Multiple Independent Levels of Security/Safety Tools and Processes
Certification of systems with Information Assurance requirements is challenging and expensive due to the lack of powerful abstractions that permit separation of concerns. Current methods consider systems in total at the implementation level and the resulting complexity leads to expensive an inaccurate system characterizations. A need exists to provide representations of diverse, yet coordinated, behaviors affecting MILS policies and certification as executable models to produce high fidelity, repeatable and readily communicated artifacts. We propose an innovative approach to address these challenges by introducing abstractions based on a hierarchical set of system security properties that describe the system at the infrastructure, architecture and application levels. The result is a unified model based design and analysis environment that reduces the cost and risk associated with the design/certification of high assurance computing systems. We are able to represent the properties of critical system aspects and provide tailored analysis and visualization capabilities to meet system stakeholder (managers, developers, certifiers) requirements. Our previous work on model based analysis for system safety and dependability properties provides a solid foundation for our approach, enables the consideration of cross cutting system aspects (security, safety, dependability) and demonstrates the scalability and technical feasibility of our tool implementation strategy.
Small Business Information at Submission:
WW TECHNOLOGY GROUP
4519 Mustering Drum Ellicott City, MD -
Number of Employees: