Engineering Trustworthy Self-Adaptive Software with Dynamic Assurance Cases

TL;DR

This paper introduces ENTRUST, a methodology combining modeling, verification, and assurance processes to systematically engineer trustworthy self-adaptive software capable of meeting strict requirements across various domains.

Contribution

The paper presents ENTRUST, a novel methodology integrating design-time and runtime verification with assurance cases for developing trustworthy self-adaptive software.

Findings

ENTRUST effectively supports development in diverse application domains.

It enables dynamic assurance case generation for self-adaptive systems.

The methodology is validated through tool-supported case studies.

Abstract

Building on concepts drawn from control theory, self-adaptive software handles environmental and internal uncertainties by dynamically adjusting its architecture and parameters in response to events such as workload changes and component failures. Self-adaptive software is increasingly expected to meet strict functional and non-functional requirements in applications from areas as diverse as manufacturing, healthcare and finance. To address this need, we introduce a methodology for the systematic ENgineering of TRUstworthy Self-adaptive sofTware (ENTRUST). ENTRUST uses a combination of (1) design-time and runtime modelling and verification, and (2) industry-adopted assurance processes to develop trustworthy self-adaptive software and assurance cases arguing the suitability of the software for its intended application. To evaluate the effectiveness of our methodology, we present a tool-supported instance of ENTRUST and its use to develop proof-of-concept self-adaptive software for embedded and service-based systems from the oceanic monitoring and e-finance domains, respectively. The experimental results show that ENTRUST can be used to engineer self-adaptive software systems in different application domains and to generate dynamic assurance cases for these systems.