600.436
High-Assurance Systems
Fall 01/Introduction
4
Path Chosen for
this Course:
Compliance Validation
Compliance Validation
¨High assurance cannot be
established only by unconstrained
search for vulnerabilities
¨High assurance
requires
–Security requirements that aren’t intrinsically vulnerable to threats in the intended environment
–Proof that
implementation meets requirements
–Search for vulnerabilities introduced by the specific implementation of the requirements, constrained by the assumptions about the intended environment
–Minimal reliance on
competence of specific evaluators