Rapid-prototyping of high-assurance systems

Auletta, R.; Traver, C.

doi:10.1109/glsv.1993.224474

Cited by 6 publications

(9 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This process generates a set of critical requirements that must be satisfied by any further refinement. Although this is the extent of the repeater refinement in this document, this specification is consistent with the repeater specified in [1], from which a VHDL design and gate-level hardware description were derived.…”

Section: Structure Of This Documentmentioning

confidence: 57%

“…The application that we choose to demonstrate this approach, an RS-232 character repeater, was originally posed as a non-trivial, security-relevant example on which to determine the feasibility of formal methods [15]. Our use of literate programming techniques (1) demonstrates how a formal assurance argument can be presented in a clear and intuitive manner and (2) ensures that the documentation of the argument is consistent with the actual specification, implementation, and proof. This document was written using literate programming techniques and tools and is itself a literate program.…”

Section: Approachmentioning

confidence: 99%

“…The increase in width of the argument from top to bottom illustrates additional detail that is specified at the lower levels. Other work describes the synthesis of a gate-level hardware description from the repeater CSP physical design using VHDL synthesis tools [1].…”

Section: Solution Strategymentioning

confidence: 99%

See 2 more Smart Citations

The RS-232 Character Repeater Refinement and Assurance Argument,

Moore¹,

Payne²

1996

View full text Add to dashboard Cite

show abstract

Section: Structure Of This Documentmentioning

confidence: 57%

Section: Approachmentioning

confidence: 99%

See 1 more Smart Citation

The RS-232 Character Repeater Refinement and Assurance Argument,

Moore¹,

Payne²

1996

View full text Add to dashboard Cite

show abstract

“…1 The assurance argument supports the accreditation decision to allow a computer to process classi ed information in an operational environment. The argument is composed from technical evidence that is produced during the system development process, e.g., the security model, design speci cations, proofs, vulnerability analysis and test results.…”

Section: Introductionmentioning

confidence: 99%

“…Rigorously produced evidence that is di cult to understand conWork performed while author was employed by the Naval Research Laboratory. 1 A computer system is trusted if we rely on it for security enforcement. I t i s trustworthy if that reliance is justi ed technically.…”

Section: Introductionmentioning

confidence: 99%

Increasing Assurance with Literate Programming Techniques

Moore¹,

Payne²,

Charles³

1996

View full text Add to dashboard Cite

The assurance a r gument that a trusted system satis es its information security requirements must be c onvincing, because the argument supports the accreditation decision to allow the computer to process classi ed information in an operational environment. Assurance is achieved through understanding, but some evidence that supports the assurance a r gument can be di cult to understand. This paper describes a novel application of a technique, called literate programming 11 , that signi cantly improves the readability of the assurance a r gument while maintaining its consistency with formal speci cations that are input to speci cation and veri cation systems. We describe an application of this technique to a simple example and discuss the lessons learned f r om this e ort.

show abstract