SDC Secure Release Terminal Project

The SDC Secure Release Terminal SRT) project provides a useful view of the process involved in constructing software whose code is intended to be formally verified to satisfy desired security properties. The purpose of the SRT is to move appropriately classified data from a processing environment at one security level to a processing environment at another level in machine readable form. This paper discusses the design process for the SRT which was carried out using the SDC Formal Development Methodology (FDM). the SRT project is the first application of the FDM code level verification capabilities. However, since the code level verification has not yet been performed this paper concentrates on the design problems inherent in targeting a system for code level verification.