English
Using model-driven development to reduce system software security vulnerabilities
Using model-driven development to reduce system software security vulnerabilities
Guy Broadfoot, Verum Software Technologies
embedded.com (March 09, 2014)
The majority of embedded software developers using traditional programming languages such as C and C++ make use of processes and techniques inherent in the language to improve reliability and reduce security flaws. However, another approach that has met with increasing success is the use of model-driven design (MDD).
The premise of MDD is to raise the abstraction of software development from the low-level imperative programming language that is fraught with opportunities to shoot one’s self in the foot to a higher-level modeling language that reduces the distance between design and implementation and by doing so reduces the flaws that lead to security and safety failures.
Modeling lends itself better to formal proofs of specifications and security policies than do traditional programming languages. Indeed, a side benefit of using some MDD platforms – especially the ones that support formal methods and automatic code generation - is the ability to make formal arguments regarding the correspondence between specification, design, and implementation, a core challenge in all formal approaches. The following will deal with MDD methods that lend themselves to formal analysis and therefore raise the assurance of quality, safety, and security.
|
E-mail This Article | 
|
|
Printer-Friendly Page |
Related Articles
- Automotive System & Software Development Challenges - Part 2
- Automotive System & Software Development Challenges - Part 1
- Validate hardware/software for nextgen mobile/consumer apps using software-on-chip system development tools
- Using unified modeling methods to reduce embedded hardware/software development
- Improving Software Development and Verification Productivity Using Intellectual Property (IP) Based System Prototyping
New Articles
- Understanding MACsec and Its Integration
- Discover new Tessent UltraSight-V from Siemens EDA, and accelerate your RISC-V development.
- The Critical Factors of a High-performance Audio Codec - What Chip Designers Need to Know
- Density Management in Analog Layout Design: Addressing Issues and Ensuring Consistency
- Nexus: A Lightweight and Scalable Multi-Agent Framework for Complex Tasks Automation
Most Popular
- System Verilog Assertions Simplified
- System Verilog Macro: A Powerful Feature for Design Verification Projects
- Synthesis Methodology & Netlist Qualification
- Discover new Tessent UltraSight-V from Siemens EDA, and accelerate your RISC-V development.
- Understanding Logic Equivalence Check (LEC) Flow and Its Challenges and Proposed Solution