In my Wish List, an Automated Tool for Fail-Secure Design Analysis: an   Alloy-Based Feasibility Draft

Gurvan Le Guernic (DGA Ma\^itrise de l'Information; France)

arXiv:1405.1115·cs.CR·May 7, 2014·ESSS

In my Wish List, an Automated Tool for Fail-Secure Design Analysis: an Alloy-Based Feasibility Draft

Gurvan Le Guernic (DGA Ma\^itrise de l'Information, France)

PDF

TL;DR

This paper introduces an Alloy-based tool for analyzing whether systems maintain security requirements under faults, addressing a neglected aspect of security validation in certification processes.

Contribution

It provides a formal definition of fail-secure in certification contexts and presents the first feasibility draft of an automated analysis tool.

Findings

01

Defined fail-secure in certification schemes

02

Developed an Alloy-based analysis draft

03

Demonstrated initial feasibility of the tool

Abstract

A system is said to be fail-secure, sometimes confused with fail-safe, if it maintains its security requirements even in the event of some faults. Fail-secure analyses are required by some validation schemes, such as some Common Criteria or NATO certifications. However, it is an aspect of security which as been overlooked by the community. This paper attempts to shed some light on the fail-secure field of study by: giving a definition of fail-secure as used in those certification schemes, and emphasizing the differences with fail-safe; and exhibiting a first feasibility draft of a fail-secure design analysis tool based on the Alloy model checker.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.