Issue No.09 - Sept. (1986 vol.12)
Peter Gabriel Neumann , SRI International, Menlo Park, CA 94025
We consider here the design of computer systems that must be trusted to satisfy simultaneously a variety of critical requirements such as human safety, fault tolerance, high availability, security, privacy, integrity, and timely responsiveness — and to continue to do so throughout maintenance and long-term evolution. Hierarchical abstraction provides the basis for successive layers of trust with respect to the full set of critical requirements, explicitly reflecting differing degrees of criticality.
Security, Safety, Fault tolerance, Fault tolerant systems, Humans, Computers, trusted subsystems, Abstraction, critical requirements, hierarchical design, kernels, reliability, safety, security
Peter Gabriel Neumann, "On hierarchical design of computer systems for critical applications", IEEE Transactions on Software Engineering, vol.12, no. 9, pp. 905-920, Sept. 1986, doi:10.1109/TSE.1986.6313046