Internet Archive Scholar

On the Role of Formal Methods in Software Certification: An Experience Report

Constance L. Heitmeyer
2009 Electronical Notes in Theoretical Computer Science  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (193.6 kB)
https://web.archive.org/web/20170109172756/https://www.nrl.navy.mil/itd/chacs/sites/www.nrl.navy.mil.itd.chacs/files/pdfs/Heitmeyer2009.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

This paper describes how formal methods were used to produce evidence in a certification, based on the Common Criteria, of a security-critical software system. The evidence included a top level specification (TLS) of the security-relevant software behavior, a formal statement of the required security properties, proofs that the specification satisfied the properties, and a demonstration that the source code, which had been annotated with preconditions and postconditions, was a refinement of the
more » ... TLS. The paper also describes those aspects of our approach which were most effective and research that could significantly increase the effectiveness of formal methods in software certification.
doi:10.1016/j.entcs.2009.09.001 fatcat:kq62li7v2jfjrf434tcmazrdrm
Open Access
Citation

Constance L. Heitmeyer. "On the Role of Formal Methods in Software Certification: An Experience Report." Electronical Notes in Theoretical Computer Science 238.4 (2009) 3-9