ForTIA Industry Day 2006
Wednesday 23 august 2006
|
ForTIA Industry Day 2006Wednesday 23 august 2006 |
|
FINAL PROGRAMME
|
McMaster University,
Hamilton, Ontario, Canada |
 |
| I-Day is sponsored by SAP |
The theme for I-Day 2006 is: Formal Methods for Security and Trust in Industrial Applications.
The purpose of the Industry day is to focus on the perceived pro's and con's of formal methods by end-users, not necessarily the proposition(s) that were made by the technology providers. The aim is really to understand how formal techniques can be introduced successfully in an industrial setting and how common pitfalls can be prevented. Pitfalls, that might not necessarily have anything to do with the formal technique itself. We believe that this information is in particularly valuable for managers, project leaders, system engineers and architects from industry.
Session 1: 10:30-12:30 (MDCL room 1105)
Chair: Marcel Verhoef (Chess
Information Technology, NL)
 |
Werner Stephan,
DFKI, Germany Formal Methods for Security: Lightweight Plug-in or New Engineering Discipline |
|
This contribution discusses two main lines of developments concerning the use of formal methods in security engineering. Fully automated and highly specialized methods that hide most of the formal theory from its users are compared to formal security models centred around explicit formal system models. It is argued that only the latter offer the perspective to comprehensively control the development process with its various security aspects and phases. In putting more emphasis on the combination of theories, fragmentation could be overcome by an integration of the specialized methods that are presently still applied in isolation. |
 |
Werner Stephan is principal researcher and head of the Formal Methods Group of the German Research Center for Artificial Intelligence (DFKI), Deduction and Multi-agent Lab. He has worked on the Karlsruhe Interactive Verifier (KIV) and Verification Support Environment (VSE) systems. Is research interests include theorem proving, program language semantics, logics and (formal) security models. |
 |
Jan Jürjens,
TU Munich,
Germany Model-based Security Engineering for Real |
|
We give an overview over a soundly based secure software engineering methodology and associated tool-support developed over the last few years under the name of Model-based Security Engineering (MBSE). We focus in particular on applications in industry. |
 |
Dr. Jan Jürjens is researcher at the Department of Informatics, Software and Systems Engineering Group of the Technical University of München. His research interest includes among others security, software engineering, formal methods and safety-critical systems development. |
 |
Michael Waidner,
IBM Research,
USA (joint work with Michael Backes and Birgit Pfitzmann) Cryptography and Tool-Supported Proofs |
|
Security-critical systems are an important application area for formal methods. However, such systems often contain cryptographic subsystems. The natural definitions of these subsystems are probabilistic and in most cases computational. Hence it is not obvious how one can treat cryptographic subsystems in a sound way within formal methods, in particular if one does not want to encumber the proof of an overall system by probabilities and computational restrictions due only to its cryptographic subsystems. We survey our progress on integrating cryptography into formal models, in particular our work on reactive simulatability (RSIM), a refinement notion suitable for cryptography. We also present the underlying system model which unifies a computational and a more abstract presentation and allows generic distributed scheduling. We show the relation of RSIM and other types of specifications, and clarify what role the classical Dolev-Yao (term algebra) abstractions from cryptography can play in the future. |
 |
Michael Waidner was manager of the Software Research Deparment and the Privacy Research Institute at IBM in Zürich. He was involved in several projects on security and privacy. Since May 2006, Michael Waidner is on "rotational assignment", working at IBM Software Group where he is program manager Emerging Technologies in the Strategy and Technology group. |
 |
Jim Woodcock,
University of York,
UK The Grand Challenge |
|
Some practitioners in industry and researchers from universities believe it is now practical to use formal methods to produce software, even non-critical software, and that this will turn out to be the cheapest way to do it. Given the right computer-based tools, the use of formal methods could become widespread and transform the practice of software engineering. The computer science community recently committed itself to making this a reality within the next fifteen to twenty years. Collectively, we have a lot of experience in the successful use of formal methods in industry, and this is being strengthened by a new wave of tools shielding users from deep technical issues. The time is now right for a concerted push at software verification, and considerable activity is already under way in the Verified Software Grand Challenge and its pilot projects. |
 |
Jim Woodcock is Professor of Software Engineering at the department of computer science at the University of York. His research interest include among others concurrency, unifying theories of programming and the Grand Challenge in dependable systems evolution. |
Session 2: 15:30-17:30 (MDCL room 1105)
Chair: Asuman Suenbuel (SAP
Research, USA)
 |
David von
Oheimb,
Siemens
Corporate Technology, Germany Formal methods in the security business: exotic flowers thriving in an expanding niche |
|
Formal methods in the industrial wild, outside the academic greenhouse, are still considered rather exotic, or even esoteric. Sometimes they are admired, more often smiled at, and most times simply ignored. There are some niches, though, where they display their abstract beauty. One of those places offering suitable environmental conditions is security. Which are the specific fertilizers there? Which particular sub-species have proven versatile and sturdy enough to survive in harsh industrial climate? Who recognizes the strong blessings of their hardly accessible blossoms? We share our grower's experience with them in the security field. |
 |
Dr. David von Oheimb received his Ph.D. in Computer Science in February 2001 from the Munich University of Technology. There he focused mainly on the machine-checked modeling and analysis of the Java programming language. In October 2001 he joined Siemens Corporate Technology, where he is responsible for formal analysis and evaluation of IT security for both Siemens-internal and external customers. His recent research topics include formal security modeling and verification with Interacting State Machines, state-oriented variants of the classical notion of non-interference, and formalizations and model-checking of cryptographic protocols. |
 |
Scott Lintelman,
Boeing Phantom
Works, USA Title to be announced. |
|
|
 |
Randolph Johnson,
National Security Agency,
USA Cost Effective Software Engineering for Security |
|
In this talk I will discuss the experience in our High Confidence Software and Systems research team with one particular development methodology for security related software. I will describe the general principles it follows, the tools used, and the resources needed. Then I will offer some opinions on why this approach is effective and practical for achieving moderate to high levels of security. When the goal is a very high level security, I will explain why I believe that at least the general principles, if not the specific details, are probably essential. |
 |
In 1971 D. Randolph Johnson received his Ph.D. in mathematical logic from Yale University and joined the Mathematics Department at the University of Pittsburgh. Since 1978 he has been employed by the US National Security Agency working in such areas as speech communication, software system development, and formal methods. Over the last fifteen years he has been a member of the ISO technical committee for formal specification languages and a number of conference program committees. He is in the High Confidence Software and Systems Division at NSA doing research and development of techniques and tools to achieve very high levels of assurance in security systems. |
 |
Dusko Pavlovic,
Kestrel
Institute, USA Connector-Based Software Development: Deriving Secure Protocols |
|
While most branches of engineering consist of methodologies for building complex systems from simple components, formulating incremental and compositional methods for Security Engineering has been a daunting task. The reason is that connecting components often introduces new information flows, and may not preserve security. The goal of our long-term effort towards Protocol Derivation System has been to capture the sound rules and methods for incremental protocol development, that have evolved in practice, to study their semantic foundations, and to provide tool support. In this talk, I shall summarize results of this effort so far, and present a case study of GDOI, the standard protocol for group communication and multicast over IPSec. |
 |
Dusko Pavlovic received a Ph.D. in Mathematics and Computer Science from Utrecht University in 1990. He worked in academia until 1998, holding teaching and research positions at McGill University in Montreal, Imperial College in London, and University of Sussex in Brighton. As his interests evolved from categorical logic and semantics of computation, towards more concrete questions of software technology, he joined Kestrel Institute, where he led software research and development projects with a broad range of critical concerns, including software security, dynamic adaptation and hybrid systems. He has over 40 refereed publications in Computer Science and Mathematics, of which 15 in journals. |
Registration will be announced through the official FM'06 conference web-site.
Formal Methods Europe (www.fmeurope.org) is an independent association whose aim is to stimulate the use of, and research on, formal methods for software development. FME has been notably successful in bringing together innovators and practitioners in precise mathematical methods for software development, industrial users as well as researchers.
A separate subgroup of FME was recently established, called ForTIA (Formal Techniques Industrial Association, www.fortia.org), which focuses on dissemination of research results and promotion of formal techniques in industry and also to feed lessons learnt from industry back towards academia. ForTIA was founded in 2003 and is currently supported by some 30 companies. One of the key activities of ForTIA is to organize so-called Industry Days, small events targeted at industrial practitioners rather than academics. It is a forum to share experiences on the use of formal techniques in an industrial setting. We invite you to participate in this event.
This page was last updated on 10 August 2006. Check regularly for
updates!
Contact asuman dot suenbuel at sap dot com for any questions
concerning the Industry Day 2006.