No Cover Image

Book chapter 155 views 40 downloads

Cybersecurity Education and Formal Methods / James H. Davenport; Tom Crick

Communications in Computer and Information Science, Volume: 1301, Pages: 159 - 172

Swansea University Author: Tom, Crick

Abstract

Formal methods have been largely thought of in the context of safety-critical systems, where they have achieved major acceptance. Tens of millions of people trust their lives every day to such systems, based on formal proofs rather than "we haven’t found a bug" (yet!); but why is "we...

Full description

Published in: Communications in Computer and Information Science
ISBN: 9783030713737 9783030713744
ISSN: 1865-0929 1865-0937
Published: Cham Springer International Publishing 2021
Online Access: Check full text

URI: https://cronfa.swan.ac.uk/Record/cronfa55027
Tags: Add Tag
No Tags, Be the first to tag this record!
Abstract: Formal methods have been largely thought of in the context of safety-critical systems, where they have achieved major acceptance. Tens of millions of people trust their lives every day to such systems, based on formal proofs rather than "we haven’t found a bug" (yet!); but why is "we haven’t found a bug" an acceptable basis for systems trusted with hundreds of millions of people’s personal data?This paper looks at some of these issues in cybersecurity, and the extent to which formal methods, ranging from "fully verified" to better tool support, could help. More importantly, recent policy reports and curricula initiatives appear to recommended formal methods in the limited context of "safety critical applications"; we suggest this is too limited in scope and ambition. Not only are formal methods needed in cybersecurity, the repeated and very public weaknesses of the cybersecurity industry provide a powerful motivation for formal methods.
Keywords: Formal methods; Cybersecurity; Curricula
College: College of Arts and Humanities
Start Page: 159
End Page: 172