Advances in Petri nets 1986, part I on Petri nets: central models and their properties
The CCITT-specification and description language SDL
Computer Networks and ISDN Systems
Agendas—a concept to guide software development activities
Proceedings of the IFIP TC2 WG2.4 working conference on Systems implementation 2000 : languages, methods and tools: languages, methods and tools
Problem frames: analyzing and structuring software development problems
Problem frames: analyzing and structuring software development problems
Problem frames and architectures for security problems
SAFECOMP'05 Proceedings of the 24th international conference on Computer Safety, Reliability, and Security
Common criteria compliant software development (CC-CASD)
Proceedings of the 28th Annual ACM Symposium on Applied Computing
| Hi-index | 0.00 |
There is an increasing demand to certify the security of systems according to the Common Criteria (CC). The CC distinguish several evaluation assurance levels (EALs), level EAL7 being the highest and requiring the application of formal techniques. We present a method for requirements engineering and (semi-formal and formal) modeling of systems to be certified according to the higher evaluation assurance levels of the CC. The method is problem oriented, i.e. it is driven by the environment in which the system will operate and by a mission statement. We illustrate our approach by an industrial case study, namely an electronic purse card (EPC) to be implemented on a Java Smart Card. As a novelty, we treat the mutual asymmetric authentication of the card and the terminal into which the card is inserted.