Open Event: 22 June 2010 - Demonstrating and communicating the trustworthiness of IT-based systems
About the event
For many systems we need to know whether the system is secure, reliable, and/or safe enough. We need to communicate, review and debate the level of trust achieved with a range of stakeholders, from boardroom to back office and beyond. Assurance and safety cases can be used to justify the adequacy of systems in different applications, including security critical, business critical or service critical. Building a case focuses attention on demonstrating and challenging claims that the system is good enough and involves integrating claims about trusted behaviour, the state of vulnerabilities and compliance with standards.
This free event will contain a set of related activities around the theme of "Cases" and the production of convincing arguments and evidence. There will be presentations from experts from CSR and from the specialist consultancy Adelard, presenting advanced applications, tools, as well as current research. The event, which will run throughout the afternoon and evening, is structured as a set of parallel activities that can be attended independently, including talks, posters and tool demos. These are distributed throughout the afternoon and early evening.
The open event is designed to suit different schedules and the talks will provide ample opportunity for interaction.
Registering for the event
This event is FREE of charge but please register by clicking here.
Programme
| 14:00-14:20 |
Welcome by Prof Robin Bloomfield and Dr Sofia Guerra |
||
| 14:20-15:40 |
Briefings I Supporting assurance in the defence sector; T Clement, G Cleland The nuclear approach to cases: existing practice and emerging research; S Guerra Accounting for human and organisational factors in computer resilience; L Strigini, E Alberdi |
Briefings II Modelling the resilience of infrastructures; P Popov, V Stankovic Applying reliability modelling concepts to security vulnerabilities; P Bishop Building confidence in the cloud; R J Stroud |
Demos and posters I (14:20-17:45) Effectiveness of warning systems Empirical Research for Computer Security The effectiveness of multi-layer protection: Modelling diversity Critical Infrastructure Interdependencies Analysis - PIA toolset Supporting Assurance with ASCE Emphasis - tool developed for the nuclear power industry to support assessment and certification MSc and CPD opportunities at CSR |
| 15:40-16:00 |
Tea |
||
| 16:00-17:00 |
Briefings III Introducing probabilistic reasoning into Assurance Cases; B Littlewood, L Strigini Combining proof and probability of failure in claims for a fault tolerant system; B Littlewood Justifying low criticality systems -the lowSIL approach; P Bishop |
Briefings IV Analysing critical COTS software; D Sheridan Verifying hybrid systems; K Jones The Effectiveness of Diversity - Combining Antivirus Engines; I Gashi |
|
| 17:00-17:45 |
Refreshments (and Short Welcome by Prof R Bloomfield 17:30) |
||
| 17:45-18:45 |
Shorter briefings Supporting assurance in the defence sector; T Clement/G Cleland The nuclear approach to cases: existing practice and emerging research; S Guerra The Effectiveness of Diversity - Combining Antivirus Engines; I Gashi Combining proof and probability of failure in claims for a fault tolerant system; B Littlewood |
Demos and posters II Effectiveness of warning systems Empirical Research for Computer Security The effectiveness of multi-layer protection: Modelling diversity Critical Infrastructure Interdependencies Analysis - PIA toolset Supporting Assurance with ASCE Emphasis - tool developed for the nuclear power industry MSc and CPD opportunities at CSR |
|
| 18:45-20:00 |
Networking and refreshments |
||