Mechanised Assurance Cases with Integrated Formal Methods in Isabelle
This work addresses the problem of certifying critical systems with mixed formal-informal assurance cases, but it is incremental as it builds on existing Isabelle tools and a specific case study.
The authors tackled the challenge of integrating formal and informal methods in assurance cases for critical systems by developing a mechanical framework in Isabelle, demonstrating its application on a fragment of the Tokeneer security case with formal verification evidence.
Assurance cases are often required as a means to certify a critical system. Use of formal methods in assurance can improve automation, and overcome problems with ambiguity, faulty reasoning, and inadequate evidentiary support. However, assurance cases can rarely be fully formalised, as the use of formal methods is contingent on models validated by informal processes. Consequently, we need assurance techniques that support both formal and informal artifacts, with explicated inferential links and assumptions that can be checked by evaluation. Our contribution is a mechanical framework for developing assurance cases with integrated formal methods based in the Isabelle system. We demonstrate an embedding of the Structured Assurance Case Meta-model (SACM) using Isabelle/DOF, and show how this can be linked to formal analysis techniques originating from our verification framework, Isabelle/UTP. We validate our approach by mechanising a fragment of the Tokeneer security case, with evidence supplied by formal verification.