SCR: A Practical Approach to Building a High Assurance COMSEC System

Abstract

To date, the tabular-based SCR (Software Cost Reduction) method has been applied mostly to the development of embedded control systems. This paper describes the successful application of the SCR method, including the SCR* toolset, to a different class of system, a COMSEC (Communications Security) device called CD that must correctly manage encrypted communications. The paper summarizes how the tools in SCR* were used to validate and to debug the SCR specification and to demonstrate that the specification satisfies a set of critical security properties. The development of the CD specification involved many tools in SCR*: a specification editor, a consistency checker, a simulator, the TAME interface to the theorem prover PVS, and various other analysis tools. Our experience provides evidence that use of the SCR* toolset to develop high-quality requirements specifications of moderately complex COMSEC systems is both practical and low-cost.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 1999
Accession Number
ADA465332

Entities

People

  • Constance Heitmeyer
  • James Kirby Jr.
  • Myla M. Archer

Organizations

  • United States Naval Research Laboratory

Tags

Communities of Interest

  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Abstracts
  • Algorithms
  • Automata
  • Automatic
  • Collision Avoidance
  • Collision Avoidance Systems
  • Computer Programs
  • Consistency
  • Control Systems
  • Costs
  • Generators
  • Language
  • Machines
  • Simulators
  • Software Testing
  • Test Methods
  • Test Sets

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Mathematical Modeling and Probability Theory.
  • Software Engineering