ESSoS 2011: Engineering Secure Software and Systems pp 264-271 | Cite as
Idea: Simulation Based Security Requirement Verification for Transaction Level Models
Abstract
Verification of security requirements in embedded systems is a crucial task - especially in very dynamic design processes like a hardware/software codesign flow. In such a case the system’s modules and components are continuously modified and refined until all constraints are met and the system design is in a stable state. A transaction level model can be used for such a design space exploration in this phase. It is essential that security requirements are considered from the very first beginning. In this work we demonstrate a novel approach how to use meta-information in transaction level models to verify the consistent application of security requirements in embedded systems.
Keywords
Smart Card Embed System Security Requirement Common Criterion Design Space ExplorationPreview
Unable to display preview. Download preview PDF.
References
- 1.Balarin, F., Passerone, R., Pinto, A., Sangiovanni-Vincentelli, A.L.: A formal approach to system level design: metamodels and unified design environments. In: Third ACM and IEEE International Conference on Formal Methods and Models for Co-Design. IEEE, Los Alamitos (2005)Google Scholar
- 2.Cai, L., Gajski, D.: Transaction level modeling: an overview. In: Proceedings of the 1st IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis. ACM, New York (2003)Google Scholar
- 3.Common Criteria. Common Criteria for Information Technology Security Evaluation - Part 1-3. Version 3.1 Revision 3 Final (July 2009)Google Scholar
- 4.Deng, Y., Wang, J., Tsai, J.J.P., Beznosov, K.: An approach for modeling and analysis of security system architectures. IEEE Transactions on Knowledge and Data Engineering 15(5), 1099–1119 (2003)CrossRefGoogle Scholar
- 5.Garavel, H., Helmstetter, C., Ponsini, O., Serwe, W.: Verification of an industrial SystemC/TLM model using LOTOS and CADP. In: 7th IEEE/ACM International Conference on Formal Methods and Models for Co-Design. IEEE, Los Alamitos (2009)Google Scholar
- 6.Kocher, P., Lee, R., McGraw, G., Raghunathan, A.: Security as a new dimension in embedded system design. In: Proceedings of the 41st Annual Design Automation Conference. ACM, New York (2004)Google Scholar
- 7.Lotz, V., Kessler, V., Walter, G.H.: A formal security model for microprocessor hardware. IEEE Transactions on Software Engineering 26(8), 702–712 (2000)CrossRefMATHGoogle Scholar
- 8.Mellado, D., Fernández-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stand. Interfaces 29(2), 244–253 (2007)CrossRefGoogle Scholar
- 9.Morimoto, S., Shigematsu, S., Goto, Y., Cheng, J.: Formal verification of security specifications with common criteria. In: Proceedings of the 2007 ACM Symposium on Applied Computing. ACM, New York (2007)Google Scholar
- 10.Schaumont, P., Verbauwhede, I.: Domain-specific codesign for embedded security. Computer 36(4), 68–74 (2003)CrossRefGoogle Scholar
- 11.Trummer, C., Kirchsteiger, C.M., Steger, C., Weiss, R., Pistauer, M., Dalton, D.: Automated simulation-based verification of power requirements for systems-on-chips. In: 13th International Symposium on Design and Diagnostics of Electronic Circuits and Systems. IEEE, Los Alamitos (2010)Google Scholar