Sciweavers

WETICE
2005
IEEE

Application of Lightweight Formal Methods to Software Security

14 years 6 months ago
Application of Lightweight Formal Methods to Software Security
Formal specification and verification of security has proven a challenging task. There is no single method that has proven feasible. Instead, an integrated approach which combines several formal techniques can increase the confidence in the verification of software security properties. Such an approach which specifies security properties in a library that can be re-used by 2 instruments and their methodologies developed for the National Aeronautics and Space Administration (NASA) at the Jet Propulsion Laboratory (JPL) are described herein The Flexible Modeling Framework (FMF) is a model based verification instrument that uses Promela and the SPIN model checker. The Property Based Tester (PBT) uses TASPEC and a Test Execution Monitor (TEM). They are used to reduce vulnerabilities and unwanted exposures in software during the development and maintenance life cycles. These instruments are currently being piloted with a COTS Server-Agent Application.
David P. Gilliam, John D. Powell, Matt Bishop
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where WETICE
Authors David P. Gilliam, John D. Powell, Matt Bishop
Comments (0)