Providing System Assurance
The OMG's System Assurance Platform Task Force (SysA PTF) works towards enhancing system trustworthiness. NIST defines system assurance as "The justified confidence that the system functions as intended and is free of exploitable vulnerabilities, either intentionally or unintentionally designed or inserted as part of the system at any time during the life cycle." The SysA PTF works with organizations to optimize system security.
- Adapt and extend OMG technologies that apply across domains to enhance system assurance (e.g., compliance, reliability, safety and security)
- Establish a common framework for analysis and exchange of information related to system assurance and trustworthiness
- Promote software, system, and information assurance in OMG product interoperability
- Structured Assurance Case Metamodel (SACM): Defines a metamodel for representing structured assurance cases. An assurance case is a document that facilitates information exchange between various system stakeholders such as suppliers and acquirers, and between the operator and regulator, where the knowledge related to the safety and security of the system is communicated in a clear and defendable way.
- Tools Output Integration Framework (TOIF): Provides the TOIF XMI schema, which is the common reporting format of source/machine code weaknesses. TOIF XMI is the core part of a protocol that integrates weakness findings from multiple static code analysis tools related to a single system under assessment.
If you're an OMG member, have a member account, and want to get involved, you can Subscribe to The System Assurance PTF Mailing List to receive frequent group email updates and/or contact [email protected]. If you don't know if your organization is already a member, check the OMG Member List, Request An Account, and follow the prior steps, if your organization is a member, to get engaged. If not a member and interested in getting involved please visit our Membership Overview Webpage and/or contact [email protected].