Your company develops security products. You are the head of the firewall product line and decide to develop a new firewall model based on formal designs. Which of the following best supports the design for the product?
A. Use a prescribed system development life cycle (SDLC) compliant with standards
B. Follow the design principle of encapsulation and modulization and best practices
C. Employ a state machine and ensure secure transit between states
D. Gain certification from third-party evaluation for assurance
Wentz’s Book, The Effective CISSP: Security and Risk Management https://www.amazon.com/dp/B087JL6BXR
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is C. Employ a state machine and ensure secure transit between states.
Finite State Machine for a stateful firewall
Model, Design, and Solution
By using various models, a design presents a solution from different perspectives. A formal model is a model created through formal methods, “techniques used to model complex systems as mathematical entities.”
Finite-state machine
A finite-state machine (FSM) or finite-state automaton (FSA, plural: automata), finite automaton, or simply a state machine, is a mathematical model of computation. It is an abstract machine that can be in exactly one of a finite number of states at any given time. The FSM can change from one state to another in response to some inputs; the change from one state to another is called a transition.
Source: Wikipedia
Engineering
A prescribed system development life cycle (SDLC) compliant with standards may improve assurance, but it does not necessarily entail formal designs.
Encapsulation and modulization and best practices may help in the design process and improve the design quality, but they don’t necessarily result in formal designs.
Assurance
Validated formal designs typically provide the highest degree of assurance, but evaluation and certification for assurance won’t require formal designs.
Reference
- Towards SDN Network Proofs — Taming a Complex System
- Formal methods
- Formal Methods (Michael Collins)
- Formal Methods (interaction-design)
- Formal Methods (fmeurope)
- Formal Methods (cornell)
- Introducing Formal Methods
- WHY DON’T PEOPLE USE FORMAL METHODS?
- Finite-state machine
- Using State Machines In Your Designs
- Using finite state machines to design software
- Formal Modeling of RESTful Systems Using Finite-State Machines
- Formal Methods – I
- System level specification and verification using Concurrent State Machines
and COSMA environment. A case study. - A FINITE-STATE MACHINE APPROACH FOR MODELING AND ANALYZING RESTFUL SYSTEMS
- Digital Electronics and Design with VHDL
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.