GemClassifier, a formally developed smart card
نویسنده
چکیده
In a previous paper [Lan-00] we explained that smart cards could be the ideal domain for applying formal methods. We said that the need of formal methods has three origins: mastering the complexity of the new operating systems, certifying at a high level a part of the smart card and reducing the cost of the test. We believed that these reasons were enough to introduce formal methods in the software live cycle. Unfortunately the efforts for integrating data and behavior in a same framework for generating automatically test cases, have not yet been successful. For the certification, the certification obtained by Multos (ITSEC EAL 6) did not encourage the other smart card manufacturers to propose high level certification. If certification helps to introduce formal methods it will be just as a side effect. Finally it was the complexity of the operating systems and the need to avoid vulnerabilities that initiated the GemClassifier smart card development.
منابع مشابه
The use of B for Smart Card
In a previous paper [Lan-00] we stated that smart cards could be the ideal domain for applying formal methods. We said that the need of formal methods has three origins: mastering the complexity of the new operating systems, certifying at a high level a part of the smart card and reducing the cost of the validation. We believed that these reasons were enough to introduce formal methods in the s...
متن کاملA Formally Verified Calculus for Full Java Card
We present a calculus for the verification of sequential Java programs. It supports all Java language constructs and has additional support for Java Card. The calculus is formally proved correct with respect to a natural semantics. It is implemented in the KIV system and used for smart card applications.
متن کاملImplementing a Formally Verifiable Security Protocol in Java Card
This paper describes a case study in refining an abstract security protocol description down to a concrete implementation on a Java Card smart card. The aim is to consider the decisions that have to be made in the development of such an implementation in a systematic way, and to investigate the possibilities of formal specification and verification in the design process and for the final implem...
متن کاملImproving Test Conformance of Smart Cards versus EMV-Specification by Using on the Fly Temporal Property Verification
Electronic payment transactions using smart card are based on the Europay Mastercard Visa (EMV) specifications. This standard appeared in 1995 in order to ensure security and global interoperability between EMV-compliant smart cards and EMV-compliant payment terminals throughout the world. Another purpose of EMV specifications is to permit a secure control of offline credit card transaction app...
متن کامل