Idea: simulation based security requirement verification for transaction level models
Pages 264 - 271
Abstract
Verification of security requirements in embedded systems is a crucial task - especially in very dynamic design processes like a hard-ware/software codesign flow. In such a case the system's modules and components are continuously modified and refined until all constraints are met and the system design is in a stable state. A transaction level model can be used for such a design space exploration in this phase. It is essential that security requirements are considered from the very first beginning. In this work we demonstrate a novel approach how to use meta-information in transaction level models to verify the consistent application of security requirements in embedded systems.
References
[1]
Balarin, F., Passerone, R., Pinto, A., Sangiovanni-Vincentelli, A.L.: A formal approach to system level design: metamodels and unified design environments. In: Third ACM and IEEE International Conference on Formal Methods and Models for Co-Design. IEEE, Los Alamitos (2005).
[2]
Cai, L., Gajski, D.: Transaction level modeling: an overview. In: Proceedings of the 1st IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis. ACM, New York (2003).
[3]
Common Criteria. Common Criteria for Information Technology Security Evaluation - Part 1-3. Version 3.1 Revision 3 Final (July 2009).
[4]
Deng, Y., Wang, J., Tsai, J.J.P., Beznosov, K.: An approach for modeling and analysis of security system architectures. IEEE Transactions on Knowledge and Data Engineering 15(5), 1099-1119 (2003).
[5]
Garavel, H., Helmstetter, C., Ponsini, O., Serwe, W.: Verification of an industrial SystemC/TLM model using LOTOS and CADP. In: 7th IEEE/ACM International Conference on Formal Methods and Models for Co-Design. IEEE, Los Alamitos (2009).
[6]
Kocher, P., Lee, R., McGraw, G., Raghunathan, A.: Security as a new dimension in embedded system design. In: Proceedings of the 41st Annual Design Automation Conference. ACM, New York (2004).
[7]
Lotz, V., Kessler, V., Walter, G.H.: A formal security model for microprocessor hardware. IEEE Transactions on Software Engineering 26(8), 702-712 (2000).
[8]
Mellado, D., Fernández-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stand. Interfaces 29(2), 244-253 (2007).
[9]
Morimoto, S., Shigematsu, S., Goto, Y., Cheng, J.: Formal verification of security specifications with common criteria. In: Proceedings of the 2007 ACM Symposium on Applied Computing. ACM, New York (2007).
[10]
Schaumont, P., Verbauwhede, I.: Domain-specific codesign for embedded security. Computer 36(4), 68-74 (2003).
[11]
Trummer, C., Kirchsteiger, C.M., Steger, C., Weiss, R., Pistauer, M., Dalton, D.: Automated simulation-based verification of power requirements for systems-on-chips. In: 13th International Symposium on Design and Diagnostics of Electronic Circuits and Systems. IEEE, Los Alamitos (2010).
Recommendations
Idea: writing secure c programs with secprove
ESSoS'13: Proceedings of the 5th international conference on Engineering Secure Software and SystemsThis paper describes SecProve, a prototype tool we are developing for checking application-specific security properties of C code, together with our vision of how such a tool can be used by a programmer to maintain security of code during its ...
Integrating an Idea Generation Method into a Goal-Oriented Analysis Method for Requirements Elicitation
APSEC '05: Proceedings of the 12th Asia-Pacific Software Engineering ConferenceThis paper proposes an extension of goal-oriented analysis method where an idea generation method is combined. Goal-oriented analysis methods are one of the promising approaches for requirements elicitation. However, they have two major shortcomings; 1) ...
A Survey on Hardware Implementation of IDEA Cryptosystem
The main goal of hardware implementation of a cryptosystem is to make it compatible for high speed networks. The cryptographic algorithms are very much computationally intensive and to achieve a high speed execution, hardware is necessary. In this paper,...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
In-Cooperation
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 09 February 2011
Check for updates
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 30 Dec 2024