Using SCR to specify requirements of the BART advanced automated train control system
High integrity software
TAME: Using PVS strategies for special-purpose theorem proving
Annals of Mathematics and Artificial Intelligence
Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Developing high-assurance secure systems with UML: a smartcard-based purchase protocol
HASE'04 Proceedings of the Eighth IEEE international conference on High assurance systems engineering
| Hi-index | 0.00 |
SCR (Software Cost Reduction) is a formal method for specifying and analyzing system requirements that has previously been applied to control systems. This paper describes a case study in which the SCR method was used to specify and analyze a different class of system, a cryptographic system called CD, which must satisfy a large set of security properties. The paper describes how a suite of tools supporting SCR a consistency checker, simulator, model checker, invariant generator, theorem prover, and validity checker were used to detect errors in the SCR specification of CD and to verify that the specification satisfies seven security properties. The paper also describes issues of concern to software developers about formal methods, e.g., ease of use, cost-effectiveness, scalability, how to translate a prose specification into a formal notation, and what process to follow in applying a formal method and discusses these issues based on our experience with CD. Also described are some unexpected results of our case study.