Formal Security Analysis of Electronic Software Distribution Systems
Software distribution to target devices like factory controllers, medical instruments, vehicles or airplanes is increasingly performed electronically over insecure networks. Such software often implements vital functionality, and so the software distribution process can be highly critical, both from the safety and the security perspective. In this paper, we introduce a novel software distribution system architecture with a generic core component, such that the overall software transport from the supplier to the target device is an interaction of several instances of this core component communicating over insecure networks. The main advantage of this architecture is reduction of development and certification costs. The second contribution of this paper describes the validation and verification of the proposed system. We use a mix of formal methods, more precisely the AVISPA tool, and the Common Criteria (CC) methodology, to achieve high confidence in the security of the software distribution system at moderate costs.
KeywordsModel Checker Security Protocol Security Property Target Device Security Objective
Unable to display preview. Download preview PDF.
- 1.Armando, A., von Oheimb, D., et al.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576. Springer, Heidelberg (2005)Google Scholar
- 2.AVISPA project homepage (2005), http://www.avispa-project.org/
- 4.Bodei, C., Buchholtz, M., Degano, P., Nielson, H.R., Nielson, F.: Static validation of security protocols. Journal of Computer Security 13(3), 347–390 (2005)Google Scholar
- 5.Common Criteria, http://www.commoncriteriaportal.org/
- 7.Hartmann, P., Tappe, J., von Oheimb, D.: Asset Signer Verifier Protection Profile, Available upon request (2008)Google Scholar
- 8.Robinson, R., Li, M., Lintelman, S., Sampigethaya, K., Poovendran, R., von Oheimb, D., Bußer, J., Cuellar, J.: Electronic Distribution of Airplane Software and the Impact of Information Security on Airplane. In: Saglietti, F., Oster, N. (eds.) SAFECOMP 2007. LNCS, vol. 4680, pp. 28–39. Springer, Heidelberg (2007)CrossRefGoogle Scholar