Seminar Term Paper Certification of Hardware and Software Formal Methods for Fun and Profit Summer Semester 2005 Theme: Certification of Hardware and Software Supervisor: Jr. Prof. Beckert Presented by: Kiptoo A. Kiprop Registration number: 201210795 University of Koblenz Institute of Computer Science
Certification of Hardware and Software Security Issues � Security � I ssues Certification � Certification � Common Criteria � CC � Protection Profiles � PP � � Security Target ST � � Evaluation Assurance Levels (EALs) EALs � Product certification Product � � Certification Examples � Examples � � Linux Server v.8, JVCM Formal � methods Application of formal methods � application � B-Method Conclusion � Conclusion �
Certification of Hardware and Software Security Issues � Security � I ssues Avoid financial loses � Preserve health and life Certification � � Where security is needed CC � � PP � � high risk systems – banking systems, military, .. ST � � complex and expensive tools – rockets, .. EALs � � everywhere .. Product � Certification � Provision and control of security in ICT Examples � Formal � producers, developers? � methods � Government e.g. through BSI application � EU level Conclusion �
Certification of Hardware and Software Certification � Security � Act of conferring legality, formal warrant I ssues � Some requirements must be fulfilled first � Certification � Certification problems CC � � PP � Extend of validity, e.g. over borders � ST � Requirements may be too lenient � EALs � Time limits for validity � Product � Certification Certification advantages Examples � � Formal � Some quality of security � methods application Standardization � Source of income � Conclusion �
Certification of Hardware and Software Department of Data Security – Schleswig Holstein � Security � I ssues � an example of a functioning certifying body. � issued by the State of Schleswig-Holstein (independent). Certification � � product not compulsory. CC � � issue seal of approval. PP � ST � EALs � Product � Certification Examples � Formal � � Approval of ICT products as well as data processing methods methods. application � go after citizen complaints about products. Conclusion � � citizen assistance.
Certification of Hardware and Software Common Criteria � Security � To develop standard collection of necessary � I ssues requirements. Certification � A short history of national standards � From Trusted Computer Systems evaluation criteria CC � � TCSec – USA (“Orange Book”) to CC v.3.0. PP � ST Flexible enough for newer standards � � EALs � Product � Requirements under unique categories: � Certification Functional requirements – define the desired security Examples � � behaviour in classes ( e.g. Audit, Privacy), families and Formal � methods components. application Security assurance requirements – countercheck to � Conclusion � determine if security measures are effective and correctly implemented, e.g. Development
Certification of Hardware and Software Security � Protection Profiles � I ssues What is needed in a security solution � Certification � User oriented, simple language � PP says what the system has to do CC � � PP � ST � EALs � Security Target � Product � Created by developer � Certification Contains IT security objectives and requirements of a Examples � � specific identified TOE Formal � methods Basis over which an evaluation is performed � application Identify security capabilities of a particular product � Conclusion �
Certification of Hardware and Software � Evaluation Assurance Levels Security � � Trustworthiness, reliability I ssues � hierarchy level increases with increasing security assurance. Certification � CC � PP � ST � EALs � Product � Certification Examples � Formal � methods application Conclusion �
Certification of Hardware and Software � Evaluation Assurance Levels Security � � High-level design: decomposes system into modules I ssues (subsystems) providing functionality described in fuctional Certification � specification. � Low-level design: provide specification of the internal CC � workings of each module. PP � ST � low-level design high-level design EALs � Product � EAL 1 Informal Informal Certification Examples EAL 2 Informal Informal � Formal � EAL 3 Informal Informal methods application EAL 4 Informal Informal Conclusion � EAL 5 Semi-formal Semi-formal EAL 6 Semi-formal Semi-formal EAL 7 Semi-formal Formal
Certification of Hardware and Software Summary of correlation between CC components � Security � I ssues Certification � CC � PP � ST � EALs � Product � Certification Examples � Formal � methods application Conclusion � Target Of Evaluation - TOE: an IT product or system and its � associated administrator and user guidance documentation that is the subject of an evaluation. Defines assets to protect. -> satisfies the ST
Certification of Hardware and Software Certified products � Security � I ntegrated circuits : Microcontrollers I ssues ST Micro, Samsung Electronics, Infineon Technologies, AMTEL Certification smartcards, .. EAL4+ (most of them) � CC � Smart Cards : Operating Systems PP � ST Micro , Axalto, Infineon Technologies, Oberthur Card, ST � Philips, Gemplus, IBM, .. EAL1+ , .., EAL4+ . Some EAL 5 e.g. EALs � Sun JavaCard. Product � Network Products : Firewalls Certification Bull, EADS Telecom, EAL2+ Examples � Formal � methods application Conclusion �
Certification of Hardware and Software Suse Linux Enterprise Server v.8 � Security � I ssues � evaluated and obtained an EAL3 rating � no code re-engineering, no interruption of development Certification � process, but more costs. CC � PP � � TOE: operating system, running and tested on the hardware ST � and firmware specified in the ST. EALs � � design of test only to verify correct operation of security Product � related user programs, DB-files and systems calls. Certification Examples � � testing for system availability in a stress environment Formal � methods � no formal methods application: EAL 4 would be next. application � system works in an normal environment. Conclusion �
Certification of Hardware and Software Java Card Virtual Machine (JCVM) � Security � I ssues � developed by Sun Microsystems. Certification � � surrogate to Smartcard CC � -> used to secure data storage and authentification. PP � � based on a collection of Java applets. ST � EALs � � widely used in banking and telecom sector. Product � � may run on platform independent virtual machines. Certification Examples � interaction with systems through APIs – Application � Formal � Programming Interfaces. methods application Conclusion �
Certification of Hardware and Software Java Card Virtual Machine (JCVM) � Security � I ssues Evaluated and obtained EAL 4 and EAL 5+ rating. � Certification � � TOE : CC � � processor chip and IC for software - drivers. PP � ST � Card Operating System � EALs � � JavaCard Runtime Environment � Card manager e.g. Global Platform Envir. (OPEN) Product � Certification Examples � � Semi-formal (formal) models: description for each Formal � methods representation level (SPM, FSP, HLD) application -> Assurance Development Class (ADV) Conclusion �
Certification of Hardware and Software Java Card Virtual Machine (JCVM) � Security � � What should be semi-formally described? I ssues Certification � � SPM: security rules (TOE security policy model) � FSP : external interfaces (functional specification) CC � � HLD: subsystems and interactions (high-level design) PP � � RCR: correspondence relations (between FSP and HLD) ST � EALs � Product � Certification Examples � Formal � methods Code-Spec-Review > compare Low application Level Design (LLD) model to implementation Conclusion as demo of their correspondence. �
Certification of Hardware and Software JCVM specification formalizing with B-Method � Security � I ssues � formalizing for CC evaluation. Certification � � applies semi-formal and formal models which specify, design and code high risk systems. CC � PP � � covers the whole system life-cycle i.e. from specification to ST � executable code. EALs � � Refinement process to obtain the implementation of the B Product � specification. Certification Examples � Formal � methods application Conclusion �
Recommend
More recommend
