Formal Methods for Industrial Products

Stepney, Susan; Cooper, David

doi:10.1007/3-540-44525-0_22

Susan Stepney⁴ &
David Cooper^4,5

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1878))

Included in the following conference series:

International Conference of B and Z Users

196 Accesses
4 Citations

Abstract

We have recently completed the specification and security proof of a large, industrial scale application. The application is security critical, and the modelling and proof were done to increase the client’s assurance that the implemented system had no design flaws with security implications. Here we describe the application, specification structure, and proof approach.

One of the security properties of our system is of the kind not preserved in general by refinement. We had to perform a proof that this property, expressed over traces, holds in our state-and-operations style model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Rosalind Barden, Susan Stepney, and David Cooper. The use of Z. In John E. Nicholls, editor, Proceedings of the 6th Annual Z User Meeting, York 1991, Workshops in Computing, pages 99–124. Springer Verlag, 1992.
Google Scholar
Rosalind Barden, Susan Stepney, and David Cooper. Z in Practice. BCS Practitioners Series. Prentice Hall, 1994.
Google Scholar
David E. Bell and Len J. La Padula. Secure computer system: unified exposition and MULTICS. Report ESD-TR-75-306, The MITRE Corporation, March 1976.
Google Scholar
D. E. Bell. Concerning “modelling” of computer security. In Proceedings 1988 IEEE Symposium on Security and Privacy, pages 8–13. IEEE Computer Society Press, April 1988.
Google Scholar
David Cooper and Susan Stepney. Segregation with communication. (These proceedings), 2000.
Google Scholar
DSDM Consortium. Dynamic Systems Development Method manual. Technical report, http://www.dsdm.org/.
Mike Flynn, Tim Hoverd, and David Brazier. Formaliser—an interactive support tool for Z. In John E. Nicholls, editor, Z User Workshop: Proceedings of the 4th Annual Z User Meeting, Oxford 1989, Workshops in Computing, pages 128–141. Springer Verlag, 1990.
Google Scholar
J. A. Goguen and J. Meseguer. Unwinding and inference control. In Proceedings 1984 IEEE Symposium on Security and Privacy, pages 75–86. IEEE Computer Society, 1984.
Google Scholar
Dieter Gollman. Computer Security. John Wiley, 1998.
Google Scholar
Jeremy L. Jacob. Basic theorems about security. Journal of Computer Security, 1(4):385–411, 1992.
Google Scholar
Mark B. Josephs. Specifying reactive systems in Z. Technical Report TR-19-91, Programming Research Group, Oxford University Computing Laboratory, 1991.
Google Scholar
A. W. Roscoe. CSP and determinism in security modelling. In Proceedings 1995 IEEE Symposium on Security and Privacy, pages 114–127. IEEE Computer Society Press, 1995.
Google Scholar
J. M. Rushby. The design and verification of secure systems. In Proceedings 8th ACM Symposium on Operating System Principles, December 1981.
Google Scholar
J. Michael Spivey. The fuzz Manual. Computer Science Consultancy, 2nd edition, 1992. ftp://ftp.comlab.ox.ac.uk/pub/Zforum/fuzz.
J. Michael Spivey. The Z Notation: a Reference Manual. Prentice Hall, 2nd edition, 1992.
Google Scholar
Susan Stepney. Formaliser Home Page. http://public.logica.com/formaliser/.
Susan Stepney, David Cooper, and Jim Woodcock. More powerful Z data refinement: pushing the state of the art in industrial refinement. In Jonathan P. Bowen, Andreas Fett, and Michael G. Hinchey, editors, ZUM’98: 11th International Conference of Z Users, Berlin 1998, volume 1493 of Lecture Notes in Computer Science, pages 284–307. Springer Verlag, 1998.
Google Scholar
Ian Toyn. Formal reasoning in the Z notation using CADiℤ. In N. A. Merriam, editor, 2nd International Workshop on User Interface Design for Theorem Proving Systems. Department of Computer Science, University of York, July 1996. http://www.cs.york.ac.uk/ian/cadiz/.
Sam Valentine, Ian Toyn, Susan Stepney, and Steve King. Type constrained generics. (These proceedings), 2000.
Google Scholar
Jim Woodcock and Jim Davies. Using Z: Specification, Refinement, and Proof Prentice Hall, 1996.
Google Scholar

Download references

Author information

Authors and Affiliations

Logica UK Ltd, Betjeman House, 104 Hills Road, Cambridge, CB, 2 1LQ, UK
Susan Stepney & David Cooper
Praxis Critical Systems Ltd, 20 Manvers Street, Bath, BA1 1PX
David Cooper

Authors

Susan Stepney
View author publications
You can also search for this author in PubMed Google Scholar
David Cooper
View author publications
You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Stepney, S., Cooper, D. (2000). Formal Methods for Industrial Products. In: ZB 2000: Formal Specification and Development in Z and B. ZB 2000. Lecture Notes in Computer Science, vol 1878. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44525-0_22

Download citation

DOI: https://doi.org/10.1007/3-540-44525-0_22
Published: 21 December 2000
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67944-8
Online ISBN: 978-3-540-44525-8
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics