You are here
Lessons Learned in Game Development for Crowdsourced Software Formal Verification
Drew Dean, SRI International; Sean Gaurino and Leonard Eusebi, Charles River Analytics; Andrew Keplinger, Left Brain Games; Tim Pavlik, University of Washington; Ronald Watro, Raytheon BBN; Aaron Cammarata, VoidALPHA; John Murray, SRI International; Kelly McLaughlin, XPD Analytics; John Cheng and Thomas Maddern, Veracient LLC
The history of formal methods and computer security research is long and intertwined. Program logics that were in theory capable of proving security properties of software were developed by the early 1970s. The development of the first security models gave rise to a desire to prove that the models did, in fact, enforce the properties that they claimed to, and that an actual implementation of the model was correct with respect to its specification. Optimism reached its peak in the early to mid-1980s, and the peak of formal methods for security was reached shortly before the publication of the Orange Book, where the certification of a system at class A1 required formal methods. Formal verification of software was considered the gold standard evidence that the software enforced a particular set of properties. Soon afterwards, the costs of formal methods, in both time and money, became all too apparent. Mainstream computer security research shifted focus to analysis of cryptographic protocols, policies around cryptographic key management, and clever fixes for security problems found in contemporary systems.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Drew Dean and Sean Gaurino and Leonard Eusebi and Andrew Keplinger and Tim Pavlik and Ronald Watro and Aaron Cammarata and John Murray and Kelly McLaughlin and John Cheng and Thomas Maddern},
title = {Lessons Learned in Game Development for Crowdsourced Software Formal Verification},
booktitle = {2015 USENIX Summit on Gaming, Games, and Gamification in Security Education (3GSE 15)},
year = {2015},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/3gse15/summit-program/presentation/dean},
publisher = {USENIX Association},
month = aug
}
connect with us