Program seeks to develop process for continuous software certification and mission risk evaluation, reducing impediments to developing and fielding new defense capabilities
Military systems are increasingly using software to support functionality, new capabilities, and beyond. Before a new piece of software can be deployed within a system however, its functional safety and compliance with certain standards must be verified and ultimately receive certification. As the rapid rate of software usage continues to grow, it is becoming exceedingly difficult to assure that all software considered for military use is coded correctly and then tested, verified, and documented appropriately.
“Software requires a certain level of certification – or approval that it will work as intended with minimal risks – before receiving approval for use within military systems and platforms,” said Dr. Ray Richards, a program manager in DARPA’s Information Innovation Office (I2O). “However, the effort required to certify software is an impediment to expeditiously developing and fielding new capabilities within the defense community.”
Today, the software certification process is largely manual and relies on human evaluators combing through piles of documentation, or assurance evidence, to determine whether the software meets certain certification criteria. The process is time consuming, costly, and can result in superficial or incomplete evaluations as reviewers bring their own sets of expertise, experiences, and biases to the process. A lack of a principled means of decomposing evaluations makes it difficult to create a balanced and trustworthy process that applies equally to all software. Further, each subsystem and component must be evaluated independently and re-evaluated before it can be used in a new system. “Just because a subsystem is certified for one system or platform does not mean it is unilaterally certified for all,” noted Richards. This creates additional time delays and review cycles.
To help accelerate and scale the software certification process, DARPA developed the Automated Rapid Certification Of Software (ARCOS) program. The goal of ARCOS is to create tools and a process that would allow for the automated assessment of software evidence and provide justification for a software’s level of assurance that is understandable. Taking advantage of recent advances in model-based design technology, “Big Code” analytics, mathematically rigorous analysis and verification, as well as assurance case languages, ARCOS seeks to develop a capability to automatically evaluate software assurance evidence to enable certifiers to rapidly determine that system risk is acceptable.
“This approach to reengineering the software certification process is well timed as it aligns with the DoD Digital Engineering Strategy, which details how the department is looking to move away from document-based engineering processes and towards design models that are to be the authoritative source of truth for systems,” said Richards.
To create this automated capability, ARCOS will explore techniques for automating the evidence generation process for new and legacy software; create a means of curating evidence while maintaining its provenance; and develop technologies for the automated construction of assurance cases, as well as technologies that can validate and assess the confidence of an assurance case argument. The evidence generation, curation, and assessment technologies will form the ARCOS tools and processes, working collectively to provide a scalable means of accelerating the pathway to certification.
Throughout the program’s expected three phases, evaluations and assessments will occur to gauge how the research is progressing. ARCOS researchers will tackle progressively more challenging sets of software systems and associated artifacts. The envisioned evaluation progression will move from a single software module to a set of interacting modules and finally to a realistic military software system.