Zieliński, Z; Brudka, M; Furtak, J; Stasiak, A; Chudzikiewicz, J; Kozakiewicz, A; Felkner, A; Małowidzki, M
The project of trusted workstation for special applications (TWSA) is directed toward the combination of the existing hardware and software virtualization with cryptography and identification technologies to ensure the security of multilevel classified data by means of some formal methods. It is anticipated, that the final solution will provide a ready-to-deploy base platform for various workstations, especially in C2 systems. In the paper, a novel method for secure software design is introduced. The method employes dedicated tools to verify the confidentiality and the integrity of data using UML models. In general, the UML security models are embedded in and simulated with the system architecture models, thus the security problems in TWSA can be detected early during the software design. The application of UML topology models enables also to verify the fundamental requirement for MLS systems, namely the hardware isolation of subjects from different security domains. Additionally, the configuration of TWSA is defined within the topology model and validated against the constraints of hardware resources.