In my Wish List, an Automated Tool for Fail-Secure Design Analysis: an Alloy-Based Feasibility Draft

Gurvan Le Guernic
(DGA Maîtrise de l'Information, France)

A system is said to be fail-secure, sometimes confused with fail-safe, if it maintains its security requirements even in the event of some faults. Fail-secure analyses are required by some validation schemes, such as some Common Criteria or NATO certifications. However, it is an aspect of security which as been overlooked by the community. This paper attempts to shed some light on the fail-secure field of study by: giving a definition of fail-secure as used in those certification schemes, and emphasizing the differences with fail-safe; and exhibiting a first feasibility draft of a fail-secure design analysis tool based on the Alloy model checker.

In Jun Pang and Yang Liu: Proceedings Third International Workshop on Engineering Safety and Security Systems (ESSS 2014), Singapore, Singapore, 13 May 2014, Electronic Proceedings in Theoretical Computer Science 150, pp. 50–55.
Published: 3rd May 2014.

ArXived at: bibtex PDF
References in reconstructed bibtex, XML and HTML format (approximated).
Comments and questions to:
For website issues: