skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Secure resource management: Specifying and testing secure operating systems

Technical Report ·
DOI:https://doi.org/10.2172/6023693· OSTI ID:6023693
; ;  [1]
  1. California Univ., Davis, CA (USA). Div. of Computer Science
+ Show Author Affiliations

Much work has been devoted to methods for reasoning about the specifications of operating system specifications, the goal being to develop specifications for an operating system that are verified to be secure. Before the verification should be attempted, the specifications should be tested. This paper presents tools that can assist in the security testing of specifications. The first tool is based on the final Algebra Specification and Execution (FASE) system, and would be used to test specifications with real input values. FASE is an executable specification language which is operational in style, in which entities are represented in terms of their observable behavior. To facilitate the testing of an operating system (and its specification), use FASE we have specified a Secure Resource Manager (SRM), a generic template of an operating system. The SRM specification can be specialized to a specification of a particular operating system; the SRM is quite general and handles most features of modern nondistributed operating systems. The second tool, called the PLANNER, is used to derive a sequence of operations that exhibits a security flaw, most often a covert channel for information flow. The PLANNER is based on classical methods of AI planning, specialized to achieve goals concerned with information flow. The tools are demonstrated with respect to a simple operating system specification develop by Millen.

Research Organization:
Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); California Univ., Davis, CA (USA). Div. of Computer Science
Sponsoring Organization:
DOE/DP
DOE Contract Number:
W-7405-ENG-48
OSTI ID:
6023693
Report Number(s):
UCRL-CR-105098; ON: DE91007138
Country of Publication:
United States
Language:
English

Similar Records

Assembling a Cyber Range to Evaluate Artificial Intelligence / Machine Learning (AI/ML) Security Tools
Conference · Mon Feb 01 00:00:00 EST 2021 · OSTI ID:6023693
+1 more
SIGNATURES OF ILLICIT NUCLEAR PROCUREMENT NETWORKS: AN OVERVIEW OF PRELIMINARY APPROACHES AND RESULTS
Conference · Mon May 12 00:00:00 EDT 2014 · OSTI ID:6023693
+4 more
A generalized shell for dynamic security analysis in operations planning
Journal Article · Sun Aug 01 00:00:00 EDT 1993 · IEEE Transactions on Power Systems (Institute of Electrical and Electronics Engineers); (United States) · OSTI ID:6023693

Related Subjects

99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE
EXECUTIVE CODES
SECURITY
TESTING
ARTIFICIAL INTELLIGENCE
COMPUTER ARCHITECTURE
MANAGEMENT
OPERATION
SPECIFICATIONS
COMPUTER CODES
990200* - Mathematics & Computers