Browse > Article
http://dx.doi.org/10.13089/JKIISC.2009.19.4.91

UML 2.0 Statechart based Modeling and Analysis of Finite State Model for Cryptographic Module Validation  

Lee, Gang-soo (Hannam University)
Jeong, Jae-Goo (Hannam University)
Kou, Kab-seung (Hannam University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.19, no.4, 2009 , pp. 91-103 More about this Journal
Abstract
A cryptographic module (CM) is an implementation of various cryptographic algorithms and functions by means of hardware or software, When a CM is validated or certified under the CM validation program(CMVP), a finite state model(FSM) of the CM should be developed and provided, However, guides or methods of modeling and analysis of a FSM is not well-known, because the guide is occasionally regarded as a proprietary know-how by developers as well as verifiers of the CM. In this paper, we propose a set of guides on modeling and analysis of a FSM, which is needed for validation of a CM under CMVP, and a transition test path generation algorithm, as well as implement a simple modeling tool (CM-Statecharter). A FSM of a CM is modeled by using the Statechart of UML 2.0, Statechart, overcoming weakness of a FSM, is a formal and easy specification model for finite state modeling of a CM.
Keywords
CMVP; FSM; UML 2.0; CM;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Derived Test Requirements (DTR) for FIPS PUB 140-2, 'Security Requirements for Cryptographic Modules,' Mar. 2004
2 Japan Cryptographic Module Validation Program, http://www.ipa.go.jp/security/english/jcmvp.html
3 D. Drusinsky, Modeling and verification using UML Statecharts, Newnes Pub,. Apr. 2006
4 A. Jantsch, Modeling Embedded Systems and SOC's-concurrency and time in models of computation, Morgan Kaufmann Pub., June 2003
5 T. Maier and A. Zundorf, 'The Fujaba statechart synthesis approach,' In Workshop on Scenarios and State Machines: Models, Algorithms and Tools (SCESM'03), May 2003
6 StarUML 프로젝트, http://staruml.sourceforge.net/ko/index.php
7 Z. Pap, I. Majzik, A. Pataricza, and A. Szegi, 'Completeness and consistency analysis of UML statechart specifications,' Proc. IEEE Design and Diagnostics of Electronic Circuits and Systems Workshop (DDECS'2001), pp 83-90, Apr. 2001
8 기술표준원, '암호시험기준.' KS X ISO/IEC 24759. 2007년 12월
9 S. Uchitel. J. Kramer, and J. Magee, 'Synthesis of behavioral model from scenarios,' IEEE tran. SE, vol. 29, no. 2, pp. 99-115, Feb. 2003   DOI   ScienceOn
10 A. Karatkevich, 'Deadlock analysis in statecharts,' Proc. Forum on specification & Design Languages, Forum on specification on Design Languages, pp. 414-424, Sep. 2003
11 Cryptographic Module Validation Program, http://csrc.nist.gov/groups/STM/cmvp/index.html
12 국가정보원 IT 보안 인증 사무국, http://www.kecs.go.kr
13 S. Marquess, 'OpenSSL FIPS 140-2 Security policy V.1.1.1b,' Open Source Software Institute, Jan. 2007
14 H. Behrens, 'Requirements analysis using statecharts and generated scenarios,' In: Doctoral Symposium at IEEE Joint Conference on Requirements Engineering, Sep. 2002
15 I. Kruger, R. Grosu, P. Scholz, and M. Broy, 'From MSCS to Statecharts,' IFIP WG10.3/WG10.5 International Workshop on Distributed and Parallel Embedded Systems (DIPES'98), pp. 61-71, Oct. 1999
16 D. Harel, H. Kugler, and A. Pnueli, 'Synthesis revisited: generating statechart model from scenario-based requirements,' Formal Methods in Software and Systems Modeling, LNCS 3393, pp. 309-324, 2005
17 IPA Security Policy, 'Toshiba Solutions Cryptographic Library V.1.0.1,' Toshiba Solutions Corporation, Mar. 2007
18 기술표준원, '암호검증기준.' KS X ISO/IEC19790: 2007, 2007년 12월
19 M. Glinz, 'Systematically combining specifications of internal and external system behavioral using statecharts,' Proc. 3' rd Int. Workshop on Scenarios and State machines: Models, Algorithms and Tools, pp. 14-20, May 2004
20 Z. Pap, I. Majzik, A. Pataricza, and A. Szegi, 'Methods of checking general safety criteria in UML statechart specification,' Reliability Engineering & System Safety, vol. 87, no. 1, pp. 89-107, Jan. 2005   DOI   ScienceOn
21 B. Ludemann, 'Synthesis of humanreadable statocharts from sequence diagrams in ROOM environment,' Diploma Thesis. Christian Albrechts Universitat zu KielAug., Aug. 2005
22 FIPS PUB 140-2, 'Security Requirements for Cryptographic Modules,' May 2001
23 ISO/IEC 24759:2008, 'Test Requirements for Cryptographic Modules,' July 2008
24 R. Eshuis, 'Statecharting petri nets,' Beta Working Paper WP-143, Eindhoven University of Technology, 2005
25 ISO/IEC 19790: 2006(E), 'Security Requirements for Cryptographic Modules,' Mar. 2006
26 D. HareL 'Statecharts: A visual formalism for complex systems,' Science of Computer Programming, vol. 8. no. 3, pp. 231-274, July 1986   DOI   ScienceOn
27 D. Latella, I. Majzik, and M. Massink, 'Towards a formal operational semantics of UML statechart diagrams,' Proc. 3'rd Int. Conference on Formal Methods for Open Object-Based Distributed Systems (FMOODS99), pp. 331-347, Feb. 1999
28 FIPS PUB 140-3(DRAFT), 'Security Requirements for Cryptographic Modules,' July 2007
29 IT보안인증사무국, '암호검증제출물 작성법 소개.' 2007년 2월
30 J. Whittle and J. Schumann, 'Generating statechart designs from scenarios,' 22'nd ICSE, pp. 314-323, Apr. 2000   DOI
31 R. Eshuis, 'Reconciling statechart semantics,' Science of Computer Programming, vol. 74, no. 3, pp. 65-99, Jan. 2009   DOI   ScienceOn
32 J. Rumbaugh. I. Jacobson, and G. Booch, The Unified Modeling Language Reference Manual. 2th Ed.. Addison-Wesley, July 2004
33 N. Mansurov and D. Zhukov, 'Automatic synthesis of SDL models in use case methodology,' 9th International SDL Forum, pp. 225-240, June 1999
34 장연세, UML기반 시스템 분석 설계, 이한출판사, 2008년 5월