Публікація: Методика формального проектування КСЗІ в ІТС
Завантаження...
Дата
2019
Назва журналу
ISSN журналу
Назва тома
Видавництво
ХНУРЕ
Анотація
Formal methods enable reasoning from logical or mathematical specifications of the behaviors of computing devices or processes; they offer rigorous proofs that all system behaviors meet some desirable property. They are crucial for security goals, because they can show that no attack strategy in a class of strategies will cause a system to misbehave. Without requiring piecemeal enumeration, they rule out a range of attacks. They offer other benefits too: Formal specifications tell an implementer unambiguously what to produce, and they tell the subsequent user or integrator of a component what to rely on it to do. Since many vulnerabilities arise from misunderstandings and mismatches as components are integrated, the payoff from rigorous interface specifications is large. Formal methods differ from other design systems through the use of formal verification schemes, the basic principles of the system must be proven correct before they are accepted. Traditional system design has used extensive testing to verify behavior, but testing is capable of only finite conclusions.
Опис
Ключові слова
SD, Z.100, LOTOS, E-LOTOS, UML, UMLsec, рівень гарантій
Бібліографічний опис
Гвоздьов Р. Методика формального проектування КСЗІ в ІТС / Р. Гвоздьов, В. Заболотний, А. Бойко // Global Cyber Security Forum : матеріали Першого міжнародного науково-практичного форуму, 14 – 16 листопада 2019 р. – Харьков : ХНУРЭ, 2019. – С. 39–40.