600.436: High-Assurance Systems

600.436 High-Assurance Systems

Fall 01/System Security Realization

Hybrids

¨In Most Real Systems, A Combination Of Techniques Is Needed

¨Plan How To Reconcile Equivalent Material Gained From Multiple Techniques

¨Stepwise Refinement is Quite Effective For

–Security Target development

–Security Policy Model development

–Functional Spec and High-Level Design in new systems development