Seven Layers of Knowledge Representation and Reasoning in Support of Software Development
IEEE Transactions on Software Engineering - Special issue on knowledge representation and reasoning in software development
Completeness and Consistency in Hierarchical State-Based Requirements
IEEE Transactions on Software Engineering - Special issue: best papers of the 17th International Conference on Software Engineering (ICSE-17)
Model-checking of real-time systems: a telecommunications application: experience report
ICSE '97 Proceedings of the 19th international conference on Software engineering
FMSP '00 Proceedings of the third workshop on Formal methods in software practice
Using TAME to prove invariants of automata models: Two case studies
FMSP '00 Proceedings of the third workshop on Formal methods in software practice
Salsa: Combining Constraint Solvers with BDDs for Automatic Invariant Checking
TACAS '00 Proceedings of the 6th International Conference on Tools and Algorithms for Construction and Analysis of Systems: Held as Part of the European Joint Conferences on the Theory and Practice of Software, ETAPS 2000
Applying Practical Formal Methods to the Specification and Analysis of Security Properties
MMM-ACNS '01 Proceedings of the International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security
Moat: A Virtual Private Network Appliance and Services Platform
LISA '99 Proceedings of the 13th USENIX conference on System administration
Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
| Hi-index | 0.00 |
A high-bandwidth, always-on Internet connection makescomputers in homes and small offices attractive targets fornetwork-based attacks. Network security gateways can protectsuch vulnerable hosts from attackers, but differing setsof customer needs require different feature mixes. Thesafest way to address this market is to provide a family ofproducts, each member of which requires little or no end-userconfiguration. Since the products are closely related,the effort to validate n of them should be much less thann times the effort to validate one; however, validating thecorrectness and security of even one such device is notoriouslydifficult, due to the oft-observed fact that no practicalamount of testing can show the absence of security flaws.One would instead like to prove security properties, evenwhen the products are implemented using off-the-shelf technologiesthat don't lend themselves to formal reasoning. Inthis paper, I describe how I use the specification modelingand validation tools of the Interactive Specification AcquisitionTools (ISAT) suite to help validate members of a particularfamily of network security gateway products builtusing widely available open source technologies.