Title :
Design and assurance strategy for the NRL pump
Author :
Kang, Myong H. ; Moore, Andrew P. ; Moskowitz, Ira S.
Author_Institution :
Center for High Assurance Comput. Syst., Naval Res. Lab., Washington, DC, USA
Abstract :
Developing a trustworthy system is difficult because the developer must construct a persuasive argument that the system conforms to its critical requirements. This assurance argument, as well as the software and hardware, must be evaluated by an independent certification team. We present the external requirements and logical design of a specific trusted device, the NRL Pump, and describe our plan, called the assurance strategy, to create the eventual assurance argument. Our assurance strategy exploits currently available graphical specification, simulation, formal proof, and testing coverage analysis tools. Portions of the design are represented by figures generated by the Statemate toolset, and we discuss how those tools, and covert channel analysis will be used to show that the logical design conforms to its external requirements. We conclude with some remarks on a possible physical architecture
Keywords :
formal specification; program verification; safety-critical software; software fault tolerance; software quality; NRL pump; Statemate toolset; assurance argument; assurance strategy; covert channel analysis; critical requirements; external requirements; formal proof; graphical specification; independent certification team; logical design; physical architecture; testing coverage analysis tools; trusted device; trustworthy system; Certification; Computer architecture; Data security; Distributed computing; Hardware; Information security; Laboratories; Multilevel systems; Postal services; Timing;
Conference_Titel :
High-Assurance Systems Engineering Workshop, 1997., Proceedings
Conference_Location :
Washington, DC
Print_ISBN :
0-8186-7971-9
DOI :
10.1109/HASE.1997.648040
