Design and Assurance Strategy for the NRL Pump

Abstract

Developing a trustworthy system is difficult because the developer must construct a persuasive argument that the system conforms to its critical requirements. This assurance argument, as well as the software and hardware, must be evaluated by an independent certification team. In this paper, we present the external requirements and logical design of a specific trusted device, the NRL Pump, and describe our plan, called the assurance strategy, to create the eventual assurance argument. Our assurance strategy exploits currently available graphical specification, simulation, formal proof, and testing coverage analysis tools. Portions of the design are represented by figures generated by the Statement tool set, and we discuss how those tools, and covert channel analysis, will be used to show that the logical design conforms to its external requirements. We conclude with some remarks on a possible physical architecture.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 31, 1997
Accession Number
ADA333464

Entities

People

  • Andrew P. Moore
  • Ira S. Moskowitz
  • Myong H. Kang

Organizations

  • United States Naval Research Laboratory

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Application Protocols
  • Application Software
  • Authentication
  • Communication Channels
  • Computer Programming
  • Computers
  • Cybersecurity
  • Databases
  • Engineering
  • Information Systems
  • Language
  • Notation
  • Simulations
  • Software Development
  • Specifications
  • Standards
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Electronics Engineering
  • Theoretical Analysis.