Final Report Summary - DEVASSES (DEsign, Verification and VAlidation of large scale, dynamic Service SystEmS)
The main scientific objective of the DEVASSES project was to define a methodology as well as tools and methods, integrating novel enabling technologies for design-time V&V (D-V&V) and run-time V&V (R-V&V) of trustworthy ICT, assuring the quality of open, large-scale, high-demand critical services, which are moving towards a demand for certifiability and standardization. The DEVASSES-V&V approach supports the execution of D-V&V and R-V&V activities, and the integration of the results provided. From the final integration, the output of the V&V campaign is achieved. More specifically, DEVASSES goal was to research, experiment and evaluate novel V&V methods, methodologies and tools that:
- At design-time (D-V&V), support traceability to evolving requirements, to cope with foremost features of agile software development processes such as low formalism and sparse documentation. Additionally, explore the notion of regression to cope with the development style trend based on successive software releases that characterizes the life cycle of open, service provisioning systems and infrastructure. This includes open source software (e.g. middleware) that is nowadays broadly used to support business critical applications and is normally released in incremental versions. Finally, make use of data collected at run-time to support design-time architectural decisions and D-V&V.
- At run-time (R-V&V), apply V&V concepts to dynamic and evolving systems, taking advantage of monitoring services and infrastructures that will support the run-time assessment of the system through the collection of measurements for quantitative analysis of security and trustworthiness. In particular, the DEVASSES R-V&V methodology relies on the idea of composing a dynamic network of checkers for component- and system-level V&V, extending the checking devised at design-time and adapting to the existing system changes. Such checkers devised at run-time may be used to support design-time V&V.
- Describe the integration process that guides and organizes the interplay of D-V&V and R-V&V activities for the various services, to merge results in the unique continuous DEVASSES-V&V process. This is particularly relevant as design-time checks may be used for run-time V&V and information collected at run-time may drive design-time decisions.