Software methodology for development of a trusted BMS: identification of critical problems

Abstract

The vast range of security levels/compartments, complex ownership, continuous evolution, adaptive policy requirements, and the large size of battle management systems (BMSs) make it evident that the trust issues are substantial and will require extensive attention throughout the development cycle of the system. The authors outline the software development process for a BMS and identify where trusted system development requirements fit into the process. The focus is on the identification and discussion of eight leverage points that cut across the entire development process and provide the greatest opportunity to affect the security of the software that is developed. These points are visibility, protocols, downloading, configuration control, monitoring and measurement, environment, communication, and verification.<>