Increasing Assurance with Literate Programming Techniques

Abstract

The assurance argument that a trusted system satisfies its information security requirements must be convincing, because the argument supports the accreditation decision to allow the computer to process classified information in an operational environment. Assurance is achieved through understanding, but some evidence that supports the assurance argument can be difficult to understand. This paper describes a novel application of a technique, called literate programming [11], that significantly improves the readability of the assurance argument while maintaining its consistency with formal specifications that are input to specification and verification systems. We describe an application of this technique to a simple example and discuss the lessons learned from this effort.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 1996
Accession Number
ADA462931

Entities

People

  • Andrew P. Moore
  • Charles N. Payne Jr.

Organizations

  • United States Naval Research Laboratory

Tags

Communities of Interest

  • Energy and Power Technologies
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Compilers
  • Computer Languages
  • Computer Network Security
  • Computer Programming
  • Computer Programs
  • Computers
  • Language
  • Lessons Learned
  • Prime Numbers
  • Programming Languages
  • Security
  • Specifications
  • Translations

Fields of Study

  • Computer science

Readers

  • Computer Science.
  • Cybersecurity.
  • Strategic Security Studies