Setting a Framework for Trusted Component Trading
Computing, Health and Science
Computer and Security Science
Software engineers constructing systems from third-party components need to be able to assess the quality of those components in order to have any confidence in the final system. We argue that the most effective and economic way to do this is for developers to supply test specifications along with the components that they offer to the market. We describe a simple, portable test specification based on XML documents. When a test specification is packaged with a purchased component, system builders are efficiently able to not only verify a component developer’s claim for quality but also use the test specification to elucidate fine details of a component’s capabilities that may be missing or not manifest in a natural language specification. A system builder selecting a component for integration into a new system needs to consider more than its ability to perform the required functions: the degree of testing can be an important indication of its reliability. Thus we propose an index, describing the degree of testing that a component has undergone, which can be used to rate components and aid selection decisions. Combined with a test specification, a purchaser can efficiently determine whether a component meets claims for its quality.