Liability in software engineering: Overview of the LISE approach and illustration on a case study

Proceedings - International Conference on Software Engineering

Volumn 1, Issue , 2010, Pages 135-144

  Le Métayer, Daniel ^a   Maarek, Manuel ^a   Mazza, Eduardo ^b   Potet, Marie Laure ^b   Frénot, Stéphane ^c   Tong, Valérie Viet Triem ^d   Craipeau, Nicolas ^e   Hardouin, Ronan ^f   Alleaume, Christophe ^e   Benabou, Valérie Laure ^g   Beras, Denis ^c   Bidan, Christophe ^d   Goessler, Gregor ^a   Le Clainche, Julien ^a   Mé, Ludovic ^d   Steer, Sylvain ^g  

^a INRIA RHÔNE ALPES   (France)

^b VERIMAG   (France)

^c UNIVERSITÉ DE LYON   (France)

^d SUPELEC Campus de Rennes   (France)

^e UNIVERSITÉ DE CAEN   (France)

^f LABORATOIRE DES SCIENCES DU CLIMAT ET DE L ENVIRONNEMENT   (France)

^g Paris Versailles University   (France)

Author keywords

contract; defects; evidence; formal methods; legal aspects; liability; specification

Indexed keywords

CONTRACTS; DEFECTS; FORMAL METHODS; SPECIFICATIONS;

COMPUTER SCIENTISTS; EVIDENCE; LEGAL ASPECTS; LEGAL UNCERTAINTY; MULTIDISCIPLINARY PROJECTS; PROJECT-BASED;

PRODUCT LIABILITY;

EID: 77954740511     PISSN: 02705257     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1806799.1806823     Document Type: Conference Paper

References (35)

1. R. Accorsi. On the relationship of privacy and secure remote logging in dynamic systems. In SEC, volume 201 of IFIP, pages 329-339. Springer, 2006.
2. R. Anderson and T. Moore. Information security economics - and beyond. Information Security Summit (IS2), 2009.
3. A. R. Arasteh, M. Debbabi, A. Sakha, and M. Saleh. Analyzing multiple logs for forensic evidence. Digital Investigation, 4:82-91, 2007.
4. A. Avizienis, J.-C. Laprie and B. Randell. Fundamental concepts of computer system dependability. In IARP/IEEE-RAS Workshop on robot dependability: technological challenges of dependable robots in human environments, 2001.
5. D. M. Berry. Abstract appliances and software: The importance of the buyer's warranty and the developer's liability in promoting the use of systematic quality assurance and formal methods. CiteSeerX, http://www. scientificcommons.org/42749418, 2007.
6. D. Biswas, T. Gazagnaire, and B. Genest. Small logs for transactional services: Distinction is much more accurate than (positive) discrimination. In High Assurance Systems Engineering Symposium (HASE), 2008.
7. L. Brandan-Briones, A. Lazovik, and P. Dague. Optimal observability for diagnosability. In International Workshop on Principles of Diagnosis, 2008.
8. N. Craipeau. Digital evidence - La preuve électronique. TR, Deliverable LISE D1.3, July 2009.
9. A. D. H. Farrell, M. J. Sergot, M. Sallé, and C. Bartolini. Using the event calculus for tracking the normative state of contracts. International Journal of Cooperative Information Systems (IJCIS), 14(2-3):99-129, 2005.
10. P. Gladyshev and A. Enbacka. Rigorous development of automated inconsistency checks for digital evidence using the B method. International Journal of Digital Evidence (IJDE), 6(2):1-21, 2007.
11. G. Governatori, Z. Milosevic, and S. W. Sadiq. Compliance checking between business processes and business contracts. In EDOC, pages 221-232. IEEE Computer Society, 2006.
12. D. Grossi, L. Royakkers, and F. Dignum. Organizational structure and responsibility. Artificial Intelligence and Law, 15:223-249, 2007.
13. R. Hardouin. Liability in software contracts - Le sens des responsabilitiés en matière de contrats informatiques. TR, Deliverable LISE D1.1, July 2009.
14. A. K. Jones and R. S. Sielken. Computer system intrusion detection: a survey. TR, University of Virginia Computer Science Department, 1999.
15. F. Kamareddine, M. Maarek, and J. B. Wells. Flexible encoding of mathematics on the computer. In MKM, volume 3119 of LNCS, pages 160-174, 2004.
16. D. Le Métayer. A formal privacy management framework. In FAST, volume 5491 of LNCS, pages 162-176, 2009.
17. S. Lipovetsky. Les clauses limitatives de responsabilité et de garantie dans les contrats informatiques. Approche comparative France/États-Unis. Quelles limitations. Expertises des systèmes d'information, no 237, pages 143-148, May 2000.
18. B. Littlewood and L. Strigini. Software reliability and dependability: a roadmap. In ICSE - Future of SE Track, pages 175-188, ACM, 2000.
19. Y. Papadopoulos. Model-based system monitoring and diagnosis of failures using statecharts and fault trees. Reliability Engineering and System Safety, 81:325-341, 2003.
20. P. Parrend and S. Frénot. Security benchmarks of OSGi platforms: toward hardened OSGi. Software - Practice and Experience (SPE), 39(5):471-499, 2009.
21. S. P. Peisert, S. Karin, M. Bishop, and K. Marzullo. Principles-driven forensic analysis. In Workshop on New security paradigms (NSPW), pages 85-93, 2005.
22. S. L. Peyton Jones and J.-M. Eber. How to write a financial contract. In The Fun of Programming, Cornerstones of Computing, chapter 6. 2003.
23. C. Picardi, R. Bray, F. Cascio, L. Console., P. Dague, O. Dressler, D. Millet, B. Rhefus., P. Struss and C. Vallée. IDD: integrating diagnosis in the design of automotive systems. In European Conference on Artificial Intelligence (ECAI), pages 628-632, 2002.
24. C. Prisacariu and G. Schneider. A formal language for electronic contracts. In FMOODS, volume 4468 of LNCS, pages 174-189. Springer, 2007.
25. F. Raimondi, J. Skene, and W. Emmerich. Efficient online monitoring of web-service SLAs. In ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE), pages 170-180, 2008.
26. S. Rekhis and N. Boudriga. A temporal logic-based model for forensic investigation in networked system security. Computer Network Security, 3685:325-338, 2005.
27. D. J. Ryan. Two views on security and software liability. Let the legal system decide. IEEE Security and Privacy, January-February, 2003.
28. F. B. Schneider. Accountability for perfection. IEEE Security and Privacy, March-April, 2009.
29. B. Schneier and J. Kelsey. Secure audit logs to support computer forensics. ACM Transactions on Information and System Security (TISSEC), 2(2):159-176, 1999.
30. J. Skene, D. D. Lamanna, and W. Emmerich. Precise service level agreements. In ICSE, pages 179-188. IEEE, 2004.
31. J. Skene, A. Skene, J. Crampton, and W. Emmerich. The monitorability of service-level agreements for application-service provision. In International Workshop on Software and Performance (WOSP), pages 3-14. ACM, 2007.
32. M. Solon and P. Harper. Preparing evidence for court. Digital Investigation, 1:279-283, 2004.
33. P. Stephenson. Modeling of post-incident root cause analysis. Digital Evidence, 2(2), 2003.
34. R. E. K. Stirewalt, L. K. Dillon, and E. Kraemer. The inference validity problem in legal discovery. In ICSE Companion, pages 303-306. IEEE, 2009.
35. S. Yang, L. Hélouët, and T. Gazagnaire. Logic-based diagnosis for distributed systems. In Perspectives in Concurrency Theory: A Festschrift for P. S. Thiagarajan. CRC Press, 2009.