Runtime Certification

Abstract

Software often must be certified for safety, security, or other critical properties. Traditional approaches to certification require the software, its systems context, and all their associated assurance artifacts to be available for scrutiny in their final, completed forms. But modern development practices often postpone the determination of final system configuration from design time to integration time, load time, or even runtime. Adaptive systems go beyond this and modify or synthesize functions at runtime.

Developments such as these require an overhaul to the basic framework for certification, so that some of its responsibilities also may be discharged at integration-, load- or runtime.

We outline a suitable framework, in which the basis for certification is changed from compliance with standards to the construction of explicit goals, evidence, and arguments (generally called an “assurance case”). We describe how runtime verification can be used within this framework, thereby allowing certification partially to be performed at runtime or, more provocatively, enabling “runtime certification.”