Formal specification of fault-tolerance and its relation to computer security

Abstract

International Workshop on Software Specification and Design 1989 (ACM SIGSOFT Engineering Notes, Volume 14, Number 3) The techniques of formal verification are one means for gaining greater assurance of the correctness of software. These techniques require precise specification of the properties to be assured. This paper formulates precise specifications corresponding to the intuitive notions of “fault tolerance” and of “graceful degradation”. An analogy is constructed between these fault-tolerance specifications and a particular class of specifications for computer security. On the basis of this analogy, it is argued that formal verification of fault tolerance will face some of the same problems, and benefit from some of the same solutions, as verification