Sciweavers

WETICE
2006
IEEE

Security Verification Techniques Applied to PatchLink COTS Software

14 years 5 months ago
Security Verification Techniques Applied to PatchLink COTS Software
Verification of the security of software artifacts is a challenging task. An integrated approach that combines verification techniques can increase the confidence in the security of software artifacts. Such an approach has been developed by the Jet Propulsion Laboratory (JPL) and the University of California at Davis (UC Davis). Two security verification instruments were developed and then piloted on PatchLink’s UNIX Agent, a CommercialOff-The-Shelf (COTS) software product, to assess the value of the instruments and the approach. The two instruments are the Flexible Modeling Framework (FMF) — a model-based verification instrument (JPL), and a Property-Based Tester (UC Davis). Security properties were formally specified for the COTS artifact and then verified using these instruments. The results were then reviewed to determine the effectiveness of the approach and the security of the COTS product.
David P. Gilliam, John D. Powell, Matt Bishop, Chr
Added 12 Jun 2010
Updated 12 Jun 2010
Type Conference
Year 2006
Where WETICE
Authors David P. Gilliam, John D. Powell, Matt Bishop, Chris Andrew, Sameer Jog
Comments (0)