Abstract

Software systems are increasingly becoming ubiquitous, affecting the way we experience the world. Embedded software systems, especially those used in smart devices, have become
an essential constituent of the technological infrastructure of modern societies. Such systems, in order to be trusted in society, must be proved to be trustworthy. Trustworthiness
is a composite non-functional property that implies safety, timeliness, security, availability, and reliability. This thesis is a contribution to a rigorous development of systems in which trustworthiness property can be specified and formally verified.

Developing trustworthy software systems that are complex and used by a large heterogeneous population of users is a challenging task. The component-based software engineering
(CBSE) paradigm can provide an effective solution to address these challenges. However, none of the current component-based approaches can be used as is, because all of
them lack the essential requirements for constructing trustworthy systems. The three contributions made in this thesis are intended to add to the expressive power needed to raise CBSE practices to a rigorous level for constructing formally verifiable trustworthy systems.

The first contribution of the thesis is a formal definition of the trustworthy component model. The trustworthiness quality attributes are introduced as first class structural
elements. The behavior of a component is automatically generated as an extended timed automata. A model checking technique is used to verify the properties of trustworthiness. A composition theory that preserves the properties of trustworthiness in a composition is presented.

Conventional software engineering development processes are not suitable either for developing component-based systems or for developing trustworthy systems. In order to
develop a component-based trustworthy system, the development process must be reuseoriented,component-oriented, and must integrate formal languages and rigorous methods in all phases of system life-cycle. The second contribution of the thesis is a software engineering
process model that consists of several parallel tracks of activities including component development, component assessment, component reuse, and component-based system
development. The central concern in all activities of this process is ensuring trustworthiness.

The third and final contribution of the thesis is a development framework with a comprehensive set of tools supporting the spectrum of formal development activity from modeling to deployment.

The proposed approach has been applied to several case studies in the domains of component-based development and safety-critical systems. The experience from the case
studies confirms that the approach is suitable for developing large and complex trustworthy systems.