Towards Automated Evidence Generation for Rapid and Continuous Software Certification

  title={Towards Automated Evidence Generation for Rapid and Continuous Software Certification},
  author={Joanna C. S. Santos and Ali Shokri and Mehdi Mirakhorli},
  journal={2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)},
Software system traceability plays a crucial role in the development and assurance of any dependable softwareintensive system. Federal agencies developing or regulating mission-centric or safety-critical software systems require traceability as a core component of the approval and certification process. Manually generating and managing traceability links is a tedious and error-prone task that requires great effort. The state-of-the-art automated traceability techniques rely on information… 
1 Citations

Figures and Tables from this paper

Introducing Traceability in GitHub for Medical Software Development
This paper introduces the approach that adds traceability capabilities to GitHub, so that the developers can act like they normally do in GitHub context but produce the documentation needed by the regulatory purposes in the process.


A tactic-centric approach for automating traceability of quality concerns
This paper presents a novel approach for automating the construction of traceability links for architectural tactics using machine learning methods and lightweight structural analysis to detect tactic-related classes and train the trace algorithm using code extracted from performance-centric and safety-critical open source software systems.
Trace Queries for Safety Requirements in High Assurance Systems
A family of reusable traceability queries that serve as a blueprint for traceability in safety critical systems and are modeled using the Visual Trace Modeling Language, which has been shown to be more intuitive than the defacto SQL standard.
Software traceability: trends and future directions
This paper builds upon a prior body of work to highlight the state-of-the-art in software traceability, and to present compelling areas of research that need to be addressed.
Automated training-set creation for software architecture traceability problem
The results indicate that automated techniques can create a reliable training set for the problem of tracing architectural tactics and investigate the impact of training set size on the accuracy of recovering trace links.
Traceability in the Wild: Automatically Augmenting Incomplete Trace Links
This paper addresses the fundamental problem of missing links between commits and issues by leveraging a combination of process and text-related features characterizing issues and code changes to train a classifier to identify missing issue tags in commit messages, thereby generating the missing links.
Traceability Gap Analysis for Assessing the Conformance of Software Traceability to Relevant Guidelines
This work proposes formalisms, metrics, and tool support for evaluating traceability coverage with respect to a project’s relevant guidelines in order to identify areas of traceability failure, and facilitates the identification of such problems for an initial certification and continuously throughout the software development lifecycle.
Using tactic traceability information models to reduce the risk of architectural degradation during system maintenance
The use of tTIMs significantly reduces the effort needed to create and maintain traceability links, provides support for visualizing the rationale behind various architectural components, and delivers timely information to maintainers so that they can preserve critical architectural qualities while implementing modifications.
Recovering Traceability Links between Code and Documentation
A probabilistic and a vector space information retrieval model is applied in two case studies to trace C++ source code onto manual pages and Java code to functional requirements to recover traceability links between source code and free text documents.
Mind the gap: assessing the conformance of software traceability to relevant guidelines
An approach is presented, which parses a guideline to extract a Traceability Model depicting software artifact types and their prescribed traces, which is used to evaluate the traceability of seven safety-critical software systems and found that none of the evaluated projects contained traceability that fully conformed to its relevant guidelines.
Tracing Non-Functional Requirements
This chapter describes and evaluates existing methods for tracing NFRs and proposes a new pattern-based approach which leverages software architectural techniques to achieve NFR traceability and illustrates the approach with examples from the mobile phone case study.