Visible to the public File preview

AGENDA WEDNESDAY 8:30-9:00 9:00-9:30 9:30-10:00 10:00 - 10:15 10:15 - 11:00

11:00 - 11:30 11:30 – 12:15 12:15 - 1:15 1:15 - 1:45 1:45 – 2:30 2:30 – 4:15 4:15 – 4:45 THURSDAY 8:30 - 9:00 9:00 – 9:45 9:45 – 10:15 10:15 - 10:30 10:30 - 11:15

Welcome and Introductions Gerard Holzmann – NASA / JPL David Parnas – Middle Road Software Coffee Discussion 1 – What are the key system engineering principles necessary to achieve safety? How are software elements of a system different? ( failure mechanisms, benefits of diversity, quantitative reliability) John Goodenough – SEI Discussion 2 – What are the challenges in certifying systems containing COTS? (ability to certify a black box, value of operating history, competencies of practitioners) Lunch Mats Heimdahl – University of Minnesota Discussion 3 –What kind of hazards can be introduced during software design that were not explicit in the requirements, and how can they be identified? Breakout 1 - What are the outstanding research questions related to gaining confidence in a system’s specification of critical properties? (including coffee) Summary from Breakout 1

11:15 - 11:45 11:45 - 12:45 12:45 - 1:15 1:15 – 2:00 2:00 – 3:45

3:45 - 4:15 4:15 – 4:30

John Knight – University of Virginia Discussion 4 – What evidence should be produced to support the certification of critical systems containing software? Joe D’Ambrosio – GM Coffee Discussion 5 – What body of knowledge do practitioners need to know in order to develop critical systems containing software? What should the role of licensed professional engineers be? Sushil Birla – US NRC Lunch Paul Jones – US FDA Discussion 6 – What criteria should be used for the evaluation of an assurance case that can be effectively applied by a 3rd party certifier? Breakout 2 - What are the outstanding research questions related to gaining confidence in a system’s implementation? ( including coffee ) Summary from Breakout 2 Wrap-up