Conference Paper/Proceeding/Abstract 804 views 313 downloads
Cybersecurity Education and Formal Methods
James H. Davenport,
Tom Crick 
Communications in Computer and Information Science, Volume: 1301, Pages: 159 - 172
Swansea University Author:
Tom Crick
-
PDF | Accepted Manuscript
Download (207.52KB)
DOI (Published version): 10.1007/978-3-030-71374-4_8
Abstract
Formal methods have been largely thought of in the context of safety-critical systems, where they have achieved major acceptance. Tens of millions of people trust their lives every day to such systems, based on formal proofs rather than "we haven’t found a bug" (yet!); but why is "we...
| Published in: | Communications in Computer and Information Science |
|---|---|
| ISBN: | 9783030713737 9783030713744 |
| ISSN: | 1865-0929 1865-0937 |
| Published: |
Cham
Springer International Publishing
2021
|
| Online Access: |
Check full text
|
| URI: | https://cronfa.swan.ac.uk/Record/cronfa55027 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| first_indexed |
2020-08-19T09:54:51Z |
|---|---|
| last_indexed |
2022-06-15T03:11:10Z |
| id |
cronfa55027 |
| recordtype |
SURis |
| fullrecord |
<?xml version="1.0"?><rfc1807><datestamp>2022-06-14T15:17:53.5880770</datestamp><bib-version>v2</bib-version><id>55027</id><entry>2020-08-19</entry><title>Cybersecurity Education and Formal Methods</title><swanseaauthors><author><sid>200c66ef0fc55391f736f6e926fb4b99</sid><ORCID>0000-0001-5196-9389</ORCID><firstname>Tom</firstname><surname>Crick</surname><name>Tom Crick</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2020-08-19</date><deptcode>EDUC</deptcode><abstract>Formal methods have been largely thought of in the context of safety-critical systems, where they have achieved major acceptance. Tens of millions of people trust their lives every day to such systems, based on formal proofs rather than "we haven’t found a bug" (yet!); but why is "we haven’t found a bug" an acceptable basis for systems trusted with hundreds of millions of people’s personal data?This paper looks at some of these issues in cybersecurity, and the extent to which formal methods, ranging from "fully verified" to better tool support, could help. More importantly, recent policy reports and curricula initiatives appear to recommended formal methods in the limited context of "safety critical applications"; we suggest this is too limited in scope and ambition. Not only are formal methods needed in cybersecurity, the repeated and very public weaknesses of the cybersecurity industry provide a powerful motivation for formal methods.</abstract><type>Conference Paper/Proceeding/Abstract</type><journal>Communications in Computer and Information Science</journal><volume>1301</volume><journalNumber/><paginationStart>159</paginationStart><paginationEnd>172</paginationEnd><publisher>Springer International Publishing</publisher><placeOfPublication>Cham</placeOfPublication><isbnPrint>9783030713737</isbnPrint><isbnElectronic>9783030713744</isbnElectronic><issnPrint>1865-0929</issnPrint><issnElectronic>1865-0937</issnElectronic><keywords>Formal methods; Cybersecurity; Curricula</keywords><publishedDay>11</publishedDay><publishedMonth>3</publishedMonth><publishedYear>2021</publishedYear><publishedDate>2021-03-11</publishedDate><doi>10.1007/978-3-030-71374-4_8</doi><url/><notes/><college>COLLEGE NANME</college><department>Education</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>EDUC</DepartmentCode><institution>Swansea University</institution><apcterm/><lastEdited>2022-06-14T15:17:53.5880770</lastEdited><Created>2020-08-19T10:52:27.3567037</Created><path><level id="1">Faculty of Humanities and Social Sciences</level><level id="2">School of Social Sciences - Education and Childhood Studies</level></path><authors><author><firstname>James H.</firstname><surname>Davenport</surname><order>1</order></author><author><firstname>Tom</firstname><surname>Crick</surname><orcid>0000-0001-5196-9389</orcid><order>2</order></author></authors><documents><document><filename>55027__18997__72ae962d919247e58c65c11f11b31c0a.pdf</filename><originalFilename>Davenport-Crick.pdf</originalFilename><uploaded>2021-01-07T15:20:03.3317076</uploaded><type>Output</type><contentLength>212498</contentLength><contentType>application/pdf</contentType><version>Accepted Manuscript</version><cronfaStatus>true</cronfaStatus><copyrightCorrect>true</copyrightCorrect><language>eng</language></document></documents><OutputDurs/></rfc1807> |
| spelling |
2022-06-14T15:17:53.5880770 v2 55027 2020-08-19 Cybersecurity Education and Formal Methods 200c66ef0fc55391f736f6e926fb4b99 0000-0001-5196-9389 Tom Crick Tom Crick true false 2020-08-19 EDUC Formal methods have been largely thought of in the context of safety-critical systems, where they have achieved major acceptance. Tens of millions of people trust their lives every day to such systems, based on formal proofs rather than "we haven’t found a bug" (yet!); but why is "we haven’t found a bug" an acceptable basis for systems trusted with hundreds of millions of people’s personal data?This paper looks at some of these issues in cybersecurity, and the extent to which formal methods, ranging from "fully verified" to better tool support, could help. More importantly, recent policy reports and curricula initiatives appear to recommended formal methods in the limited context of "safety critical applications"; we suggest this is too limited in scope and ambition. Not only are formal methods needed in cybersecurity, the repeated and very public weaknesses of the cybersecurity industry provide a powerful motivation for formal methods. Conference Paper/Proceeding/Abstract Communications in Computer and Information Science 1301 159 172 Springer International Publishing Cham 9783030713737 9783030713744 1865-0929 1865-0937 Formal methods; Cybersecurity; Curricula 11 3 2021 2021-03-11 10.1007/978-3-030-71374-4_8 COLLEGE NANME Education COLLEGE CODE EDUC Swansea University 2022-06-14T15:17:53.5880770 2020-08-19T10:52:27.3567037 Faculty of Humanities and Social Sciences School of Social Sciences - Education and Childhood Studies James H. Davenport 1 Tom Crick 0000-0001-5196-9389 2 55027__18997__72ae962d919247e58c65c11f11b31c0a.pdf Davenport-Crick.pdf 2021-01-07T15:20:03.3317076 Output 212498 application/pdf Accepted Manuscript true true eng |
| title |
Cybersecurity Education and Formal Methods |
| spellingShingle |
Cybersecurity Education and Formal Methods Tom Crick |
| title_short |
Cybersecurity Education and Formal Methods |
| title_full |
Cybersecurity Education and Formal Methods |
| title_fullStr |
Cybersecurity Education and Formal Methods |
| title_full_unstemmed |
Cybersecurity Education and Formal Methods |
| title_sort |
Cybersecurity Education and Formal Methods |
| author_id_str_mv |
200c66ef0fc55391f736f6e926fb4b99 |
| author_id_fullname_str_mv |
200c66ef0fc55391f736f6e926fb4b99_***_Tom Crick |
| author |
Tom Crick |
| author2 |
James H. Davenport Tom Crick |
| format |
Conference Paper/Proceeding/Abstract |
| container_title |
Communications in Computer and Information Science |
| container_volume |
1301 |
| container_start_page |
159 |
| publishDate |
2021 |
| institution |
Swansea University |
| isbn |
9783030713737 9783030713744 |
| issn |
1865-0929 1865-0937 |
| doi_str_mv |
10.1007/978-3-030-71374-4_8 |
| publisher |
Springer International Publishing |
| college_str |
Faculty of Humanities and Social Sciences |
| hierarchytype |
|
| hierarchy_top_id |
facultyofhumanitiesandsocialsciences |
| hierarchy_top_title |
Faculty of Humanities and Social Sciences |
| hierarchy_parent_id |
facultyofhumanitiesandsocialsciences |
| hierarchy_parent_title |
Faculty of Humanities and Social Sciences |
| department_str |
School of Social Sciences - Education and Childhood Studies{{{_:::_}}}Faculty of Humanities and Social Sciences{{{_:::_}}}School of Social Sciences - Education and Childhood Studies |
| document_store_str |
1 |
| active_str |
0 |
| description |
Formal methods have been largely thought of in the context of safety-critical systems, where they have achieved major acceptance. Tens of millions of people trust their lives every day to such systems, based on formal proofs rather than "we haven’t found a bug" (yet!); but why is "we haven’t found a bug" an acceptable basis for systems trusted with hundreds of millions of people’s personal data?This paper looks at some of these issues in cybersecurity, and the extent to which formal methods, ranging from "fully verified" to better tool support, could help. More importantly, recent policy reports and curricula initiatives appear to recommended formal methods in the limited context of "safety critical applications"; we suggest this is too limited in scope and ambition. Not only are formal methods needed in cybersecurity, the repeated and very public weaknesses of the cybersecurity industry provide a powerful motivation for formal methods. |
| published_date |
2021-03-11T04:08:57Z |
| _version_ |
1763753630281760768 |
| score |
11.016235 |