Framework for the formal specification and verification of security guidelines

Zeineb Zhioua; Rabea Ameur-Boulifa; Yves Roudier

doi:10.25046/aj030106

Framework for the formal specification and verification of security guidelines

Zeineb Zhioua
, Rabea Ameur-Boulifa
, Yves Roudier

Research output: Contribution to journal › Article › peer-review

Abstract

Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.

Original language	English
Pages (from-to)	38-48
Number of pages	11
Journal	Advances in Science, Technology and Engineering Systems
Volume	3
Issue number	1
DOIs	https://doi.org/10.25046/aj030106
Publication status	Published - 1 Jan 2018
Externally published	Yes

Keywords

Formal specification
Information Flow Analysis
Model Checking
Program Dependence Graph
Security Guidelines

Access to Document

10.25046/aj030106

Cite this

@article{d2a19420bac043d1a44cf2c7a8167fe5,

title = "Framework for the formal specification and verification of security guidelines",

abstract = "Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.",

keywords = "Formal specification, Information Flow Analysis, Model Checking, Program Dependence Graph, Security Guidelines",

author = "Zeineb Zhioua and Rabea Ameur-Boulifa and Yves Roudier",

year = "2018",

month = jan,

day = "1",

doi = "10.25046/aj030106",

language = "English",

volume = "3",

pages = "38--48",

journal = "Advances in Science, Technology and Engineering Systems",

issn = "2415-6698",

number = "1",

}

TY - JOUR

T1 - Framework for the formal specification and verification of security guidelines

AU - Zhioua, Zeineb

AU - Ameur-Boulifa, Rabea

AU - Roudier, Yves

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.

AB - Ensuring the compliance of developed software with general and application-specific security requirements is a challenging task due to the lack of automatic and formal means to lead this verification. In this paper, we present our approach that aims at integrating the formal specification and verification of security guidelines in early stages of the development lifecycle by combining both the model checking analysis together with information flow analysis. We present our framework that is based on an extension of LTS (labelled transition Systems) by data dependence information to cover the end-to-end specification and verification of security guidelines.

KW - Formal specification

KW - Information Flow Analysis

KW - Model Checking

KW - Program Dependence Graph

KW - Security Guidelines

U2 - 10.25046/aj030106

DO - 10.25046/aj030106

M3 - Article

AN - SCOPUS:85061729980

SN - 2415-6698

VL - 3

SP - 38

EP - 48

JO - Advances in Science, Technology and Engineering Systems

JF - Advances in Science, Technology and Engineering Systems

IS - 1

ER -

Framework for the formal specification and verification of security guidelines

Abstract

Keywords

Access to Document

Fingerprint

Cite this