On the Role of Formal Methods in Software Certification: An Experience Report | Zendy

Constance Heitmeyer | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

On the Role of Formal Methods in Software Certification: An Experience Report

Author(s) -

Constance Heitmeyer

Publication year - 2009

Publication title -

electronic notes in theoretical computer science

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.242

H-Index - 60

ISSN - 1571-0661

DOI - 10.1016/j.entcs.2009.09.001

Subject(s) - computer science , certification , formal methods , refinement , software engineering , formal specification , mathematical proof , software security assurance , programming language , statement (logic) , formal verification , computer security , information security , security service , law , mathematics , political science , geometry

This paper describes how formal methods were used to produce evidence in a certification, based on the Common Criteria, of a security-critical software system. The evidence included a top level specification (TLS) of the security-relevant software behavior, a formal statement of the required security properties, proofs that the specification satisfied the properties, and a demonstration that the source code, which had been annotated with preconditions and postconditions, was a refinement of the TLS. The paper also describes those aspects of our approach which were most effective and research that could significantly increase the effectiveness of formal methods in software certification

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research