Formal Verification of OS Security Model with Alloy and Event-B

Devyanin, P. N.; Хорошилов, А. В.; Kuliamin, Victor V.; Petrenko, Alexander K.; Shchepetkov, Ilya

doi:10.1007/978-3-662-43652-3_30

Cited by 16 publications

(12 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In ISP RAS projects deductive verification was used to verify security properties of a Linuxbased OS modified for specific use in government agencies [32,33]. The OS is intended to implement a complex security model (called MROSL DP) integrating mechanisms of latticebased mandatory access control, mandatory integrity control, and role-based access control.…”

Section: Deductive Verificationmentioning

confidence: 99%

Verification of Operating System Components

Kuliamin¹,

Petrenko²,

Хорошилов³

2017

View full text Add to dashboard Cite

The paper concerns recent advances in reaching the goal of industrial operating system (OS) verification. By industrial OS we mean a system actively used in some industrial domain, elaborated and maintained for a significant time, not a proof-of-concept OS developed with mostly research intentions. We consider decomposition of this goal into tasks related with various functional components of OS and various properties under verification, and application of different verification methods to those tasks. This is a trial to explicate and summarize the experience of several projects on various OS components and different OS features verification conducted in ISP RAS.

show abstract

Section: Deductive Verificationmentioning

confidence: 99%

Verification of Operating System Components

Kuliamin¹,

Petrenko²,

Хорошилов³

2017

View full text Add to dashboard Cite

show abstract

“…В данной статье представлены текущие результаты разработки и верификации формальной модели, называемой иерархической интегрированной моделью управления доступом и информационных потоков (hierarchical integrated model of access control and information flows, HIMACF, ранние версии ее имели название МРОСЛ ДП-модель). [9][10]. Эта модель корректно интегрирует механизмы RBAC, MIC и MAC, сохраняя их ключевые свойства безопасности.…”

Section: Introductionunclassified

“…32, issue 1, 2020. pp. 7-26 10 14] и нормативными документами ФСТЭК России для систем с высокими уровнями доверия. Модель частично реализована в построенной на основе ядра Linux ОС Astra Linux Special Edition [15].…”

Section: Introductionunclassified

“…Труды ИСП РАН, том 32, вып. 1, 2020 г., стр [7][8][9][10][11][12][13][14][15][16][17][18][20][21][22][23][24][25][26] Уточнение одной моделью другой означает, что переменные, инварианты, события и контракты событий уточняемой модели наследуются уточняющей.…”

unclassified

“…ISP RAS, vol. 32, issue 1, 2020. pp [7][8][9][10][11][12][13][14][15][16][17][18][20][21][22][23][24][25][26] Базовый уровень модели HIMACF имеет следующие переменные состояния (определения типов переменных мы указываем здесь же, а не в отдельных инвариантах, как положено в Event-B).…”

unclassified

See 2 more Smart Citations

Integrating RBAC, MIC, and MLS in Verified Hierarchical Security Model for Operating System

Devyanin

2020

Proceedings of ISP RAS

View full text Add to dashboard Cite

Evaluating the suitability of state‐based formal methods for industrial deployment

2018

View full text Add to dashboard Cite

After a number of success stories in safety-critical domains, we are starting to witness applications of formal methods in contemporary systems and software engineering. However, one thing that is still missing is the evaluation criteria that help software practitioners choose the right formal method for the problem at hand. In this paper, we present the criteria for evaluating and comparing different formal methods. The criteria were chosen through a literature review, discussions with experts from academia and practitioners from industry, and decade-long personal experience with the application of formal methods in industrial and academic projects. The criteria were then evaluated on several model-oriented state-based formal methods. Our research shows that besides technical grounds (eg, modeling capabilities and supported development phases), formal methods should also be evaluated from social and industrial perspectives. We also found out that it is not possible to generate a matrix that renders the selection of the right formal method an automatic process. However, we can generate several pointers, which make this selection process a lot less cumbersome.

show abstract

Formal Verification of OS Security Model with Alloy and Event-B

Cited by 16 publications

References 3 publications

Verification of Operating System Components

Verification of Operating System Components

Integrating RBAC, MIC, and MLS in Verified Hierarchical Security Model for Operating System

Evaluating the suitability of state‐based formal methods for industrial deployment

Contact Info

Product

Resources

About