Agile, immersive mission training themed competition
8 July 2015: Agile, immersive mission training themed competition8 July 2015: Agile, immersive mission training themed competition
8 July 2015: Agile, immersive mission training themed competitionDefence and Security Accelerator
 
Trc investor presentation 05 13 final
Trc investor presentation 05 13 finalTrc investor presentation 05 13 final
Trc investor presentation 05 13 finaltrcsolutions
 

Recomendados

The Future of Aerospace – More Software Please!
The Future of Aerospace – More Software Please!The Future of Aerospace – More Software Please!
The Future of Aerospace – More Software Please!AdaCore
 
Introducing the HICLASS Research Programme - Enabling Development of Complex ...
Introducing the HICLASS Research Programme - Enabling Development of Complex ...Introducing the HICLASS Research Programme - Enabling Development of Complex ...
Introducing the HICLASS Research Programme - Enabling Development of Complex ...AdaCore
 
Securing the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareSecuring the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareAdaCore
 
Spark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentSpark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentAdaCore
 
PM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defencePM Briefing: Autonomy and big data for defence
PM Briefing: Autonomy and big data for defenceDefence and Security Accelerator
 
27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposal27 July 2017 Innovation nework event: how to create a great proposal
27 July 2017 Innovation nework event: how to create a great proposalDefence and Security Accelerator
 
8 July 2015: Agile, immersive mission training themed competition
8 July 2015: Agile, immersive mission training themed competition8 July 2015: Agile, immersive mission training themed competition
8 July 2015: Agile, immersive mission training themed competitionDefence and Security Accelerator
 
Trc investor presentation 05 13 final
Trc investor presentation 05 13 finalTrc investor presentation 05 13 final
Trc investor presentation 05 13 finaltrcsolutions
 
Delivering mobile analytics
Delivering mobile analyticsDelivering mobile analytics
Delivering mobile analyticsDoug Melville
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesOlivier Busolini
 
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudSimplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudHappiest Minds Technologies
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Happiest Minds Technologies
 
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docx
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docxITS 834 Emerging Threats and CountermeasuresTotal points - 100.docx
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docxvrickens
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelPaul Di Gangi
 
Company information profile presentation
Company information profile presentationCompany information profile presentation
Company information profile presentationsandwell
 
OEB Cyber Security Framework
OEB Cyber Security FrameworkOEB Cyber Security Framework
OEB Cyber Security FrameworkNorbi Hegedus
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firmsRobert Westmacott
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAGovCloud Network
 
Sec1391
Sec1391Sec1391
Sec1391PaulDAvilar
 
Government Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedGovernment Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedJSchaus & Associates
 
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...scoopnewsgroup
 
SaaS for Credit Origination
SaaS for Credit OriginationSaaS for Credit Origination
SaaS for Credit OriginationInfraRisk
 
Third Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINALThird Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINALDVV Solutions Third Party Risk Management
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesHugo Rodrigues
 
Microsoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdfMicrosoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdfadanilsoafricanocarv
 
RCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsRCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsAdaCore
 
Have we a Human Ecosystem?
Have we a Human Ecosystem?Have we a Human Ecosystem?
Have we a Human Ecosystem?AdaCore
 

Mais conteúdo relacionado

Semelhante a Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of Qualification” for an Alternative Software Safety Assurance Approach

Delivering mobile analytics
Delivering mobile analyticsDelivering mobile analytics
Delivering mobile analyticsDoug Melville
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesOlivier Busolini
 
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudSimplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudHappiest Minds Technologies
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Happiest Minds Technologies
 
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docx
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docxITS 834 Emerging Threats and CountermeasuresTotal points - 100.docx
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docxvrickens
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelPaul Di Gangi
 
Company information profile presentation
Company information profile presentationCompany information profile presentation
Company information profile presentationsandwell
 
OEB Cyber Security Framework
OEB Cyber Security FrameworkOEB Cyber Security Framework
OEB Cyber Security FrameworkNorbi Hegedus
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firmsRobert Westmacott
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAGovCloud Network
 
Government Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedGovernment Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedJSchaus & Associates
 
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...scoopnewsgroup
 
SaaS for Credit Origination
SaaS for Credit OriginationSaaS for Credit Origination
SaaS for Credit OriginationInfraRisk
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesHugo Rodrigues
 
Microsoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdfMicrosoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdfadanilsoafricanocarv
 

Semelhante a Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of Qualification” for an Alternative Software Safety Assurance Approach (20)

Delivering mobile analytics
Delivering mobile analyticsDelivering mobile analytics
Delivering mobile analytics
 
Yet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial ServicesYet another cybersecurity framework for Financial Services
Yet another cybersecurity framework for Financial Services
 
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The CloudSimplify Your Approach To_Assess The Risks Of Moving Into The Cloud
Simplify Your Approach To_Assess The Risks Of Moving Into The Cloud
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
Whitepaper: Moving to Clouds? Simplify your approach to understand the risks ...
 
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docx
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docxITS 834 Emerging Threats and CountermeasuresTotal points - 100.docx
ITS 834 Emerging Threats and CountermeasuresTotal points - 100.docx
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
 
Company information profile presentation
Company information profile presentationCompany information profile presentation
Company information profile presentation
 
OEB Cyber Security Framework
OEB Cyber Security FrameworkOEB Cyber Security Framework
OEB Cyber Security Framework
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firms
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...apidays New York 2022 - Discussing the significance of API standardization, D...
apidays New York 2022 - Discussing the significance of API standardization, D...
 
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSAImproving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA
 
Sec1391
Sec1391Sec1391
Sec1391
 
Government Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get InvolvedGovernment Contracting - OTA Consortia Overview - And How To Get Involved
Government Contracting - OTA Consortia Overview - And How To Get Involved
 
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
Forcepoint Raised the Bar: What's Next in the Cross Domain Community-george k...
 
SaaS for Credit Origination
SaaS for Credit OriginationSaaS for Credit Origination
SaaS for Credit Origination
 
Third Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINALThird Party Network Webinar Slide Deck 110718 FINAL
Third Party Network Webinar Slide Deck 110718 FINAL
 
Evolution security controls towards Cloud Services
Evolution security controls towards Cloud ServicesEvolution security controls towards Cloud Services
Evolution security controls towards Cloud Services
 
Microsoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdfMicrosoft General - Checklist for Financial Institutions in Angola.pdf
Microsoft General - Checklist for Financial Institutions in Angola.pdf
 

Mais de AdaCore

RCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsRCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsAdaCore
 
Have we a Human Ecosystem?
Have we a Human Ecosystem?Have we a Human Ecosystem?
Have we a Human Ecosystem?AdaCore
 
Rust and the coming age of high integrity languages
Rust and the coming age of high integrity languagesRust and the coming age of high integrity languages
Rust and the coming age of high integrity languagesAdaCore
 
SPARKNaCl: A verified, fast cryptographic library
SPARKNaCl: A verified, fast cryptographic librarySPARKNaCl: A verified, fast cryptographic library
SPARKNaCl: A verified, fast cryptographic libraryAdaCore
 
Developing Future High Integrity Processing Solutions
Developing Future High Integrity Processing SolutionsDeveloping Future High Integrity Processing Solutions
Developing Future High Integrity Processing SolutionsAdaCore
 
Taming event-driven software via formal verification
Taming event-driven software via formal verificationTaming event-driven software via formal verification
Taming event-driven software via formal verificationAdaCore
 
Pushing the Boundary of Mostly Automatic Program Proof
Pushing the Boundary of Mostly Automatic Program ProofPushing the Boundary of Mostly Automatic Program Proof
Pushing the Boundary of Mostly Automatic Program ProofAdaCore
 
RCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsRCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsAdaCore
 
Product Lines and Ecosystems: from customization to configuration
Product Lines and Ecosystems: from customization to configurationProduct Lines and Ecosystems: from customization to configuration
Product Lines and Ecosystems: from customization to configurationAdaCore
 
Adaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaCore
 
Software Engineering for Robotics - The RoboStar Technology
Software Engineering for Robotics - The RoboStar TechnologySoftware Engineering for Robotics - The RoboStar Technology
Software Engineering for Robotics - The RoboStar TechnologyAdaCore
 
MISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextMISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextAdaCore
 
Application of theorem proving for safety-critical vehicle software
Application of theorem proving for safety-critical vehicle softwareApplication of theorem proving for safety-critical vehicle software
Application of theorem proving for safety-critical vehicle softwareAdaCore
 
The Application of Formal Methods to Railway Signalling Software
The Application of Formal Methods to Railway Signalling SoftwareThe Application of Formal Methods to Railway Signalling Software
The Application of Formal Methods to Railway Signalling SoftwareAdaCore
 
Bounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise EnvironmentBounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise EnvironmentAdaCore
 
Multi-Core (MC) Processor Qualification for Safety Critical Systems
Multi-Core (MC) Processor Qualification for Safety Critical SystemsMulti-Core (MC) Processor Qualification for Safety Critical Systems
Multi-Core (MC) Processor Qualification for Safety Critical SystemsAdaCore
 
Ada 202x A broad overview of relevant news
Ada 202x A broad overview of relevant newsAda 202x A broad overview of relevant news
Ada 202x A broad overview of relevant newsAdaCore
 
Verification and Validation of Robotic Assistants
Verification and Validation of Robotic AssistantsVerification and Validation of Robotic Assistants
Verification and Validation of Robotic AssistantsAdaCore
 
An Alternative Approach to DO-178B
An Alternative Approach to DO-178BAn Alternative Approach to DO-178B
An Alternative Approach to DO-178BAdaCore
 
MISRA C – Recent developments and a road map to the future
MISRA C – Recent developments and a road map to the futureMISRA C – Recent developments and a road map to the future
MISRA C – Recent developments and a road map to the futureAdaCore
 

Mais de AdaCore (20)

RCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsRCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standards
 
Have we a Human Ecosystem?
Have we a Human Ecosystem?Have we a Human Ecosystem?
Have we a Human Ecosystem?
 
Rust and the coming age of high integrity languages
Rust and the coming age of high integrity languagesRust and the coming age of high integrity languages
Rust and the coming age of high integrity languages
 
SPARKNaCl: A verified, fast cryptographic library
SPARKNaCl: A verified, fast cryptographic librarySPARKNaCl: A verified, fast cryptographic library
SPARKNaCl: A verified, fast cryptographic library
 
Developing Future High Integrity Processing Solutions
Developing Future High Integrity Processing SolutionsDeveloping Future High Integrity Processing Solutions
Developing Future High Integrity Processing Solutions
 
Taming event-driven software via formal verification
Taming event-driven software via formal verificationTaming event-driven software via formal verification
Taming event-driven software via formal verification
 
Pushing the Boundary of Mostly Automatic Program Proof
Pushing the Boundary of Mostly Automatic Program ProofPushing the Boundary of Mostly Automatic Program Proof
Pushing the Boundary of Mostly Automatic Program Proof
 
RCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standardsRCA OCORA: Safe Computing Platform using open standards
RCA OCORA: Safe Computing Platform using open standards
 
Product Lines and Ecosystems: from customization to configuration
Product Lines and Ecosystems: from customization to configurationProduct Lines and Ecosystems: from customization to configuration
Product Lines and Ecosystems: from customization to configuration
 
Adaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR Architecture
 
Software Engineering for Robotics - The RoboStar Technology
Software Engineering for Robotics - The RoboStar TechnologySoftware Engineering for Robotics - The RoboStar Technology
Software Engineering for Robotics - The RoboStar Technology
 
MISRA C in an ISO 26262 context
MISRA C in an ISO 26262 contextMISRA C in an ISO 26262 context
MISRA C in an ISO 26262 context
 
Application of theorem proving for safety-critical vehicle software
Application of theorem proving for safety-critical vehicle softwareApplication of theorem proving for safety-critical vehicle software
Application of theorem proving for safety-critical vehicle software
 
The Application of Formal Methods to Railway Signalling Software
The Application of Formal Methods to Railway Signalling SoftwareThe Application of Formal Methods to Railway Signalling Software
The Application of Formal Methods to Railway Signalling Software
 
Bounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise EnvironmentBounded Model Checking for C Programs in an Enterprise Environment
Bounded Model Checking for C Programs in an Enterprise Environment
 
Multi-Core (MC) Processor Qualification for Safety Critical Systems
Multi-Core (MC) Processor Qualification for Safety Critical SystemsMulti-Core (MC) Processor Qualification for Safety Critical Systems
Multi-Core (MC) Processor Qualification for Safety Critical Systems
 
Ada 202x A broad overview of relevant news
Ada 202x A broad overview of relevant newsAda 202x A broad overview of relevant news
Ada 202x A broad overview of relevant news
 
Verification and Validation of Robotic Assistants
Verification and Validation of Robotic AssistantsVerification and Validation of Robotic Assistants
Verification and Validation of Robotic Assistants
 
An Alternative Approach to DO-178B
An Alternative Approach to DO-178BAn Alternative Approach to DO-178B
An Alternative Approach to DO-178B
 
MISRA C – Recent developments and a road map to the future
MISRA C – Recent developments and a road map to the futureMISRA C – Recent developments and a road map to the future
MISRA C – Recent developments and a road map to the future
 

Último

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Using Tiers of Assurance Evidence to Reduce the Tears! Adopting the “Wheel of Qualification” for an Alternative Software Safety Assurance Approach

  • 1. 15 November 2019 © Crown copyright 2019 Dstl
  • 2. Using Tiers of Assurance Evidence to Reduce the Tears! - Adopting the “Wheel of Qualification” for an Alternative Safety Assurance Approach Dr Mark Hadley CEng MIET & Mike Standish MSc CEng MBCS MINCOSE Dstl, Software and Systems Dependability Team DSTL/PUB118156. © Crown copyright (2019), Dstl. This material is licensed under the terms of the Open Government Licence except where otherwise stated. To view this licence, visit https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gsi.gov.uk. 15 November 2019 © Crown copyright 2019 Dstl
  • 3. Disclaimer This presentation is an overview of UK MOD sponsored research and is released for informational purposes only. The contents of this presentation should not be interpreted as representing the views of the UK MOD, nor should it be assumed that they reflect any current or future UK MOD policy. The information contained in this presentation cannot supersede any statutory or contractual requirements or liabilities and is offered without prejudice or commitment. . 15 November 2019 © Crown copyright 2019 Dstl
  • 4. Open Government Licence (OGL) • Content published under the OGL; see the title slide. OGL includes, but is not limited to, the following… • You are free to: – copy, publish, distribute and transmit the Information; – adapt the Information; – exploit the Information commercially and non-commercially for example, by combining it with other Information, or by including it in your own product or application. • You must (where you do any of the above): – acknowledge the source of the Information in your product or application by including or linking to any attribution statement specified by the Information Provider(s) and, where possible, provide a link to the licence. . 15 November 2019 © Crown copyright 2019 Dstl
  • 5. What’s To Come . Problem Space What a Proposed Solution Offers Overview of the “Wheel of Qualification” Generating the Evidence Caveats to the Approach Putting the Approach into Practice Next Steps 15 November 2019 © Crown copyright 2019 Dstl
  • 6. The Problem Space . 15 November 2019 © Crown copyright 2019 Dstl
  • 7. Software Safety Assurance (MOD) Design and Airworthiness Requirements for Service Aircraft DS 00-970, Part 13, Issue 11, 1.7 Safety Related Programmable Elements Reqts for Safety of Programmable Elements (PE) in Defence Systems DS 00-55, Issue 4 MOD - Ministry of Defence DS - Defence Standard Reqt - Requirement ARP - Aerospace Recommended Practice CEH - Complex Electronic Hardware Safety Assessment process as per ARPs 4754A / 4761 Safety Assessment report as per DS 00-56, Issue 5 Cyber Security via RTCA DO-326A and RTCA DO-356 Safety Related Software via DO-178C (and supplements) Safety Related CEH via DO-254 acceptable Additional supporting standards as required (e.g. DO-200B Aeronautical Data) 15 November 2019 © Crown copyright 2019 Dstl Legacy systems can be legitimately qualified to prior standards/guidelines
  • 8. You Can’t Always Get What You Want • There is a defined system for making judgements on qualitative and quantitative process evidence to determine if a software level has been achieved (e.g. DO- 178C). • However, not all scenarios allow for qualitative and quantitative process evidence to be judged by those that need to. This can be due to a multitude of reasons: • Systems of interest can be, but not be limited to: Military-Off-The-Shelf (MOTS), Commercial -Off-The-Shelf (COTS), Foreign Military Sales (FMS) equipment, or novel (i.e. not subject to previous certification). • Military systems may not be developed to standards/processes which are recognised by extant regulatory requirements. • Legacy systems may not have the availability of artefacts to be reviewed (but they may have in-service data!). • Limited access to information due to Intellectual Property Rights (IPR) and/or International Traffic in Arms Regulations (ITAR) (e.g. low-level firmware design). . 15 November 2019 © Crown copyright 2019 Dstl
  • 9. The Focus of the Problem • “Brownfield” developments which have pre-existing systems with (or without) prior qualification. • Qualification of the overall platform from a software and CEH perspective. Focus is not to solely qualify an individual Line Replaceable Unit (LRU) but a collection of relevant LRUs (although there is a need to assess individual LRUs!). • Mitigation of shortfalls in the evidence against extant regulatory articles. However, there is a need to have a valid approach in its own right. • There is no “cookbook” for the differing assurance activities. Multiple levels of diversity is the strongest form of evidence and any qualification approach should embrace this concept. CEH - Complex Electronic Hardware 15 November 2019 © Crown copyright 2019 Dstl
  • 10. A Proposed “Solution” . 15 November 2019 © Crown copyright 2019 Dstl
  • 11. Principles • All evidence is of relevance although there will be different weightings. • Current approaches use quantitative and qualitative process artefacts to judge confidence to a defined software level. A revised approach is to use this evidence and to adopt a wider set of evidence. • Need to take a platform and system level perspective. The approach should adopt the wider system elements (e.g. integration testing, flight trials, life-cycle reviews). • Acknowledging the evidence of systems to create dialogue. An approach should create an open dialogue regarding the availability of evidence and any relative strengths. . 15 November 2019 © Crown copyright 2019 Dstl
  • 12. Moving Away From “Labels” • Revised approach moves away from a “tick-box” compliancy process to a more engineering and independent assurance driven approach. Approach still includes the cornerstones of the regulatory articles (e.g. acceptable means of compliance such as DO-178C). • Not an objective based approach but is based upon Subject Matter Expert (SME) judgement. • Evidence can take many forms in the revised approach – this can create a complicated solution space. • The quantity and format of the evidence can be difficult to comprehend by stakeholders as an objective-by-objective approach is not adopted. . 15 November 2019 © Crown copyright 2019 Dstl
  • 13. A Visualisation to Tell a Story • Need to inform stakeholders to allow the data to be made sense of. Being able to visualise data and tell stories with it is key to turning it into information that can be used to drive better decision making. • Any data visualisation needs to facilitate understanding*: – Perceiving. What does it show? – Interpreting. What does it mean? – Comprehension. What does it mean to me? • We’ve developed a stakeholder communication model to assist with getting across a more complicated assurance scenario which isn’t confined to a pure process-based approach. * Kirk, A. 2016. Data Visualisation: A Handbook for Data Driven Design. SAGE. . 15 November 2019 © Crown copyright 2019 Dstl
  • 14. . 15 November 2019 © Crown copyright 2019 Dstl . 15 November 2019 © Crown copyright 2019 Dstl Wheel of Qualification (WoQ)
  • 15. . 15 November 2019 © Crown copyright 2019 Dstl WoQ: Systems of Interest
  • 16. . 15 November 2019 © Crown copyright 2019 Dstl WoQ: Tier 3 – Traditional Process Evidence
  • 17. . 15 November 2019 © Crown copyright 2019 Dstl WoQ: Tier 2 – System Integrator Evidence
  • 18. . 15 November 2019 © Crown copyright 2019 Dstl WoQ: Tier 1 – Government Acceptance Evidence
  • 19. . 15 November 2019 © Crown copyright 2019 Dstl 1 2 4 5 3 6 WoQ: Linking the Systems to the Evidence
  • 20. Generating the Evidence • Evidence to support the WoQ is developed via the review/analysis of existing life-cycle artefacts, development of in-service arguments, and dedicated one-to- one workshops to gather tier evidence. Key concept is to work with what already exists! • A number of outputs underpin the WoQ to ensure that the qualification strategy can be formally articulated to stakeholders: – Report detailing the justification and the argument for adopting the WoQ strategy. – Reports detailing the specific evidence for each system of interest. – Reports outlining the evidence and confidence gained from tiers 1 and 2 of the WoQ. – Report detailing any mitigations/shortfalls. • …all of the above reports are currently in development as the qualification strategies proceed. WoQ – Wheel of Qualification 15 November 2019 © Crown copyright 2019 Dstl
  • 21. What the Visualisation Offers • Visualisation helps to hide the complexity of the assurance activities to assist the engagement with multiple stakeholders who have an interest in the qualification approach. • Simplifying the complicated solution space provides the ability to holistically view: the evidence, the evidence sources, the systems, and the relationships. • Stakeholders can make informed decisions on the evidence to be gathered/generated and to interpret the consequences of any shortfalls. . 15 November 2019 © Crown copyright 2019 Dstl
  • 22. Caution! . 15 November 2019 © Crown copyright 2019 Dstl
  • 23. Proceed With Caution • The approach needs to be underpinned by artefacts to support the qualification strategy. However, the visualisation acts as a “dashboard” to provide direct links to the artefacts and allows progress and confidence to be readily reviewed. • A revised approach does require a level of understanding and competency to develop/interpret the evidence. • The approach is very much SME based and is focussed on capturing judgements. There is a reliance on Suitably Qualified and Experienced Personnel (SQEP). • The approach is novel and therefore there is a risk to its acceptance. • The WoQ and the strategy is not an easier route to qualification than traditional approaches. SME – Subject Matter Expert WoQ – Wheel of Qualification15 November 2019 © Crown copyright 2019 Dstl
  • 24. Strategy In Action . 15 November 2019 © Crown copyright 2019 Dstl
  • 25. Putting it into Practice (1) • The revised qualification approach is the cornerstone of a current airborne platform qualification strategy which has had engagement with a range of relevant stakeholders. • Current qualification approach adopted for a platform with a range of software and CEH levels (A-E). • Approach is to be implemented within a number of future qualification strategies. In discussion with further DE&S Delivery Teams (DTs) to mitigate identified shortfalls in any evidence. CEH – Complex Electronic Hardware 15 November 2019 © Crown copyright 2019 Dstl
  • 26. Putting it into Practice (2) • Engagement with UK MOD Military Aviation Authority (MAA). • Strategy has removed the need to conduct full level C process assessments due to the confidence gained via the oversight activities (i.e. tiers 1 & 2). • Includes process conformance (in keeping with extant standards) but also takes into account the properties of the system. • Takes a process and engineering approach. . 15 November 2019 © Crown copyright 2019 Dstl
  • 27. Next Steps . 15 November 2019 © Crown copyright 2019 Dstl
  • 28. Engagement and Refinement • Plan to present a fuller explanation of the strategy with case studies within a number of future conference papers (target is 2020). • Plan further refinement based upon lessons learnt from the current projects and to improve the underlying meta-model of the WoQ. • Implementation of the “dashboard” to provide direct access to the underpinning evidence. – Implemented via tooltips displayed to provide explanatory information and hyperlinks (to file directories, SharePoint, web pages etc.) – IP protection is ongoing. • Produce guidance for end users to adopt the WoQ. This will allow users to refine the segments and tiers to reflect specific projects of interest. 15 November 2019 © Crown copyright 2019 Dstl WoQ – Wheel of Qualification IP – Intellectual Property
  • 29. To Wrap Up . 15 November 2019 © Crown copyright 2019 Dstl
  • 30. Summary (1) • With existing approaches not all scenarios allow for evidence to be judged by those that need to. • Revised approach adopts a wide set of evidence which builds on the principles of using diverse evidence. Approach articulates the actual evidence to support the systems and creates open dialogue. Leads to an informed qualification assurance argument. • Moves away from a “tick-box” compliancy process to a more engineering and independent assurance driven approach. .15 November 2019 © Crown copyright 2019 Dstl
  • 31. Summary (2) • Evidence can take many forms in the revised approach – this can create a complicated solution space. The visualisation provides the ability to holistically view: the evidence, the evidence sources, the systems, and the relationships. • A number of outputs underpin the WoQ to ensure that the qualification strategy can be formally articulated to stakeholders. Approach part of an existing strategy. • Approach and is not a panacea and there are a number of caveats to its adoption. WoQ – Wheel of Qualification15 November 2019 © Crown copyright 2019 Dstl
  • 32. Any Questions? 15 November 2019 © Crown copyright 2019 Dstl
  • 33. 15 November 2019 © Crown copyright 2019 Dstl