Tutorial: Continuous Verification of Critical Software
2018 IEEE Cybersecurity Development (SecDev)(2018)
摘要
This tutorial will describe how to integrate formal verification of cryptographic code into real-world software development. We will base the tutorial on our work with Amazon verifying critical portions of s2n, the open-source TLS implementation used in many Amazon services. This work shows it is now practical to integrate verification of critical software into developer workflows. Our aim with this tutorial is to enable others to apply this approach to their security-critical projects. For this reason, we will focus on the pragmatic aspects of integrating and maintaining a continuous verification system.
更多查看译文
关键词
continuous integration,verification,cryptography,static analysis,tls
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络