From Formal Specifications to Secure Implementations
نویسنده
چکیده
This paper proposes a new tool-supported technique for the complete development of safety-critical interactive systems from the specification to the implementation step. Safety as well as usability properties are continuously guaranteed during the development process. This technique relies on formal specifications of the requirements and so uses the model-oriented formal method B and a new ad-hoc software architecture model –CAV– which is an hybrid of MVC and PAC models. At the implementation step, this technique uses automatic code generation. Moreover, links from secure generated code to native non-secure libraries are clarified. This development process is illustrated by a fully implemented case study.
منابع مشابه
Formal Development of Secure Email
Developing systems that are assured to be secure requires precise and accurate descriptions of specifications, designs, implementations, and security properties. Formal specification and verification have long been recognized as giving the highest degree of assurance. In this paper, we describe a software development process that integrates formal verification and synthesis. We demonstrate this...
متن کاملFrom Maude Specifications to SOAP Distributed Implementations: A Smooth Transition
In this paper we show how the formal specification of a system written in Maude can be easily connected to its Web-based distributed implementation using SOAP. In addition to the usual advantages provided by the use of formal specifications, by allowing objects in any of these worlds (specification and implementation) to seamlessly interoperate we can obtain several interesting advantages, such...
متن کاملCreating Formal Specifications with Analogical Reasoning
We describe the Arís (Analogical Reasoning for Implementations and Specifications) system that uses analogical reasoning to create formal specifications for a given implementation. Arís is built on the hypothesis that structurally similar implementations often represent similar functionality. It leverages this similarity to create new specifications, by analogy to a retrieved similar example. O...
متن کاملCryptographically sound analysis of security protocols
In this thesis, we show how formal methods can be used for the cryptographically sound verification of concrete implementations of security protocols in order to obtain trustworthy and meaningful proofs, and to eliminate human inaccuracies. First, we show how to derive secure concrete implementations of a given abstract specification. The security proofs are essentially based on the well-establ...
متن کاملComputationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کامل