论文信息 - Engineering the Tokeneer Enclave Protection Software

Engineering the Tokeneer Enclave Protection Software

The Tokeneer ID Station (TIS) project, carried out by Praxis High Integrity Systems in conjunction with SPRE Inc. under the direction of NSA, has shown that it is possible to produce high quality, low defect systems conforming to the Common Criteria requirements for Evaluation Assurance Level 5 (EAL5). We state the seven guiding principles we used to achieve this, and relate each one to examples from the TIS development. The systems development industry in general has viewed conformance with the Common Criteria higher levels as too difficult, too expensive, and generally not economical. The experience of Praxis High Integrity Systems, however, is that the levels of EAL5 and beyond (including EAL7) are achievable in a cost-effective manner. This TIS project was commissioned as a demonstration vehicle, to show exactly how the development approach adopted by Praxis matches up to EAL5, and to measure its actual productivity and defect rates under controlled conditions.

Randy Johnson | Janet Barnes | James Widmaier

[1] John D. Musa,et al. Software-Reliability-Engineered Testing , 1996, Computer.

[2] Peter J. Denning,et al. Certification of programs for secure information flow , 1977, CACM.

[3] Anthony Hall,et al. Correctness by Construction: Developing a Commercial Secure System , 2002, IEEE Softw..

[4] J. Michael Spivey,et al. The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[5] Jan Trobitius,et al. Anwendung der "Common Criteria for Information Technology Security Evaluation" (CC) / ISO 15408 auf ein SOA Registry-Repository , 2007, Informatiktage.

[6] John G. P. Barnes,et al. High Integrity Software - The SPARK Approach to Safety and Security , 2003 .

[7] Anthony Hall. Using Formal Methods to Develop an ATC Information System , 1996, IEEE Softw..

[8] Robert Musson. How the TSP Impacts the Top Line , 2002 .

[9] Steve King,et al. Is Proof More Cost-Effective Than Testing? , 2000, IEEE Trans. Software Eng..

[10] Xin Huang,et al. Producing reliable software: an experiment , 2002, J. Syst. Softw..