Nowa wersja platformy, zawierająca wyłącznie zasoby pełnotekstowe, jest już dostępna.
Przejdź na https://bibliotekanauki.pl

PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
2023 | Vol. 35 | 451--461
Tytuł artykułu

Risk-Based Continuous Quality Control for Software in Legal Metrology

Wybrane pełne teksty z tego czasopisma
Warianty tytułu
Języki publikacji
EN
Abstrakty
EN
Measuring instruments are increasingly defined by complex software while using simple hardware sensors. For such systems, software conformity between certified prototypes and devices in the field is usually demonstrated using version numbers and hashes over executable code. Legal requirements for regulated instruments could equally be satisfied if prototype and device in the field display identical functional behavior even if hashes differ. Such functional identification can give instrument manufacturers room for software patches and bugfixes without the need for recertification. Based on the L∗ algorithm, which is used to learn the language which deterministic finite automata accept, a risk-based method is proposed that realizes automatic functional identification of software to a certain extent, thereby enabling quality control of regularly updated measuring instruments without the need for frequent manual inspections. Risk assessment may be used to identify critical state transitions in monitored devices, which can be used to trigger recertifications if needed.
Wydawca

Rocznik
Tom
Strony
451--461
Opis fizyczny
Bibliogr. 16 poz., il.
Twórcy
autor
  • Physikalisch-Technische Bundesanstalt, Abbestraße 2-12, 10587 Berlin, Germany, marko.esche@ptb.de
autor
  • Physikalisch-Technische Bundesanstalt, Abbestraße 2-12, 10587 Berlin, Germany, levin.ho@ptb.de
  • Physikalisch-Technische Bundesanstalt, Abbestraße 2-12, 10587 Berlin, Germany, einhard.meyer@ptb.de
Bibliografia
  • 1. M. Jang, Linux Patch Management: Keeping Linux Systems Up To Date, 1st ed. Prentice Hall, Jan. 2006. ISBN 978-0132366755
  • 2. S. Windmüller, J. Neubauer, B. Steffen, F. Howar, and O. Bauer, “Active continuous quality control,” in Proceedings of the International Symposium on Component-Based Software Engineering. ACM, Jun. 2013. http://dx.doi.org/10.1145/2465449.2465469 pp. 111–120.
  • 3. J. Neubauer, S. Windmüller, and B. Steffen, “Risk-based testing via active continuous quality control,” International Journal on Software Tools for Technology Transfer, vol. 16, pp. 569–591, 2014. http://dx.doi.org/10.1007/s10009-014-0321-6
  • 4. EC, “Directive 2014/32/EU of the European Parliament and of the Council of 26 February 2014 on the harmonisation of the laws of the Member States relating to the making available on the market of measuring instruments,” European Union, Council of the European Union; European Parliament, Directive, February 2014.
  • 5. “WELMEC 7.2 Software Guide,” European cooperation in legal metrology, WELMEC Secretariat, Braunschweig, Standard, Mar. 2022.
  • 6. M. Sipser, Introduction to the theory of computation, 2nd ed. Boston, Massachusetts: Thomson, 2006. ISBN 0-534-95097-3
  • 7. G. H. Mealy, “A method for synthesizing sequential circuits,” The Bell System Technical Journal, vol. 34, no. 5, pp. 1045–1079, 1955. http://dx.doi.org/10.1002/j.1538-7305.1955.tb03788.x
  • 8. D. Angluin, “Learning regular sets from queries and counterexamples,” Information and Computation, vol. 75, no. 2, pp. 87–106, 1987. http://dx.doi.org/10.1016/0890-5401(87)90052-6
  • 9. M. Shahbaz and R. Groz, “Inferring mealy machines,” in FM 2009: Formal Methods, A. Cavalcanti and D. R. Dams, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-05089-3_14. ISBN 978-3-642-05089-3 pp. 207–222.
  • 10. M. S. Lund, B. Solhaug, and K. Stølen, Model-Driven Risk Analysis - The CORAS Approach. 0314 Oslo, Norway: Springer, 2011. ISBN 978-3-642-12323-8
  • 11. M. Esche, F. Grasso Toro, and F. Thiel, “Representation of attacker motivation in software risk assessment using attack probability trees,” in Proceedings of the Federated Conference on Computer Science and Information Systems, Prague, Czech Republic, September 2017. http://dx.doi.org/10.15439/2017F112 pp. 763–771.
  • 12. ISO/IEC, “ISO/IEC 27005:2011(e) Information technology - Security techniques - Information security risk management,” International Organization for Standardization, Geneva, CH, Standard, June 2011.
  • 13. ISO/IEC, “ISO/IEC 18045:2008 Common Methodology for Information Technology Security Evaluation,” International Organization for Standardization, Geneva, CH, Standard, September 2008, Version 3.1 Revision 4.
  • 14. M. Esche and F. Grasso Toro, “Developing defense strategies from attack probability trees in software risk assessment,” in Proceedings of the Conference on Computer Science and Information Systems, 2020. http://dx.doi.org/10.15439/2020F21 pp. 527–536.
  • 15. “Guide to the expression of uncertainty in measurement - part 6: Developing and using measurement models,” Joint Committee for Guides in Metrology (JCGM), BIPM, Sèvres Cedex FRANCE, techreport, Mar. 2020.
  • 16. S. Yan, B. Tang, J. Luo, X. Fu, and X. Zhang, “Unsupervised anomaly detection with variational auto-encoder and local outliers factor for kpis,” in 2021 IEEE Intl. Conf. on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking. IEEE, 2021, pp. 476–483.
Uwagi
1. Thematic Tracks Regular Papers
2. Opracowanie rekordu ze środków MEiN, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2024).
Typ dokumentu
Bibliografia
Identyfikatory
Identyfikator YADDA
bwmeta1.element.baztech-d87918fa-00a7-4cbc-9c78-163166b4b24c
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.