The contribution of this paper is a technique to assess whether software failures during operational use can invalidate the trust assumptions and, hence, the adequacy of the softw...
An approach is suggested for arguing that a system is dependable. The key idea is to structure the system so that critical requirements are localized in small, reliable subsets of ...
We propose a formal model of trust informed by the Global Computing scenario and focusing on the aspects of trust formation, evolution, and propagation. The model is based on a no...
For `mixed-criticality' systems that have both critical and non-critical functions, the greatest leverage on dependability may be at the design level. By designing so that ea...