| [1]Common Criteria a Recognition Arrangement. Common Criteria for Information Technology Security Evaluation: Version 3.1 Revision 5[EBOL]. [20170530]. http:www.commoncriteriaportal.orgcc[2]International Organization for Standardization. ISOIEC 154081: 2009, Information Technology Security Techniques Evaluation Criteria for IT Security Part 1: Introduction and General Model[S]. Geneva Switzerland: International Organization for Standardization, 2009[3]International Organization for Standardization. ISOIEC 154082: 2008, Information Technology Security Techniques Evaluation Criteria for IT Security Part 2: Security Functional Components[S]. Geneva Switzerland: International Organization for Standardization, 2008[4]International Organization for Standardization. ISOIEC 154083: 2008, Information Technology Security Techniques Evaluation Criteria for IT Security Part 3: Security Assurance Components[S]. Geneva Switzerland: International Organization for Standardization, 2008[5]Herrmann D.S. Using the Common Criteria for IT Security Evaluation[M]. New York: CRC Press, 2002[6]Morimoto S, Shigematsu S, Goto Y, et al. Formal verification of security specifications with common criteria[C] Proc of the 22nd Annual ACM Symp on Applied Computing (SAC07). New York: ACM, 2007: 15061512[7]International Organization for Standardization. ISOIEC 13568 Standard. Information Technology—Z Formal Specification NotationSyntax, Type System and Semantics[S]. Geneva Switzerland: International Organization for Standardization, 2002[8]Potter B, Sinclair J, Till D. An Introduction to Formal Specification and Z[M]. 2nd ed. Englewood Cliffs, NJ: PrenticeHall, 1996[9]缪淮扣, 陈怡海. 软件形式规格说明语言——Z[M]. 北京: 清华大学出版社, 2012[10]Clarke E, Grumberg O, Peled D. Model Checking[M].  Cambridge: MIT Press, 2000[11]Lilius J, Paltor I. VUML: A tool for verifying UML models[C] Proc of the 14th IEEE Int Conf on Automated Software Engineering (ASE99). Piscataway, NJ: IEEE, 1999: 255258[12]Jurjens J. UMLsec: Extending UML for secure systems development[C] Proc of UML 2002. Berlin: Springer, 2002: 412425[13]Object Management Group. UML 2.0 Superstructure Specification[EBOL]. 2004 [20170601]. http:www.omg.org#UML2.0[14]中国国家标准化管理委员会. GBT 18336.2—2015 信息技术—安全技术—信息技术安全评估准则 第2部分:安全功能组件[S]. 北京: 中国标准出版社, 2015[15]Gamma E, Helm R, Johnson R, et al. Design Patterns: Elements of Reusable Object Orientated Software[M]. Addison Wesley, 1998[16]Morimoto S, Shigematsu S, Goto Y, et al. Classification, formalization and verification of security functional requirements[G] LNCS 4910: Proc of the 34th Conf on Current Trends in Theory and Practice of Computer Science. Berlin: Springer, 2008: 622633[17]Booch G, Maksimchuk R, Engel M, et al. ObjectOriented Analysis and Design with Applications[M]. 3rd ed. Reading, MA: Addison Wesley, 2004[18]Morimoto S, Cheng J. Modeling protection profiles by UML and their formal verification[J]. Transactions of IEICE, 2006, J89D(4): 726742[19]Bertot Y, Casteran P. Interactive Theorem Proving and Program Development[M]. Berlin: Springer, 2004[20]ORA Canada. ZEVES[EBOL]. [20170601]. http:www.oracanada.comzeveswelcome.html[21]Cimatti A, Clarke E, Giunchiglia F, et al. NuSMV: A new symbolic model verifier[C] Proc of the 11th Int Conf Computer Aided Verification (CAV99). Berlin: Springer, 1999: 495499[22]NuSMV[EBOL]. [20170601]. http:nusmv.fbk.euit[23]Berard B, Bidoit M, Finkel A. Systems and Software Verification: ModelChecking Techniques and Tools[M] Berlin: Springer, 1999[24]Morimoto S, Shigematsu S, Goto Y, et al. A security specification verification technique based on the international standard ISOIEC 15408[J]. JSSST, Computer Science, 2006, 23(3): 117133[25]Morimoto S, Shigematsu S, Goto Y, et al. A security specification verification technique based on the international standard ISOIEC 15408[C] Proc of the 21st Annual ACM Symp on Applied Computing (SAC06). New York: ACM, 2006: 18021803[26]Yajima K, Morimoto S, Horie D, et al. FORVEST: A support tool for formal verification of security specifications with ISOIEC 15408[C] Proc of the 4th Int Conf on Availability, Reliability and Security (ARES09). Los Alamitos, CA: IEEE Computer Society, 2009: 624629 |