Tools and Methods for Increasing Trust in Software

Many recent Nonproliferation and Arms Control software projects include a software authentication regime. These include U.S. Government projects both in the U.S. and in the Russian Federation (RF). In this context, “authentication” is defined as determining that a software package performs only its intended purpose and performs that purpose correctly and reliably over many years. Demonstrating assurance that software performs as expected without hidden “back-doors” is crucial to a project’s success. Software authentication has applications outside Nonproliferation and Arms Control regimes. This includes electronic voting software and other categories of software which are critical or security significant. We will discuss tools and methods of increasing the trust in software. Their purpose is to maximize the productivity of the knowledgeable computer scientists, and increase the efficiency of the visual inspection process, by highlighting suspicious code constructs.