search menu icon-carat-right cmu-wordmark

Automated Assurance of Security Policy Enforcement (2017)

October 2017 Poster
Peter H. Feiler, Samuel Procter

Poster for a research project on saftey-critical system security policy enforcement

Publisher:

Software Engineering Institute

Abstract

As DoD mission and safety-critical systems become increasingly connected, exposure due to security infractions is likewise increasing. This project developed techniques to detect vulnerabilities early in the lifecycle in architecture models by producing tools to

  • detect security policy violations early
  • assure that the system implementation enforces the policies and that no security risks are introduced by the runtime architecture
  • automate the execution of security assurance plans

Tools produced in this project have been released under an open-source license and are available on the SEI Github code repository (https://github.com/cmu-sei/AASPE).