We are all increasingly dependent on software systems to run the technology we use every day, so we need these systems to be both reliable and safe. This book presents papers from the NATO Advanced Study Institute Summer School Dependable Software Systems Engineering, held in Marktoberdorf, Germany, in July and August 2014. Lecturers were drawn from prestigious research groups representing both industry and academia, and the course was designed as an in-depth presentation and teaching of state-of-the-art scientific techniques and methods covering research and industrial practice as well as scientific principles. Topics covered included: syntax-guided synthesis; system behaviors and problem frames; dependable human-intensive systems; automatic alias analysis and frame inference; fault-based testing; and mechanized unifying theories of programming. Marktoberdorf is one of the most renowned international computer science summer schools, and this book, with its detailed overview of current research results and the discussion and development of new ideas will be of interest to all those whose work involves the engineering of dependable software systems.

In the last few years we have all become daily users of Internet banking, social networks and cloud services. Preventing malfunctions in these services and protecting the integrity of private data from cyber attack are both current preoccupations of society at large. While modern technologies have dramatically improved the quality of software, the computer science community continues to address the problems of security by developing a theory of formal verification; a body of methodologies, algorithms and software tools for finding and eliminating bugs and security hazards. This book presents lectures delivered at the NATO Advanced Study Institute (ASI) School Marktoberdorf 2015 – ‘Verification and Synthesis of Correct and Secure Systems'. During this two-week summer school, held in Marktoberdorf, Germany, in August 2015, the lecturers provided a comprehensive view of the current state-of-the-art in a large variety of subjects, including: models and techniques for analyzing security protocols; parameterized verification; synthesis of reactive systems; software model checking; composition checking; programming by examples; verification of current software; two-player zero-sum games played on graphs; software security by information flow; equivalents – combinatorics; and analysis of synthesis with 'Big Code'. The Marktoberdorf ASIs have become a high-level scientific nucleus of the international scientific network on formal methods, and one of the major international computer science summer schools. This book will be of interest to all those seeking an overview of current theories and applications in formal verification and security.

Cyber-physical systems closely combine and coordinate subsystems consisting of both computational and physical elements. Such systems have become indispensable in the fields of aerospace, automotive and the automation industries, as well as in consumer appliances. Safety, security and reliability are all essential elements of the trustworthiness of these modern cyber-physical systems. Protecting the data within such systems from external attack (security) and protecting the environment from any potential malfunction or misuse of these systems (safety) are subjects traditionally considered separately, but a closer look reveals that techniques for the construction and analysis of the software-based systems used in both security and safety are not necessarily fundamentally different. This book presents papers from the 2016 Marktoberdorf summer school on software engineering, held in Marktoberdorf, Germany, in August 2016. As its title – Dependable Software Systems Engineering – suggests, the lectures at this summer school explored various aspects of the engineering of more dependable software systems, and the 10 lectures included here cover subjects from programming languages and formal analysis tools to verification, validation and assurance. The book will be of interest to all those whose work involves the development and testing of more reliable and secure software systems.

Because almost all technical systems are more or less interfaced with software these days, attacks against computer systems can cause considerable economic and physical damage. For this reason, understanding the dependability of such systems, as well as the improvement of cyber security and its development process, are amongst the most challenging and crucial issues in current computer science research. This book contains the lectures from the NATO Advanced Study Institute (ASI) Summer School entitled Engineering Dependable Software Systems, held in Marktoberdorf, Germany, in July and August 2012. This two week course for young computer scientists and mathematicians working in the field of formal software and systems was designed to give an in-depth presentation of state-of-the-art topics in the field, as well as promoting international contacts and collaboration and the teaming up of leading researchers and young scientists. The 12 lectures delivered at the school and presented here cover subjects including: model-based testing, formal modeling and verification, deductively verified software, model checking, performance analysis, integrating risk analysis, embedded systems and model checking, among others. The book will be of interest to all those whose work involves the development of large-scale, reliable and secure software systems.

This cumulative habilitation thesis, proposes concepts for (i) modelling and analysing dependability based on architectural models of software-intensive systems early in development, (ii) decomposition and composition of modelling languages and analysis techniques to enable more flexibility in evolution, and (iii) bridging the divergent levels of abstraction between data of the operation phase, architectural models and source code of the development phase.

The focus of Software for Dependable Systems is a set of fundamental principles that underlie software system dependability and that suggest a different approach to the development and assessment of dependable software. Unfortunately, it is difficult to assess the dependability of software. The field of software engineering suffers from a pervasive lack of evidence about the incidence and severity of software failures; about the dependability of existing software systems; about the efficacy of existing and proposed development methods; about the benefits of certification schemes; and so on. There are many anecdotal reports, which-although often useful for indicating areas of concern or highlighting promising avenues of research-do little to establish a sound and complete basis for making policy decisions regarding dependability. The committee regards claims of extraordinary dependability that are sometimes made on this basis for the most critical of systems as unsubstantiated, and perhaps irresponsible. This difficulty regarding the lack of evidence for system dependability leads to two conclusions: (1) that better evidence is needed, so that approaches aimed at improving the dependability of software can be objectively assessed, and (2) that, for now, the pursuit of dependability in software systems should focus on the construction and evaluation of evidence. The committee also recognized the importance of adopting the practices that are already known and used by the best developers; this report gives a sample of such practices. Some of these (such as systematic configuration management and automated regression testing) are relatively easy to adopt; others (such as constructing hazard analyses and threat models, exploiting formal notations when appropriate, and applying static analysis to code) will require new training for many developers. However valuable, though, these practices are in themselves no silver bullet, and new techniques and methods will be required in order to build future software systems to the level of dependability that will be required.

Fundamentals of Dependable Computing for Software Engineers presents the essential elements of computer system dependability. The book describes a comprehensive dependability-engineering process and explains the roles of software and software engineers in computer system dependability. Readers will learn:Why dependability mattersWhat it means for a

Certification of critical software systems (e.g., for safety and security) is important to help ensure their dependability. Today, certification relies as much on evaluation of the software development process as it does on the system's properties. While the latter are preferable, the complexity of these systems usually makes them extremely difficult to evaluate. To explore these and related issues, the National Coordination Office for Information technology Research and Development asked the NRC to undertake a study to assess the current state of certification in dependable systems. The study is in two phases: the first to frame the problem and the second to assess it. This report presents a summary of a workshop held as part of the first phase. The report presents a summary of workshop participants' presentations and subsequent discussion. It covers, among other things, the strengths and limitations of process; new challenges and opportunities; experience to date; organization context; and cost-effectiveness of software engineering techniques. A consensus report will be issued upon completion of the second phase.

This book constitutes the refereed proceedings of the 5th International School on Engineering Trustworthy Software Systems, SETSS 2019, held in Chongqing, China, in April 2019. The five chapters in this volume provide lectures on leading-edge research in methods and tools for use in computer system engineering. The topics covered in these chapter include Seamless Model-based System Development: Foundations; From Bounded Reachability Analysis of Linear Hybrid Automata to Verification of Industrial CPS and IoT; Weakest Preexpectation Semantics for Bayesian Inference: Conditioning, Continuous Distributions and Divergence; K – A Semantic Framework for Programming Languages and Formal Analysis Tools; and Software Abstractions and Human-Cyber-Physical Systems Architecture Modelling.

A comprehensive and interdisciplinary guide to systems engineering Systems Engineering: Principles and Practice, 3rd Edition is the leading interdisciplinary reference for systems engineers. The up-to-date third edition provides readers with discussions of model-based systems engineering, requirements analysis, engineering design, and software design. Freshly updated governmental and commercial standards, architectures, and processes are covered in-depth. The book includes newly updated topics on: Risk Prototyping Modeling and simulation Software/computer systems engineering Examples and exercises appear throughout the text, allowing the reader to gauge their level of retention and learning. Systems Engineering: Principles and Practice was and remains the standard textbook used worldwide for the study of traditional systems engineering. The material is organized in a manner that allows for quick absorption of industry best practices and methods. Systems Engineering Principles and Practice continues to be a national standard textbook for the study of traditional systems engineering for advanced undergraduate and graduate students. It addresses the need for an introductory overview, first-text for the development and acquisition of complex technical systems. The material is organized in a way that teaches the reader how to think like a systems engineer and carry out best practices in the field.