Setting an Interagency HCS Research Agenda Released May 1998

	2.  Review of the prior HCS Workshop
2.  Review of the prior       HCS Workshop	Review of the prior HCS Workshop   The Workshop Chair began this workshop by reviewing what took place at the last HCS Workshop on 6-7 August 1997 -- a draft of the proceedings was handed out. In her review, she summarized the key workshop ideas and noted some significant trends: There is a growing dependence on computing for safety-critical use. Many of these safety-critical products are consumer hardware and/or software. There is an increased risk due to integrating functions that were formerly separated for safety purposes. There is increased computer use for improving system functionality. Infrastructures are running at capacity or near capacity. There are many high-visibility problems with complex systems. Today, more than ever, the U.S. needs high confidence systems. A national HCS research agenda is needed now! Such an agenda must focus on safety and security in malicious environments because current techniques may be reaching their limits in systems of increasing scale and complexity. Recent technology advances put us on the brink of new possibilities; however, the U.S. is being overtaken by Europe in this area. To keep the U.S. in the forefront and to maintain our economic competitiveness, the U.S. must pursue advancing this technology for its own systems. Creating a national HCS research program will require a future-looking view of the world with outcome-oriented goals that appeal to the public, are affordable, do not generate fear of technology, and have a technology strategy.   Recommended HCS solutions should encourage lower cost, the leveraging of knowledge within a company, and techniques that do not require large educational ramp-up. While it was noted that many companies have a strong corporate incentive not to share their proprietary tools, the hope is that increasing integration will create a need for companies to share information on assurance techniques.   Part of the discussion that occurred during the review presentation focused on the role of standards, although that role is perceived differently by various participants. Some participants felt that standards are needed to focus research funding and to drive technology research (e.g., performance or safety standards that future HCS technology must meet). Others felt that research should be driving, or even developing, technology standards (e.g., standardized application programming interfaces (APIs), standardized security mechanisms) or interoperability standards (e.g., standardized certification authorities). Still others believed that standards only identify what is known and that research should look beyond standards to the future; the focus should be on the research agenda and letting standards developers adjust accordingly rather than on standards that force research adjustments. This third group felt that research could be putting HCS fundamentals in place to support current and future standards. While all positions appeared to have merit, no consensus was reached regarding how best to stress standards in this research agenda effort. Emerging from this discussion was an increasing need to move from process control-based standards more towards product-based standards for high confidence systems. There was also discussion about the Federal Highway Administration's Intelligent Transportation Systems (ITS) Program, which is now coming out with critically needed standards (including standards for software).