On the Use of Data Refinement in the Development of Secure Communications Systems

Abstract

: We report on experiences gained from the application of data refinement techniques to the development of examples of secure communications systems. The aim was to the carry the development from initial abstract specification of security services through to detailed designs. The development approach was based on action systems, with B and CSP being used as concrete notations. The security services in question are a confidential communications service and an authenticated transaction service. Refinements include explicit representations of intruder behaviour. The paper makes several interrelated contributions. It demonstrates the feasibility of applying a refinement approach to this type of problem, including an effective way of combining B and CSP in refinements. It introduces a more systematic approach to the development of abstraction invariants and refinement checking. Finally, it illustrates the limitation, when modelling security protocols, of a formalism that does not deal with probability.