@inproceedings{705ae5b5ece647bc9c5f9c02d4b37dda,
title = "A Formal Connection between Security Automata and JML Annotations",
abstract = "Security automata are a convenient way to describe security policies. Their typical use is to monitor the execution of an application, and to interrupt it as soon as the security policy is violated. However, run-time adherence checking is not always convenient. Instead, we aim at developing a technique to verify adherence to a security policy statically. To do this, we consider a security automaton as specification, and we generate JML annotations that inline the monitor~--~as a specification~--~into the application. We describe this translation and prove preservation of program behaviour, i.e., if monitoring does not reveal a security violation, the generated annotations are respected by the program. The correctness proofs are formalised using the PVS theorem prover. This reveals several subtleties to be considered in the definition of the translation algorithm and in the program requirements.",
keywords = "EWI-15336, IR-62803, METIS-263839",
author = "Marieke Huisman and A. Tamalet",
note = "10.1007/978-3-642-00593-0_23 ; 12th International Conference on Fundamental Approaches to Software Engineering, FASE 2009 ; Conference date: 22-03-2009 Through 29-03-2009",
year = "2009",
doi = "10.1007/978-3-642-00593-0_23",
language = "Undefined",
isbn = "978-3-642-00592-3",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "340--354",
editor = "M. Checkik and M. Wirsing",
booktitle = "Fundamental Approaches to Software Engineering",
address = "Germany",
}