Security Verification Techniques Applied to PatchLink COTS Software

Manchester, United Kingdom June 26-June 28

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/WETICE.2006.59

15th IEEE International Workshops on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by David P. Gilliam Articles by John D. Powell Articles by Matt Bishop Articles by Chris Andrew Articles by Sameer Jog

	ASCII Text	x
	David P. Gilliam, John D. Powell, Matt Bishop, Chris Andrew, Sameer Jog, "Security Verification Techniques Applied to PatchLink COTS Software," Enabling Technologies, IEEE International Workshops on, pp. 319-325, 15th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE'06), 2006.

	BibTex	x
	@article{ 10.1109/WETICE.2006.59, author = {David P. Gilliam and John D. Powell and Matt Bishop and Chris Andrew and Sameer Jog}, title = {Security Verification Techniques Applied to PatchLink COTS Software}, journal ={Enabling Technologies, IEEE International Workshops on}, volume = {0}, year = {2006}, issn = {1524-4547}, pages = {319-325}, doi = {http://doi.ieeecomputersociety.org/10.1109/WETICE.2006.59}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Enabling Technologies, IEEE International Workshops on TI - Security Verification Techniques Applied to PatchLink COTS Software SN - 1524-4547 SP319 EP325 A1 - David P. Gilliam, A1 - John D. Powell, A1 - Matt Bishop, A1 - Chris Andrew, A1 - Sameer Jog, PY - 2006 KW - null VL - 0 JA - Enabling Technologies, IEEE International Workshops on ER -

David P. Gilliam, California Institute of Technology, USA

John D. Powell, California Institute of Technology, USA

Matt Bishop, University of California at Davis, USA

Chris Andrew, PatchLink Corporation

Sameer Jog, PatchLink Corporation

Verification of the security of software artifacts is a challenging task. An integrated approach that combines verification techniques can increase the confidence in the security of software artifacts. Such an approach has been developed by the Jet Propulsion Laboratory (JPL) and the University of California at Davis (UC Davis). Two security verification instruments were developed and then piloted on PatchLink?s UNIX Agent, a Commercial- Off-The-Shelf (COTS) software product, to assess the value of the instruments and the approach. The two instruments are the Flexible Modeling Framework (FMF) -- a model-based verification instrument (JPL), and a Property-Based Tester (UC Davis). Security properties were formally specified for the COTS artifact and then verified using these instruments. The results were then reviewed to determine the effectiveness of the approach and the security of the COTS product.

Citation:

David P. Gilliam, John D. Powell, Matt Bishop, Chris Andrew, Sameer Jog, "Security Verification Techniques Applied to PatchLink COTS Software," wetice, pp.319-325, 15th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.