NASA Logo

NTRS

NTRS - NASA Technical Reports Server

Back to Results
Security Verification Techniques Applied to PatchLink COTS SoftwareVerification of the security of software artifacts is a challenging task. An integrated approach that combines verification techniques can increase the confidence in the security of software artifacts. Such an approach has been developed by the Jet Propulsion Laboratory (JPL) and the University of California at Davis (UC Davis). Two security verification instruments were developed and then piloted on PatchLink's UNIX Agent, a Commercial-Off-The-Shelf (COTS) software product, to assess the value of the instruments and the approach. The two instruments are the Flexible Modeling Framework (FMF) -- a model-based verification instrument (JPL), and a Property-Based Tester (UC Davis). Security properties were formally specified for the COTS artifact and then verified using these instruments. The results were then reviewed to determine the effectiveness of the approach and the security of the COTS product.
Document ID
20070017438
Acquisition Source
Jet Propulsion Laboratory
Document Type
Preprint (Draft being sent to journal)
External Source(s)
Authors
Gilliam, David P.
(Jet Propulsion Lab., California Inst. of Tech. Pasadena, CA, United States)
Powell, John D.
(Jet Propulsion Lab., California Inst. of Tech. Pasadena, CA, United States)
Bishop, Matt
(California Univ. Davis, CA, United States)
Andrew, Chris
(PatchLink Corp. United States)
Jog, Sameer
(PatchLink Corp. United States)
Date Acquired
August 23, 2013
Publication Date
June 26, 2006
Subject Category
Computer Programming And Software
Distribution Limits
Public
Copyright
Other
Keywords
patch
security
verifications

Available Downloads

There are no available downloads for this record.
No Preview Available