Abstract :
This paper presents a case study of the verification of the trusted software component of the SCOMP system Trusted Computing Base (TCB). The SCOMP system was developed by Honeywell and is the first system to achieve an A1 rating from the DoDCSC. A number of papers have been published that discuss the verification approach for the SCOMP system security kernel [15, 14, 12, 10]. The SCOMP system security kernel was verified using the Hierarchical Development Methodology in a manner similar to those used for previous kernel verifications [13]. Most of the research and applications to date have been directed towards verifying the security properties of kernel software. Much less is known about verifying the security properties of trusted software. This paper will present a case study of these trusted software verification in the SCOMP system. The case study will focus on defining what trusted software is in a kernelized systems, why trusted software is trusted, what are the security requirements to be proved, and how should these requirements be proven. Then a method developed at MITRE for the review of trusted software werification evidence using the Gypsy methodolgy will be presented. Finaly, area requiring futher research will be discussed.
