search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Component Certification: 10 Useful Distinctions

Technical Note
By
This 2004 report discusses 10 useful distinctions that can help in understanding different aspects of certification in the context of software components.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2004-TN-031
DOI (Digital Object Identifier)
10.1184/R1/6584069.v1

Abstract

Using software components to develop mission-critical systems poses a number of technical, organizational, and economic challenges. One persistent and largely unaddressed challenge is how the consumers of software components—that is, the developers of mission-critical systems—can obtain a meaningful level of trust in the runtime behavior of software components. The most frequently cited concerns are centered on issues of security; for example, trust that a component does not contain malicious code or exhibit vulnerabilities that can be exploited by malicious code. There are, however, other concerns about software component behavior that can be just as important. For example, in an embedded weapon system, it may be crucial to trust that a component will always execute a function within a particular time bound or never introduce unbounded priority inversion. 

Certification is a practical, proven means of establishing trust in various sorts of things in other disciplines and is, therefore, a natural contender for developing trust in software components. This technical note does not propose a particular certification regimen for components. Rather, it introduces a series of 10 distinctions that can help in understanding different aspects of certification in the context of software components.

SHARE
Download PDF
Cite This Technical Note

Wallnau, K. (2004, September 1). Software Component Certification: 10 Useful Distinctions. (Technical Note CMU/SEI-2004-TN-031). Retrieved April 16, 2024, from https://doi.org/10.1184/R1/6584069.v1.

@techreport{wallnau_2004,
author={Wallnau, Kurt},
title={Software Component Certification: 10 Useful Distinctions},
month={Sep},
year={2004},
number={CMU/SEI-2004-TN-031},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6584069.v1},
note={Accessed: 2024-Apr-16}
}

Wallnau, Kurt. "Software Component Certification: 10 Useful Distinctions." (CMU/SEI-2004-TN-031). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, September 1, 2004. https://doi.org/10.1184/R1/6584069.v1.

K. Wallnau, "Software Component Certification: 10 Useful Distinctions," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2004-TN-031, 1-Sep-2004 [Online]. Available: https://doi.org/10.1184/R1/6584069.v1. [Accessed: 16-Apr-2024].

Wallnau, Kurt. "Software Component Certification: 10 Useful Distinctions." (Technical Note CMU/SEI-2004-TN-031). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Sep. 2004. https://doi.org/10.1184/R1/6584069.v1. Accessed 16 Apr. 2024.

Wallnau, Kurt. Software Component Certification: 10 Useful Distinctions. CMU/SEI-2004-TN-031. Software Engineering Institute. 2004. https://doi.org/10.1184/R1/6584069.v1

Ask a question about this Technical Note