Formal specification and verification of control software for cryptographic equipment

Open Access

4 December 2002

conference paper
Published by Institute of Electrical and Electronics Engineers (IEEE)

p. 32-43
https://doi.org/10.1109/csac.1990.143748

Abstract

A description is given of the application of formal specification and verification methods to two microprocessor-based cryptographic devices: a 'smart token' system that controls access to a network of workstations, and a message authentication device implementing the ANSI X9.9 message authentication standard. Formal specification and verification were found to be practical, cost-effective tools for detecting potential security weaknesses, and helped to significantly strengthen the security of the access control system.

Keywords

This publication has 5 references indexed in Scilit:

The RAISE language, method and tools
Formal Aspects of Computing, 1989
A Comparison of Commercial and Military Computer Security Policies
Published by Institute of Electrical and Electronics Engineers (IEEE) ,1987
A Formal Method for the Abstract Specification of Software
Journal of the ACM, 1984
Proving multilevel security of a system design
Published by Association for Computing Machinery (ACM) ,1977
Secure Computer System: Unified Exposition and Multics Interpretation
Published by Defense Technical Information Center (DTIC) ,1976

Cited by 6 articles