Abstract
This chapter summarizes the modeling and formal analysis effort that led to an EAL6+ certification for a commercial real-time operating system kernel. We begin by describing the INTEGRITY-178B kernel, as well as the approach taken for the Common Criteria evaluation effort. We present a generalization of the GWV theorem, formulated in order to capture the meaning of separation in a dynamic system. We detail how the INTEGRITY-178B kernel was modeled, including System State, Behavior, and Information Flow. We discuss the proof architecture used to demonstrate correspondence and conclude with a description of the informal analysis of the hardware abstraction layer.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Alves-Foss J, Rinker B, Taylor C (2002) Towards common criteria certification for DO-178B compliant airborne systems, Center for Secure and Dependable Systems, University of Idaho
Common Criteria for Information Technology Security Evaluation (CCITSE) (1999). Available athttp://www.radium.ncsc.mil/tpep/library/ccitse/ccitse.html
Common Criteria Testing Laboratory. Green Hills Software INTEGRITY-178B Security Target, Version 1.0, May 30, 2008.http://www.niap-ccevs.org/cc-scheme/st/st_vid10119-st.pdf
Green Hills Software, Inc. INTEGRITY real-time operating system.http://www.ghs.com/products/rtos/integrity.html
Greve D (2010) Information security modeling and analysis. In: Hardin D (ed) Design and verification of microprocessor systems for high-assurance applications. Springer, Berlin, pp 249–299
Greve D, Wilding M (2002) Dynamic data structures in ACL2: a challenge. Available athttp://www.hokiepokie.org/docs/festival02.txt
Kaufmann M, Manolios P, Moore JS (2000) Computer-aided reasoning: an approach. Kluwer, Dordrecht
NIAP CCEVS. Validated Product – Green Hills Software INTEGRITY-178B Separation Kernel.http://www.niap-ccevs.org/cc-scheme/st/vid10119/index.cfm
Richards R, Greve D, Wilding M, Vanfleet M (2004) The common criteria, formal methods, and ACL2. In: Proceedings of ACL2’04, Austin, TX, November 2004
RTCA, Inc (1992) Software considerations in airborne systems and equipment certification, RTCA/DO-178B, December 1, 1992
Rushby J (1981) Design and verification of secure systems. In: Proceedings of the eighth symposium on operating systems principles, vol 15, December 1981
Wilding M, Greve D, Richards R, Hardin D (2010) Formal verification of partition management for the AAMP7G microprocessor. In: Hardin D (ed) Design and verification of microprocessor systems for high-assurance applications. Springer, Berlin, pp 175–191
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Richards, R.J. (2010). Modeling and Security Analysis of a Commercial Real-Time Operating System Kernel. In: Hardin, D. (eds) Design and Verification of Microprocessor Systems for High-Assurance Applications. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-1539-9_10
Download citation
DOI: https://doi.org/10.1007/978-1-4419-1539-9_10
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-1538-2
Online ISBN: 978-1-4419-1539-9
eBook Packages: EngineeringEngineering (R0)