This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: 12/19/2010 1 Unit 9: Formal Methods Unit 9: Formal Methods Part 1 Click Here to Start Audio Why Use Formal Methods? Why Use Formal Methods? c As Complexity Increases, full testing to great reliability becomes impractical. c Design Diversity May Help Overcome Issue, but High Recurring Costs and Vulnerable to Common Error Formal Models and Covert Formal Models and Covert Channels Channels c Formal Models Can Help In Analyzing Covert Channels c Data Storage Models are Limited ◦ Information Flow C Modeling Shared Resources C Covert Flow Trees [Porras and Kemmerer] ◦ Interference [Goguen and Mesaguer] C Interference can be masked. 12/19/2010 2 System Development Paths System Development Paths Abstract Model Security Reqs Formal Specs Functional Specs Implementation Implementation demonstration proof proof testing Informal Development Path Formal Development Path [Morrie, Gasser, “Building a Secure Computer System”] Model Correspondence Model Correspondence c Further Refinement c Convincing...
View Full Document
This note was uploaded on 02/20/2011 for the course TECH 7375 taught by Professor June during the Spring '11 term at University of Arkansas for Medical Sciences.
- Spring '11