The conference has three Keynote presentations from leading experts.
John McDermid, University of York, UK
Tuesday June 21st 9:00
There is a growing use of model-based software development, including the automatic generation of code from the models, in mainstream software engineering. There is a perception that the use of such technology could reduce the cost of safety critical software development. The use of model-based approaches offers some benefits, including better validation of designs, and shorter change cycles. However, it also has some problems, including the trustworthiness of code generation methods and tools, and the comparatively low level of abstraction at which the tools operate. The talk will discuss the opportunities and challenges of model-based development, including the role of program-level verification, aiming to identify the likely future development of such technology.
John McDermid has been Professor of Software Engineering at the University of York since 1987. He runs the High Integrity Systems Engineering research group which is probably the world's largest academic group focusing on systems and software safety. He has undertaken research on a range of topics including hazard and safety analysis, safety cases, requirements engineering and formal methods, and has been successful in transferring research results into industry, especially the aerospace and defence industries. He has been influential in the development of standards for safety critical systems and software, including guiding the development of Issue 3 of Defence Standard 00-56.
John McDermid, Martyn Thomas, Thomas Associates, UK
Wednesday June 22nd 9:00
The software industry frequently behaves like a fashion business, with crazes taking hold on the basis of novelty, an attractive name, and a few memorable slogans. The current infatuation with ``extreme programming" is one such craze that combines several valuable but largely unoriginal approaches to software development with several that are original but unhelpful or actively dangerous.
This talk examines the principles of XP, distinguishing the sane from the absurd, and proposes an alternative Manifesto for Dependable Software Development.
Martyn Thomas is an independent consultant software engineer. He specialises in the assessment of large, real-time, safety-critical, software intensive systems, software engineering, and engineering management. He is a member of the Expert Witness Institute and acts as an expert witness where complex software engineering issues are involved.
He is Visiting Professor in Software Engineering at the University of Oxford, and a Visiting Professor at the University of Bristol and the University of Wales, Aberystwyth.
In 1983, he founded Praxis, to exploit modern software development methods. Martyn Thomas serves on the IT policy-making bodies of both UK professional computing institutions, the British Computer Society (BCS) and the Institution of Electrical Engineers (IEE). He chairs the steering committee for the UK's major research collaboration in dependable systems, DIRC, and he is the only European member of a US National Academy of Sciences study into Certifiably Dependable Software.
Bev Littlewood, City University, London, UK
Thursday June 23rd 9:00
Issues of uncertainty lie at the heart of dependability assessment. Most obviously, we cannot predict with certainty when a system will fail---that's why we use probabilistic measures of dependability (mean time to failure, failure rate, probability of surviving mission time, etc.). Less obviously---and often ignored---is the uncertainty associated with assessments of uncertainty. Claims such as `this system has a probability on demand better than $10^{-3}$' can never be made with certainty. Uncertainty about the truth of such a claim might come from weakness (or paucity) of supporting evidence for the claim; it might arise because we are uncertain about the truth of some underlying assumptions. In the talk I shall suggest that we need to associate with dependability claims an acknowledgement (and assessment) of this uncertainty about the truth of a claim. Essentially, we need to say how confident we are in the truth of the claim. I shall argue that probability is sometimes an appropriate formalism to represent confidence. I shall speculate about similarities between confidence in arguments and dependability of systems. For example, I shall claim that just as we can use design diversity to increase the dependability of a system, so we can use argument diversity (multi-legged arguments) to increase confidence in claims. I shall suggest that, in addition to ALARP (As Low As Reasonably Practicable), which concerns the level of dependability of a system, we need ACARP (As Confident As Reasonably Practicable). Needless to say, some of this stuff might be a bit controversial...
Bev Littlewood has degrees in mathematics and statistics, and a PhD in Statistics and Computer Science. He founded the Centre for Software Reliability at City University, London, in 1983 and was its Director from then until 2003. He is currently Professor of Software Engineering at City University.
Bev has worked for many years on problems associated with the modelling and evaluation of dependability of software-based systems, and has published many papers in international journals and conference proceedings and has edited several books. He is a member of IFIP Working Group 10.4 on Reliable Computing and Fault Tolerance, of the BCS Safety-Critical Systems Task Force, and of the UK Computing Research Committee. He is currently serving his second term as Associate Editor of the IEEE Transactions on Software Engineering, and is on the editorial boards of several other international journals. He is a member of the UK Nuclear Safety Advisory Committee, and of its Research Committee; he is a Fellow of the Royal Statistical Society.