Français Anglais
Accueil Annuaire Plan du site
Home > News du laboratoire > Digiteo Seminar, Jim Woodcock, The Token Experiment
Digiteo Seminar, Jim Woodcock, The Token Experiment
Digiteo Seminar, Jim Woodcock, The Token Experiment Digiteo Seminar, Jim Woodcock, The Token Experiment
19 May 2009

PUIO, May 19, 10:30

The Tokeneer project is one of the most important contributions to the Verified Software Repository (VSR): it has been described by Tony Hoare as "a milestone in the transfer of program verification technology into industrial applic
Jim Woodcock is Professor of Software Engineering at the University of York.  His current research interests are in program verification and model checking, particularly applied to industrial-scale systems.  He is verifying the correctness of a large xUML model of railway European signalling, a flash-based filestore for critical embedded applications, and a real-time operating system.  He is the moderator for the UK Grand Challenge in Dependable Systems Evolution.

A Token Experiment

The Tokeneer project is one of the most important contributions to the Verified Software Repository (VSR): it has been described by Tony Hoare as "a milestone in the transfer of program verification technology into industrial application".  The project was a demonstration of the feasibility of cost-effective development of highly secure systems to the level of rigour required by the upper assurance levels of the Common Criteria.  It was carried out by Praxis for the US National Security Agency, and involved the re-development of part of the existing Tokeneer secure system following the Praxis correct-by-construction process.  Only two bugs have been found since the system went live in 2003.  A version of the entire project archive has been released as part of the VSR.  

Is there anything else we can say about Tokeneer?  Can we break it?  We report on the results of an experiment using model-based testing to explore the system's dependability.  Our technique has discovered 12 "interesting" scenarios that can be played out using the Tokeneer simulator (part of the released archive).  We will present as many of these as time allows. 
News
Yannis Manoussakis passed away
6 June 2021
We have just learned of the death of Yannis Manoussakis, Professor at the University of Paris-Saclay, on Saturday June 5.

He was the leader of the GALaC team and had been for many years director of the LRI, we lose a friend and a dear colleague.

Our

Semaine du cerveau : Cerveau connecté
16 March 2021

Wizard project
1 April 2021
Innovation Area: Public Safety, IoT, Mobility