• the code has no embedded malicious behaviors (Trojan Horses, Easter Eggs, logic bombs, viruses, trap doors);
• state-of-the-practice development and testing processes were applied properly; and
• the developers have passed professional exams demonstrating programming proficiency.
• Which organizations can legally support multidomain and international system safety certifications?
• How do system safety requirements translate to software requirements?
• What are the derived design and implementation constraints for software development?
• What software verification methods and techniques can help demonstrate that a system is safe?
Jeffrey Voas is the cofounder and chief scientist at Reliable Software Technologies and the Quality Time editor for IEEE Software. He is also the principal investigator on research initiatives for DARPA, the US National Institute of Standards and Technology, and the US Army. His professional interests include information security metrics, software dependability metrics, software liability and certification, software safety and testing, and information warfare tactics.Voas has coauthored two books, Software Assessment: Reliability, Safety, and Testability and Software Fault Injection: Inoculating Programs Against Errors (John Wiley & Sons). He received his PhD in computer science from the College of William & Mary and is a senior member of the IEEE, IEEE Reliability Society, and IEEE Computer Society.