Managing Trustworthiness in Component-based Embedded Systems ⋆

Component-based systems use software components to achieve their overall high-level functionality which, in turn, may be extended by initiating the download of new components. This action may detrimentally affect the system's overall dependability and security characteristics. We address the problem of the enhancement of dependability and security for component-based embedded systems that run, for example, in consumer and embedded electronics devices. We propose a Trustworthiness Management Framework which, while acting on the behalf of components (Trustors), supervises the system's existing Trustor-Trustee relationships and preserves the overall system level of dependability and security. This is achieved by monitoring quality metrics on the components behaviours, by periodically evaluating their trustworthiness, and (when applicable) by controlling them. This paper focuses on the trustworthiness evaluation process offered by the Trustworthiness Management Framework. Trustworthiness evaluation is seen as a Trustors-parameterisable function. Trustworthiness is expressed with a triple of values: compliance, benignity and stability. The first measures the degree to which a component satisfies the Trustor's requirement; the second and third express the expected belief that, resp., the components will continue to be compliant and the component's behavioural qualities will remain stable. Trustworthiness is used by the Trustworthiness Manager Framework to make control decisions to regulate the system's overall dependability and security characteristics. Keywords: component-based systems, trustworthiness evaluation, trustworthiness management architecture, dependability and security.