[TYPES] CFP: Workshop on Software Certificate Mangement

Ewen Denney edenney at email.arc.nasa.gov
Tue Jul 19 12:39:10 EDT 2005

[Types can serve as software certificates and typing systems as means of 
constructing certificates. Rich type systems can be used to represent 
much of the information which is of interest in a certification context. 
We are interested in any application of type systems to the problems and 
concerns of software certification.]

                  C A L L   F O R   P A P E R S

                      ASE Workshop on

           Software Certificate Management (SoftCeMent)

                       November 8, 2005
                       (to be confirmed)
                    Long Beach, California

Software certification demonstrates the reliability, safety, or
security of software systems in such a way that it can be checked by
an independent authority with minimal trust in the techniques and
tools used in the certification process itself.  It can build on
existing validation and verification (V&V) techniques but introduces
the notion of explicit certificates, which contain all the information
necessary for an independent assessment of the demonstrated
properties.  A software certificate management system combines
functionalities of a database (e.g., storing and retrieving
certificates) and a make-tool (e.g., incremental re-certification). It
can also maintain links between system artifacts (e.g., design
documents, engineering data sets, or programs) and different varieties
of certificates, check the validity of certificates, provide access to
explicit audit trails, enable browsing of certification histories, and
enforce system-wide certification and release policies.  It can at any
time provide current information about the certification status of
each component in the system, check whether certificates have been
audited, compute which certificates remain valid after a system
modification, or even automatically start an incremental

The main goal of this workshop is to explore new technologies,
underlying principles, and general methodologies for supporting
software certificate management.

Topics of interest include, but are not limited to:

* Formalisms and Concepts

     - Techniques for reasoning about certificate hierarchies and
       dependencies, authorities, properties, policies, or
       certification services
     - Formalized process models incorporating certification activities
     - Ontologies for concepts and metadata to describe structure and
       dependencies in developments

* Tool support

     - Representation methods for certificates
     - Certificate databases
     - Integration of existing V&V tools in certificate management systems
     - Certification environments
     - Security infrastructure

- Certification services

     - Certificate construction, editing, and revocation
     - Certificate maintenance and system recertification
     - Auditing

- Applications

     - Integration into safety-critical development processes
       (e.g., DO-178B)
     - Specific forms of certification
     - Software and system reconfiguration

More details can be found on the workshop webpage
http://ti.arc.nasa.gov/sc05/. Authors are welcome to contact
the organizers to discuss the suitability of potential topics.


Authors are invited to submit a position paper describing their
research background and current work or interest in the workshop
topics.  Short descriptions of implemented relevant systems are
acceptable as alternative. Authors of accepted system descriptions are
expected to demonstrate their systems during the workshop.

Submissions are restricted to 2000 words or approximately 4
pages. Electronic submissions are mandatory. Preferred formats are PDF
or PostScript. Please email your submission to
sc05 at email.arc.nasa.gov. Reviews and written feedback from the program
committee will be returned to the participants.

Important Dates:

Submission:   August 19, 2005
Notification: September 19, 2005
Camera-ready: October 15, 2005


Ewen Denney    RIACS/NASA Ames
Bernd Fischer  RIACS/NASA Ames
Mark Jones     OGI/OSHU
Dieter Hutter  DFKI

Program Committee:

Sophia Guerra            Adelard
Kelly Hayhurst           NASA Langley
Andrew Ireland           Heriot-Watt University
Christoph Lueth          University of Bremen
William B. Martin        National Security Agency
Viswa (Vdot) Santhanam   Boeing

More information about the Types-list mailing list