A conceptual formal framework for developing and maintaining security-critical systems


One of the most important challenges, present and future, is that of developing methods and measures to deal with a broad range of threats, ranging from terrorism, organized crime, and natural disasters to electronic intrusions. The complexity of critical systems (CSs) makes the development and maintenance of them susceptible to subtle errors, errors which make these systems vulnerable to the threats mentioned. One of the most important security practices is to integrate the development process of security with the development process of the system itself using formal methods at every stage to increase the level of confidence in the development, deployment and use of the system. Therefore, there is a need to build an overall, flexible (semi)-automated and formalized framework for the development and maintenance of the security of critical systems. In this paper, we propose such an integrated conceptual framework, which will enable us to design, analyze, implement, deploy and use a CS securely and efficiently in accordance with the specific security requirements and relevant security policies

Similar works

Full text

oai:CiteSeerX.psu: time updated on 10/22/2014

This paper was published in CiteSeerX.

Having an issue?

Is data on this page outdated, violates copyrights or anything else? Report the problem now and we will take corresponding actions after reviewing your request.