SCR: A Practical Approach to Building a High Assurance COMSEC System
NAVAL RESEARCH LAB WASHINGTON DC
Pagination or Media Count:
To date, the tabular-based SCR Software Cost Reduction method has been applied mostly to the development of embedded control systems. This paper describes the successful application of the SCR method, including the SCR toolset, to a different class of system, a COMSEC Communications Security device called CD that must correctly manage encrypted communications. The paper summarizes how the tools in SCR were used to validate and to debug the SCR specification and to demonstrate that the specification satisfies a set of critical security properties. The development of the CD specification involved many tools in SCR a specification editor, a consistency checker, a simulator, the TAME interface to the theorem prover PVS, and various other analysis tools. Our experience provides evidence that use of the SCR toolset to develop high-quality requirements specifications of moderately complex COMSEC systems is both practical and low-cost.
- Computer Systems Management and Standards