Planned intervention: On Wednesday April 3rd 05:30 UTC Zenodo will be unavailable for up to 2-10 minutes to perform a storage cluster upgrade.
Published February 3, 2016 | Version v1
Project deliverable Open

Formal Framework for MILS Integration

  • 1. Technical University of Eindhoven
  • 2. SYSGO AG
  • 3. DFKI
  • 4. AIRBUS
  • 5. Airbus Group Innovations
  • 6. Open Universiteit
  • 1. SYSGO AG
  • 2. DFKI
  • 3. Airbus
  • 4. Open University Nederlands
  • 5. Technical University Eindhoven

Description

To achieve security certification according to the highest levels of assurance, formal models and proofs of security properties are required. In the MILS context, this includes formalisation of key components – such as separation kernels – and the formalisation of applications built on top of these verified components. In the second chapter of this document, we use the Isabelle/HOL proof assistant to formalise the Firewall application built on top of a verified separation kernel according to the model of Greve, Wilding, and Vanfleet (GWV). This Firewall application has been formalised twice after the original effort by GWV. These different efforts have been compared and discussed on paper. Our main contribution is to provide a formal comparison between these formalisations in the formal logic of a proof assistant.

In the third chapter of this document, we extend Rushby’s model of noninterference with explicit between-domain information transfer, as well as programs that determine domain behaviour. These extensions enable the reasoning at an abstract level built on top of noninterference, at a much finer level than allowed by base noninterference. As an illustration of our approach, we formally model and analyse an example system inspired by the GWV Firewall.

Notes

This deliverable presents EURO-MILS research results about the development of a formal environment to analyse MILS architectures. Its second chapter presents and discusses three existing approaches. This chapter shows their shortcomings. The third chapter proposes possible extensions of Rushby's model to address them.

Files

EURO-MILS-D21.4-PU-M40-V1.0.pdf

Files (743.4 kB)

Name Size Download all
md5:1eff453c83fd862577055677adf84295
743.4 kB Preview Download

Additional details

Funding

EURO-MILS – EURO-MILS: Secure European Virtualisation for Trustworthy Applications in Critical Domains 318353
European Commission