Deploying Crowd-Sourced Formal Verification Systems in a DoD Network

Abstract

Manual formal software verification is an expensive and time-consuming process. Military software is currently verified manually by highly skilled analysts. To reduce the high costs of the formal verification, DARPA started a Crowd-Sourced Formal Verification (CSFV) program that aims to include as many people as possible to participate in this verification process by embedding some of the verification logics into computer games. In this study we built a network prototype for hosting a CSFV server on a DoD network. The CSFV network prototype is designed according to the common security practices, necessary security measures against possible attacks, and the Security Technical Implementation Guides (STIGs) published by DISA to provide confidentiality, integrity and availability. Important details are presented about server operating system selections, proper usage of necessary network services, and firewall and IDS rules for efficient network security. Results from common network penetration test tools confirm that our prototype meets the necessary security requirements and can be trusted on a DoD network.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2013
Accession Number
ADA590372

Entities

People

  • Mahmut F. Dumlupinar

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Cloud Computing
  • Computer Network Security
  • Computer Networks
  • Computer Programming
  • Computer Programs
  • Computers
  • Cyberattacks
  • Cybersecurity
  • Electronic Mail
  • Information Security
  • Information Systems
  • Intrusion Detection
  • Intrusion Detectors
  • Network Architecture
  • Network Protocols
  • Network Topology
  • Operating Systems

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Software Engineering.

Technology Areas

  • Cyber