Applying SDL to Formal Analysis of Security Systems

TitleApplying SDL to Formal Analysis of Security Systems
Publication TypeConference Paper
Year of Publication2003
AuthorsJ. Lopez, J. J. Ortega, and J. M. Troya
Conference Name11th International SDL Forum (SDL’03)
Series TitleLNCS
Volume2708
Pagination300-317
Date PublishedJuly
PublisherSpringer-Verlag
Conference LocationStuttgart, Germany
Abstract

Nowadays, it is widely accepted that critical systems have to be formally analysed in order to achieve well-known formal method benefits. In order to study the security of communication systems, we have developed a methodology for the application of the formal analysis techniques commonly used in communication protocols to the analysis of cryptographic ones. In particular, we have extended the design and analysis phases with security properties. Our proposal uses a specification notation based on MSC, which can be automatically translated into a generic SDL specification. This SDL system can then be used for the analysis of the desired security properties, by using an observer process schema. Apart from our main goal of providing a notation for describing the formal specification of security systems, our proposal also brings additional benefits, such as the study of the possible attacks to the system, and the possibility of re-using the specifications produced to describe and analyse more complex systems.

Citation KeyJavierLopez2003b
Paper File: 
https://www.nics.uma.es/sites/default/files/papers/JavierLopez2003b.pdf