Formal description and validation for an integrity policy supporting multiple levels of criticality

Formal methods are increasingly used to validate the design of software and hardware components of safety critical systems. In particular, formal validation is needed for those mechanisms which support the overall dependability of the systems. Inside the GUARDS project, a novel integrity mechanism has been proposed to implement the Multiple Levels of Criticality model within an object-oriented framework. We present the application of model checking techniques to the formal validation of this integrity level mechanism.

[1]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[2]  Amir Pnueli,et al.  Linear and Branching Structures in the Semantics and Logics of Reactive Systems , 1985, ICALP.

[3]  Robert de Simone,et al.  Auto/Autograph , 1990, Formal Methods Syst. Des..

[4]  Stefania Gnesi,et al.  The Integration Project for the JACK Environement , 1994 .

[5]  David Park,et al.  Concurrency and Automata on Infinite Sequences , 1981, Theoretical Computer Science.

[6]  Robert de Simone,et al.  Symbolic Bisimulation Minimisation , 1992, CAV.

[7]  Robert de Simone,et al.  The FC2TOOLS Set , 1996, AMAST.

[8]  Eric Madelaine,et al.  AUTO: A Verification Tool for Distributed Systems Using Reduction of Finite Automata Networks , 1989, FORTE.

[9]  Antonella Santone,et al.  Automated verification of fault tolerance mechanisms , 1998 .

[10]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[11]  Yves Deswarte,et al.  Supporting multiple levels of criticality , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[12]  Robin Milner,et al.  Algebraic laws for nondeterminism and concurrency , 1985, JACM.

[13]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[14]  Joseph Y. Halpern,et al.  “Sometimes” and “not never” revisited: on branching versus linear time temporal logic , 1986, JACM.

[15]  A. Wellings,et al.  Genericity and Upgradability in Ultra-Dependable Real-Time Architectures , 1996 .

[16]  David A. Bell,et al.  Secure computer systems: mathematical foundations and model , 1973 .

[17]  Stefania Gnesi,et al.  JACK: Just Another Concurrency Kit. The intergration Projekt , 1994, Bull. EATCS.

[18]  Enrico Tronci,et al.  Automatic Verification of a Hydroelectric Power Plant , 1996, FME.

[19]  Rocco De Nicola,et al.  Verifying hardware components within JACK , 1995, CHARME.

[20]  Robert S. Boyer,et al.  Computational Logic , 1990, ESPRIT Basic Research Series.

[21]  G. Boudol,et al.  Notes on Algebraic Calculi of Processes , 1989, Logics and Models of Concurrent Systems.

[22]  Stefania Gnesi,et al.  A Formal Verification Environment for Railway Signaling System Design , 1998, Formal Methods Syst. Des..

[23]  Rocco De Nicola,et al.  An Action-Based Framework for Verifying Logical and Behavioural Properties of Concurrent Systems , 1993, Comput. Networks ISDN Syst..

[24]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[25]  Rocco De Nicola,et al.  Action versus State based Logics for Transition Systems , 1990, Semantics of Systems of Concurrent Processes.