Using model-driven development to reduce system software security vulnerabilities
Using model-driven development to reduce system software security vulnerabilities
Guy Broadfoot, Verum Software Technologies
embedded.com (March 09, 2014)
The majority of embedded software developers using traditional programming languages such as C and C++ make use of processes and techniques inherent in the language to improve reliability and reduce security flaws. However, another approach that has met with increasing success is the use of model-driven design (MDD).
The premise of MDD is to raise the abstraction of software development from the low-level imperative programming language that is fraught with opportunities to shoot one’s self in the foot to a higher-level modeling language that reduces the distance between design and implementation and by doing so reduces the flaws that lead to security and safety failures.
Modeling lends itself better to formal proofs of specifications and security policies than do traditional programming languages. Indeed, a side benefit of using some MDD platforms – especially the ones that support formal methods and automatic code generation - is the ability to make formal arguments regarding the correspondence between specification, design, and implementation, a core challenge in all formal approaches. The following will deal with MDD methods that lend themselves to formal analysis and therefore raise the assurance of quality, safety, and security.
To read the full article, click here
Related Semiconductor IP
- 1.8V/3.3V I/O library with ODIO and 5V HPD in TSMC 16nm
- 1.8V/3.3V I/O Library with ODIO and 5V HPD in TSMC 12nm
- 1.8V to 5V GPIO, 1.8V to 5V Analog in TSMC 180nm BCD
- 1.8V/3.3V GPIO Library with HDMI, Aanlog & LVDS Cells in TSMC 22nm
- Specialed 20V Analog I/O in TSMC 55nm
Related White Papers
- Automotive System & Software Development Challenges - Part 1
- Automotive System & Software Development Challenges - Part 2
- It's Not My Fault! How to Run a Better Fault Campaign Using Formal
- Enabling security in embedded system using M.2 SSD