On the Role of Formal Methods in Software Certification: An Experience Report

Constance L. Heitmeyer
2009 Electronical Notes in Theoretical Computer Science  
This paper describes how formal methods were used to produce evidence in a certification, based on the Common Criteria, of a security-critical software system. The evidence included a top level specification (TLS) of the security-relevant software behavior, a formal statement of the required security properties, proofs that the specification satisfied the properties, and a demonstration that the source code, which had been annotated with preconditions and postconditions, was a refinement of the
more » ... TLS. The paper also describes those aspects of our approach which were most effective and research that could significantly increase the effectiveness of formal methods in software certification.
doi:10.1016/j.entcs.2009.09.001 fatcat:kq62li7v2jfjrf434tcmazrdrm