Software Component Certification: 10 Useful Distinctions
• Technical Note
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2004-TN-031DOI (Digital Object Identifier)
10.1184/R1/6584069.v1Abstract
Using software components to develop mission-critical systems poses a number of technical, organizational, and economic challenges. One persistent and largely unaddressed challenge is how the consumers of software components—that is, the developers of mission-critical systems—can obtain a meaningful level of trust in the runtime behavior of software components. The most frequently cited concerns are centered on issues of security; for example, trust that a component does not contain malicious code or exhibit vulnerabilities that can be exploited by malicious code. There are, however, other concerns about software component behavior that can be just as important. For example, in an embedded weapon system, it may be crucial to trust that a component will always execute a function within a particular time bound or never introduce unbounded priority inversion.
Certification is a practical, proven means of establishing trust in various sorts of things in other disciplines and is, therefore, a natural contender for developing trust in software components. This technical note does not propose a particular certification regimen for components. Rather, it introduces a series of 10 distinctions that can help in understanding different aspects of certification in the context of software components.
Cite This Technical Note
Wallnau, K. (2004, September 1). Software Component Certification: 10 Useful Distinctions. (Technical Note CMU/SEI-2004-TN-031). Retrieved December 22, 2024, from https://doi.org/10.1184/R1/6584069.v1.
@techreport{wallnau_2004,
author={Wallnau, Kurt},
title={Software Component Certification: 10 Useful Distinctions},
month={{Sep},
year={{2004},
number={{CMU/SEI-2004-TN-031},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6584069.v1},
note={Accessed: 2024-Dec-22}
}
Wallnau, Kurt. "Software Component Certification: 10 Useful Distinctions." (CMU/SEI-2004-TN-031). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, September 1, 2004. https://doi.org/10.1184/R1/6584069.v1.
K. Wallnau, "Software Component Certification: 10 Useful Distinctions," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2004-TN-031, 1-Sep-2004 [Online]. Available: https://doi.org/10.1184/R1/6584069.v1. [Accessed: 22-Dec-2024].
Wallnau, Kurt. "Software Component Certification: 10 Useful Distinctions." (Technical Note CMU/SEI-2004-TN-031). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Sep. 2004. https://doi.org/10.1184/R1/6584069.v1. Accessed 22 Dec. 2024.
Wallnau, Kurt. Software Component Certification: 10 Useful Distinctions. CMU/SEI-2004-TN-031. Software Engineering Institute. 2004. https://doi.org/10.1184/R1/6584069.v1