WoSoCER 2011 - The 1st International Workshop on Software Certification (WoSoCER)

Certification of software is becoming crucial for companies developing mission and safety critical systems. As a result of software-related disasters, some professionals believe that licensing or certification is nowadays inevitable. At present, there is no agreement on what development and assessment methods, techniques, tools, or even evaluation metrics are more suitable to provide evidences on which to base software certification. Several organizations (such as FAA, NRC, EUROCONTROL, CENELEC, IEC, ISO) produced in the past standards for developing critical systems in different domains, e.g., avionics, railway, automotive, nuclear, healthcare. These process-oriented standards (e.g., DO-178B) are conceived to suggest strategies and practices to be adopted along the entire development cycle. Although they provide a valuable support, the guidelines they suggest are quite general, since their purpose is not to define what techniques a company must use, or what is their impact on company’s cost. For instance, cost and effectiveness issues are often neglected in such guidance documents. As a consequence, there is a gap between what they suggest and strategies, techniques, and tools that can actually be adopted by a company. For many of the proposed practices, there are contradictory studies about their actual effectiveness, and no definitive evidence that justifies their adoption. This uncertainty poses serious difficulties to companies, which on one hand are constrained to meet predefined certification goals, whereas, on the other hand, are required to deliver systems at competitive cost and time. On the other hand, an increasing number of practitioners believe that standard guidelines should focus not only on process, but also on product properties, and that companies should provide evidences regarding the actual product behavior, rather than their development process. This shifting from process-oriented to product-based certification is enforced by the increasing adoption of third- party (both commercial and open source) software components also in critical system. However, the adoption of off-the-shelf (OTS) software item raises also challenges and difficulties related to their integration, verification, assessment and maintenance, making it very tough to produce evidences that they behave safely. Also this new view is opening totally new challenges with respect to the current reference standards, for both developers and standard organizations.

Objectives
The workshop aims to:
provide a meeting for discussing the state of the art in Software Certification research in several domains of critical systems development, such as avionics, space, railway, automotive, nuclear, healthcare
Enable academia, industry, certification authorities/agencies, and government representatives to share their experiences in applied research in Software Certification related topics, and the most challenging issues they currently face
Discuss results of theoretical and experimental research on software certification
Discuss results of industrial experiences on real case studies reporting on the usage of formalisms, techniques, strategies, tools, and methodologies to develop certifiable systems
Identify new challenges in these areas and drive the research efforts in both critical systems software development, and in the current practices and guidelines suggested by standards.

Topics of Interest
Researchers and practitioners from both academia and industry, as well as people from government and certification authorities, that work on different aspects of software certification, are invited to participate. Papers should present original contributions on:
Methodological improvements of development process of software to be certified.
Modelling techniques, formalisms, measurements processes, new metrics, techniques, strategies, and tools for:
safety analysis, and safety evidences formalization and quantification for certification purposes;
design practices conciliating requirements and constraints of certification standards with the needs of modern, complex, component-based systems, as well as with the needs of developer companies;
cost-effective Verification & Validation specifically oriented towards certification goals;
assessment of safety-related qualities in software systems to be certified;
safety assessment and evidences formalization, selection, integration, development, and verification of commercial OTS and OSS components in the context of software certification;
design, development, V&V, evidences formalization, and assessment to support product-based certification.
Practical experiences on real case studies regarding certified software or software to be certified.