Control Strategy FormalProcessVerification

URI: CSG-FormalProcessVerification

Description: The software for process Process has been analysed by independent experts using formal methods and shown to be free of bugs. It is therefore guaranteed to work correctly for arbitrary (even malicious) inputs. However, this is only possible for simple processes. Note that it does not prevent bugs that are present being discovered and exploited by attackers, so it is a prior mitigation only which is ignored in current (run-time) risk calculations (although in principle no vulnerabilities should ever be found).

(empty)

P.E-D.HP.8

Vulnerabilities discovered in process Process: one or more software vulnerabilities in process Process become known to attackers. This is a pre-requisite for exploitation of more specific types of vulnerabilities.

(empty)

FormalVerification at Role_Process

Control Strategy FormalProcessVerification

Mitigated Threats (0)

Blocked Threats (1)

P.E-D.HP.8

Triggers Threats (0)

Control Sets (1)