English
Related papers

Related papers: A Formal Development Cycle for Security Engineerin…

200 papers

In this paper, we introduce a process of formal system development supported by interactive theorem proving in a dedicated Isabelle framework. This Isabelle Infrastructure framework implements specification and verification in a cyclic…

Software Engineering · Computer Science 2021-12-09 Florian Kammüller

We present a process for the development of safety and security critical components in transportation systems targeting a high-level certification (CENELEC 50126/50128, DO 178, CC ISO/IEC 15408). The process adheres to the objectives of an…

Software Engineering · Computer Science 2019-05-17 Sergio Bezzecchi , Paolo Crisafulli , Charlotte Pichot , Burkhart Wolff

Assurance cases are often required as a means to certify a critical system. Use of formal methods in assurance can improve automation, and overcome problems with ambiguity, faulty reasoning, and inadequate evidentiary support. However,…

Logic in Computer Science · Computer Science 2019-05-16 Yakoub Nemouchi , Simon Foster , Mario Gleirscher , Tim Kelly

In this paper, we propose the use of interactive theorem proving for explainable machine learning. After presenting our proposition, we illustrate it on the dedicated application of explaining security attacks using the Isabelle…

Software Engineering · Computer Science 2022-01-03 Florian Kammüller

Assurance cases are often required to certify critical systems. The use of formal methods in assurance can improve automation, increase confidence, and overcome errant reasoning. However, assurance cases can never be fully formalised, as…

Software Engineering · Computer Science 2021-06-11 Simon Foster , Yakoub Nemouchi , Mario Gleirscher , Ran Wei , Tim Kelly

To develop trustworthy distributed systems, verification techniques and formal methods, including lightweight and practical approaches, have been employed to certify the design or implementation of security protocols. Lightweight formal…

Cryptography and Security · Computer Science 2024-11-28 Rémi Garcia , Paolo Modesti

Ensuring compliance with Information Flow Security (IFS) is known to be challenging, especially for concurrent systems with large codebases such as multicore operating system (OS) kernels. Refinement, which verifies that an implementation…

Logic in Computer Science · Computer Science 2025-11-11 Huan Sun , David Sanán , Jingyi Wang , Yongwang Zhao , Jun Sun , Wenhai Wang

In this paper, we add a second part to the process of Security Engineering to the Isabelle Insider and Infrastructure framework (IIIf) [31,16] by addressing an old difficult task of refining Information Flow Security (IFC). We address the…

Software Engineering · Computer Science 2024-12-17 Florian Kammüller

Assurance of information-flow security by formal methods is mandated in security certification of separation kernels. As an industrial standard for improving safety, ARINC 653 has been complied with by mainstream separation kernels. Due to…

Software Engineering · Computer Science 2017-02-21 Yongwang Zhao , David Sanan , Fuyuan Zhang , Yang Liu

In this paper we present an efficient approach to implementing model checking in the Higher Order Logic (HOL) of Isabelle. This is a non-trivial task since model checking is restricted to finite state sets. By restricting our scope to…

Logic in Computer Science · Computer Science 2024-01-01 Florian Kammüller

SAFE is a clean-slate design for a highly secure computer system, with pervasive mechanisms for tracking and limiting information flows. At the lowest level, the SAFE hardware supports fine-grained programmable tags, with efficient and…

This set of theories presents an Isabelle/HOL+Isar formalisation of stream processing components introduces in Focus, a framework for formal specification and development of interactive systems. This is an extended and updated version of…

Software Engineering · Computer Science 2014-05-08 Maria Spichkova

In this paper, we present a proof theory for attack trees. Attack trees are a well established and useful model for the construction of attacks on systems since they allow a stepwise exploration of high level attacks in application…

Cryptography and Security · Computer Science 2018-05-16 Florian Kammüller

As smart contracts are growing in size and complexity, it becomes harder and harder to ensure their correctness and security. Due to the lack of isolation mechanisms a single mistake or vulnerability in the code can bring the whole system…

Software Engineering · Computer Science 2020-01-14 Mikhail Mandrykin , Jake O'Shannessy , Jacob Payne , Ilya Shchepetkov

Ensuring the safety of autonomous vehicles (AVs) is the key requisite for their acceptance in society. This complexity is the core challenge in formally proving their safety conditions with AI-based black-box controllers and surrounding…

Software Engineering · Computer Science 2024-01-11 Tsutomu Kobayashi , Martin Bondu , Fuyuki Ishikawa

Simulation and formal verification are important complementary techniques necessary in high assurance model-based systems development. In order to support coherent results, it is necessary to provide unifying semantics and automation for…

Logic in Computer Science · Computer Science 2021-05-12 Simon Foster , Chung-Kil Hur , Jim Woodcock

We propose a methodology for verifying security properties of network protocols at design level. It can be separated in two main parts: context and requirements analysis and informal verification; and formal representation and procedural…

Cryptography and Security · Computer Science 2013-10-29 Jesus Diaz , David Arroyo , Francisco B. Rodriguez

We formally verify an algorithm for approximate policy iteration on Factored Markov Decision Processes using the interactive theorem prover Isabelle/HOL. Next, we show how the formalized algorithm can be refined to an executable, verified…

Artificial Intelligence · Computer Science 2024-06-12 Maximilian Schäffeler , Mohammad Abdulaziz

When blockchain systems are said to be trustless, what this really means is that all the trust is put into software. Thus, there are strong incentives to ensure blockchain software is correct -- vulnerabilities here cost millions and break…

Software Engineering · Computer Science 2025-10-20 Jan Corazza , Ivan Gavran , Gabriela Moreira , Daniel Neider

In recent years, there has been a growing concern with software integrity, that is, the assurance that software has not been tampered with on the path between developers and users. This path is represented by a software development pipeline…

Cryptography and Security · Computer Science 2022-11-14 B. M. Reichert , R. R. Obelheiro
‹ Prev 1 2 3 10 Next ›