Modeling human-in-the-loop security analysis and decision-making process
Schumann, Michael A.
Michael, James B.
MetadataShow full item record
This paper presents a novel application of computer-assisted formal methods for systematically specifying, documenting, statically and dynamically checking, and maintaining human-centered workflow processes. This approach provides for end-to-end verification and validation of process workflows, which is needed for process workflows that are intended for use in developing and maintaining high-integrity systems. We demonstrate the technical feasibility of our approach by applying it on the development of the US government’s process workflow for implementing, certifying, and accrediting cross-domain computer security solutions. Our approach involves identifying human-in-the-loop decision points in the process activities and then modeling these via statechart assertions. We developed techniques to specify and enforce workflow hierarchies, which was a challenge due to the existence of concurrent activities within complex workflow processes. Some of the key advantages of our approach are: it results in development of a model that is executable, supporting both upfront and runtime checking of process-workflow requirements; aids comprehension and communication among stakeholders and process engineers; and provides for incorporating accountability and risk management into the engineering of process workflows.
The article of record as published may be found at http://dx.doi.org/10.1109/TSE/2014.2302433
Showing items related by title, author, creator and subject.
Nassif, Tobias A. (Monterey, California. Naval Postgraduate School, 1995-03);The need to improve work processes and the ability to respond quickly and accurately to the customer's needs are important considerations for organizations today. Port Hueneme Division-Naval Surface Warfare Center (PHD-NSWC) ...
The application of reengineering to the acquisition planning process for a major weapon system: a case for information technology St. Mortiz, Mark E (Monterey, California. Naval Postgraduate School, 1997-06);Effective and timely acquisition planning is vital to the successful procurement of a major weapon system. However, the underlying process may not be well understood or defined, is labor intensive and heavily bureaucratic. ...
Runde, Sharon M. (Monterey, California: Naval Postgraduate School, 2014-09);This project examines the current business processes for micro-purchases within the government and analyzes the current processes with a potential to be system by utilizing business process re-engineering (BPR). The ...