Full Program »
Trust Engineering - Rejecting the Tyranny of the Weakest Link
Research Group coined the term, trust engineering, to describe a
methodology for making use of software of uncertain provenance in
mission-critical systems. Today, the loss of control that made
software so hard to trust then applies to the rest of the supply
chain as well. The discipline we described in the internal paper,
Trust-engineering: An Assurance Strategy for Softwarebased
Systems, no longer seems heretical today, even at NSA. Ten years
later, we revisit the principles of trust engineering, compare
the mechanisms available to us today with the practices of the
past, and explore the construction of systems that are stronger
than their weakest link.
Author(s):
Susan Alexander
IARPA
United States