A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2004; you can also visit the original URL.
The file type is
Past efforts at designing and implementing ultra high assurance systems for government security and safety have centered on the concept of a monolithic security kernel responsible for a system-wide security policy. This approach leads to inflexible, overly complex operating systems that are too large to evaluate at the highest assurance levels (e.g., Common Criteria EAL 5 and above). We describe a new multilayered approach to the design and verification of embedded trustworthy systems that isdoi:10.1109/hicss.2004.1265709 dblp:conf/hicss/Alves-FossTO04 fatcat:4vrbgao35bhhjjdrnos5ss5l7i