[SystemSafety] Modelling and coding guidelines: "Unambiguous Graphical Representation"

Steve Tockey Steve.Tockey at construx.com
Sat Feb 27 10:11:02 CET 2016


One only needs to look at how difficult it is for a computer to generate a
"truly random number" to understand how difficult it is to make a computer
behave truly non-deterministically. There's a difference between "truly
random/non-deterministic" and "so computationally complex that mimicking
the behavior is next to impossible". Authentication, encryption, etc
depend on computational complexity, not true randomness. Again, someone
with a sufficiently powerful computer can break the encryption /
authentication. Deterministically.

The game is for the computational complexity of a nonce to be out of reach
of the unauthorized entity. As computers become more and more powerful
(Moore's Law), it calls for constantly increasing computational
complexity. 

In a computer, nothing is truly random.


Cheers,

-- steve



-----Original Message-----
From: Peter Bernard Ladkin <ladkin at rvs.uni-bielefeld.de>
Date: Saturday, February 27, 2016 12:57 AM
To: Steve Tockey <Steve.Tockey at construx.com>,
"systemsafety at lists.techfak.uni-bielefeld.de"
<systemsafety at lists.techfak.uni-bielefeld.de>
Subject: Re: [SystemSafety] Modelling and coding guidelines: "Unambiguous
Graphical Representation"



On 2016-02-27 09:47 , Steve Tockey wrote:
> In safety critical systems, we should strive for specifications that are
> both unambiguous and deterministic, so that relevant safety properties
>can
> be examined. 

I'm not so sure. If your safety-critical system needs some security, which
many or most of them do,
then it might need the ability to generate nonces, since many
authentication and confidentiality
algorithms require them. A nonce is a value generated
non-deterministically in most reliable
implementations. Indeed, the more deterministic it is, the less worthy it
is.

PBL

Prof. Peter Bernard Ladkin, Faculty of Technology, University of
Bielefeld, 33594 Bielefeld, Germany
Je suis Charlie
Tel+msg +49 (0)521 880 7319  www.rvs.uni-bielefeld.de








More information about the systemsafety mailing list