T. M. Brookes

Learn More
This paper presents initial results in a comparative study of formal and conventional techniques in the design of a secure system component: a trusted gateway. The operation of a trusted gateway is brieey introduced. The industrial context of its development is described, as is the form of the experiment. So far, part-formal and conventional design(More)
This paper presents the findings from the later phases of a study of the effects of introducing formal specification to the commercial-scale development of a small security-critical system component. The objectives and form of the study are briefly reviewed. Observations have been made of the effort profile across the project, compliance of the developed(More)
This paper presents the ndings from the later phases of a study of the eeects of introducing formal speciication to the commercial-scale development of a small security-critical system component. The objectives and form of the study are brieey reviewed. Observations have been made of the eeort proole across the project, compliance of the developed system(More)
This paper describes an experiment evaluating the application of formal techniques to the modelling and development of a security-critical system to high (IT-SEC) levels of assurance. The experiment has been done in a commercial environment by engineers working within an existing development process. Two independent teams of engineers in British Aerospace(More)
British Aerospace (Systems and Equipment) Ltd, (BASE) is developing a security critical device, a Trusted Gateway. Some preliminary work on the application of formal methods to its design was performed as a case study by the University of Newcastle. A proposal for an application experiment based on this programme was submitted to and approved by the(More)
  • 1